Patch CRITICAL/HIGH CVEs: python-jose 3.5.0, python-multipart 0.0.29

- python-jose 3.3.0 → 3.5.0 (CVE-2024-33663: CRITICAL, algorithm confusion)
- python-multipart 0.0.20 → 0.0.29 (CVE-2026-24486, CVE-2026-42561: HIGH)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-05-25 01:03:57 -07:00
parent 50ee1f9fed
commit 95d648210c
+2 -2
View File
@@ -3,10 +3,10 @@ uvicorn[standard]==0.32.1
sqlalchemy[asyncio]==2.0.50
aiomysql==0.3.2
pydantic-settings==2.7.0
python-jose[cryptography]==3.3.0
python-jose[cryptography]==3.5.0
passlib[bcrypt]==1.7.4
bcrypt==4.0.1
python-multipart==0.0.20
python-multipart==0.0.29
pytz==2024.2
email-validator==2.2.0
slowapi==0.1.9