Patch CRITICAL/HIGH CVEs: python-jose 3.5.0, python-multipart 0.0.29
- python-jose 3.3.0 → 3.5.0 (CVE-2024-33663: CRITICAL, algorithm confusion) - python-multipart 0.0.20 → 0.0.29 (CVE-2026-24486, CVE-2026-42561: HIGH) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -3,10 +3,10 @@ uvicorn[standard]==0.32.1
|
|||||||
sqlalchemy[asyncio]==2.0.50
|
sqlalchemy[asyncio]==2.0.50
|
||||||
aiomysql==0.3.2
|
aiomysql==0.3.2
|
||||||
pydantic-settings==2.7.0
|
pydantic-settings==2.7.0
|
||||||
python-jose[cryptography]==3.3.0
|
python-jose[cryptography]==3.5.0
|
||||||
passlib[bcrypt]==1.7.4
|
passlib[bcrypt]==1.7.4
|
||||||
bcrypt==4.0.1
|
bcrypt==4.0.1
|
||||||
python-multipart==0.0.20
|
python-multipart==0.0.29
|
||||||
pytz==2024.2
|
pytz==2024.2
|
||||||
email-validator==2.2.0
|
email-validator==2.2.0
|
||||||
slowapi==0.1.9
|
slowapi==0.1.9
|
||||||
|
|||||||
Reference in New Issue
Block a user