From 026db2e0d529f5b3e83ef2e4bc5e048923e335cd Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 26 Oct 2023 19:20:07 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6036192 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177 --- requirements.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index e784be8c..c827c07e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,6 @@ pyOpenSSL secrets bcrypt -flask \ No newline at end of file +flask +cryptography>=41.0.5 # not directly required, pinned by Snyk to avoid a vulnerability +werkzeug>=3.0.1 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file