[Snyk] Security upgrade werkzeug from 0.16.1 to 3.0.1 #43
Security Report
You have successfully remediated 3 vulnerabilities, but introduced 3 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
CVE-2023-37920Path to dependency file: /requirements.txt Path to vulnerable library: /requirements.txt Dependency Hierarchy: -> ❌ certifi-2019.6.16-py2.py3-none-any.whl (Vulnerable Library) |
Critical | 9.8 | certifi-2019.6.16-py2.py3-none-any.whl | Upgrade to version: certifi - 2023.7.22 | None |
CVE-2023-46136Path to dependency file: /requirements.txt Path to vulnerable library: /requirements.txt Dependency Hierarchy: -> ❌ Werkzeug-2.2.3-py3-none-any.whl (Vulnerable Library) |
High | 8.0 | Werkzeug-2.2.3-py3-none-any.whl | Upgrade to version: Werkzeug - 3.0.1 | None |
CVE-2023-32681Path to dependency file: /requirements.txt Path to vulnerable library: /requirements.txt Dependency Hierarchy: -> ❌ requests-2.22.0-py2.py3-none-any.whl (Vulnerable Library) |
Medium | 6.1 | requests-2.22.0-py2.py3-none-any.whl | Upgrade to version: requests -2.31.0 | None |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2023-23934 | Werkzeug-0.16.1-py2.py3-none-any.whl |
CVE-2023-46136 | Werkzeug-0.16.1-py2.py3-none-any.whl |
CVE-2023-25577 | Werkzeug-0.16.1-py2.py3-none-any.whl |
Base branch total remaining vulnerabilities: 8
Base branch commit: 33a25a1bc6c649e1bd6a60260a2f45cff2149f27
Total libraries scanned: 21
Scan token: 174132e8abe94a0aa90bd4a7a2b59016