diff --git a/doc/requirements.csv b/doc/requirements.csv
index 67b21068e5..6026319352 100644
--- a/doc/requirements.csv
+++ b/doc/requirements.csv
@@ -6,3 +6,4 @@ anthonyharrison_not_in_db,sbom2doc
 pillow,pillow
 python,requests
 python,urllib3
+jaraco,zipp
diff --git a/doc/requirements.txt b/doc/requirements.txt
index 90f8108322..9a82cb3862 100644
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@@ -5,3 +5,4 @@ sbom2doc
 pillow>=10.3.0 # not directly required, pinned by Snyk to avoid a vulnerability
 requests>=2.32.2 # not directly required, pinned by Snyk to avoid a vulnerability
 urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/requirements.csv b/requirements.csv
index 8bd720f214..3ad34e857e 100644
--- a/requirements.csv
+++ b/requirements.csv
@@ -25,3 +25,4 @@ anthonyharrison_not_in_db,lib4vex
 the_purl_authors_not_in_db,packageurl-python
 h2non,filetype
 python,setuptools
+jaraco,zipp
diff --git a/requirements.txt b/requirements.txt
index e14d5f2c40..1f785f9280 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,4 @@
-aiohttp[speedups]>=3.9.2
+aiohttp[speedups]>=3.9.4
 beautifulsoup4
 cvss
 defusedxml
@@ -16,11 +16,12 @@ packageurl-python
 packaging
 plotly
 pyyaml>=5.4
-requests>=2.32.0
+requests>=2.32.2
 rich
 rpmfile>=1.0.6
-setuptools>=65.5.1 # pinned by Snyk to avoid a vulnerability
+setuptools>=70.0.0 # pinned by Snyk to avoid a vulnerability
 toml; python_version < "3.11"
-urllib3>=1.26.5 # dependency of requests added explictly to avoid CVEs
+urllib3>=2.2.2 # dependency of requests added explictly to avoid CVEs
 xmlschema
 zstandard; python_version >= "3.4"
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability