Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update dependency django to v3.2.25 - autoclosed #44

Closed
wants to merge 1 commit into from

chore(deps): update dependency django to v3.2.25

5a2f8b4
Select commit
Loading
Failed to load commit list.
Closed

chore(deps): update dependency django to v3.2.25 - autoclosed #44

chore(deps): update dependency django to v3.2.25
5a2f8b4
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / Mend Security Check failed Aug 14, 2024 in 6m 59s

Security Report

You have successfully remediated 22 vulnerabilities, but introduced 1 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-5569

Path to dependency file: /data-files/benchmarks/bm_sqlalchemy_imperative/requirements.txt

Path to vulnerable library: /data-files/benchmarks/bm_sqlalchemy_imperative/requirements.txt,/data-files/benchmarks/bm_sqlalchemy_declarative/requirements.txt

Dependency Hierarchy:

-> SQLAlchemy-1.4.19-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Root Library)

   -> importlib_metadata-6.7.0-py3-none-any.whl

     -> ❌ zipp-3.15.0-py3-none-any.whl (Vulnerable Library)

Low 3.3 zipp-3.15.0-py3-none-any.whl Upgrade to version: zipp - 3.19.1 #38

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2023-36053 Django-3.2.4-py3-none-any.whl
CVE-2022-41323 Django-3.2.4-py3-none-any.whl
CVE-2024-27351 Django-3.2.4-py3-none-any.whl
CVE-2023-43665 Django-3.2.4-py3-none-any.whl
CVE-2023-23969 Django-3.2.4-py3-none-any.whl
CVE-2022-23833 Django-3.2.4-py3-none-any.whl
CVE-2021-45116 Django-3.2.4-py3-none-any.whl
CVE-2024-24680 Django-3.2.4-py3-none-any.whl
CVE-2023-24580 Django-3.2.4-py3-none-any.whl
CVE-2023-31047 Django-3.2.4-py3-none-any.whl
CVE-2024-5569 zipp-3.11.0-py3-none-any.whl
CVE-2022-22818 Django-3.2.4-py3-none-any.whl
CVE-2022-36359 Django-3.2.4-py3-none-any.whl
CVE-2022-28347 Django-3.2.4-py3-none-any.whl
CVE-2023-41164 Django-3.2.4-py3-none-any.whl
CVE-2022-34265 Django-3.2.4-py3-none-any.whl
CVE-2022-28346 Django-3.2.4-py3-none-any.whl
CVE-2021-35042 Django-3.2.4-py3-none-any.whl
CVE-2021-45452 Django-3.2.4-py3-none-any.whl
CVE-2021-44420 Django-3.2.4-py3-none-any.whl
CVE-2021-45115 Django-3.2.4-py3-none-any.whl
CVE-2023-46695 Django-3.2.4-py3-none-any.whl

Base branch total remaining vulnerabilities: 38
Base branch commit: null


Total libraries scanned: 43

Scan token: b1df43e5ce684e4aaf425f0322431c70

View more details on Mend for GitHub.com