Update dependency Werkzeug to v3 #20
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Direct Library | Suggested Fix | Issue |
|---|---|---|---|---|---|---|
CVE-2023-4807Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
 High |
7.8 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | openssl - 1.1.1w | None |
CVE-2024-6119Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
High |
7.5 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | None | |
CVE-2024-26130Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
High |
7.5 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | 42.0.4 | None |
CVE-2023-50782Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
High |
7.5 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | 42.0.0 | None |
CVE-2023-38325Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
High |
7.5 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | 41.0.2 | None |
CVE-2023-0286Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
High |
7.4 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | openssl-3.0.8;cryptography - 39.0.1;openssl-src - 111.25.0+1.1.1t,300.0.12+3.0.8,openssl - 3.0.12,openssl - 1.1.1w | None |
CVE-2023-2650Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
 Medium |
6.5 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | openssl - 1.0.2zh,openssl - 3.1.3,openssl - 1.1.1w,openssl - 3.0.12 | None |
CVE-2024-3772Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/pydantic-1.10.4.dist-info Dependency Hierarchy: -> ❌ pydantic-1.10.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library) |
Medium |
5.9 | Direct pydantic-1.10.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl |
pydantic-1.10.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl | 1.10.13 | None |
CVE-2023-49083Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
Medium |
5.9 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | 41.0.6 | None |
CVE-2024-0727Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
Medium |
5.5 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | 42.0.2 | None |
CVE-2023-3446Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
Medium |
5.3 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | openssl - 1.1.1w,openssl - 3.1.3 | None |
CVE-2023-23931Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20251130123535_IXWKBW/python_LBTLXN/202511301235361/env/lib/python3.9/site-packages/cryptography-39.0.0.dist-info Dependency Hierarchy: -> ❌ cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library) |
Medium |
4.8 | Direct cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl |
cryptography-39.0.0-cp36-abi3-manylinux_2_28_x86_64.whl | 39.0.1 | None |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2023-38325 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
| CVE-2024-0727 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
| CVE-2024-34069 | Werkzeug-2.2.2-py3-none-any.whl |
| CVE-2023-3446 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
| CVE-2023-25577 | Werkzeug-2.2.2-py3-none-any.whl |
| CVE-2024-49767 | Werkzeug-2.2.2-py3-none-any.whl |
| CVE-2023-4807 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
| CVE-2023-0286 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
| CVE-2023-2650 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
| CVE-2023-50782 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
| CVE-2023-23934 | Werkzeug-2.2.2-py3-none-any.whl |
| CVE-2024-3772 | pydantic-1.10.4-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl |
| CVE-2024-26130 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
| CVE-2024-49766 | Werkzeug-2.2.2-py3-none-any.whl |
| CVE-2024-6119 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
| CVE-2023-49083 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
| CVE-2025-66221 | Werkzeug-2.2.2-py3-none-any.whl |
| CVE-2023-46136 | Werkzeug-2.2.2-py3-none-any.whl |
| CVE-2023-23931 | cryptography-39.0.0-cp36-abi3-manylinux_2_24_x86_64.whl |
Base branch total remaining vulnerabilities: 36
Base branch commit: null
Total libraries scanned: 27
Scan token: 7427c54180ff45f68646866ec9cc3fcc