fkie-cad · euwint · Jan 9, 2026 · Jun 6, 2025 · Jun 6, 2025 · Jun 6, 2025
diff --git a/src/helperFunctions/web_interface.py b/src/helperFunctions/web_interface.py
@@ -7,7 +7,6 @@
 from common_helper_files import get_binary_from_file
 from matplotlib import colormaps as cm
 from matplotlib import colors
-from passlib.context import CryptContext
 from quantiphy import Quantity
 
 from helperFunctions.fileSystem import get_template_dir
@@ -17,6 +16,8 @@
     'ĜĝĢģĞğĤĥÌìÍíÎîÏïıĪīĮįĴĵĶķĹĺĻļŁłĽľÑñŃńŇňŅņÖöÒòÓóÔôÕõŐőØøŒœ'
     'ŔŕŘřẞßŚśŜŝŞşŠšȘșŤťŢţÞþȚțÜüÙùÚúÛûŰűŨũŲųŮůŪūŴŵÝýŸÿŶŷŹźŽžŻż'
 )
+DES_PW_LEN = 13
+PW_SCHEME_INDICATORS = ['$1$', '$2$', '$2a$', '$2y$', '$5$', '$6$', '$y$', '$pbkdf2']
 
 
 def get_color_list(number: int, limit: int = 10) -> list[str]:
@@ -94,11 +95,9 @@ def password_is_legal(pw: str) -> bool:
     :param pw: The password string.
     :return: ``True`` if the password is accepted and ``False`` otherwise.
     """
-    if not pw:
+    if not pw or len(pw) == DES_PW_LEN:
         return False
-    schemes = ['bcrypt', 'des_crypt', 'pbkdf2_sha256', 'pbkdf2_sha512', 'sha256_crypt', 'sha512_crypt', 'plaintext']
-    ctx = CryptContext(schemes=schemes)
-    return ctx.identify(pw) == 'plaintext'
+    return not any(pw.startswith(indicator) for indicator in PW_SCHEME_INDICATORS)
 
 
 def cap_length_of_element(hid_element: str, maximum: int = 55) -> str:

diff --git a/src/install/requirements_frontend.txt b/src/install/requirements_frontend.txt
@@ -1,31 +1,31 @@
-argon2_cffi~=23.1.0
-bcrypt~=4.1.3
+argon2_cffi~=25.1.0
+bcrypt~=4.3.0
 email-validator~=2.2.0
 flask-login~=0.6.3
 flask-paginate~=2024.4.12
-flask-security-too~=5.4.3
-flask-wtf~=1.2.1
-flask~=3.0.3
+flask-security-too~=5.6.2
+flask-wtf~=1.2.2
+flask~=3.1.1
 flask-restx~=1.3.0
 flask-sqlalchemy~=3.1.1
-gql~=3.5.0
+gql~=3.5.3
 itsdangerous~=2.2.0
 matplotlib~=3.10.5
-more-itertools~=10.5.0
-prompt-toolkit~=3.0.50
+more-itertools~=10.7.0
+prompt-toolkit~=3.0.51
 python-dateutil~=2.9.0
 quantiphy~=2.20
-uwsgi~=2.0.28
-virtualenv~=20.29.1
+uwsgi~=2.0.30
+virtualenv~=20.31.2
 
 # npm installation
 nodeenv~=1.9.1
 
 # must be below dependent packages (flask, flask-login, flask-restx)
-werkzeug~=3.0.6
+werkzeug~=3.1.5
 
 # Used for username validation by flask-security
-bleach~=6.1.0
+bleach~=6.2.0
 
 # Figuring out if the analysis is outdated
 semver~=3.0.4
diff --git a/src/install/requirements_pre_install.txt b/src/install/requirements_pre_install.txt
@@ -7,7 +7,7 @@ python-magic==0.4.27
 requests==2.32.4
 # Needed by config.py
 pydantic==2.10.6
-werkzeug~=3.0.6
+werkzeug~=3.1.5
 toml==0.10.2
 # needed during installation of cve_lookup plugin
 ijson==3.4.0

diff --git a/src/plugins/analysis/file_system_metadata/test/test_file_system_metadata_routes.py b/src/plugins/analysis/file_system_metadata/test/test_file_system_metadata_routes.py
@@ -1,7 +1,7 @@
 from base64 import b64encode
+from contextlib import contextmanager
 
 import pytest
-from decorator import contextmanager
 from flask import Flask
 from flask_restx import Api
 

diff --git a/src/plugins/analysis/ip_and_uri_finder/requirements.txt b/src/plugins/analysis/ip_and_uri_finder/requirements.txt
@@ -1,4 +1,4 @@
 git+https://github.com/fkie-cad/common_analysis_ip_and_uri.git
 geoip2==4.7.0
 # dependency of geoip2 for python >= 3.12
-aiohttp~=3.12.14
+aiohttp~=3.13.3
diff --git a/src/plugins/analysis/qemu_exec/test/test_routes.py b/src/plugins/analysis/qemu_exec/test/test_routes.py
@@ -1,4 +1,5 @@
-from decorator import contextmanager
+from contextlib import contextmanager
+
 from flask import Flask
 from flask_restx import Api
 

diff --git a/src/test/unit/helperFunctions/test_web_interface.py b/src/test/unit/helperFunctions/test_web_interface.py
@@ -50,6 +50,7 @@ def test_is_superuser(input_data, expected):
         ('abc', True),
         ('1234567890abc', False),
         ('$5$FOOBAR99$f12dcbf3354f40a0ac341f712e4d72b74f4bb788dbc33aa86bd92d23c53188e5', False),
+        ('$pbkdf2-sha256$29000$do5RynkPgdCacy4FYCwFQA$w0QXDH5F.S2h8f0RYmHBmTPza5CHNR72jydO83UYUx8', False),
     ],
 )
 def test_password_is_legal(input_data, expected):

diff --git a/src/test/unit/test_manage_users.py b/src/test/unit/test_manage_users.py
@@ -19,6 +19,7 @@
         },
     }
 )
+PASSWORD = 'mock_password_123'
 
 
 class Prompt(NamedTuple):
@@ -28,7 +29,7 @@ class Prompt(NamedTuple):
 
 @pytest.fixture
 def prompt(monkeypatch):
-    monkeypatch.setattr('getpass.getpass', lambda _: 'mock_password')
+    monkeypatch.setattr('getpass.getpass', lambda _: PASSWORD)
     with create_pipe_input() as pipe:
         session = PromptSession(
             input=pipe,
@@ -120,4 +121,4 @@ def test_password_is_hashed(prompt):
     start_user_management(test_app, store, db, prompt.session)
     with test_app.app_context():
         user = store.find_user(email='test_user')
-    assert user.password != 'mock_password'
+    assert user.password != PASSWORD