Skip to content

Add requirements.txt with critically vulnerable dependencies#13

Open
Austin Becker (AustinJayBecker) wants to merge 2 commits intomainfrom
critical-dependency-submission
Open

Add requirements.txt with critically vulnerable dependencies#13
Austin Becker (AustinJayBecker) wants to merge 2 commits intomainfrom
critical-dependency-submission

Conversation

@AustinJayBecker
Copy link
Contributor

@AustinJayBecker Austin Becker (AustinJayBecker) commented Feb 27, 2026

Adding vulns:

Package Version CVE Severity
Pillow 8.2.0 CVE-2021-34552 CRITICAL – buffer overflow / arbitrary code execution
PyYAML 5.1 CVE-2020-14343 CRITICAL – arbitrary code execution via unsafe YAML load
Django 2.2.0 CVE-2021-35042 CRITICAL – SQL injection via QuerySet.order_by()
urllib3 1.24.1 CVE-2019-11324 CRITICAL – certificate verification bypass

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@AustinJayBecker