Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Restyle [Snyk] Security upgrade orjson from 3.9.7 to 3.9.15 #101

Open
wants to merge 1 commit into
base: snyk-fix-64500634716cd3bfc799f6b18b51abfc
Choose a base branch
from

Restyled by whitespace

c33cfd9
Select commit
Loading
Failed to load commit list.
Open

Restyle [Snyk] Security upgrade orjson from 3.9.7 to 3.9.15 #101

Restyled by whitespace
c33cfd9
Select commit
Loading
Failed to load commit list.
Mend Bolt for GitHub / Mend Security Check failed Feb 27, 2024 in 3h 34m 58s

Security Report

You have successfully remediated 90 vulnerabilities, but introduced 53 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
WS-2023-0180

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ sympy-1.10.1-py3-none-any.whl (Vulnerable Library)

Critical 9.8 sympy-1.10.1-py3-none-any.whl Upgrade to version: sympy - 1.12 None
CVE-2023-47248

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ pyarrow-12.0.1-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

Critical 9.8 pyarrow-12.0.1-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: pyarrow - 14.0.1 None
CVE-2023-25668

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

Critical 9.8 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25664

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

Critical 9.8 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-52314

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Critical 9.6 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-52311

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Critical 9.6 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-52310

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Critical 9.6 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2024-0964

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ gradio-3.34.0-py3-none-any.whl (Vulnerable Library)

Critical 9.4 gradio-3.34.0-py3-none-any.whl Upgrade to version: gradio - 4.9.0 None
CVE-2023-6730

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ transformers-4.30.2-py3-none-any.whl (Vulnerable Library)

High 8.8 transformers-4.30.2-py3-none-any.whl Upgrade to version: transformers - 4.36.0 None
CVE-2023-52309

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

High 8.2 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-52307

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

High 8.2 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-52304

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

High 8.2 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-50447

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ Pillow-9.5.0-cp37-cp37m-manylinux_2_28_x86_64.whl (Vulnerable Library)

High 8.1 Pillow-9.5.0-cp37-cp37m-manylinux_2_28_x86_64.whl Upgrade to version: pillow - 10.2.0 None
CVE-2024-0521

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

High 7.8 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: paddlepaddle - 2.6.0 None
CVE-2023-7018

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ transformers-4.30.2-py3-none-any.whl (Vulnerable Library)

High 7.8 transformers-4.30.2-py3-none-any.whl Upgrade to version: transformers - 4.36.0 None
CVE-2024-23334

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: aiohttp - 3.9.2 None
CVE-2023-51449

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ gradio-3.34.0-py3-none-any.whl (Vulnerable Library)

High 7.5 gradio-3.34.0-py3-none-any.whl Upgrade to version: gradio - 4.11.0 None
CVE-2023-46136

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ Werkzeug-2.2.3-py3-none-any.whl (Vulnerable Library)

High 7.5 Werkzeug-2.2.3-py3-none-any.whl Upgrade to version: werkzeug - 2.3.8,3.0.1 None
CVE-2023-45139

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ fonttools-4.38.0-py3-none-any.whl (Vulnerable Library)

High 7.5 fonttools-4.38.0-py3-none-any.whl Upgrade to version: fonttools - 4.43.0 None
CVE-2023-44271

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ Pillow-9.5.0-cp37-cp37m-manylinux_2_28_x86_64.whl (Vulnerable Library)

High 7.5 Pillow-9.5.0-cp37-cp37m-manylinux_2_28_x86_64.whl Upgrade to version: Pillow - 10.0.0 None
CVE-2023-25676

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25675

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25674

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25673

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25672

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25671

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1, 2.12.0, tensorflow-cpu - 2.11.1, 2.12.0 None
CVE-2023-25670

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25669

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25667

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25665

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25663

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25662

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25660

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25659

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2023-25658

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

High 7.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0, tensorflow-gpu - 2.11.1,2.12.0 None
CVE-2024-23829

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

Medium 6.5 aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: aiohttp - 3.9.2 None
CVE-2023-25661

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

Medium 6.5 tensorflow-2.11.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tensorflow - 2.11.1,2.12.0, tensorflow-cpu - 2.11.1,2.12.0 None
CVE-2023-28370

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tornado-6.2-cp37-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

Medium 6.1 tornado-6.2-cp37-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tornado - 6.3.2 None
WS-2023-0296

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ tornado-6.2-cp37-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

Medium 5.6 tornado-6.2-cp37-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: tornado - 6.3.3 None
CVE-2023-49082

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

Medium 5.3 aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: aiohttp - 3.9.0 None
CVE-2023-49081

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

Medium 5.3 aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Upgrade to version: aiohttp - 3.9.0 None
CVE-2023-52313

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-52312

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-52308

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-52306

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-52305

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-52303

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-52302

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-38678

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-38677

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-38676

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-38675

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None
CVE-2023-38674

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

-> ❌ paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl (Vulnerable Library)

Medium 4.7 paddlepaddle-2.5.2-cp37-cp37m-manylinux1_x86_64.whl Upgrade to version: PaddlePaddle - 2.6.0 None

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2023-32681 requests-2.28.1-py3-none-any.whl
CVE-2023-25661 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41900 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-52307 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2022-41898 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-38670 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-30861 Flask-2.2.2-py3-none-any.whl
CVE-2023-38669 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2022-41886 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-5752 pip-22.3.1-py3-none-any.whl
WS-2022-0437 nltk-3.7-py3-none-any.whl
CVE-2022-41895 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41883 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41890 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-37276 aiohttp-3.8.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41908 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-25659 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-47627 aiohttp-3.8.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-52302 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-25663 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-52310 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-25675 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-25671 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-49082 aiohttp-3.8.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41910 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-25882 onnx-1.12.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41907 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-38673 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2022-41880 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-52304 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-32731 grpcio-1.50.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2024-23829 aiohttp-3.8.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-52313 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-25670 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41896 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-25668 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41888 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-25676 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-47248 pyarrow-10.0.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-25660 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-34239 gradio-3.4b2-py3-none-any.whl
CVE-2022-45907 torch-1.13.0-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-52306 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-38677 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2024-0964 gradio-3.4b2-py3-none-any.whl
CVE-2023-49081 aiohttp-3.8.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41902 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41893 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-25673 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-38675 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-25665 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-52308 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2022-46741 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2022-41894 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2024-0521 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2022-41909 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-38678 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-25662 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-25658 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
WS-2022-0401 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-25674 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-50447 Pillow-9.3.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-38671 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-25667 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41901 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-52311 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2022-41887 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-44271 Pillow-9.3.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41891 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41899 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41884 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-38674 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-25823 gradio-3.4b2-py3-none-any.whl
CVE-2023-51449 gradio-3.4b2-py3-none-any.whl
CVE-2023-52312 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-52303 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-52314 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-25664 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-52305 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2024-23334 aiohttp-3.8.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
WS-2022-0438 nltk-3.7-py3-none-any.whl
CVE-2023-25672 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-38672 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2022-41911 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-38676 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2022-45908 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-52309 paddlepaddle-2.3.2-cp37-cp37m-manylinux1_x86_64.whl
CVE-2023-25669 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41897 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2022-41889 tensorflow-2.10.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl

Base branch total remaining vulnerabilities: 92
Base branch commit: null


Total libraries scanned: 263

Scan token: 3e5af56e68a34f4497736b85ff1e983c

View more details on Mend Bolt for GitHub