Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update dependency django to v3.2.22 - autoclosed #18

Closed
wants to merge 1 commit into from

chore(deps): update dependency django to v3.2.22

b748b1e
Select commit
Loading
Failed to load commit list.
Closed

chore(deps): update dependency django to v3.2.22 - autoclosed #18

chore(deps): update dependency django to v3.2.22
b748b1e
Select commit
Loading
Failed to load commit list.
This check has been archived and is scheduled for deletion. Learn more about checks retention
Mend for GitHub.com / Mend Security Check failed Oct 14, 2023 in 4m 31s

Security Report

You have successfully remediated 18 vulnerabilities, but introduced 3 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2023-37920

Path to dependency file: /data-files/benchmarks/bm_dulwich_log/requirements.txt

Path to vulnerable library: /data-files/benchmarks/bm_dulwich_log/requirements.txt,/data-files/benchmarks/bm_dulwich_log/requirements.txt

Dependency Hierarchy:

-> ❌ certifi-2021.5.30-py2.py3-none-any.whl (Vulnerable Library)

Critical 9.8 certifi-2021.5.30-py2.py3-none-any.whl Upgrade to version: certifi - 2023.7.22 #5
CVE-2023-28370

Path to dependency file: /data-files/benchmarks/bm_tornado_http/requirements.txt

Path to vulnerable library: /data-files/benchmarks/bm_tornado_http/requirements.txt

Dependency Hierarchy:

-> ❌ tornado-6.1-cp37-cp37m-manylinux2010_x86_64.whl (Vulnerable Library)

Medium 6.1 tornado-6.1-cp37-cp37m-manylinux2010_x86_64.whl Upgrade to version: tornado - 6.3.2 None
WS-2023-0296

Path to dependency file: /data-files/benchmarks/bm_tornado_http/requirements.txt

Path to vulnerable library: /data-files/benchmarks/bm_tornado_http/requirements.txt

Dependency Hierarchy:

-> ❌ tornado-6.1-cp37-cp37m-manylinux2010_x86_64.whl (Vulnerable Library)

Medium 5.6 tornado-6.1-cp37-cp37m-manylinux2010_x86_64.whl Upgrade to version: tornado - 6.3.3 None

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2023-36053 Django-3.2.4-py3-none-any.whl
CVE-2022-41323 Django-3.2.4-py3-none-any.whl
CVE-2023-43665 Django-3.2.4-py3-none-any.whl
CVE-2023-23969 Django-3.2.4-py3-none-any.whl
CVE-2022-23833 Django-3.2.4-py3-none-any.whl
CVE-2021-45116 Django-3.2.4-py3-none-any.whl
CVE-2023-24580 Django-3.2.4-py3-none-any.whl
CVE-2023-31047 Django-3.2.4-py3-none-any.whl
CVE-2022-22818 Django-3.2.4-py3-none-any.whl
CVE-2022-36359 Django-3.2.4-py3-none-any.whl
CVE-2022-28347 Django-3.2.4-py3-none-any.whl
CVE-2023-41164 Django-3.2.4-py3-none-any.whl
CVE-2022-34265 Django-3.2.4-py3-none-any.whl
CVE-2022-28346 Django-3.2.4-py3-none-any.whl
CVE-2021-35042 Django-3.2.4-py3-none-any.whl
CVE-2021-45452 Django-3.2.4-py3-none-any.whl
CVE-2021-44420 Django-3.2.4-py3-none-any.whl
CVE-2021-45115 Django-3.2.4-py3-none-any.whl

Base branch total remaining vulnerabilities: 26
Base branch commit: b4e24341e4c07ef7401fadd16a39617d287a4d1e


Total libraries scanned: 43

Scan token: 1d43ca51f1684d4388c37dc5c2916c08

View more details on Mend for GitHub.com