[Snyk] Security upgrade eventlet from 0.35.2 to 0.37.0 #277
Mend Bolt for GitHub / Mend Security Check
failed
Oct 2, 2024 in 3m 58s
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2024-6345Path to dependency file: /docs/build/requirements.txt Path to vulnerable library: /docs/build/requirements.txt Dependency Hierarchy: -> ❌ setuptools-68.0.0-py3-none-any.whl (Vulnerable Library) |
 High |
7.0 | setuptools-68.0.0-py3-none-any.whl | Upgrade to version: setuptools - 70.0.0 | None |
✔️ Remediated vulnerabilities:
| CVE | Vulnerable Library |
|---|---|
| CVE-2024-34064 | Jinja2-3.1.3-py3-none-any.whl |
Base branch total remaining vulnerabilities: 12
Base branch commit: 898f2b8122e263c9dd491bf6b6d50b066d2d5cac
Total libraries scanned: 201
Scan token: f63cd58f69824a359e43406173f07c51
Loading