Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 19 vulnerabilities #51

Closed
wants to merge 30 commits into from
Closed

[Snyk] Fix for 19 vulnerabilities #51

wants to merge 30 commits into from

Conversation

z103cb
Copy link

@z103cb z103cb commented Jul 9, 2024

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to fix 19 vulnerabilities in the pip dependencies of this project.

Snyk changed the following file(s):

  • samples/contrib/versioned-pipeline-ci-samples/kaggle-ci-sample/visualize_html/requirements.txt
⚠️ Warning ``` seaborn 0.12.2 requires numpy, which is not installed. pandas 1.3.5 requires numpy, which is not installed. matplotlib 3.5.3 requires fonttools, which is not installed. matplotlib 3.5.3 requires numpy, which is not installed. matplotlib 3.5.3 requires pillow, which is not installed. gcsfs 2023.1.0 requires aiohttp, which is not installed. 
</details>





---

> [!IMPORTANT]
>
> - Check the changes in this PR to ensure they won't cause issues with your project.
> - Max score is 1000. Note that the real score may have changed since the PR was raised.
> - This PR was automatically created by Snyk using the credentials of a real user.
> - Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

---

**Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIwNTg1NWRjNC0wNTY4LTQ0MWEtOGM3Zi0zNjY5OTA4ZTgyNjAiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjA1ODU1ZGM0LTA1NjgtNDQxYS04YzdmLTM2Njk5MDhlODI2MCJ9fQ==" width="0" height="0"/>
🧐 [View latest project report](https://app.snyk.io/org/data-services-red-hat-openshift-data-science/project/660202d5-b63a-4011-86d1-c31378b49b53?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr)
📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates)
🛠 [Adjust project settings](https://app.snyk.io/org/data-services-red-hat-openshift-data-science/project/660202d5-b63a-4011-86d1-c31378b49b53?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr/settings)
📚 [Read about Snyk's upgrade logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)

---

**Learn how to fix vulnerabilities with free interactive lessons:**

🦉 [Improper Input Validation](https://learn.snyk.io/lesson/improper-input-validation/?loc&#x3D;fix-pr)
🦉 [Improper Limitation of a Pathname to a Restricted Directory (&#x27;Path Traversal&#x27;)](https://learn.snyk.io/lesson/directory-traversal/?loc&#x3D;fix-pr)
🦉 [Cross-site Scripting (XSS)](https://learn.snyk.io/lesson/xss/?loc&#x3D;fix-pr)
🦉 [More lessons are available in Snyk Learn](https://learn.snyk.io/?loc&#x3D;fix-pr)

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"aiohttp","from":"3.8.6","to":"3.9.4"},{"name":"fonttools","from":"4.38.0","to":"4.43.0"},{"name":"numpy","from":"1.21.3","to":"1.22.2"},{"name":"pillow","from":"9.5.0","to":"10.3.0"},{"name":"requests","from":"2.31.0","to":"2.32.2"},{"name":"urllib3","from":"2.0.7","to":"2.2.2"},{"name":"zipp","from":"3.15.0","to":"3.19.1"}],"env":"prod","issuesToFix":[{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-AIOHTTP-6091621","priority_score":591,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.4","score":270},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Improper Input Validation"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-AIOHTTP-6091622","priority_score":591,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.4","score":270},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Improper Input Validation"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-AIOHTTP-6209406","priority_score":616,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.9","score":295},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-AIOHTTP-6209407","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"HTTP Request Smuggling"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-AIOHTTP-6645291","priority_score":449,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"4.7","score":235},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Cross-site Scripting (XSS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-AIOHTTP-6808823","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Infinite loop"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-FONTTOOLS-6133203","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"XML External Entity (XXE) Injection"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-FONTTOOLS-6133203","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"XML External Entity (XXE) Injection"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-NUMPY-2321964","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"NULL Pointer Dereference"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-NUMPY-2321966","priority_score":399,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Buffer Overflow"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-NUMPY-2321970","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Denial of Service (DoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-NUMPY-2321964","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"NULL Pointer Dereference"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-NUMPY-2321966","priority_score":399,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Buffer Overflow"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-NUMPY-2321970","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Denial of Service (DoS)"},{"exploit_maturity":"Mature","id":"SNYK-PYTHON-PILLOW-5918878","priority_score":909,"priority_score_factors":[{"type":"exploit","label":"High","score":214},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.6","score":480},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Heap-based Buffer Overflow"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-PILLOW-6043904","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-PILLOW-6182918","priority_score":726,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Eval Injection"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-PILLOW-6219984","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-PILLOW-6219986","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-PILLOW-6514866","priority_score":579,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Buffer Overflow"},{"exploit_maturity":"Mature","id":"SNYK-PYTHON-PILLOW-5918878","priority_score":909,"priority_score_factors":[{"type":"exploit","label":"High","score":214},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.6","score":480},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Heap-based Buffer Overflow"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-PILLOW-6043904","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-PILLOW-6182918","priority_score":726,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Eval Injection"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-PILLOW-6219984","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-PILLOW-6219986","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-PILLOW-6514866","priority_score":579,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Buffer Overflow"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-REQUESTS-6928867","priority_score":494,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.6","score":280},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Always-Incorrect Control Flow Implementation"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-REQUESTS-6928867","priority_score":494,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.6","score":280},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Always-Incorrect Control Flow Implementation"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-REQUESTS-6928867","priority_score":494,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.6","score":280},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Always-Incorrect Control Flow Implementation"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-URLLIB3-7267250","priority_score":514,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6","score":300},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Improper Removal of Sensitive Information Before Storage or Transfer"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-URLLIB3-7267250","priority_score":514,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6","score":300},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Improper Removal of Sensitive Information Before Storage or Transfer"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-URLLIB3-7267250","priority_score":514,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6","score":300},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Improper Removal of Sensitive Information Before Storage or Transfer"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-URLLIB3-7267250","priority_score":514,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6","score":300},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Improper Removal of Sensitive Information Before Storage or Transfer"},{"exploit_maturity":"No Known Exploit","id":"SNYK-PYTHON-URLLIB3-7267250","priority_score":514,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6","score":300},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Improper Removal of Sensitive Information Before Storage or Transfer"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-ZIPP-7430899","priority_score":738,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.9","score":345},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Infinite loop"},{"exploit_maturity":"Proof of Concept","id":"SNYK-PYTHON-ZIPP-7430899","priority_score":738,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.9","score":345},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Infinite loop"}],"prId":"05855dc4-0568-441a-8c7f-3669908e8260","prPublicId":"05855dc4-0568-441a-8c7f-3669908e8260","packageManager":"pip","priorityScoreList":[591,591,616,646,449,589,589,506,399,506,909,589,726,589,589,579,494,514,738],"projectPublicId":"660202d5-b63a-4011-86d1-c31378b49b53","projectUrl":"https://app.snyk.io/org/data-services-red-hat-openshift-data-science/project/660202d5-b63a-4011-86d1-c31378b49b53?utm_source=github&utm_medium=referral&page=fix-pr","prType":"fix","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["pr-warning-shown","priorityScore"],"type":"auto","upgrade":[],"vulns":["SNYK-PYTHON-AIOHTTP-6091621","SNYK-PYTHON-AIOHTTP-6091622","SNYK-PYTHON-AIOHTTP-6209406","SNYK-PYTHON-AIOHTTP-6209407","SNYK-PYTHON-AIOHTTP-6645291","SNYK-PYTHON-AIOHTTP-6808823","SNYK-PYTHON-FONTTOOLS-6133203","SNYK-PYTHON-NUMPY-2321964","SNYK-PYTHON-NUMPY-2321966","SNYK-PYTHON-NUMPY-2321970","SNYK-PYTHON-PILLOW-5918878","SNYK-PYTHON-PILLOW-6043904","SNYK-PYTHON-PILLOW-6182918","SNYK-PYTHON-PILLOW-6219984","SNYK-PYTHON-PILLOW-6219986","SNYK-PYTHON-PILLOW-6514866","SNYK-PYTHON-REQUESTS-6928867","SNYK-PYTHON-URLLIB3-7267250","SNYK-PYTHON-ZIPP-7430899"],"patch":[],"isBreakingChange":false,"remediationStrategy":"vuln"}'

rimolive and others added 30 commits May 27, 2024 16:02
@rimolive
UPSTREAM: <carry>: Add Commit Checker github action
56ecc37 
Signed-off-by: Ricardo M. Oliveira <[email protected]>
@HumairAK
Merge pull request #38 from rimolive/rmartine
3c5170b 
chore: Add Commit Checker github action
@rimolive
UPSTREAM: <carry>: Fix Commit Checker workflow to checkout the code
d09b624 
Signed-off-by: Ricardo M. Oliveira <[email protected]>
@HumairAK
Merge pull request #39 from rimolive/rmartine
bdd4217 
Fix Commit Checker workflow
@HumairAK
UPSTREAM: <carry>: move commit checker to separate wf
15464f6 
Signed-off-by: Humair Khan <[email protected]>
@HumairAK
Merge pull request #41 from HumairAK/fix_cc
2bc028c 
UPSTREAM: <carry>: move commit checker to separate wf
@HumairAK
UPSTREAM: <carry>: fix commit-checker gh workflow syntax
abb28bd 
Signed-off-by: Humair Khan <[email protected]>
@HumairAK
Merge pull request #45 from HumairAK/fix_commit_checker
0115b8e 
UPSTREAM: <carry>: fix commit-checker gh workflow syntax
@rimolive
Change Commit Checker to get the PR last commit
47fb475
@HumairAK
Merge pull request #47 from rimolive/rmartine-commit-checker
7127a61 
Change Commit Checker to get the PR last commit
@rimolive
UPSTREAM:<carry>:Fix Commit Checker PR comment formatting
efb845e 
Signed-off-by: Ricardo M. Oliveira <[email protected]>
@HumairAK
Merge pull request #48 from rimolive/rmartine-commit-checker
542e1d4 
Fix Commit Checker PR comment formatting
@rimolive
UPSTREAM: <carry>: Add a conditional in the commit checker workflow t…
0b53e53 
…o avoid return an error code

Signed-off-by: Ricardo M. Oliveira <[email protected]>
@rimolive
Merge pull request #49 from rimolive/rmartine-commit-checker
25f33aa 
UPSTREAM: <carry>: Add a conditional in the commit checker workflow to avoid return an error code
Updated ubi8 image and go-toolset version
ea12783 
Signed-off-by: Achyut Madhusudan <[email protected]>
@HumairAK
Merge pull request #44 from amadhusu/RHOAIENG-7423-1.18
effca01 
UPSTREAM:<carry>:chore:RHOAIENG-7423 - Updated ubi8 image and go-toolset version
@rimolive
UPSTREAM: <carry>: Final fix for Commit Checker GH Action
dcbeed8 
Signed-off-by: Ricardo M. Oliveira <[email protected]>
@HumairAK
Merge pull request #50 from rimolive/rmartine-commit-checker
6623b7c 
Final fix for Commit Checker GH Action
@VaniHaripriya
UPSTREAM: <carry>: Fix for default Pipelineroot failures
624df09
@openshift-merge-bot
Merge pull request #51 from VaniHaripriya/RHOAIENG-7209
f3fbc2c 
UPSTREAM: <carry>: Fix for default Pipelineroot failures
@HumairAK
UPSTREAM: <carry>: add last_run_creation
bf77909 
Signed-off-by: Humair Khan <[email protected]>
@openshift-merge-bot
Merge pull request #52 from HumairAK/RHOAIENG-7692
2aacfe2 
UPSTREAM: <carry>: add last_run_creation
@DharmitD
UPSTREAM: <carry>: Upgrade DSP api/go.mod package versions
a54c07f
@HumairAK
Merge pull request #54 from DharmitD/snyk-cve-api
50c0275 
UPSTREAM: <carry>: Upgrade DSP api/go.mod package versions
@DharmitD
UPSTREAM: <carry>: Upgrade DSP go.mod package versions
aeb18d2
@HumairAK
Merge pull request #55 from DharmitD/DSP-snyk-HL
ea68150 
UPSTREAM: <carry>: Upgrade DSP go.mod package versions
@DharmitD
UPSTREAM: <carry>: Upgrade go version to 1.21 and go.mod package vers…
f46e510 
…ions
@HumairAK
Merge pull request #56 from DharmitD/go-version-cve
dadfb38 
UPSTREAM: <carry>: Upgrade go version to 1.21 and go.mod package versions
@HumairAK
Merge pull request #57 from opendatahub-io/v2.3.x
97153ee 
V2.3.0 to stable
@snyk-bot
fix: samples/contrib/versioned-pipeline-ci-samples/kaggle-ci-sample/v…
1de43a9 
…isualize_html/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091621
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091622
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209406
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209407
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6645291
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6808823
- https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
@github-actions github-actions bot added the Stale label Oct 18, 2024
@github-actions github-actions bot closed this Nov 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@z103cb @rimolive @HumairAK @VaniHaripriya @DharmitD @snyk-bot