chore(deps): update dependency django to v4 #51
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2023-41164Path to dependency file: /data-files/benchmarks/bm_django_template/requirements.txt Path to vulnerable library: /data-files/benchmarks/bm_django_template/requirements.txt Dependency Hierarchy: -> ❌ Django-4.0.9-py3-none-any.whl (Vulnerable Library) |
 High |
7.5 | Django-4.0.9-py3-none-any.whl | Upgrade to version: Django - 3.2.21,4.1.11,4.2.5 | None |
CVE-2023-36053Path to dependency file: /data-files/benchmarks/bm_django_template/requirements.txt Path to vulnerable library: /data-files/benchmarks/bm_django_template/requirements.txt Dependency Hierarchy: -> ❌ Django-4.0.9-py3-none-any.whl (Vulnerable Library) |
High |
7.5 | Django-4.0.9-py3-none-any.whl | Upgrade to version: Django -3.2.20,4.1.10,4.2.3 | None |
CVE-2023-24580Path to dependency file: /data-files/benchmarks/bm_django_template/requirements.txt Path to vulnerable library: /data-files/benchmarks/bm_django_template/requirements.txt Dependency Hierarchy: -> ❌ Django-4.0.9-py3-none-any.whl (Vulnerable Library) |
High |
7.5 | Django-4.0.9-py3-none-any.whl | Upgrade to version: Django - 3.2.18,4.0.10,4.1.7 | None |
CVE-2023-28370Path to dependency file: /data-files/benchmarks/bm_tornado_http/requirements.txt Path to vulnerable library: /data-files/benchmarks/bm_tornado_http/requirements.txt Dependency Hierarchy: -> ❌ tornado-6.1-cp38-cp38-manylinux2010_x86_64.whl (Vulnerable Library) |
 Medium |
6.1 | tornado-6.1-cp38-cp38-manylinux2010_x86_64.whl | Upgrade to version: tornado - 6.3.2 | None |
WS-2023-0296Path to dependency file: /data-files/benchmarks/bm_tornado_http/requirements.txt Path to vulnerable library: /data-files/benchmarks/bm_tornado_http/requirements.txt Dependency Hierarchy: -> ❌ tornado-6.1-cp38-cp38-manylinux2010_x86_64.whl (Vulnerable Library) |
Medium |
5.6 | tornado-6.1-cp38-cp38-manylinux2010_x86_64.whl | Upgrade to version: tornado - 6.3.3 | None |
✔️ Remediated vulnerabilities:
| CVE | Vulnerable Library |
|---|---|
| CVE-2023-36053 | Django-3.2.4-py3-none-any.whl |
| CVE-2022-41323 | Django-3.2.4-py3-none-any.whl |
| CVE-2024-27351 | Django-3.2.4-py3-none-any.whl |
| CVE-2023-43665 | Django-3.2.4-py3-none-any.whl |
| CVE-2023-23969 | Django-3.2.4-py3-none-any.whl |
| CVE-2022-23833 | Django-3.2.4-py3-none-any.whl |
| CVE-2021-45116 | Django-3.2.4-py3-none-any.whl |
| CVE-2024-24680 | Django-3.2.4-py3-none-any.whl |
| CVE-2023-24580 | Django-3.2.4-py3-none-any.whl |
| CVE-2023-31047 | Django-3.2.4-py3-none-any.whl |
| CVE-2023-28370 | tornado-6.1-cp37-cp37m-manylinux2010_x86_64.whl |
| CVE-2024-5569 | zipp-3.11.0-py3-none-any.whl |
| CVE-2022-22818 | Django-3.2.4-py3-none-any.whl |
| CVE-2022-36359 | Django-3.2.4-py3-none-any.whl |
| CVE-2022-28347 | Django-3.2.4-py3-none-any.whl |
| CVE-2023-41164 | Django-3.2.4-py3-none-any.whl |
| WS-2023-0296 | tornado-6.1-cp37-cp37m-manylinux2010_x86_64.whl |
| CVE-2022-34265 | Django-3.2.4-py3-none-any.whl |
| CVE-2022-28346 | Django-3.2.4-py3-none-any.whl |
| CVE-2021-35042 | Django-3.2.4-py3-none-any.whl |
| CVE-2021-45452 | Django-3.2.4-py3-none-any.whl |
| CVE-2021-44420 | Django-3.2.4-py3-none-any.whl |
| CVE-2021-45115 | Django-3.2.4-py3-none-any.whl |
| CVE-2023-46695 | Django-3.2.4-py3-none-any.whl |
Base branch total remaining vulnerabilities: 38
Base branch commit: null
Total libraries scanned: 41
Scan token: 4b0d14628d634af8a32409b6de48e682