mirror of
https://github.com/usmannasir/cyberpanel.git
synced 2026-06-09 08:40:40 +02:00
764913a842
Fixed 5 critical security vulnerabilities in Python dependencies: 1. Tornado (6.4.1 -> >=6.4.2) - CVE-2024-52804: DoS via HTTP cookie parser - CVE-2025-47287: DoS via multipart/form-data parser 2. Requests (2.32.3 -> >=2.32.4) - CVE-2024-47081: URL parsing may leak .netrc credentials 3. Cryptography (43.0.0 -> >=43.0.1) - CVE-2024-12797: Vulnerable statically linked OpenSSL - PVE-2024-73711: Another OpenSSL vulnerability 4. PyJWT (unpinned -> >=2.10.1) - Multiple vulnerabilities in unpinned versions 5. psutil (unpinned -> >=7.2.0) - Security issues in older versions Changes: - Updated requirments.txt with secure minimum versions - Added requirements-secure.txt for documentation All packages updated to secure versions that address these CVEs.
477 B
477 B