youngkingdom/ragflow
1
0
Fork 0
mirror of https://github.com/infiniflow/ragflow.git synced 2026-03-19 13:47:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
73bc9b91dec488553689c87fe815a1ebf507f310
ragflow/agent/sandbox/pyproject.toml
guptas6est c35b210c3a fix(security): upgrade requests to 2.32.5 in agent/sandbox to fix CVE-2024-47081 (#13424) 
### What problem does this PR solve?

This PR remediates CVE-2024-47081 (MEDIUM severity) in the agent/sandbox
component by upgrading the requests library from version 2.32.3 to
2.32.5. The vulnerability allows .netrc credentials to leak via
malicious URLs.

### Type of change

- [x] Bug Fix (non-breaking change which fixes an issue)
2026-03-06 09:29:18 +08:00

29 lines
519 B
TOML
Raw Blame History

[project]
name = "gvisor-sandbox"
version = "0.1.0"
description = "Add your description here"
readme = "README.md"
requires-python = ">=3.12,<3.15"
dependencies = [
"fastapi>=0.115.12",
"httpx>=0.28.1",
"pydantic>=2.11.4",
"requests>=2.32.4",
"slowapi>=0.1.9",
"uvicorn>=0.34.2",
]
[[tool.uv.index]]
url = "https://pypi.tuna.tsinghua.edu.cn/simple"
[dependency-groups]
dev = [
"basedpyright>=1.29.1",
]
[tool.ruff]
line-length = 200
[tool.ruff.lint]
extend-select = ["C4", "SIM", "TCH"]
Reference in New Issue View Git Blame Copy Permalink