From 0d8b3d7f9d9b06c929d51a219a3d208d64a4c91e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 3 Nov 2023 19:15:57 +0000 Subject: [PATCH] fix: python/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 --- python/requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/python/requirements.txt b/python/requirements.txt index 4c35dcb0b6f..c7429379a8c 100644 --- a/python/requirements.txt +++ b/python/requirements.txt @@ -13,3 +13,4 @@ pandas>=0.12.0 python-dateutil>=1.4,<2 protobuf>=2.5.0 python-gflags>=2.0 +pillow>=10.0.0 # not directly required, pinned by Snyk to avoid a vulnerability