Dependabot HIGH severity:
Select alert: Pillow affected by out-of-bounds write when loading PSD images
https://github.com/thomasht86/httpr/security/dependabot/40 High
#40 opened 2 months ago • Detected in pillow (pip) • uv.lock
Select alert: Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing
https://github.com/thomasht86/httpr/security/dependabot/42 High
#42 opened last month • Detected in quinn-proto (Rust) • Cargo.lock
Select alert: FITS GZIP decompression bomb in Pillow
https://github.com/thomasht86/httpr/security/dependabot/64 High
#64 opened 7 hours ago • Detected in pillow (pip) • uv.lock
Select alert: cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
https://github.com/thomasht86/httpr/security/dependabot/47 High
Create a PR with updates to handle this. Make sure all tests still pass.
Dependabot HIGH severity:
Select alert: Pillow affected by out-of-bounds write when loading PSD images
https://github.com/thomasht86/httpr/security/dependabot/40 High
#40 opened 2 months ago • Detected in pillow (pip) • uv.lock
Select alert: Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing
https://github.com/thomasht86/httpr/security/dependabot/42 High
#42 opened last month • Detected in quinn-proto (Rust) • Cargo.lock
Select alert: FITS GZIP decompression bomb in Pillow
https://github.com/thomasht86/httpr/security/dependabot/64 High
#64 opened 7 hours ago • Detected in pillow (pip) • uv.lock
Select alert: cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
https://github.com/thomasht86/httpr/security/dependabot/47 High
Create a PR with updates to handle this. Make sure all tests still pass.