chore(deps): Bump the pip group across 4 directories with 3 updates #8

An automation triggered a pipeline warning

Found 141 vulnerabilities. An additional 0 vulnerabilities have been marked as unaffected.

Output from Automations

4 rules were checked:

If a new dependency is added where the license risk is at least medium
then notify all users in the group admins by email

✔️ The rule did not trigger. Manage rule

If a dependency contains a vulnerability which has not been marked as unaffected and which has not triggered this rule for this dependency before
then notify all users in the group admins by email

✔️ The rule did not trigger. Manage rule

If there is a dependency where the license risk is at least high
then send a pipeline warning

✔️ The rule did not trigger. Manage rule

If a dependency contains a vulnerability which has not been marked as unaffected
then send a pipeline warning

⚠️ The rule triggered for the following vulnerabilities, causing a pipeline warning. Manage rule

Vulnerability	CVSS2	CVSS3	Dependency	Dependency Licenses
CVE-2014-3007	10	N/A	pillow (pip)	HPND
CVE-2022-45907	N/A	9.8	torch (pip)	BSD-3-Clause
CVE-2022-30595	7.5	9.8	pillow (pip)	HPND
CVE-2023-25823	N/A	9.8	gradio (pip)	Apache-2.0
CVE-2020-5311	7.5	9.8	pillow (pip)	HPND
CVE-2020-5312	7.5	9.8	pillow (pip)	HPND
CVE-2016-4009	10	9.8	pillow (pip)	HPND
CVE-2021-25289	7.5	9.8	pillow (pip)	HPND
CVE-2021-34552	7.5	9.8	pillow (pip)	HPND
CVE-2019-6446	7.5	9.8	numpy (pip)	BSD-3-Clause
CVE-2022-22817	7.5	9.8	pillow (pip)	HPND
CVE-2023-37920	N/A	9.8	certifi (pip)	MPL-2.0
CVE-2024-39236	N/A	9.8	gradio (pip)	Apache-2.0
CVE-2024-0964	N/A	9.4	gradio (pip)	Apache-2.0
CVE-2022-24303	6.4	9.1	pillow (pip)	HPND
CVE-2023-34239	N/A	9.1	gradio (pip)	Apache-2.0
CVE-2021-25287	6.4	9.1	pillow (pip)	HPND
CVE-2021-25288	6.4	9.1	pillow (pip)	HPND
CVE-2017-12863	6.8	8.8	opencv-python (pip)	N/A
CVE-2017-12605	6.8	8.8	opencv-python (pip)	N/A
CVE-2017-12604	6.8	8.8	opencv-python (pip)	N/A
CVE-2017-12603	6.8	8.8	opencv-python (pip)	N/A
CVE-2017-12601	6.8	8.8	opencv-python (pip)	N/A
CVE-2019-5064	6.8	8.8	opencv-python (pip)	N/A
CVE-2020-35654	6.8	8.8	pillow (pip)	HPND
CVE-2017-12862	6.8	8.8	opencv-python (pip)	N/A
CVE-2019-5063	6.8	8.8	opencv-python (pip)	N/A
CVE-2016-1516	6.8	8.8	opencv-python (pip)	N/A
CVE-2017-12599	6.8	8.8	opencv-python (pip)	N/A
CVE-2017-12598	6.8	8.8	opencv-python (pip)	N/A
CVE-2017-1000450	6.8	8.8	opencv-python (pip)	N/A
CVE-2017-12597	6.8	8.8	opencv-python (pip)	N/A
CVE-2017-12864	6.8	8.8	opencv-python (pip)	N/A
CVE-2020-5310	6.8	8.8	pillow (pip)	HPND
CVE-2017-12606	6.8	8.8	opencv-python (pip)	N/A
CVE-2023-6730	N/A	8.8	transformers (pip)	N/A
CVE-2022-24770	6.8	8.8	gradio (pip)	Apache-2.0
CVE-2024-6345	N/A	8.8	setuptools (pip)	MIT, Python-2.0
CVE-2015-5237	6.5	8.8	protobuf (pip)	N/A
CVE-2024-4325	N/A	8.6	gradio (pip)	Apache-2.0
CVE-2019-14491	6.4	8.2	opencv-python (pip)	N/A
CVE-2023-6572	N/A	8.1	gradio (pip)	Apache-2.0
CVE-2023-50447	N/A	8.1	pillow (pip)	HPND
CVE-2020-11538	6.8	8.1	pillow (pip)	HPND
CVE-2020-10379	6.8	7.8	pillow (pip)	HPND
CVE-2019-9423	4.6	7.8	opencv-python (pip)	N/A
CVE-2016-9190	6.8	7.8	pillow (pip)	HPND
CVE-2023-7018	N/A	7.8	transformers (pip)	N/A
CVE-2024-31583	N/A	7.8	torch (pip)	BSD-3-Clause
CVE-2021-43831	3.5	7.7	gradio (pip)	Apache-2.0
CVE-2021-28677	5	7.5	pillow (pip)	HPND
CVE-2023-51449	N/A	7.5	gradio (pip)	Apache-2.0
CVE-2022-40898	N/A	7.5	wheel (pip)	MIT
CVE-2023-39325	N/A	7.5	golang.org/x/net (Go)	BSD-3-Clause
CVE-2017-12602	7.8	7.5	opencv-python (pip)	N/A
CVE-2022-41723	N/A	7.5	golang.org/x/net (Go)	BSD-3-Clause
CVE-2017-12600	7.8	7.5	opencv-python (pip)	N/A
CVE-2019-19911	5	7.5	pillow (pip)	HPND
CVE-2024-4941	N/A	7.5	gradio (pip)	Apache-2.0
CVE-2023-44271	N/A	7.5	pillow (pip)	HPND
CVE-2024-4068	N/A	7.5	braces (npm)	MIT
CVE-2022-45198	N/A	7.5	pillow (pip)	HPND
CVE-2022-45199	N/A	7.5	pillow (pip)	HPND
CVE-2024-39689	N/A	7.5	certifi (pip)	MPL-2.0
CVE-2024-1561	N/A	7.5	gradio (pip)	Apache-2.0
CVE-2021-27921	5	7.5	pillow (pip)	HPND
CVE-2017-18009	5	7.5	opencv-python (pip)	N/A
CVE-2021-23437	5	7.5	pillow (pip)	HPND
CVE-2022-1941	N/A	7.5	protobuf (pip)	N/A
CVE-2021-25291	5	7.5	pillow (pip)	HPND
CVE-2021-27923	5	7.5	pillow (pip)	HPND
CVE-2021-25293	5	7.5	pillow (pip)	HPND
CVE-2019-14493	5	7.5	opencv-python (pip)	N/A
CVE-2019-14492	5	7.5	opencv-python (pip)	N/A
CVE-2021-25290	5	7.5	pillow (pip)	HPND
CVE-2017-12852	5	7.5	numpy (pip)	BSD-3-Clause
CVE-2021-28676	5	7.5	pillow (pip)	HPND
CVE-2021-27922	5	7.5	pillow (pip)	HPND
CVE-2021-22570	5	7.5	protobuf (pip)	N/A
CVE-2024-1728	N/A	7.5	gradio (pip)	Apache-2.0
CVE-2022-23491	N/A	7.5	certifi (pip)	MPL-2.0
CVE-2024-2206	N/A	7.3	gradio (pip)	Apache-2.0
CVE-2020-35653	5.8	7.1	pillow (pip)	HPND
CVE-2020-5313	5.8	7.1	pillow (pip)	HPND
CVE-2013-1633	6.8	N/A	setuptools (pip)	MIT, Python-2.0
CVE-2024-28219	N/A	6.7	pillow (pip)	HPND
CVE-2024-1183	N/A	6.5	gradio (pip)	Apache-2.0
CVE-2017-14136	4.3	6.5	opencv-python (pip)	N/A
CVE-2017-17760	4.3	6.5	opencv-python (pip)	N/A
CVE-2019-19624	6.4	6.5	opencv-python (pip)	N/A
CVE-2022-22815	6.4	6.5	pillow (pip)	HPND
CVE-2021-25292	4.3	6.5	pillow (pip)	HPND
CVE-2016-2533	4.3	6.5	pillow (pip)	HPND
CVE-2022-22816	6.4	6.5	pillow (pip)	HPND
CVE-2016-0775	4.3	6.5	pillow (pip)	HPND
CVE-2016-0740	4.3	6.5	pillow (pip)	HPND
CVE-2023-3978	N/A	6.1	golang.org/x/net (Go)	BSD-3-Clause
CVE-2024-0406	N/A	6.1	github.com/mholt/archiver/v3 (Go)	MIT
CVE-2019-15939	4.3	5.9	opencv-python (pip)	N/A
CVE-2024-1729	N/A	5.9	gradio (pip)	Apache-2.0
CVE-2022-40897	N/A	5.9	setuptools (pip)	MIT, Python-2.0
CVE-2020-10177	4.3	5.5	pillow (pip)	HPND
CVE-2014-1859	2.1	5.5	numpy (pip)	BSD-3-Clause
CVE-2014-1858	2.1	5.5	numpy (pip)	BSD-3-Clause
CVE-2016-3076	4.3	5.5	pillow (pip)	HPND
CVE-2019-16865	4.3	5.5	pillow (pip)	HPND
CVE-2016-1517	4.3	5.5	opencv-python (pip)	N/A
CVE-2020-10378	4.3	5.5	pillow (pip)	HPND
CVE-2020-10994	4.3	5.5	pillow (pip)	HPND
CVE-2021-41496	2.1	5.5	numpy (pip)	BSD-3-Clause
CVE-2021-28675	4.3	5.5	pillow (pip)	HPND
CVE-2021-28678	4.3	5.5	pillow (pip)	HPND
CVE-2018-5269	4.3	5.5	opencv-python (pip)	N/A
CVE-2018-5268	4.3	5.5	opencv-python (pip)	N/A
CVE-2016-9189	4.3	5.5	pillow (pip)	HPND
CVE-2020-35655	5.8	5.4	pillow (pip)	HPND
CVE-2024-4940	N/A	5.4	gradio (pip)	Apache-2.0
CVE-2021-34141	5	5.3	numpy (pip)	BSD-3-Clause
CVE-2021-41495	3.5	5.3	numpy (pip)	BSD-3-Clause
CVE-2021-33430	3.5	5.3	numpy (pip)	BSD-3-Clause
CVE-2019-16249	5	5.3	opencv-python (pip)	N/A
CVE-2014-3589	5	N/A	pillow (pip)	HPND
CVE-2014-9601	5	N/A	pillow (pip)	HPND
CVE-2014-3598	5	N/A	pillow (pip)	HPND
CVE-2023-41626	N/A	4.8	gradio (pip)	Apache-2.0
CVE-2023-2800	N/A	4.7	transformers (pip)	N/A
CVE-2014-1932	4.4	N/A	pillow (pip)	HPND
CVE-2024-1727	N/A	4.3	gradio (pip)	Apache-2.0
CVE-2024-3568	N/A	3.4	transformers (pip)	N/A
CVE-2014-1933	2.1	N/A	pillow (pip)	HPND
debricked-234845	N/A	N/A	pillow (pip)	HPND
debricked-184644	N/A	N/A	pillow (pip)	HPND
debricked-249408	N/A	N/A	golang.org/x/net (Go)	BSD-3-Clause
debricked-163806	N/A	N/A	pillow (pip)	HPND
CVE-2023-45288	N/A	N/A	golang.org/x/net (Go)	BSD-3-Clause
debricked-229743	N/A	N/A	pillow (pip)	HPND
CVE-2024-31580	N/A	N/A	torch (pip)	BSD-3-Clause
debricked-233238	N/A	N/A	protobuf (pip)	N/A
debricked-233237	N/A	N/A	protobuf (pip)	N/A
debricked-234843	N/A	N/A	pillow (pip)	HPND
debricked-235213	N/A	N/A	golang.org/x/net (Go)	BSD-3-Clause

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): Bump the pip group across 4 directories with 3 updates #8

chore(deps): Bump the pip group across 4 directories with 3 updates #8

An automation triggered a pipeline warning

Output from Automations

4 rules were checked:

Re-running checks...