Skip to content

chore(deps): update dependency python-json-logger to v2.0.7 #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
renovate wants to merge 1 commit into
base: main
Choose a base branch
from

chore(deps): update dependency python-json-logger to v2.0.7

27a9a12
Select commit
Loading
Failed to load commit list.
Open

chore(deps): update dependency python-json-logger to v2.0.7 #10

chore(deps): update dependency python-json-logger to v2.0.7
27a9a12
Select commit
Loading
Failed to load commit list.
Mend Bolt for GitHub / WhiteSource Security Check failed Aug 10, 2025 in 2h 4m 20s

Security Report

You have successfully remediated 29 vulnerabilities, but introduced 16 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-56201

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/Jinja2-3.1.3.dist-info

Dependency Hierarchy:

-> ❌ Jinja2-3.1.3-py3-none-any.whl (Vulnerable Library)

High 8.8 Jinja2-3.1.3-py3-none-any.whl Upgrade to version: Jinja2 - 3.1.5 None
CVE-2024-6119

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/cryptography-42.0.5.dist-info

Dependency Hierarchy:

-> ❌ cryptography-42.0.5-cp39-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library)

High 7.5 cryptography-42.0.5-cp39-abi3-manylinux_2_28_x86_64.whl None
CVE-2024-39689

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/certifi-2024.2.2.dist-info

Dependency Hierarchy:

-> ❌ certifi-2024.2.2-py3-none-any.whl (Vulnerable Library)

High 7.5 certifi-2024.2.2-py3-none-any.whl Upgrade to version: certifi - 2024.7.4 None
CVE-2024-3651

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/idna-3.6.dist-info

Dependency Hierarchy:

-> ❌ idna-3.6-py3-none-any.whl (Vulnerable Library)

High 7.5 idna-3.6-py3-none-any.whl Upgrade to version: idna - 3.7 None
CVE-2025-27516

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/Jinja2-3.1.3.dist-info

Dependency Hierarchy:

-> ❌ Jinja2-3.1.3-py3-none-any.whl (Vulnerable Library)

High 7.3 Jinja2-3.1.3-py3-none-any.whl Upgrade to version: 3.1.6 None
CVE-2024-56326

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/Jinja2-3.1.3.dist-info

Dependency Hierarchy:

-> ❌ Jinja2-3.1.3-py3-none-any.whl (Vulnerable Library)

Medium 6.7 Jinja2-3.1.3-py3-none-any.whl Upgrade to version: Jinja2 - 3.1.5 None
CVE-2024-35195

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/requests-2.31.0.dist-info

Dependency Hierarchy:

-> ❌ requests-2.31.0-py3-none-any.whl (Vulnerable Library)

Medium 5.6 requests-2.31.0-py3-none-any.whl Upgrade to version: requests - 2.32.0 None
CVE-2024-8775

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/ansible_core-2.15.13.dist-info

Dependency Hierarchy:

-> ❌ ansible_core-2.15.13-py3-none-any.whl (Vulnerable Library)

Medium 5.5 ansible_core-2.15.13-py3-none-any.whl Upgrade to version: ansible-core - 2.17.6 None
CVE-2024-11079

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/ansible_core-2.15.13.dist-info

Dependency Hierarchy:

-> ❌ ansible_core-2.15.13-py3-none-any.whl (Vulnerable Library)

Medium 5.5 ansible_core-2.15.13-py3-none-any.whl Upgrade to version: ansible-core - 2.18.1 None
CVE-2024-34064

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/Jinja2-3.1.3.dist-info

Dependency Hierarchy:

-> ❌ Jinja2-3.1.3-py3-none-any.whl (Vulnerable Library)

Medium 5.4 Jinja2-3.1.3-py3-none-any.whl None
CVE-2025-50182

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/urllib3-2.2.1.dist-info

Dependency Hierarchy:

-> ❌ urllib3-2.2.1-py3-none-any.whl (Vulnerable Library)

Medium 5.3 urllib3-2.2.1-py3-none-any.whl Upgrade to version: https://github.com/urllib3/urllib3.git - 2.5.0 None
CVE-2025-50181

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/urllib3-2.2.1.dist-info

Dependency Hierarchy:

-> ❌ urllib3-2.2.1-py3-none-any.whl (Vulnerable Library)

Medium 5.3 urllib3-2.2.1-py3-none-any.whl Upgrade to version: https://github.com/urllib3/urllib3.git - 2.5.0 None
CVE-2024-47081

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/requests-2.31.0.dist-info

Dependency Hierarchy:

-> ❌ requests-2.31.0-py3-none-any.whl (Vulnerable Library)

Medium 5.3 requests-2.31.0-py3-none-any.whl Upgrade to version: requests - 2.32.4 None
CVE-2024-21503

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/black-23.1.0.dist-info

Dependency Hierarchy:

-> ❌ black-23.1.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)

Medium 5.3 black-23.1.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl None
CVE-2024-12797

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/cryptography-42.0.5.dist-info

Dependency Hierarchy:

-> ❌ cryptography-42.0.5-cp39-abi3-manylinux_2_28_x86_64.whl (Vulnerable Library)

Medium 4.8 cryptography-42.0.5-cp39-abi3-manylinux_2_28_x86_64.whl Upgrade to version: https://github.com/openssl/openssl.git - openssl-3.3.3 None
CVE-2024-37891

Path to dependency file: /requirements.txt

Path to vulnerable library: /tmp/ws-ua_20250810173908_BOFGNL/python_JABONY/202508101739091/env/lib/python3.9/site-packages/urllib3-2.2.1.dist-info

Dependency Hierarchy:

-> ❌ urllib3-2.2.1-py3-none-any.whl (Vulnerable Library)

Medium 4.4 urllib3-2.2.1-py3-none-any.whl Upgrade to version: urllib3 - 1.26.19,2.2.2 None

βœ”οΈ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2023-2650 cryptography-39.0.1-cp36-abi3-manylinux_2_24_x86_64.whl
CVE-2023-45803 urllib3-1.26.14-py2.py3-none-any.whl
CVE-2024-26130 cryptography-39.0.1-cp36-abi3-manylinux_2_24_x86_64.whl
CVE-2024-22195 Jinja2-3.1.2-py3-none-any.whl
CVE-2023-43804 urllib3-1.26.14-py2.py3-none-any.whl
CVE-2023-49083 cryptography-39.0.1-cp36-abi3-manylinux_2_24_x86_64.whl
CVE-2022-40896 Pygments-2.14.0-py3-none-any.whl
CVE-2024-34064 Jinja2-3.1.2-py3-none-any.whl
CVE-2023-4807 cryptography-39.0.1-cp36-abi3-manylinux_2_24_x86_64.whl
CVE-2024-56201 Jinja2-3.1.2-py3-none-any.whl
CVE-2023-37920 certifi-2022.12.7-py3-none-any.whl
CVE-2024-5569 zipp-3.13.0-py3-none-any.whl
CVE-2023-26303 markdown_it_py-2.1.0-py3-none-any.whl
CVE-2023-3446 cryptography-39.0.1-cp36-abi3-manylinux_2_24_x86_64.whl
CVE-2024-39689 certifi-2022.12.7-py3-none-any.whl
CVE-2023-26302 markdown_it_py-2.1.0-py3-none-any.whl
CVE-2025-50181 urllib3-1.26.14-py2.py3-none-any.whl
CVE-2024-37891 urllib3-1.26.14-py2.py3-none-any.whl
CVE-2024-47081 requests-2.28.2-py3-none-any.whl
CVE-2025-27516 Jinja2-3.1.2-py3-none-any.whl
CVE-2024-35195 requests-2.28.2-py3-none-any.whl
CVE-2025-50182 urllib3-1.26.14-py2.py3-none-any.whl
CVE-2024-3651 idna-3.4-py3-none-any.whl
CVE-2023-50782 cryptography-39.0.1-cp36-abi3-manylinux_2_24_x86_64.whl
CVE-2023-38325 cryptography-39.0.1-cp36-abi3-manylinux_2_24_x86_64.whl
CVE-2024-56326 Jinja2-3.1.2-py3-none-any.whl
CVE-2024-6119 cryptography-39.0.1-cp36-abi3-manylinux_2_24_x86_64.whl
CVE-2024-21503 black-23.1.0-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2023-32681 requests-2.28.2-py3-none-any.whl

Base branch total remaining vulnerabilities: 29
Base branch commit: null


Total libraries scanned: 67

Scan token: 285318c7d4404c40ae5df9ed0f6e6253

View more details on Mend Bolt for GitHub