[Snyk] Fix for 90 vulnerabilities

[Encryptor-Sec]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `pip` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • requirements.txt

⚠️ Warning

peepdf 0.4.2 requires Pillow, which is not installed.
peepdf 0.4.2 has requirement jsbeautifier==1.6.2, but you have jsbeautifier 1.6.4.
Jinja2 3.1.3 has requirement MarkupSafe>=2.0, but you have MarkupSafe 1.1.0.
ipython 5.8.0 has requirement prompt-toolkit<2.0.0,>=1.0.4, but you have prompt-toolkit 3.0.13.
Flask 2.2.5 requires Werkzeug, which is not installed.
Flask 2.2.5 has requirement itsdangerous>=2.0, but you have itsdangerous 0.24.
Flask-KVSession 0.6.2 requires werkzeug, which is not installed.
autobahn 20.12.3 has requirement hyperlink>=20.0.1, but you have hyperlink 17.3.1.
autobahn 20.12.3 has requirement txaio>=20.4.1, but you have txaio 2.10.0.

Vulnerabilities that will be fixed

By pinning:

Severity	Priority Score (*)	Issue	Upgrade	Breaking Change	Exploit Maturity
	539/1000 Why? Has a fix available, CVSS 6.5	HTTP Header Injection SNYK-PYTHON-AUTOBAHN-1054590	autobahn: 17.10.1 -> 20.12.3	No	No Known Exploit
	439/1000 Why? Has a fix available, CVSS 4.5	Directory Traversal SNYK-PYTHON-BABEL-1278589	babel: 2.6.0 -> 2.9.1	No	No Known Exploit
	554/1000 Why? Has a fix available, CVSS 6.8	Insufficient Verification of Data Authenticity SNYK-PYTHON-CERTIFI-3164749	certifi: 2018.8.24 -> 2023.7.22	No	No Known Exploit
	704/1000 Why? Has a fix available, CVSS 9.8	Improper Following of a Certificate's Chain of Trust SNYK-PYTHON-CERTIFI-5805047	certifi: 2018.8.24 -> 2023.7.22	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Timing Attack SNYK-PYTHON-CRYPTOGRAPHY-1022152	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-3172287	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	454/1000 Why? Has a fix available, CVSS 4.8	Expected Behavior Violation SNYK-PYTHON-CRYPTOGRAPHY-3314966	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Use After Free SNYK-PYTHON-CRYPTOGRAPHY-3315324	cryptography: 2.6.1 -> 42.0.0	No	Proof of Concept
	584/1000 Why? Has a fix available, CVSS 7.4	Access of Resource Using Incompatible Type ('Type Confusion') SNYK-PYTHON-CRYPTOGRAPHY-3315328	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Timing Attack SNYK-PYTHON-CRYPTOGRAPHY-3315331	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-3315452	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-3315972	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-3315975	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-3316038	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-3316211	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-5663682	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	691/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.4	Improper Certificate Validation SNYK-PYTHON-CRYPTOGRAPHY-5777683	cryptography: 2.6.1 -> 42.0.0	No	Proof of Concept
	399/1000 Why? Has a fix available, CVSS 3.7	Insufficient Verification of Data Authenticity SNYK-PYTHON-CRYPTOGRAPHY-5813745	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-5813746	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-5813750	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-5914629	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Missing Cryptographic Step SNYK-PYTHON-CRYPTOGRAPHY-6036192	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-6050294	cryptography: 2.6.1 -> 42.0.0	No	No Known Exploit
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Information Exposure SNYK-PYTHON-CRYPTOGRAPHY-6126975	cryptography: 2.6.1 -> 42.0.0	No	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Information Exposure SNYK-PYTHON-FLASK-5490129	flask: 1.1.1 -> 2.2.5	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-FUTURE-3180414	future: 0.16.0 -> 0.18.3	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-JINJA2-1012994	jinja2: 2.10.1 -> 3.1.3	No	Proof of Concept
	556/1000 Why? Recently disclosed, Has a fix available, CVSS 5.4	Cross-site Scripting (XSS) SNYK-PYTHON-JINJA2-6150717	jinja2: 2.10.1 -> 3.1.3	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-MAKO-3017600	mako: 1.0.7 -> 1.2.2	No	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Information Exposure SNYK-PYTHON-MARSHMALLOW-72559	marshmallow: 3.0.0b3 -> 3.0.0b9	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Cryptographic Weakness SNYK-PYTHON-PASSLIB-569603	passlib: 1.7.1 -> 1.7.3	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Out-of-bounds Read SNYK-PYTHON-PILLOW-1055461	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Out-of-bounds Read SNYK-PYTHON-PILLOW-1055462	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Out-of-bounds Write SNYK-PYTHON-PILLOW-1059090	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Out-of-bounds Read SNYK-PYTHON-PILLOW-1080635	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-PILLOW-1080654	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-PILLOW-1081494	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-PILLOW-1081501	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-PILLOW-1081502	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	Heap-based Buffer Overflow SNYK-PYTHON-PILLOW-1082329	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Insufficient Validation SNYK-PYTHON-PILLOW-1082750	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-PILLOW-1090584	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-PILLOW-1090586	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-PILLOW-1090587	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-PILLOW-1090588	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Out-of-bounds Read SNYK-PYTHON-PILLOW-1292150	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Out-of-bounds Read SNYK-PYTHON-PILLOW-1292151	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	494/1000 Why? Has a fix available, CVSS 5.6	Buffer Overflow SNYK-PYTHON-PILLOW-1316216	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-PILLOW-1319443	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-PYTHON-PILLOW-2329135	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	704/1000 Why? Has a fix available, CVSS 9.8	Arbitrary Code Execution SNYK-PYTHON-PILLOW-2331901	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Buffer Over-read SNYK-PYTHON-PILLOW-2331905	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Improper Initialization SNYK-PYTHON-PILLOW-2331907	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Improper Input Validation SNYK-PYTHON-PILLOW-2397241	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-PYTHON-PILLOW-3113875	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-PYTHON-PILLOW-3113876	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-PYTHON-PILLOW-540746	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	604/1000 Why? Has a fix available, CVSS 7.8	Buffer Overflow SNYK-PYTHON-PILLOW-541323	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	604/1000 Why? Has a fix available, CVSS 7.8	Buffer Overflow SNYK-PYTHON-PILLOW-541324	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	604/1000 Why? Has a fix available, CVSS 7.8	Buffer Overflow SNYK-PYTHON-PILLOW-541325	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	604/1000 Why? Has a fix available, CVSS 7.8	Integer Overflow SNYK-PYTHON-PILLOW-541326	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	414/1000 Why? Has a fix available, CVSS 4	Out-of-Bounds SNYK-PYTHON-PILLOW-574573	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	414/1000 Why? Has a fix available, CVSS 4	Out-of-bounds Read SNYK-PYTHON-PILLOW-574574	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	414/1000 Why? Has a fix available, CVSS 4	Out-of-bounds Read SNYK-PYTHON-PILLOW-574575	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	414/1000 Why? Has a fix available, CVSS 4	Out-of-bounds Read SNYK-PYTHON-PILLOW-574576	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	469/1000 Why? Has a fix available, CVSS 5.1	Buffer Overflow SNYK-PYTHON-PILLOW-574577	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	909/1000 Why? Mature exploit, Has a fix available, CVSS 9.6	Heap-based Buffer Overflow SNYK-PYTHON-PILLOW-5918878	pillow: 6.2.0 -> 10.2.0	No	Mature
	589/1000 Why? Has a fix available, CVSS 7.5	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-PYTHON-PILLOW-6043904	pillow: 6.2.0 -> 10.2.0	No	No Known Exploit
	843/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 9	Eval Injection SNYK-PYTHON-PILLOW-6182918	pillow: 6.2.0 -> 10.2.0	No	Proof of Concept
	399/1000 Why? Has a fix available, CVSS 3.7	Race Condition SNYK-PYTHON-PROMPTTOOLKIT-6141120	prompt-toolkit: 1.0.15 -> 3.0.13	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-PYGMENTS-1086606	pygments: 2.3.1 -> 2.15.0	No	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-PYGMENTS-1088505	pygments: 2.3.1 -> 2.15.0	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-PYGMENTS-5750273	pygments: 2.3.1 -> 2.15.0	No	No Known Exploit
	519/1000 Why? Has a fix available, CVSS 6.1	Information Exposure SNYK-PYTHON-REQUESTS-5595532	requests: 2.21.0 -> 2.31.0	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-SETUPTOOLS-3180412	setuptools: 39.0.1 -> 65.5.1	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-SQLPARSE-1584201	sqlparse: 0.2.4 -> 0.4.4	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-SQLPARSE-5426157	sqlparse: 0.2.4 -> 0.4.4	No	No Known Exploit
	599/1000 Why? Has a fix available, CVSS 7.7	HTTP Header Injection SNYK-PYTHON-URLLIB3-1014645	urllib3: 1.24.1 -> 1.26.18	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-URLLIB3-1533435	urllib3: 1.24.1 -> 1.26.18	No	No Known Exploit
	794/1000 Why? Mature exploit, Has a fix available, CVSS 7.3	CRLF injection SNYK-PYTHON-URLLIB3-174323	urllib3: 1.24.1 -> 1.26.18	No	Mature
	589/1000 Why? Has a fix available, CVSS 7.5	Improper Certificate Validation SNYK-PYTHON-URLLIB3-174464	urllib3: 1.24.1 -> 1.26.18	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Information Exposure Through Sent Data SNYK-PYTHON-URLLIB3-5926907	urllib3: 1.24.1 -> 1.26.18	No	No Known Exploit
	584/1000 Why? Has a fix available, CVSS 7.4	Information Exposure Through Sent Data SNYK-PYTHON-URLLIB3-5969479	urllib3: 1.24.1 -> 1.26.18	No	No Known Exploit
	424/1000 Why? Has a fix available, CVSS 4.2	Information Exposure Through Sent Data SNYK-PYTHON-URLLIB3-6002459	urllib3: 1.24.1 -> 1.26.18	No	No Known Exploit
	494/1000 Why? Has a fix available, CVSS 5.6	Race Condition SNYK-PYTHON-WEBARGS-173773	webargs: 5.1.2 -> 5.5.3	No	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	Cross-Site Request Forgery (CSRF) SNYK-PYTHON-WEBARGS-564231	webargs: 5.1.2 -> 5.5.3	No	No Known Exploit
	344/1000 Why? Has a fix available, CVSS 2.6	Access Restriction Bypass SNYK-PYTHON-WERKZEUG-3319935	werkzeug: 0.16.0 -> 2.3.8	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-WERKZEUG-3319936	werkzeug: 0.16.0 -> 2.3.8	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Inefficient Algorithmic Complexity SNYK-PYTHON-WERKZEUG-6035177	werkzeug: 0.16.0 -> 2.3.8	No	No Known Exploit
	454/1000 Why? Has a fix available, CVSS 4.8	Cross-site Scripting (XSS) SNYK-PYTHON-WTFORMS-40581	wtforms: 2.2.1 -> 2.3.0	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Directory Traversal 🦉 Use After Free 🦉 Access of Resource Using Incompatible Type ('Type Confusion') 🦉 More lessons are available in Snyk Learn