yolov5

[Snyk] Fix for 17 vulnerabilities (#13323)

* fix: requirements.txt to reduce vulnerabilities


The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-TORCH-6619806
- https://snyk.io/vuln/SNYK-PYTHON-TORCH-6649934
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-WHEEL-3180413

* Update requirements.txt

Signed-off-by: Glenn Jocher <glenn.jocher@ultralytics.com>

---------

Signed-off-by: Glenn Jocher <glenn.jocher@ultralytics.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>

pull/13328/head

Glenn Jocher

2024-09-20 14:29:10 +02:00

committed by

GitHub

parent c5bb4087aa

commit b163ff8d25

No known key found for this signature in database

GPG Key ID: B5690EEEBB952194

1 changed files with 1 additions and 1 deletions

2

requirements.txt

View File

 @ -9,7 +9,7 @@ opencv-python>=4.1.1
 pillow>=10.3.0
 psutil  # system resources
 PyYAML>=5.3.1
 requests>=2.32.0
 requests>=2.32.2
 scipy>=1.4.1
 thop>=0.1.1  # FLOPs computation
 torch>=1.8.0  # see https://pytorch.org/get-started/locally (recommended)

[Snyk] Fix for 17 vulnerabilities (#13323)

2 requirements.txt Unescape Escape View File

2

requirements.txt

View File