Skip to content

fix(deps): vuln aiohttp (minor → 3.14.1) [tools/base]#30

Draft
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
masterfrom
engraver-auto-version-upgrade/minorpatch/pip/base/2-1781534179
Draft

fix(deps): vuln aiohttp (minor → 3.14.1) [tools/base]#30
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
masterfrom
engraver-auto-version-upgrade/minorpatch/pip/base/2-1781534179

Conversation

@gh-worker-campaigns-3e9aa4

@gh-worker-campaigns-3e9aa4 gh-worker-campaigns-3e9aa4 Bot commented Jun 15, 2026

Copy link
Copy Markdown

Summary: Security update — 1 package upgraded (MINOR changes included)

Manifests changed:

  • tools/base (pip)

✅ Action Required: Please review the changes below. If they look good, approve and merge this PR.

Updates

Package From To Type Dep Type Vulnerabilities Fixed
aiohttp 3.13.5 3.14.1 minor Direct 2 MEDIUM

Security Details

ℹ️ Other Vulnerabilities (2)
Package CVE Severity Summary Unsafe Version Fixed In
aiohttp GHSA-hg6j-4rv6-33pg MODERATE AIOHTTP is vulnerable to cross-origin redirect with per-request cookies 3.13.5 3.14.0
aiohttp GHSA-jg22-mg44-37j8 MODERATE AIOHTTP is Vulnerable to Deserialization of Untrusted Data 3.13.5 3.14.0

Review Checklist

Standard review:

  • Review changes for compatibility with your code
  • Check for breaking changes in release notes
  • Run tests locally or wait for CI
  • Approve and merge this PR

Update Mode: all_vulns

🤖 Generated by DataDog Automated Dependency Management System

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

adms-dependency-update adms-medium-severity adms-minor-update adms-mode-all-vulns adms-python campaigner-automated-change

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants