Issue on a dependency - CVE-2023-26136

[Reni88]

Hi,

Good day. Just wanted to inform that we encountered a security issue on one of request dependency for its version 2.88.2:

Dependency: tough-cookie Version: 2.5.0

It is raised under this CVE ID: CVE-2023-26136

If this was already discussed and resolution was already delivered. Let us know. Thank you.

[mtarek2005]

still unchanged... the weekly downloads are too much for this bad of a vulnerability, log4shell again?

[Reni88]

Hi, As this package has been deprecated. We decided to just migrate to an alternative. Closing this now.