search

twilio / twilio-python

A Python module for communicating with the Twilio API and generating TwiML.
MIT License
1.83k stars 700 forks source link

aiohttp version has multiple CVE's #780

Closed AlaricWhitney closed 3 months ago

AlaricWhitney commented 5 months ago

Issue Summary

the aiohttp version currently used (3.8.4) has multiple security vulnerabilities with open CVE's:

aiohttp needs to be upgraded to at least 3.9.2 to resolve the issue.

Steps to Reproduce

Code Snippet

https://github.com/twilio/twilio-python/blob/main/setup.py#L26

Exception/Log

Technical details:

tiwarishubham635 commented 4 months ago

Is aiohttp==3.9.2 available in python 3.7? I see the error that it is not able to find the dependency.