From 383fb624d409a7dab2729cb9529c3567d2ad31d0 Mon Sep 17 00:00:00 2001 From: Bret Curtis Date: Tue, 14 Oct 2025 15:06:36 +0200 Subject: [PATCH] setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write #3 https://github.com/twisted/txmongo/security/dependabot/3 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 5174174..d35a958 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ Twisted~=24.11.0 pymongo>=3.12,<=4.10.1 -setuptools~=71.1.0 +setuptools~=78.1.1 -e .