chore(deps): update dependency aiohttp to v3.12.14 #6

Security Report

❗️Scan Incomplete: The scan completed with partial failure. The integration encountered issues with one or more projects in this repository, preventing their scan. The errors occurred in the following package managers: gradle,CocoaPods. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

Scan Details Report

gradle

/tmp/ws-scm/AutoGPT/classic/frontend/android/build.gradle

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	failed running mend init script (mendDeps): NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED FAILURE: Build failed with an exception. * Where: Settings file '/tmp/ws-scm/AutoGPT/classic/frontend/android/settings.gradle' line: 6 * What went wrong: A problem occurred evaluating settings 'andro...

pip

/tmp/ws-scm/AutoGPT/classic/benchmark/agbenchmark/challenges/verticals/code/6_battleship/artifacts_in/product_requirements.txt

Step	Level	Description	Details
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: /tmp/ws-ua_20260331233552_BODPTG/cmd_ADMUHG/20260331234253/EUTWRP_script.sh Error lines: [ERROR: Invalid requirement: 'Specifications for Battleship': Expected semicolon (after name with no version specifier) or end, Specifications for Battleship, ^ (from line 1 of /tmp/ws-scm/AutoGPT/classic/benchmark/agbenchmark/challenges/verticals/co... pip install command failed, trying to install dependencies one by one Failed to parse the following dependencies: [Players take turns calling out a row and column, attempting to name a square containing one of the opponent's ships., The Grid: Each player's grid is a 10x10 grid, identified by rows (using numbers 1-10) and columns (using letters A-J)., Each ship occupies contiguous squares on the grid, arranged either horizontally or vertically., At the start of t... Failed to execute command: /tmp/ws-ua_20260331233552_BODPTG/cmd_ADMUHG/20260331234302/YDEHBS_script.sh* Error lines: [ERROR: Could not find a version that satisfies the requirement Specifications (from versions: none), ERROR: No matching distribution found for Specifications] Output lines: [Looking in links: /tmp/ws-ua_20260331233552_BODPTG/python_EIHFLZ/20260331233558/1] Failed to get hierarchy tree, trying to collect a flat list (which may only contain partial results)

/tmp/ws-scm/AutoGPT/classic/original_autogpt

Step	Level	Description	Details
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: /tmp/ws-ua_20260331233552_BODPTG/cmd_ADMUHG/20260331234320/JKPCAF_script.sh Error lines: [ERROR: Package 'agpt' requires a different Python: 3.9.25 not in '<4.0,>=3.10'] Output lines: [Looking in links: /tmp/ws-ua_20260331233552_BODPTG/python_EIHFLZ/20260331233558, Processing ./., Installing build dependencies: started, Installing build dependencies:... Failed to get hierarchy tree, trying to collect a flat list (which may only contain partial results)

/tmp/ws-scm/AutoGPT/classic/original_autogpt/autogpt/app

Step	Level	Description	Details
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: /tmp/ws-ua_20260331233552_BODPTG/cmd_ADMUHG/20260331234340/SHEUXY_script.sh Error lines: [ error: subprocess-exited-with-error, Ã� Getting requirements to build wheel did not run successfully., â�� exit code: 1, â�°â��> [17 lines of output], Traceback (most recent call last):, File "/tmp/ws-ua_20260331233552_BODPTG/python_EIHFLZ/2026033123... Failed to get hierarchy tree, trying to collect a flat list (which may only contain partial results)

poetry

/tmp/ws-scm/AutoGPT/classic/forge/pyproject.toml

Step	Level	Description	Details
Resolving the project	⚠Warn	Failed to build the dependency tree, fallback was used in the scan, results may be incomplete	Error occurred while parsing the poetry show --tree command on the /tmp/ws-scm/AutoGPT/classic/forge/pyproject.toml file

/tmp/ws-scm/AutoGPT/classic/original_autogpt/pyproject.toml

Step	Level	Description	Details
Resolving the project	⚠Warn	Failed to build the dependency tree, fallback was used in the scan, results may be incomplete	Error occurred while parsing the poetry show --tree command on the /tmp/ws-scm/AutoGPT/classic/original_autogpt/pyproject.toml file

You have successfully remediated 32 vulnerabilities, but introduced 61 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability	Severity	CVSS Score	Vulnerable Library	Direct Library	Suggested Fix	Issue	Reachability
CVE-2024-34351 Path to dependency file: /classic/benchmark/frontend/package.json Path to vulnerable library: /classic/benchmark/frontend/node_modules/next/package.json Dependency Hierarchy: -> ❌ next-13.5.11.tgz (Vulnerable Library)	High	7.5	`Direct` next-13.5.11.tgz	next-13.5.11.tgz	next - 14.1.1	None	Reachable
CVE-2025-57822 Path to dependency file: /classic/benchmark/frontend/package.json Path to vulnerable library: /classic/benchmark/frontend/node_modules/next/package.json Dependency Hierarchy: -> ❌ next-13.5.11.tgz (Vulnerable Library)	Medium	6.5	`Direct` next-13.5.11.tgz	next-13.5.11.tgz	14.2.32	None	Reachable
CVE-2024-47831 Path to dependency file: /classic/benchmark/frontend/package.json Path to vulnerable library: /classic/benchmark/frontend/node_modules/next/package.json Dependency Hierarchy: -> ❌ next-13.5.11.tgz (Vulnerable Library)	Medium	5.9	`Direct` next-13.5.11.tgz	next-13.5.11.tgz	14.2.7	None	Reachable
CVE-2025-55173 Path to dependency file: /classic/benchmark/frontend/package.json Path to vulnerable library: /classic/benchmark/frontend/node_modules/next/package.json Dependency Hierarchy: -> ❌ next-13.5.11.tgz (Vulnerable Library)	Medium	4.3	`Direct` next-13.5.11.tgz	next-13.5.11.tgz	14.2.31	None	Reachable
CVE-2026-33750 Path to dependency file: /autogpt_platform/frontend/package.json Path to vulnerable library: /autogpt_platform/frontend/package.json Dependency Hierarchy: -> nextjs-8.33.1.tgz (Root Library) -> webpack-plugin-2.22.3.tgz -> bundler-plugin-core-2.22.3.tgz -> glob-9.3.5.tgz -> minimatch-8.0.4.tgz -> ❌ brace-expansion-2.0.1.tgz (Vulnerable Library)	Medium	6.5	`Transitive` brace-expansion-2.0.1.tgz	nextjs-8.33.1.tgz	`Transitive` Upgrade to version brace-expansion - 2.0.3 or greater	None	Unreachable
CVE-2025-29927 Path to dependency file: /classic/benchmark/frontend/package.json Path to vulnerable library: /classic/benchmark/frontend/node_modules/next/package.json Dependency Hierarchy: -> ❌ next-13.5.11.tgz (Vulnerable Library)	Critical	9.1	`Direct` next-13.5.11.tgz	next-13.5.11.tgz	next - 13.5.9,next - 12.3.5,next - 15.2.3,https://github.com/vercel/next.js.git - v13.5.9,next - 14.2.25	None
CVE-2026-0994 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> google_cloud_logging-3.11.2-py2.py3-none-any.whl -> google_api_core-2.20.0-py3-none-any.whl -> googleapis_common_protos-1.65.0-py2.py3-none-any.whl -> ❌ protobuf-5.28.2-cp310-abi3-win32.whl (Vulnerable Library)	High	8.6	`Transitive` protobuf-5.28.2-cp310-abi3-win32.whl	autogpt-libs-0.2.0		None
CVE-2026-0994 Dependency Hierarchy: -> google_cloud_logging-3.11.2-py2.py3-none-any.whl (Root Library) -> google_api_core-2.19.2-py3-none-any.whl -> googleapis_common_protos-1.65.0-py2.py3-none-any.whl -> ❌ protobuf-5.28.0-cp310-abi3-win32.whl (Vulnerable Library)	High	8.6	`Transitive` protobuf-5.28.0-cp310-abi3-win32.whl	google_cloud_logging-3.11.2-py2.py3-none-any.whl		None
CVE-2026-0994 Dependency Hierarchy: -> chromadb-0.4.22-py3-none-any.whl (Root Library) -> onnxruntime-1.17.1-cp310-cp310-macosx_11_0_universal2.whl -> ❌ protobuf-4.25.2-cp310-abi3-win32.whl (Vulnerable Library)	High	8.6	`Transitive` protobuf-4.25.2-cp310-abi3-win32.whl	chromadb-0.4.22-py3-none-any.whl		None
CVE-2026-0994 Dependency Hierarchy: -> autogpt-forge-0.2.0 (Root Library) -> chromadb-0.4.22-py3-none-any.whl -> onnxruntime-1.17.1-cp310-cp310-macosx_11_0_universal2.whl -> ❌ protobuf-4.25.2-cp310-abi3-win32.whl (Vulnerable Library)	High	8.6	`Transitive` protobuf-4.25.2-cp310-abi3-win32.whl	autogpt-forge-0.2.0		None
CVE-2025-69229 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0		None
CVE-2025-69229 Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69229 Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.2-py3-none-any.whl -> ❌ aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69229 Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2025-69228 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0		None
CVE-2025-69228 Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69228 Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.2-py3-none-any.whl -> ❌ aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69228 Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2025-69227 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0		None
CVE-2025-69227 Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69227 Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.2-py3-none-any.whl -> ❌ aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69227 Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2025-69223 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0		None
CVE-2025-69223 Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69223 Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.2-py3-none-any.whl -> ❌ aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69223 Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2025-47273 Dependency Hierarchy: -> autogpt-forge-0.2.0 (Root Library) -> chromadb-0.4.22-py3-none-any.whl -> opentelemetry_instrumentation_fastapi-0.43b0-py3-none-any.whl -> opentelemetry_instrumentation-0.43b0-py3-none-any.whl -> ❌ setuptools-70.1.1-py3-none-any.whl (Vulnerable Library)	High	7.5	`Transitive` setuptools-70.1.1-py3-none-any.whl	autogpt-forge-0.2.0	`Transitive` 78.1.1	None
CVE-2025-4565 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> google_cloud_logging-3.11.2-py2.py3-none-any.whl -> google_api_core-2.20.0-py3-none-any.whl -> googleapis_common_protos-1.65.0-py2.py3-none-any.whl -> ❌ protobuf-5.28.2-cp310-abi3-win32.whl (Vulnerable Library)	High	7.5	`Transitive` protobuf-5.28.2-cp310-abi3-win32.whl	autogpt-libs-0.2.0	`Transitive` 5.29.5	None
CVE-2025-4565 Dependency Hierarchy: -> google_cloud_logging-3.11.2-py2.py3-none-any.whl (Root Library) -> google_api_core-2.19.2-py3-none-any.whl -> googleapis_common_protos-1.65.0-py2.py3-none-any.whl -> ❌ protobuf-5.28.0-cp310-abi3-win32.whl (Vulnerable Library)	High	7.5	`Transitive` protobuf-5.28.0-cp310-abi3-win32.whl	google_cloud_logging-3.11.2-py2.py3-none-any.whl	`Transitive` 5.29.5	None
CVE-2025-4565 Dependency Hierarchy: -> chromadb-0.4.22-py3-none-any.whl (Root Library) -> onnxruntime-1.17.1-cp310-cp310-macosx_11_0_universal2.whl -> ❌ protobuf-4.25.2-cp310-abi3-win32.whl (Vulnerable Library)	High	7.5	`Transitive` protobuf-4.25.2-cp310-abi3-win32.whl	chromadb-0.4.22-py3-none-any.whl	`Transitive` 4.25.8	None
CVE-2025-4565 Dependency Hierarchy: -> autogpt-forge-0.2.0 (Root Library) -> chromadb-0.4.22-py3-none-any.whl -> onnxruntime-1.17.1-cp310-cp310-macosx_11_0_universal2.whl -> ❌ protobuf-4.25.2-cp310-abi3-win32.whl (Vulnerable Library)	High	7.5	`Transitive` protobuf-4.25.2-cp310-abi3-win32.whl	autogpt-forge-0.2.0	`Transitive` 4.25.8	None
CVE-2024-53981 Dependency Hierarchy: -> ❌ python_multipart-0.0.7.tar.gz (Vulnerable Library)	High	7.5	`Direct` python_multipart-0.0.7.tar.gz	python_multipart-0.0.7.tar.gz	0.0.18	None
CVE-2024-52303 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	High	7.5	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0	`Transitive` aiohttp - 3.10.11	None
CVE-2024-51479 Path to dependency file: /classic/benchmark/frontend/package.json Path to vulnerable library: /classic/benchmark/frontend/node_modules/next/package.json Dependency Hierarchy: -> ❌ next-13.5.11.tgz (Vulnerable Library)	High	7.5	`Direct` next-13.5.11.tgz	next-13.5.11.tgz	next - 14.2.15	None
CVE-2021-20276 Dependency Hierarchy: -> ❌ pillow-10.2.0-cp310-cp310-macosx_10_10_x86_64.whl (Vulnerable Library)	High	7.5	`Direct` pillow-10.2.0-cp310-cp310-macosx_10_10_x86_64.whl	pillow-10.2.0-cp310-cp310-macosx_10_10_x86_64.whl	Pillow - no_fix,ch.qos.logback:logback-core - no_fix	None
CVE-2025-69230 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0		None
CVE-2025-69230 Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69230 Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.2-py3-none-any.whl -> ❌ aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69230 Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2025-69224 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0		None
CVE-2025-69224 Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69224 Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.2-py3-none-any.whl -> ❌ aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69224 Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	6.5	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2021-41496 Dependency Hierarchy: -> ❌ numpy-1.26.3-cp310-cp310-macosx_10_9_x86_64.whl (Vulnerable Library)	Medium	5.5	`Direct` numpy-1.26.3-cp310-cp310-macosx_10_9_x86_64.whl	numpy-1.26.3-cp310-cp310-macosx_10_9_x86_64.whl	https://github.com/numpy/numpy.git - no_fix	None
CVE-2021-41496 Path to dependency file: /docs/requirements.txt Path to vulnerable library: /tmp/ws-ua_20260331233552_BODPTG/python_EIHFLZ/202603312343501/env/lib/python3.9/site-packages/numpy-2.0.2.dist-info Dependency Hierarchy: -> mkdocs_table_reader_plugin-3.1.0-py3-none-any.whl (Root Library) -> pandas-2.3.3-cp310-cp310-macosx_10_9_x86_64.whl -> ❌ numpy-2.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.5	`Transitive` numpy-2.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	mkdocs_table_reader_plugin-3.1.0-py3-none-any.whl	`Transitive` https://github.com/numpy/numpy.git - no_fix	None
CVE-2025-69226 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0		None
CVE-2025-69226 Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69226 Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.2-py3-none-any.whl -> ❌ aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69226 Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2025-69225 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0		None
CVE-2025-69225 Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agbenchmark-0.0.10-py3-none-any.whl		None
CVE-2025-69225 Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.2-py3-none-any.whl -> ❌ aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl	supabase-2.7.4-py3-none-any.whl		None
CVE-2025-69225 Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agent_protocol_client-1.1.0-py3-none-any.whl		None
CVE-2025-53643 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0	`Transitive` 3.12.14	None
CVE-2025-53643 Dependency Hierarchy: -> agbenchmark-0.0.10-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agbenchmark-0.0.10-py3-none-any.whl	`Transitive` 3.12.14	None
CVE-2025-53643 Dependency Hierarchy: -> supabase-2.7.4-py3-none-any.whl (Root Library) -> realtime-2.0.2-py3-none-any.whl -> ❌ aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.5-cp310-cp310-macosx_10_9_universal2.whl	supabase-2.7.4-py3-none-any.whl	`Transitive` 3.12.14	None
CVE-2025-53643 Dependency Hierarchy: -> agent_protocol_client-1.1.0-py3-none-any.whl (Root Library) -> ❌ aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.9.3-cp310-cp310-macosx_10_9_universal2.whl	agent_protocol_client-1.1.0-py3-none-any.whl	`Transitive` 3.12.14	None
CVE-2024-52304 Dependency Hierarchy: -> autogpt-libs-0.2.0 (Root Library) -> supabase-2.7.4-py3-none-any.whl -> realtime-2.0.5-py3-none-any.whl -> ❌ aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl (Vulnerable Library)	Medium	5.3	`Transitive` aiohttp-3.10.8-cp310-cp310-macosx_10_9_universal2.whl	autogpt-libs-0.2.0	`Transitive` aiohttp - 3.10.11	None
CVE-2021-41495 Dependency Hierarchy: -> ❌ numpy-1.26.3-cp310-cp310-macosx_10_9_x86_64.whl (Vulnerable Library)	Medium	5.3	`Direct` numpy-1.26.3-cp310-cp310-macosx_10_9_x86_64.whl	numpy-1.26.3-cp310-cp310-macosx_10_9_x86_64.whl	https://github.com/numpy/numpy.git - no_fix	None
CVE-2021-41495 Path to dependency file: /docs/requirements.txt Path to vulnerable library: /tmp/ws-ua_20260331233552_BODPTG/python_EIHFLZ/202603312343501/env/lib/python3.9/site-packages/numpy-2.0.2.dist-info Dependency Hierarchy: -> mkdocs_table_reader_plugin-3.1.0-py3-none-any.whl (Root Library) -> pandas-2.3.3-cp310-cp310-macosx_10_9_x86_64.whl -> ❌ numpy-2.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	`Transitive` numpy-2.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	mkdocs_table_reader_plugin-3.1.0-py3-none-any.whl	`Transitive` https://github.com/numpy/numpy.git - no_fix	None
CVE-2026-25645 Path to dependency file: /docs/requirements.txt Path to vulnerable library: /tmp/ws-ua_20260331233552_BODPTG/python_EIHFLZ/202603312343501/env/lib/python3.9/site-packages/requests-2.32.5.dist-info Dependency Hierarchy: -> mkdocs_material-9.7.6-py3-none-any.whl (Root Library) -> ❌ requests-2.32.5-py3-none-any.whl (Vulnerable Library)	Medium	4.4	`Transitive` requests-2.32.5-py3-none-any.whl	mkdocs_material-9.7.6-py3-none-any.whl	`Transitive` Upgrade to version requests - 2.33.0 or greater	None

✔️ Remediated vulnerabilities:

Vulnerability	Vulnerable Library
CVE-2025-4565	protobuf-4.25.2-cp37-abi3-manylinux2014_x86_64.whl
CVE-2025-57822	next-13.5.7.tgz
CVE-2025-55173	next-13.5.7.tgz
CVE-2021-41496	numpy-1.21.6-cp37-cp37m-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
CVE-2025-69226	aiohttp-3.10.8-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-53643	aiohttp-3.10.8-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2026-0994	protobuf-4.25.2-cp37-abi3-manylinux2014_x86_64.whl
CVE-2021-41495	numpy-1.21.6-cp37-cp37m-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
CVE-2025-4565	protobuf-5.28.2-cp38-abi3-manylinux2014_x86_64.whl
CVE-2025-69227	aiohttp-3.10.8-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2021-41496	numpy-1.26.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2024-53981	python_multipart-0.0.7-py3-none-any.whl
CVE-2021-41495	numpy-1.26.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-69226	aiohttp-3.9.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-69229	aiohttp-3.10.8-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2024-56332	next-13.5.7.tgz
CVE-2024-52303	aiohttp-3.10.8-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2024-34351	next-13.5.7.tgz
CVE-2026-0994	protobuf-5.28.0-cp38-abi3-manylinux2014_x86_64.whl
CVE-2025-53643	aiohttp-3.9.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2024-47831	next-13.5.7.tgz
CVE-2025-68146	filelock-3.16.1-py3-none-any.whl
CVE-2025-47273	setuptools-69.0.3
CVE-2025-69223	aiohttp-3.10.8-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2024-5569	zipp-3.15.0-py3-none-any.whl
CVE-2025-4565	protobuf-5.28.0-cp38-abi3-manylinux2014_x86_64.whl
CVE-2025-48068	next-13.5.7.tgz
CVE-2025-53643	aiohttp-3.10.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-29927	next-13.5.7.tgz
CVE-2026-0994	protobuf-5.28.2-cp38-abi3-manylinux2014_x86_64.whl
CVE-2021-20276	pillow-10.2.0-cp311-cp311-manylinux_2_28_x86_64.whl
CVE-2025-68142	pymdown_extensions-10.2.1-py3-none-any.whl

Base branch total remaining vulnerabilities: 86
Base branch commit: 6b1397043d8ac15e8c30223f1f4373746a075433

Total libraries scanned: 949

Scan token: 620fd65ec75943c2a9e2652edbd8e883

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency aiohttp to v3.12.14 #6

Uh oh!

Uh oh!

chore(deps): update dependency aiohttp to v3.12.14 #6

Uh oh!

Security Report

gradle

/tmp/ws-scm/AutoGPT/classic/frontend/android/build.gradle

pip

/tmp/ws-scm/AutoGPT/classic/benchmark/agbenchmark/challenges/verticals/code/6_battleship/artifacts_in/product_requirements.txt

/tmp/ws-scm/AutoGPT/classic/original_autogpt

/tmp/ws-scm/AutoGPT/classic/original_autogpt/autogpt/app

poetry

/tmp/ws-scm/AutoGPT/classic/forge/pyproject.toml

/tmp/ws-scm/AutoGPT/classic/original_autogpt/pyproject.toml

Re-running checks...

chore(deps): update dependency aiohttp to v3.12.14 #6

Are you sure you want to change the base?

Uh oh!