yanis/langflow
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix: Security/fix nltk CVE path traversal (#12109)

Browse Source 
* security: update NLTK to 3.9.3 to fix path traversal vulnerability

* security: upgrade nltk to 3.9.3 to fix CVE path traversal vulnerability

---------

Co-authored-by: Janardan S Kavia <janardanskavia@Janardans-MacBook-Pro.local>
This commit is contained in:
Janardan Singh Kavia
2026-03-09 22:22:09 +05:30
committed by GitHub
parent 110df6b352
commit ed3a3e72da
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/backend/base/uv.lock generated
View File

@@ -6332,7 +6332,7 @@ requires-dist = [
{ name = "needle-python", marker = "extra == 'needle'", specifier = ">=0.4.0" },
{ name = "nest-asyncio", specifier = ">=1.6.0,<2.0.0" },
{ name = "networkx", specifier = ">=3.4.2,<4.0.0" },
{ name = "nltk", marker = "extra == 'nltk'", specifier = "==3.9.1" },
{ name = "nltk", marker = "extra == 'nltk'", specifier = "==3.9.3" },
{ name = "numexpr", marker = "extra == 'numexpr'", specifier = "==2.10.2" },
{ name = "openai", marker = "extra == 'openai'", specifier = ">=1.68.2,<2.0.0" },
{ name = "openinference-instrumentation-langchain", marker = "extra == 'openinference'", specifier = ">=0.1.29" },
@@ -7800,7 +7800,7 @@ wheels = [
[[package]]
name = "nltk"
version = "3.9.1"
version = "3.9.3"
source = { registry = "https://pypi.org/simple" }
dependencies = [
{ name = "click" },
@@ -7808,9 +7808,9 @@ dependencies = [
{ name = "regex" },
{ name = "tqdm" },
]
sdist = { url = "https://files.pythonhosted.org/packages/3c/87/db8be88ad32c2d042420b6fd9ffd4a149f9a0d7f0e86b3f543be2eeeedd2/nltk-3.9.1.tar.gz", hash = "sha256:87d127bd3de4bd89a4f81265e5fa59cb1b199b27440175370f7417d2bc7ae868", size = 2904691, upload-time = "2024-08-18T19:48:37.769Z" }
sdist = { url = "https://files.pythonhosted.org/packages/e1/8f/915e1c12df07c70ed779d18ab83d065718a926e70d3ea33eb0cd66ffb7c0/nltk-3.9.3.tar.gz", hash = "sha256:cb5945d6424a98d694c2b9a0264519fab4363711065a46aa0ae7a2195b92e71f", size = 2923673, upload-time = "2026-02-24T12:05:53.833Z" }
wheels = [
{ url = "https://files.pythonhosted.org/packages/4d/66/7d9e26593edda06e8cb531874633f7c2372279c3b0f46235539fe546df8b/nltk-3.9.1-py3-none-any.whl", hash = "sha256:4fa26829c5b00715afe3061398a8989dc643b92ce7dd93fb4585a70930d168a1", size = 1505442, upload-time = "2024-08-18T19:48:21.909Z" },
{ url = "https://files.pythonhosted.org/packages/c2/7e/9af5a710a1236e4772de8dfcc6af942a561327bb9f42b5b4a24d0cf100fd/nltk-3.9.3-py3-none-any.whl", hash = "sha256:60b3db6e9995b3dd976b1f0fa7dec22069b2677e759c28eb69b62ddd44870522", size = 1525385, upload-time = "2026-02-24T12:05:46.54Z" },
]
[[package]]