ehsan-minadd/peikarband
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

security: fix CVE-2025-55182 + update dependencies (security)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
CD - Build & Deploy / build-and-push (push) Has been cancelled
Details
CD - Build & Deploy / package-helm (push) Has been cancelled
Details
CD - Build & Deploy / deploy-staging (push) Has been cancelled
Details
CD - Build & Deploy / deploy-production (push) Has been cancelled
Details
CD - Build & Deploy / release (push) Has been cancelled
Details
CI / security (push) Has been cancelled
Details
CI / test (3.11) (push) Has been cancelled
Details
CI / test (3.12) (push) Has been cancelled
Details

Browse Source 
- Upgrade reflex 0.4.0 → 0.8.24.post1 to mitigate React Server Components RCE vulnerability (CVE-2025-55182, CVSS 10.0)
- Fix python-ovh package name: python-ovh → ovh (1.2.0) for Python 3.11 compatibility
- Refs: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components

ApprovalToken: ۲
This commit is contained in:
Ehsan.Asadi
2025-12-30 15:32:15 +03:30
parent 32dc8e76c3
commit 92d6715aea
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
requirements.txt
View File

@@ -3,7 +3,7 @@
# ============================================
# Core Framework
# ============================================
reflex==0.4.0
reflex==0.8.24.post1 # Updated for security (CVE-2025-55182)
# ============================================
# Database & ORM
@@ -43,7 +43,7 @@ cryptography==41.0.7
# ============================================
python-digitalocean==1.17.0
hcloud==1.33.2
python-ovh==1.1.0
ovh==1.2.0 # Correct package name (not python-ovh)
# ============================================
# Payment Gateways