Skip to content

Bump zeep from 4.3.2 to 4.3.3#94

Open
thusser wants to merge 1 commit into
developfrom
dependabot/uv/zeep-4.3.3-develop
Open

Bump zeep from 4.3.2 to 4.3.3#94
thusser wants to merge 1 commit into
developfrom
dependabot/uv/zeep-4.3.3-develop

Conversation

@thusser

@thusser thusser commented Jul 8, 2026

Copy link
Copy Markdown
Member

Recreated version of #85 targeting develop instead of the stale main branch (see dependabot alert #113 — Zeep SSRF).

Recreated against develop (see #85, opened against the stale main
branch). Fixes the "Zeep: Server-Side Request Forgery (SSRF)"
advisory (GHSA alert #113).
@thusser thusser added the dependencies Pull requests that update a dependency file label Jul 8, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant