Update techstack.yml

techstack.yml

@@ -2,7 +2,7 @@ repo_name: kclhi/phenoflow
 report_id: 647b5f87b1d7ebcdaa8ea8cadb6679b4
 version: 0.1
 repo_type: Public
-timestamp: '2024-02-11T18:36:21+00:00'
+timestamp: '2024-02-29T20:00:34+00:00'
 requested_by: martinchapman
 provider: github
 branch: git-backend
@@ -462,24 +462,44 @@ tools:
   last_updated_by: Martin Chapman
   last_updated_on: 2023-04-20 17:33:27.000000000 Z
   vulnerabilities:
+  - name: cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates
+      when called with a non-matching certificate and private key and an hmac_hash
+      override
+    cve_id: CVE-2024-26130
+    cve_url: https://github.com/advisories/GHSA-6vqw-3v5j-54x4
+    detected_date: Feb 22
+    severity: high
+    first_patched: 42.0.4
   - name: cryptography mishandles SSH certificates
     cve_id: CVE-2023-38325
     cve_url: https://github.com/advisories/GHSA-cf7p-gm2m-833m
     detected_date: Jul 15
     severity: high
     first_patched: 41.0.2
+  - name: Python Cryptography package vulnerable to Bleichenbacher timing oracle attack
+    cve_id: CVE-2023-50782
+    cve_url: https://github.com/advisories/GHSA-3ww4-gg4f-jr7f
+    detected_date: Feb 6
+    severity: high
+    first_patched: 42.0.0
   - name: cryptography vulnerable to NULL-dereference when loading PKCS7 certificates
     cve_id: CVE-2023-49083
     cve_url: https://github.com/advisories/GHSA-jfhm-5ghh-2f97
     detected_date: Nov 29
     severity: moderate
     first_patched: 41.0.6
-  - name: Python Cryptography package vulnerable to Bleichenbacher timing oracle attack
-    cve_id: CVE-2023-50782
-    cve_url: https://github.com/advisories/GHSA-3ww4-gg4f-jr7f
-    detected_date: Feb 6
+  - name: Null pointer dereference in PKCS12 parsing
+    cve_id: CVE-2024-0727
+    cve_url: https://github.com/advisories/GHSA-9v9h-cgj8-h64p
+    detected_date: Feb 17
     severity: moderate
-    first_patched: 42.0.0
+    first_patched: 42.0.2
+  - name: Vulnerable OpenSSL included in cryptography wheels
+    cve_id: 
+    cve_url: https://github.com/advisories/GHSA-v8gr-m533-ghj9
+    detected_date: Sep 22
+    severity: low
+    first_patched: 41.0.4
   - name: Vulnerable OpenSSL included in cryptography wheels
     cve_id: 
     cve_url: https://github.com/advisories/GHSA-5cpq-8wj7-hf2v
@@ -492,12 +512,6 @@ tools:
     detected_date: Aug 2
     severity: low
     first_patched: 41.0.3
-  - name: Vulnerable OpenSSL included in cryptography wheels
-    cve_id: 
-    cve_url: https://github.com/advisories/GHSA-v8gr-m533-ghj9
-    detected_date: Sep 22
-    severity: low
-    first_patched: 41.0.4
 - name: docutils
   description: Docutils -- Python Documentation Utilities
   package_url: https://pypi.org/project/docutils
@@ -760,7 +774,13 @@ tools:
   last_updated_by: Martin Chapman
   last_updated_on: 2023-04-20 17:33:27.000000000 Z
   vulnerabilities:
-  - name: Starlette Content-Type Header ReDoS
+  - name: python-multipart vulnerable to Content-Type Header ReDoS
+    cve_id: CVE-2024-24762
+    cve_url: https://github.com/advisories/GHSA-2jv5-9r88-3w3p
+    detected_date: Feb 17
+    severity: high
+    first_patched: 0.36.2
+  - name: 'Duplicate Advisory: Starlette Content-Type Header ReDoS'
     cve_id: 
     cve_url: https://github.com/advisories/GHSA-93gm-qmq6-w238
     detected_date: Feb 6