From eb5aa524d9cfdd3831a83bef217419840c67dcb2 Mon Sep 17 00:00:00 2001
From: stacksharebot <team@stackshare.io>
Date: Thu, 29 Feb 2024 20:19:07 +0000
Subject: [PATCH] Update techstack.yml

---
 techstack.yml | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/techstack.yml b/techstack.yml
index 2ddcc42..350c8af 100644
--- a/techstack.yml
+++ b/techstack.yml
@@ -2,7 +2,7 @@ repo_name: freiheit/MvKDiceBot
 report_id: d1a0258cca57a50f380947315d890932
 version: 0.1
 repo_type: Public
-timestamp: '2024-01-05T09:04:53+00:00'
+timestamp: '2024-02-29T18:25:13+00:00'
 requested_by: freiheit
 provider: github
 branch: main
@@ -116,6 +116,20 @@ tools:
   detection_source: requirements.txt
   last_updated_by: freiheit
   last_updated_on: 2023-11-27 04:18:21.000000000 Z
+  vulnerabilities:
+  - name: aiohttp is vulnerable to directory traversal
+    cve_id: CVE-2024-23334
+    cve_url: https://github.com/advisories/GHSA-5h86-8mv2-jq9f
+    detected_date: Jan 30
+    severity: moderate
+    first_patched: 3.9.2
+  - name: aiohttp's HTTP parser (the python one, not llhttp) still overly lenient
+      about separators
+    cve_id: CVE-2024-23829
+    cve_url: https://github.com/advisories/GHSA-8qpw-xqxj-h4r2
+    detected_date: Jan 30
+    severity: moderate
+    first_patched: 3.9.2
 - name: astroid
   description: An abstract syntax tree for Python with inference support
   package_url: https://pypi.org/project/astroid