Fix CVE-2026-24486: Update python-multipart to 0.0.22 (#13015)

Co-authored-by: OpenHands CVE Fix Bot <openhands@all-hands.dev>
2026-03-22 13:47:19 +08:00 · 2026-02-25 10:15:58 -06:00
parent 3161b365a8
commit 2fc689457c
4 changed files with 13 additions and 13 deletions
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -78,7 +78,7 @@ dependencies = [
  "python-frontmatter>=1.1",
  "python-jose[cryptography]>=3.3",
  "python-json-logger>=3.2.1",
-  "python-multipart",
+  "python-multipart>=0.0.22",
  "python-pptx",
  "python-socketio==5.14",
  "pythonnet",
@@ -181,7 +181,7 @@ html2text = "*"
 deprecated = "*"
 pexpect = "*"
 jinja2 = "^3.1.6"
-python-multipart = "*"
+python-multipart = ">=0.0.22"
 tenacity = ">=8.5,<10.0"
 zope-interface = "7.2"
 pathspec = "^0.12.1"