[Snyk] Fix for 25 vulnerabilities

[GarryStraitYT]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `pip` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • requirements/constraints.txt

⚠️ Warning

sphinxcontrib-towncrier 0.4.0a0 requires towncrier, which is not installed.
sphinx 5.3.0 has requirement docutils<0.20,>=0.14, but you have docutils 0.20.1.
blockdiag 3.0.0 requires Pillow, which is not installed.
aiosignal 1.3.1 requires frozenlist, which is not installed.

Vulnerabilities that will be fixed

By pinning:

Severity	Priority Score (*)	Issue	Upgrade	Breaking Change	Exploit Maturity
	539/1000 Why? Has a fix available, CVSS 6.5	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-5914629	cryptography: 41.0.3 -> 42.0.6	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Missing Cryptographic Step SNYK-PYTHON-CRYPTOGRAPHY-6036192	cryptography: 41.0.3 -> 42.0.6	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-PYTHON-CRYPTOGRAPHY-6050294	cryptography: 41.0.3 -> 42.0.6	No	No Known Exploit
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	NULL Pointer Dereference SNYK-PYTHON-CRYPTOGRAPHY-6092044	cryptography: 41.0.3 -> 42.0.6	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Observable Timing Discrepancy SNYK-PYTHON-CRYPTOGRAPHY-6126975	cryptography: 41.0.3 -> 42.0.6	No	Proof of Concept
	509/1000 Why? Has a fix available, CVSS 5.9	Use of a Broken or Risky Cryptographic Algorithm SNYK-PYTHON-CRYPTOGRAPHY-6149518	cryptography: 41.0.3 -> 42.0.6	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Resource Exhaustion SNYK-PYTHON-CRYPTOGRAPHY-6157248	cryptography: 41.0.3 -> 42.0.6	No	No Known Exploit
	489/1000 Why? Has a fix available, CVSS 5.5	NULL Pointer Dereference SNYK-PYTHON-CRYPTOGRAPHY-6210214	cryptography: 41.0.3 -> 42.0.6	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	NULL Pointer Dereference SNYK-PYTHON-CRYPTOGRAPHY-6261585	cryptography: 41.0.3 -> 42.0.6	No	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-PYTHON-CRYPTOGRAPHY-6592767	cryptography: 41.0.3 -> 42.0.6	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	HTTP Request Smuggling SNYK-PYTHON-GUNICORN-6615672	gunicorn: 21.2.0 -> 22.0.0	No	Proof of Concept
	524/1000 Why? Has a fix available, CVSS 6.2	Resource Exhaustion SNYK-PYTHON-IDNA-6597975	idna: 3.4 -> 3.7	No	No Known Exploit
	484/1000 Why? Has a fix available, CVSS 5.4	Cross-site Scripting (XSS) SNYK-PYTHON-JINJA2-6150717	jinja2: 3.1.2 -> 3.1.4	No	No Known Exploit
	556/1000 Why? Recently disclosed, Has a fix available, CVSS 5.4	Cross-site Scripting (XSS) SNYK-PYTHON-JINJA2-6809379	jinja2: 3.1.2 -> 3.1.4	No	No Known Exploit
	909/1000 Why? Mature exploit, Has a fix available, CVSS 9.6	Heap-based Buffer Overflow SNYK-PYTHON-PILLOW-5918878	pillow: 9.5.0 -> 10.3.0	No	Mature
	589/1000 Why? Has a fix available, CVSS 7.5	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-PYTHON-PILLOW-6043904	pillow: 9.5.0 -> 10.3.0	No	No Known Exploit
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Eval Injection SNYK-PYTHON-PILLOW-6182918	pillow: 9.5.0 -> 10.3.0	No	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-PILLOW-6219984	pillow: 9.5.0 -> 10.3.0	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-PYTHON-PILLOW-6219986	pillow: 9.5.0 -> 10.3.0	No	No Known Exploit
	579/1000 Why? Has a fix available, CVSS 7.3	Buffer Overflow SNYK-PYTHON-PILLOW-6514866	pillow: 9.5.0 -> 10.3.0	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-PYDANTIC-5907722	pydantic: 1.10.12 -> 1.10.13	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-PYTHON-PYDANTIC-5926694	pydantic: 1.10.12 -> 1.10.13	No	Proof of Concept
	633/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 4.8	Injection SNYK-PYTHON-TQDM-6807582	tqdm: 4.65.0 -> 4.66.3	No	Proof of Concept
	509/1000 Why? Has a fix available, CVSS 5.9	Information Exposure Through Sent Data SNYK-PYTHON-URLLIB3-5926907	urllib3: 2.0.4 -> 2.0.7	No	No Known Exploit
	424/1000 Why? Has a fix available, CVSS 4.2	Information Exposure Through Sent Data SNYK-PYTHON-URLLIB3-6002459	urllib3: 2.0.4 -> 2.0.7	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)
🦉 NULL Pointer Dereference
🦉 Use of a Broken or Risky Cryptographic Algorithm
🦉 More lessons are available in Snyk Learn