From 5132886809d0c7a0fb8722d989d06889615b28cd Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Mon, 2 Oct 2023 10:06:14 +0200
Subject: [PATCH] monthly update of vulnerability report (#1982)

Signed-off-by: bossenti <noreply@gmail.com>
Co-authored-by: bossenti <bossenti@github.com>
---
 VULNERABILITY.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/VULNERABILITY.md b/VULNERABILITY.md
index 4e47b6b66c..09a7553baf 100644
--- a/VULNERABILITY.md
+++ b/VULNERABILITY.md
@@ -2,10 +2,10 @@
 | OSV URL | CVSS | Ecosystem | Package | Version | Source |
 | --- | --- | --- | --- | --- | --- |
 | https://osv.dev/GHSA-6mjq-h674-j845 | 6.5 | Maven | io.netty:netty-handler | 4.1.72.Final | pom.xml |
+| https://osv.dev/GHSA-cgwf-w82q-5jrr | 5.5 | Maven | org.apache.commons:commons-compress | 1.23.0 | pom.xml |
+| https://osv.dev/GHSA-hr8g-6v94-x4m9 | 5.3 | Maven | org.bouncycastle:bcprov-jdk15on | 1.70 | pom.xml |
+| https://osv.dev/PYSEC-2023-175 |  | PyPI | pillow | 10.0.0 | streampipes-client-python/poetry.lock |
 | https://osv.dev/GHSA-w596-4wvx-j9j6<br/>https://osv.dev/PYSEC-2022-42969 | 7.5 | PyPI | py | 1.11.0 | streampipes-client-python/poetry.lock |
-| https://osv.dev/GHSA-qppv-j76h-2rpx |  | PyPI | tornado | 6.3.2 | streampipes-client-python/poetry.lock |
-| https://osv.dev/GHSA-j8r2-6x86-q33q<br/>https://osv.dev/PYSEC-2023-74 | 6.1 | PyPI | requests | 2.24.0 | streampipes-wrapper-python/requirements.txt |
-| https://osv.dev/GHSA-p8p7-x288-28g6 | 6.1 | npm | @cypress/request | 2.88.12 | ui/package-lock.json |
 | https://osv.dev/GHSA-ww39-953v-wcq6 | 7.5 | npm | glob-parent | 3.1.0 | ui/package-lock.json |
 | https://osv.dev/GHSA-4943-9vgg-gr5r | 6.1 | npm | quill | 1.3.7 | ui/package-lock.json |
 | https://osv.dev/MAL-2022-6662 |  | npm | tsconfig-package | 7.0.0 | ui/package-lock.json |