diff --git a/custom/poetry.lock b/custom/poetry.lock
index 47dd97589..c0b0f8b62 100644
--- a/custom/poetry.lock
+++ b/custom/poetry.lock
@@ -1,4 +1,4 @@
-# This file is automatically @generated by Poetry 1.7.1 and should not be changed by hand.
+# This file is automatically @generated by Poetry 1.8.3 and should not be changed by hand.
 
 [[package]]
 name = "alembic"
@@ -2105,13 +2105,13 @@ testing = ["coverage", "pytest", "pytest-cov"]
 
 [[package]]
 name = "waitress"
-version = "3.0.0"
+version = "3.0.1"
 description = "Waitress WSGI server"
 optional = false
-python-versions = ">=3.8.0"
+python-versions = ">=3.9.0"
 files = [
-    {file = "waitress-3.0.0-py3-none-any.whl", hash = "sha256:2a06f242f4ba0cc563444ca3d1998959447477363a2d7e9b8b4d75d35cfd1669"},
-    {file = "waitress-3.0.0.tar.gz", hash = "sha256:005da479b04134cdd9dd602d1ee7c49d79de0537610d653674cc6cbde222b8a1"},
+    {file = "waitress-3.0.1-py3-none-any.whl", hash = "sha256:26cdbc593093a15119351690752c99adc13cbc6786d75f7b6341d1234a3730ac"},
+    {file = "waitress-3.0.1.tar.gz", hash = "sha256:ef0c1f020d9f12a515c4ec65c07920a702613afcad1dbfdc3bcec256b6c072b3"},
 ]
 
 [package.extras]
@@ -2305,4 +2305,4 @@ test = ["zope.testing"]
 [metadata]
 lock-version = "2.0"
 python-versions = ">=3.10,<3.11"
-content-hash = "40f505cafaeb310602a4931de1cada0d51f15ae1c93a817cb8dcc09d11601051"
+content-hash = "a924bb0893e29a9acfaf052f743b37839d03c4c5f83ef8581ea51a1fdf901efb"
diff --git a/custom/pyproject.toml b/custom/pyproject.toml
index b524ab594..6a4c42b1b 100644
--- a/custom/pyproject.toml
+++ b/custom/pyproject.toml
@@ -12,7 +12,7 @@ plaster-pastedeploy = "1.0.1"
 pyramid = "2.0.2"
 pyramid-mako = "1.1.0"
 pyramid-debugtoolbar = "4.12.1"
-waitress = "3.0.0"
+waitress = "3.0.1"
 alembic = "1.13.3"
 pyramid-retry = "2.1.1"
 pyramid-tm = "2.5"
diff --git a/custom/requirements.txt b/custom/requirements.txt
index 2a9b77e51..eac7969d1 100644
--- a/custom/requirements.txt
+++ b/custom/requirements.txt
@@ -2,3 +2,4 @@ poetry==1.8.3
 pip==24.2
 certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
 cryptography>=43.0.1 # not directly required, pinned by Snyk to avoid a vulnerability
+virtualenv>=20.26.6 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/pyproject.toml b/pyproject.toml
index f2514fa03..c47c0b44e 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -5,3 +5,6 @@ target-version = ['py38']
 [tool.isort]
 profile = "black"
 line_length = 110
+
+[tool.poetry]
+# For Snyk