From 1cdde1d3330a7d678a557fc2170ac00d461dc6db Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 12 Jan 2026 22:40:32 +0000
Subject: [PATCH] fix: services/document-manager/backend/requirements.txt to
 reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14896210
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-14908843
---
 services/document-manager/backend/requirements.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/services/document-manager/backend/requirements.txt b/services/document-manager/backend/requirements.txt
index 8c311ecb99..376e7c371f 100644
--- a/services/document-manager/backend/requirements.txt
+++ b/services/document-manager/backend/requirements.txt
@@ -20,7 +20,7 @@ requests==2.32.4
 SQLAlchemy==2.0.19
 uwsgi==2.0.23
 uwsgitop==0.11
-Werkzeug==3.0.3
+Werkzeug==3.1.5
 boto3==1.28.15
 celery==5.3.1
 numpy==1.26.4
@@ -46,3 +46,4 @@ opentelemetry-instrumentation-sqlalchemy==0.33b0
 opentelemetry-instrumentation-urllib3==0.33b0
 tornado>=6.4.1 # not directly required, pinned by Snyk to avoid a vulnerability
 setuptools>=78.1.1 # not directly required, pinned by Snyk to avoid a vulnerability
+urllib3>=2.6.3 # not directly required, pinned by Snyk to avoid a vulnerability