[Security] AST-08: Outdated Dependency Minimum Versions

## AST-08: Outdated Dependency Minimum Versions
**Severity:** MEDIUM
**Affected File(s):** `requirements/common.txt`

### Description
Minimum dependency versions are significantly outdated: requests>=2.25.1 (CVE-2023-32681), pyOpenSSL>=19.0.0 (memory safety issues), autobahn>=21.2.1, Twisted>=22.2.0 (HTTP/TLS fixes in later versions).

### Vulnerable Code
```
requests>=2.25.1
pyOpenSSL>=19.0.0
autobahn>=21.2.1
Twisted>=22.2.0
```

### Impact
Known vulnerabilities in HTTP, TLS, and WebSocket libraries directly affect the security of API communications.

### Recommended Fix
Update all minimum versions:
requests>=2.32.0
pyOpenSSL>=24.0.0
autobahn>=23.6.2
Twisted>=24.3.0

---
**Methodology:** Triple-verification static analysis -- each finding verified across three independent code review passes.
**Researcher:** Independent Security Researcher -- Mefai Security Team

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Security] AST-08: Outdated Dependency Minimum Versions #25

AST-08: Outdated Dependency Minimum Versions

Description

Vulnerable Code

Impact

Recommended Fix

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Security] AST-08: Outdated Dependency Minimum Versions #25

Description

AST-08: Outdated Dependency Minimum Versions

Description

Vulnerable Code

Impact

Recommended Fix

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions