From 122f9df8d4e48a3114e290efa57ace945eaa9df4 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 4 Nov 2025 00:36:51 +0000
Subject: [PATCH] fix: cvat/requirements/base.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 cvat/requirements/base.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cvat/requirements/base.txt b/cvat/requirements/base.txt
index 0b8781152cc2..91d0ded3f0fa 100644
--- a/cvat/requirements/base.txt
+++ b/cvat/requirements/base.txt
@@ -52,3 +52,4 @@ datumaro==0.2.0 --no-binary=datumaro
 urllib3>=1.26.5 # not directly required, pinned by Snyk to avoid a vulnerability
 natsort==8.0.0
 mistune>=2.0.1 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability