TFRS - Update Dependencies - Address 8 Vulnerabilities

[AlexZorkin]

Reference PR: #2500 by kuanfandevops

Description
To address and resolve known vulnerabilities in the TFRS (Team Zelda) project by updating specific dependencies as recommended by Snyk.

This Pull Request (PR) was automatically generated by Snyk to address one or more vulnerable packages in the pip dependencies of the TFRS project.

Affected File:

backend/requirements.txt
Vulnerabilities to be addressed:

certifi:

Severity: Critical (776/1000)
Issue: Improper Following of a Certificate's Chain of Trust
Current Version: 2022.12.7
Upgrade To: 2023.7.22

cryptography (Multiple Issues):

Severity: Medium (509/1000)
Issue: Denial of Service (DoS)
Severity: High (691/1000)
Issue: Improper Certificate Validation
Severity: Low (471/1000)
Issue: Insufficient Verification of Data Authenticity
Issue: Denial of Service (DoS)
Current Version: 39.0.1
Upgrade To: 41.0.3

django:

Severity: High (589/1000)
Issue: Regular Expression Denial of Service (ReDoS)
Current Version: 3.2.19
Upgrade To: 3.2.20

pyjwt:

Severity: High (691/1000)
Issue: Use of a Broken or Risky Cryptographic Algorithm
Current Version: 2.1.0
Upgrade To: 2.4.0

Acceptance Criteria:

• Review the changes suggested in PR [Snyk] Fix for 8 vulnerabilities #2500.
• Ensure that the updated dependencies don't cause issues with the existing project.
• Validate that the vulnerabilities are addressed after updating the dependencies.
• Merge the PR after successful validation and required approvals.

Additional Notes: Some vulnerabilities might not be fully addressed because they exist in more than one direct dependency.

[AlexZorkin]

Please add your planning poker estimate with Zenhub @jig-patel

[AlexZorkin]

merged into ticket #2728