Two high-severity Dependabot CVEs flagged against urllib3 in lambdas/python/uv.lock: GHSA-mf9v-mfxr-j63j and GHSA-qccp-gfcp-xxvc, both fixed in urllib3 2.7.0.
The uv.lock resolved requests as two versions split by Python interpreter: requests 2.34.2 (Python >= 3.10) pulled in urllib3 2.7.0 (safe), while requests 2.32.5 (Python < 3.10) pulled in urllib3 2.6.3 (vulnerable). Python 3.9 Lambda environments therefore shipped with the vulnerable urllib3.
In lambdas/python/uv.lock, changed the requests 2.32.5 dependency from urllib3 2.6.3 to urllib3 2.7.0, removed the urllib3 2.6.3 package block, and expanded urllib3 2.7.0’s resolution-markers to cover both Python version branches. requests 2.32.5 is compatible with urllib3 2.7.0 (urllib3>=1.21.1,<3 is the upstream constraint).
The Python < 3.10 resolver fork can silently lag behind the >= 3.10 fork. When the nightly CVE scan fires on a pip package in uv.lock, check whether a version split is the cause — the older branch may carry the vuln even when the newer branch is already patched.