diff --git a/online-boutique-demo/src/loadgenerator/requirements.txt b/online-boutique-demo/src/loadgenerator/requirements.txt
index 532c613..dd5d5b5 100644
--- a/online-boutique-demo/src/loadgenerator/requirements.txt
+++ b/online-boutique-demo/src/loadgenerator/requirements.txt
@@ -10,7 +10,7 @@ click==7.1.2              # via flask
 configargparse==1.2.3     # via locust
 flask-basicauth==0.2.0    # via locust
 flask==1.1.2              # via flask-basicauth, locust
-gevent==20.12.1            # via geventhttpclient, locust
+gevent==25.4.1            # via geventhttpclient, locust
 geventhttpclient==1.4.4   # via locust
 greenlet==0.4.17          # via gevent
 idna==2.10                # via requests
@@ -29,4 +29,5 @@ zope.event==4.5.0         # via gevent
 zope.interface==5.1.0     # via gevent
 
 # The following packages are considered to be unsafe in a requirements file:
-# setuptools
\ No newline at end of file
+# setuptools
+setuptools>=78.1.1 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file