diff --git a/requirements/base.txt b/requirements/base.txt
index c5699955dc345..0e8d6c6ba7f5d 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -89,7 +89,7 @@ deprecated==1.2.13
     # via limits
 deprecation==2.1.0
     # via apache-superset
-dnspython==2.1.0
+dnspython==2.6.1
     # via email-validator
 email-validator==1.1.3
     # via flask-appbuilder
@@ -149,15 +149,15 @@ google-auth==2.27.0
     # via shillelagh
 greenlet==3.0.3
     # via shillelagh
-gunicorn==21.2.0
+gunicorn==22.0.0
     # via apache-superset
 hashids==1.3.1
     # via apache-superset
-holidays==0.25
+holidays==0.45
     # via apache-superset
 humanize==4.9.0
     # via apache-superset
-idna==3.2
+idna==3.7
     # via
     #   email-validator
     #   requests
@@ -349,7 +349,7 @@ sqlalchemy-utils==0.38.3
     #   flask-appbuilder
 sqlglot==23.6.3
     # via apache-superset
-sqlparse==0.4.4
+sqlparse==0.5.0
     # via apache-superset
 sshtunnel==0.4.0
     # via apache-superset
@@ -406,3 +406,4 @@ zipp==3.15.0
 
 # The following packages are considered to be unsafe in a requirements file:
 # setuptools
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability