diff --git a/requirements.txt b/requirements.txt
index 77d999b..0700f77 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1 +1 @@
-bandit[sarif]
+bandit[sarif]==1.7.9
diff --git a/scripts/ci/verify_mapfile/requirements.txt b/scripts/ci/verify_mapfile/requirements.txt
index d89304b..89099e3 100644
--- a/scripts/ci/verify_mapfile/requirements.txt
+++ b/scripts/ci/verify_mapfile/requirements.txt
@@ -1 +1 @@
-jsonschema
+jsonschema==4.23.0
diff --git a/scripts/metric.py b/scripts/metric.py
index b1774ff..f8c73a8 100644
--- a/scripts/metric.py
+++ b/scripts/metric.py
@@ -562,7 +562,7 @@ def ParsePerfJson(orig: str) -> Expression:
     raise SyntaxError(f'Parsing expression:\n{orig}') from e
   _RewriteIfExpToSelect().visit(parsed)
   parsed = ast.fix_missing_locations(parsed)
-  return _Constify(eval(compile(parsed, orig, 'eval')))
+  return _Constify(eval(compile(parsed, orig, 'eval'))) #nosec B307
 
 
 def RewriteMetricsInTermsOfOthers(metrics: list[Tuple[str, Expression]]