You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We're currently using Flask 0.12.2, which has a DoS security vulnerability: CVE-2018-1000656 (see also flask#2691).
Fortunately, we're not using the vulnerable function in the SecureDrop app code. Nevertheless, we should still update Flask to a version without any CVEs in the upcoming release of SecureDrop.
We'll also need to update Werkzeug as part of this, as latest Flask requires Werkzeug>=0.14
The text was updated successfully, but these errors were encountered:
We're currently using Flask 0.12.2, which has a DoS security vulnerability: CVE-2018-1000656 (see also flask#2691).
Fortunately, we're not using the vulnerable function in the SecureDrop app code. Nevertheless, we should still update Flask to a version without any CVEs in the upcoming release of SecureDrop.
We'll also need to update Werkzeug as part of this, as latest Flask requires Werkzeug>=0.14
The text was updated successfully, but these errors were encountered: