bmoon4 opened a new issue, #36915: URL: https://github.com/apache/airflow/issues/36915
### Description Hi team, Airflow latest (2.8.0+) is using `Werkzeug==2.2.3` and it has a CVE (Score 7.5 High). It would be nice if we can have it 2.3.8 above (3.0.1) to avoid security issues. https://nvd.nist.gov/vuln/detail/CVE-2023-46136 ### Use case/motivation _No response_ ### Related issues _No response_ ### Are you willing to submit a PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org