[ https://issues.apache.org/jira/browse/AIRFLOW-5458?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kaxil Naik updated AIRFLOW-5458: -------------------------------- Fix Version/s: (was: 1.10.6) 1.10.7 > Flask-AppBuilder shows critical security vulnerability > ------------------------------------------------------ > > Key: AIRFLOW-5458 > URL: https://issues.apache.org/jira/browse/AIRFLOW-5458 > Project: Apache Airflow > Issue Type: Bug > Components: dependencies > Affects Versions: 1.10.5 > Reporter: Souvik Ghosh > Priority: Major > Fix For: 1.10.7 > > > Hello, > our security team has detected a vulnerability for Flask-AppBuilder<2.0.0 > with a CVE 9.8 and recommend us to move the version > 2.0. Since it is in the > setup.py of airflow with restrictions. I am wondering if it can be moved to > 2.0.0 where no vulnerability is reported. > > Thanks for your help -- This message was sent by Atlassian Jira (v8.3.4#803005)