bmoon4 opened a new issue, #36915:
URL: https://github.com/apache/airflow/issues/36915
### Description
Hi team,
Airflow latest (2.8.0+) is using `Werkzeug==2.2.3` and it has a CVE (Score
7.5 High).
It would be nice if we can have it 2.3.8 above (3.0.1) to avoid securit
boring-cyborg[bot] commented on issue #36915:
URL: https://github.com/apache/airflow/issues/36915#issuecomment-1900766818
Thanks for opening your first issue here! Be sure to follow the issue
template! If you are willing to raise PR to address this issue please do so, no
need to wait for ap
eladkal commented on issue #36915:
URL: https://github.com/apache/airflow/issues/36915#issuecomment-1900956623
See :
https://github.com/apache/airflow/blob/056118342b3c28488d20558a1fd3ff15b4934460/pyproject.toml#L151-L153
Thus it depends on completing https://github.com/apache/
potiuk commented on issue #36915:
URL: https://github.com/apache/airflow/issues/36915#issuecomment-1902043915
Closing as duplicate. We know about it. Airflow is likely not vulnerable. We
invite any commercial users who is interested in their scanner results to be
better to help with impleme
potiuk closed issue #36915: CVE-2023-46136 Werkzeug==2.2.3
URL: https://github.com/apache/airflow/issues/36915
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e