[pgAdmin[patch] Ignore flask-security-too irrelevant vulnerability

Поиск
Список
Период
Сортировка
От Aditya Toshniwal
Тема [pgAdmin[patch] Ignore flask-security-too irrelevant vulnerability
Дата
Msg-id CAM9w-_mmBhft+S_s2d2Ji__gWAz-9oX7xefCJkUcE8N5h5H8tQ@mail.gmail.com
обсуждение исходный текст
Ответы Re: [pgAdmin[patch] Ignore flask-security-too irrelevant vulnerability  (Akshay Joshi <akshay.joshi@enterprisedb.com>)
Список pgadmin-hackers
Дерево обсуждения
Hi Hackers,

As per safety audit vulnerability report id #40493 for flask-security-too:
This is considered a low severity due to the fact that if Werkzeug is used (which is very common with Flask applications) as the WSGI layer, it by default ALWAYS ensures that the Location header is absolute - thus making this attack vector mute.

Attached patch will ignore this ID for the audit.


--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Software Architect | edbpostgres.com
"Don't Complain about Heat, Plant a TREE"
Вложения

В списке pgadmin-hackers по дате отправления:

Предыдущее
От: Akshay Joshi
Дата:
Сообщение: pgAdmin 4 commit: Fixed API test cases for PG 14
Следующее
От: Akshay Joshi
Дата:
Сообщение: pgAdmin 4 commit: Ensure that columns should be merged if the newly add