Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk: High] Directory Traversal (Due 10/02/2020) #4611

Closed
1 task done
lbeaufort opened this issue Sep 9, 2020 · 1 comment · Fixed by #4622
Closed
1 task done

[Snyk: High] Directory Traversal (Due 10/02/2020) #4611

lbeaufort opened this issue Sep 9, 2020 · 1 comment · Fixed by #4622
Assignees
@patphongs
Labels
High priority Security: high Remediate within 30 days
Milestone
Sprint 13.5

Comments

@lbeaufort
Copy link
Member

lbeaufort commented Sep 9, 2020
edited by patphongs

@rfultz commented on Wed Sep 02 2020

Directory Traversal
https://app.snyk.io/vuln/SNYK-PYTHON-FLASKCORS-608972

Remediation:
Upgrade Flask-Cors to version 3.0.9 or higher.

Completion criteria:

  • Verify that this is a problem and address the vulnerability appropriately
@lbeaufort lbeaufort mentioned this issue Sep 9, 2020
Closed
@JonellaCulmer JonellaCulmer added this to the Sprint 13.5 milestone Sep 16, 2020
@JonellaCulmer JonellaCulmer added the Security: high Remediate within 30 days label Sep 16, 2020
@patphongs patphongs self-assigned this Sep 17, 2020
@patphongs patphongs mentioned this issue Sep 17, 2020
Merged
@lbeaufort lbeaufort reopened this Sep 23, 2020
@patphongs
Copy link
Member

This has been merged

@patphongs patphongs mentioned this issue Feb 29, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@patphongs patphongs

Labels
High priority Security: high Remediate within 30 days
Projects
None yet
Milestone
Sprint 13.5
Development

Successfully merging a pull request may close this issue.

Upgraded flask-cors to v3.0.9 fecgov/openFEC
3 participants
@patphongs @lbeaufort @JonellaCulmer