Safety CI > fptiangco/rest-v2-python

pyup-update-coverage-7.6.1-to-7.9.2

4 days, 11 hours ago

e4930f14

Update coverage from 7.6.1 to 7.9.2

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-pytest-8.3.3-to-8.4.1

2 weeks, 6 days ago

a71deaae

Update pytest from 8.3.3 to 8.4.1

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-coverage-7.6.1-to-7.9.1

3 weeks, 4 days ago

47dd105c

Update coverage from 7.6.1 to 7.9.1

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-coverage-7.6.1-to-7.9.0

3 weeks, 5 days ago

222f546c

Update coverage from 7.6.1 to 7.9.0

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-pytest-cov-5.0.0-to-6.2.1

3 weeks, 5 days ago

afecb7fe

Update pytest-cov from 5.0.0 to 6.2.1

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-pytest-8.3.3-to-8.4.0

1 month ago

51bf7589

Update pytest from 8.3.3 to 8.4.0

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-coverage-7.6.1-to-7.8.2

1 month, 2 weeks ago

2c34a87a

Update coverage from 7.6.1 to 7.8.2

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-coverage-7.6.1-to-7.8.1

1 month, 2 weeks ago

dcce370d

Update coverage from 7.6.1 to 7.8.1

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-flask-3.0.3-to-3.1.1

1 month, 3 weeks ago

e239864b

Update flask from 3.0.3 to 3.1.1

No dependencies with known security vulnerabilities.

pyup-update-pytest-cov-5.0.0-to-6.1.1

3 months ago

23b07e69

Update pytest-cov from 5.0.0 to 6.1.1

No dependencies with known security vulnerabilities.

pyup-update-pytest-cov-5.0.0-to-6.1.0

3 months, 1 week ago

aff3b164

Update pytest-cov from 5.0.0 to 6.1.0

No dependencies with known security vulnerabilities.

pyup-update-coverage-7.6.1-to-7.8.0

3 months, 1 week ago

09bb26d0

Update coverage from 7.6.1 to 7.8.0

No dependencies with known security vulnerabilities.

pyup-update-coverage-7.6.1-to-7.7.1

3 months, 2 weeks ago

7820552e

Update coverage from 7.6.1 to 7.7.1

No dependencies with known security vulnerabilities.

pyup-update-coverage-7.6.1-to-7.7.0

3 months, 3 weeks ago

c5c6c841

Update coverage from 7.6.1 to 7.7.0

No dependencies with known security vulnerabilities.

pyup-update-pytest-8.3.3-to-8.3.5

4 months, 1 week ago

054b3ce0

Update pytest from 8.3.3 to 8.3.5

No dependencies with known security vulnerabilities.