Safety CI > fptiangco/rest-v2-python

pyup-update-coverage-7.6.1-to-7.10.1

5 days, 15 hours ago

96ac683a

Update coverage from 7.6.1 to 7.10.1

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-coverage-7.6.1-to-7.10.0

1 week, 1 day ago

0ce161b2

Update coverage from 7.6.1 to 7.10.0

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-coverage-7.6.1-to-7.9.2

4 weeks ago

e4930f14

Update coverage from 7.6.1 to 7.9.2

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-pytest-8.3.3-to-8.4.1

1 month, 2 weeks ago

a71deaae

Update pytest from 8.3.3 to 8.4.1

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-coverage-7.6.1-to-7.9.1

1 month, 2 weeks ago

47dd105c

Update coverage from 7.6.1 to 7.9.1

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-coverage-7.6.1-to-7.9.0

1 month, 2 weeks ago

222f546c

Update coverage from 7.6.1 to 7.9.0

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-pytest-cov-5.0.0-to-6.2.1

1 month, 2 weeks ago

afecb7fe

Update pytest-cov from 5.0.0 to 6.2.1

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-pytest-8.3.3-to-8.4.0

1 month, 4 weeks ago

51bf7589

Update pytest from 8.3.3 to 8.4.0

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-coverage-7.6.1-to-7.8.2

2 months, 1 week ago

2c34a87a

Update coverage from 7.6.1 to 7.8.2

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-coverage-7.6.1-to-7.8.1

2 months, 1 week ago

dcce370d

Update coverage from 7.6.1 to 7.8.1

Flask 3.0.3 has known security vulnerabilities.

Package	Installed	Affected	Info
Flask	3.0.3	<3.1.1	show Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

Package

Installed

Affected

Info

Flask

3.0.3

<3.1.1

show

Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines session integrity, enabling remote attackers to forge or tamper with cookies via manipulated SECRET_KEY_FALLBACKS parameters. The vulnerability exists in the itsdangerous-based signing routines within flask.sessions (fallback key list ordering).

pyup-update-flask-3.0.3-to-3.1.1

2 months, 2 weeks ago

e239864b

Update flask from 3.0.3 to 3.1.1

No dependencies with known security vulnerabilities.

pyup-update-pytest-cov-5.0.0-to-6.1.1

3 months, 4 weeks ago

23b07e69

Update pytest-cov from 5.0.0 to 6.1.1

No dependencies with known security vulnerabilities.

pyup-update-pytest-cov-5.0.0-to-6.1.0

4 months ago

aff3b164

Update pytest-cov from 5.0.0 to 6.1.0

No dependencies with known security vulnerabilities.

pyup-update-coverage-7.6.1-to-7.8.0

4 months ago

09bb26d0

Update coverage from 7.6.1 to 7.8.0

No dependencies with known security vulnerabilities.

pyup-update-coverage-7.6.1-to-7.7.1

4 months, 1 week ago

7820552e

Update coverage from 7.6.1 to 7.7.1

No dependencies with known security vulnerabilities.