| From: | Akshay Joshi <akshay(dot)joshi(at)enterprisedb(dot)com> |
|---|---|
| To: | Aditya Toshniwal <aditya(dot)toshniwal(at)enterprisedb(dot)com> |
| Cc: | pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org> |
| Subject: | Re: [pgAdmin[patch] Ignore flask-security-too irrelevant vulnerability |
| Date: | 2021-10-21 05:45:35 |
| Message-ID: | CANxoLDe5V4h0dcFXcg+sePaFAQGShkzui105BF=au8HwSbEd1g@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers |
Thanks, the patch applied.
On Thu, Oct 21, 2021 at 10:48 AM Aditya Toshniwal <
aditya(dot)toshniwal(at)enterprisedb(dot)com> wrote:
> Hi Hackers,
>
> As per safety audit vulnerability report id #40493 for flask-security-too:
> *This is considered a low severity due to the fact that if Werkzeug is
> used (which is very common with Flask applications) as the WSGI layer, it
> by default ALWAYS ensures that the Location header is absolute - thus
> making this attack vector mute.*
>
> Attached patch will ignore this ID for the audit.
>
>
> --
> Thanks,
> Aditya Toshniwal
> pgAdmin Hacker | Software Architect | *edbpostgres.com*
> <http://edbpostgres.com>
> "Don't Complain about Heat, Plant a TREE"
>
--
*Thanks & Regards*
*Akshay Joshi*
*pgAdmin Hacker | Principal Software Architect*
*EDB Postgres <http://edbpostgres.com>*
*Mobile: +91 976-788-8246*
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Akshay Joshi | 2021-10-21 05:45:50 | Re: [pgAdmin][RM6780]: While inheriting table, if newly added column present in parent table then merge columns |
| Previous Message | Akshay Joshi | 2021-10-21 05:45:07 | pgAdmin 4 commit: Ignore flask-security-too irrelevant vulnerability. |