search

chdsbd / kodiak

🔮 A bot to automatically update and merge GitHub PRs
https://kodiakhq.com
GNU Affero General Public License v3.0
1.03k stars 65 forks source link

CVE-2021-32677 #820

Closed StephenRadachy closed 1 year ago

StephenRadachy commented 2 years ago

Upgrade fastapi-0.47.1-py3-none-any.whl: https://nvd.nist.gov/vuln/detail/CVE-2021-32677

chdsbd commented 2 years ago

I don't think Kodiak is affected by this vulnerability because we don't use cookies for authentication with FastAPI.

But like these other vulnerabilities, I'd welcome a PR to update the package.

chdsbd commented 1 year ago

I've removed FastAPI with #826. So this is resolved