search

idealista / prom2teams

prom2teams is an HTTP server built with Python that receives alert notifications from a previously configured Prometheus Alertmanager instance and forwards it to Microsoft Teams using defined connectors
Apache License 2.0
268 stars 84 forks source link

[FEATURE] Upgrade Werkzeug to fix cve-2022-29361 #322

Closed ebini closed 1 year ago

ebini commented 1 year ago

Description

Please Fix security Issue. The current Version 4.2.0 with trivy scanner reports:

https://avd.aquasec.com/nvd/cve-2022-2936

Fixed Version:      2.1.1                                                                                                                                                                                                                                                                           Installed Version:  0.16.1                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
Primary Link:       https://avd.aquasec.com/nvd/cve-2022-29361                                                                                                                                                                                                                                  
Resource:           Werkzeug                                                                                                                                                                                                                                                                    
Score:              9.8                                                                                                                                                                                                                                                                         
Severity:           CRITICAL

Thanks Florian

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.