potiuk commented on issue #24344: URL: https://github.com/apache/airflow/issues/24344#issuecomment-1151145860
We are not going to fix it. As per the Apache Software Foundetion Security policy - bulk security vulnerability reports are not going to be analyzed nor acted upon - mostly because they provide many false positives, so it is counter-productive to spend time on it. @vulnk000 - if yoy wish to report real security vulnerabilities, you should follow the security policy. If you will find (among the security problems that your tool reports) vulnerabilities that are exploitable and you have reproduction scenario, please follow the policy: https://github.com/apache/airflow/security/policy and report them (including those reproduction scenarios) to [email protected] (one report per vulnerability). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
