[ https://issues.apache.org/jira/browse/AIRFLOW-5458?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16928023#comment-16928023 ]
Souvik Ghosh commented on AIRFLOW-5458: --------------------------------------- wow :O > Flask-AppBuilder shows critical security vulnerability > ------------------------------------------------------ > > Key: AIRFLOW-5458 > URL: https://issues.apache.org/jira/browse/AIRFLOW-5458 > Project: Apache Airflow > Issue Type: Wish > Components: dependencies > Affects Versions: 1.10.5 > Reporter: Souvik Ghosh > Priority: Major > Fix For: 1.10.6 > > > Hello, > our security team has detected a vulnerability for Flask-AppBuilder<2.0.0 > with a CVE 9.8 and recommend us to move the version > 2.0. Since it is in the > setup.py of airflow with restrictions. I am wondering if it can be moved to > 2.0.0 where no vulnerability is reported. > > Thanks for your help -- This message was sent by Atlassian Jira (v8.3.2#803003)