GitHub user dovregubben added a comment to the discussion: Multiple vulnerabilities in Airflow dependencies
In Airflow 2.10.5 we still see CVE-2021-33026, due to the constraint of Flask-Caching being pinned to 2.3.0 (see https://raw.githubusercontent.com/apache/airflow/constraints-2.10.5/constraints-3.12.txt). Could anybody elaborate on why this CVE has not been taken into account yet, or if the vulnerabilty has been classified differently for Apache Airflow? GitHub link: https://github.com/apache/airflow/discussions/24055#discussioncomment-12302028 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
