Skip to content

Add DevSecOps page with security news and examples; update project dependencies #67

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
CalinL wants to merge 3 commits into
base: main
Choose a base branch
from

Add new sample files

a93d0af
Select commit
Loading
Failed to load commit list.
Open

Add DevSecOps page with security news and examples; update project dependencies #67

Add new sample files
a93d0af
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / trivy failed May 12, 2025 in 10s

12 new alerts including 6 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 6 high
  • 5 medium
  • 1 low

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 34 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header High

Package: flask
Installed Version: 2.0.2
Vulnerability CVE-2023-30861
Severity: HIGH
Fixed Version: 2.3.2, 2.2.5
Link: CVE-2023-30861

Check warning on line 50 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

jinja2: HTML attribute injection when passing user input as keys to xmlattr filter Medium

Package: jinja2
Installed Version: 3.0.2
Vulnerability CVE-2024-22195
Severity: MEDIUM
Fixed Version: 3.1.3
Link: CVE-2024-22195

Check warning on line 50 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

jinja2: accepts keys containing non-attribute characters Medium

Package: jinja2
Installed Version: 3.0.2
Vulnerability CVE-2024-34064
Severity: MEDIUM
Fixed Version: 3.1.4
Link: CVE-2024-34064

Check failure on line 50 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

jinja2: Jinja has a sandbox breakout through malicious filenames High

Package: jinja2
Installed Version: 3.0.2
Vulnerability CVE-2024-56201
Severity: MEDIUM
Fixed Version: 3.1.5
Link: CVE-2024-56201

Check failure on line 50 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

jinja2: Jinja has a sandbox breakout through indirect reference to format method High

Package: jinja2
Installed Version: 3.0.2
Vulnerability CVE-2024-56326
Severity: MEDIUM
Fixed Version: 3.1.5
Link: CVE-2024-56326

Check warning on line 50 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

jinja2: Jinja sandbox breakout through attr filter selecting format method Medium

Package: jinja2
Installed Version: 3.0.2
Vulnerability CVE-2025-27516
Severity: MEDIUM
Fixed Version: 3.1.6
Link: CVE-2025-27516

Check failure on line 126 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

python-werkzeug: high resource usage when parsing multipart form data with many fields High

Package: werkzeug
Installed Version: 2.0.2
Vulnerability CVE-2023-25577
Severity: HIGH
Fixed Version: 2.2.3
Link: CVE-2023-25577

Check failure on line 126 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

python-werkzeug: user may execute code on a developer's machine High

Package: werkzeug
Installed Version: 2.0.2
Vulnerability CVE-2024-34069
Severity: HIGH
Fixed Version: 3.0.3
Link: CVE-2024-34069

Check warning on line 126 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

python-werkzeug: high resource consumption leading to denial of service Medium

Package: werkzeug
Installed Version: 2.0.2
Vulnerability CVE-2023-46136
Severity: MEDIUM
Fixed Version: 3.0.1, 2.3.8
Link: CVE-2023-46136

Check warning on line 126 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

werkzeug: python-werkzeug: Werkzeug safe_join not safe on Windows Medium

Package: werkzeug
Installed Version: 2.0.2
Vulnerability CVE-2024-49766
Severity: MEDIUM
Fixed Version: 3.0.6
Link: CVE-2024-49766

Check failure on line 126 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

werkzeug: python-werkzeug: Werkzeug possible resource exhaustion when parsing file data in forms High

Package: werkzeug
Installed Version: 2.0.2
Vulnerability CVE-2024-49767
Severity: MEDIUM
Fixed Version: 3.0.6
Link: CVE-2024-49767

Check notice on line 126 in samples/Pipfile.lock

See this annotation in the file changed.

Code scanning / Trivy

python-werkzeug: cookie prefixed with = can shadow unprefixed cookie Low

Package: werkzeug
Installed Version: 2.0.2
Vulnerability CVE-2023-23934
Severity: LOW
Fixed Version: 2.2.3
Link: CVE-2023-23934