Skip to content
This repository has been archived by the owner on May 22, 2024. It is now read-only.

[Med] Snyk: Race Condition (due 5/20/19) #435

Closed
Tracked by #113
rjayasekera opened this issue Mar 20, 2019 · 1 comment · Fixed by #444
Closed
Tracked by #113

[Med] Snyk: Race Condition (due 5/20/19) #435

rjayasekera opened this issue Mar 20, 2019 · 1 comment · Fixed by #444
Assignees
@lbeaufort @jason-upchurch
Labels
Security: moderate Remediate within 60 days
Milestone
Sprint 9.1

Comments

@rjayasekera
Copy link
Contributor

Vulnerable module: webargs
Introduced through: webargs@0.18.0 and flask-apispec@0.7.0

Detailed paths:
Introduced through: project@0.0.0 › webargs@0.18.0
Introduced through: project@0.0.0 › flask-apispec@0.7.0 › webargs@0.18.0

Remediation:
Upgrade webargs to version 5.1.3 or higher.
@rjayasekera rjayasekera mentioned this issue Mar 20, 2019
Closed
@qqss88 qqss88 mentioned this issue Mar 28, 2019
Closed
@fec-jli fec-jli mentioned this issue Apr 3, 2019
Closed
@rjayasekera rjayasekera mentioned this issue Apr 10, 2019
Closed
@fecjjeng fecjjeng mentioned this issue Apr 17, 2019
Closed
@jason-upchurch jason-upchurch added this to the PI 9 milestone Apr 24, 2019
@jason-upchurch
Copy link
Contributor

Current description/detailed path in the Snyk log:

Race Condition
Vulnerable module: webargs

  • Introduced through: regcore@4.2.0 and webargs@1.8.1

Detailed paths

  • Introduced through: project@0.0.0 › regcore@4.2.0 › webargs@1.8.1
  • Introduced through: project@0.0.0 › webargs@1.8.1

@jason-upchurch jason-upchurch modified the milestones: PI 9, Sprint 8.7 Apr 24, 2019
@jason-upchurch jason-upchurch mentioned this issue Apr 24, 2019
Closed
@hcaofec hcaofec mentioned this issue May 1, 2019
Closed
@fec-jli fec-jli mentioned this issue May 8, 2019
Closed
@jason-upchurch jason-upchurch changed the title [MEDIUM] Snyk - Race Condition - Fix by 20190520 [Med] Snyk: Race Condition (due 5/20/19) May 16, 2019
@jason-upchurch jason-upchurch added the Security: moderate Remediate within 60 days label May 16, 2019
@jason-upchurch jason-upchurch modified the milestones: Sprint 8.7, Sprint 9.1 May 16, 2019
@jason-upchurch jason-upchurch self-assigned this May 16, 2019
@jason-upchurch jason-upchurch mentioned this issue May 16, 2019
Closed
@lbeaufort lbeaufort self-assigned this May 16, 2019
@lbeaufort lbeaufort mentioned this issue May 16, 2019
Merged
@patphongs patphongs mentioned this issue Mar 4, 2024
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@lbeaufort lbeaufort

@jason-upchurch jason-upchurch

Labels
Security: moderate Remediate within 60 days
Projects
None yet
Milestone
Sprint 9.1
Development

Successfully merging a pull request may close this issue.

Update webargs to 5.1.3 fecgov/fec-eregs
3 participants
@rjayasekera @lbeaufort @jason-upchurch