Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(iatlas): migrate iAtlas GraphQL API to the monorepo #2559

Closed
wants to merge 2 commits into from

add python code

9ce7706
Select commit
Loading
Failed to load commit list.
Closed

feat(iatlas): migrate iAtlas GraphQL API to the monorepo #2559

add python code
9ce7706
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / Trivy failed Mar 11, 2024 in 4s

4 configurations not found

Warning: Code scanning may not have found all the alerts introduced by this pull request, because 4 configurations present on refs/heads/main were not found:

Actions workflow (scan-images.yml)

  • ❓  openchallenges-apex:edge image
  • ❓  openchallenges-api-gateway:edge image
  • ❓  openchallenges-challenge-service:edge image
  • ❓  openchallenges-zipkin:edge image

New alerts in code changed by this pull request

Security Alerts:

  • 4 high

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 1 in apps/iatlas/api/requirements.txt

See this annotation in the file changed.

Code scanning / Trivy

flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header High

Package: Flask
Installed Version: 1.1.2
Vulnerability CVE-2023-30861
Severity: HIGH
Fixed Version: 2.3.2, 2.2.5
Link: CVE-2023-30861

Check failure on line 1 in apps/iatlas/api/requirements.txt

See this annotation in the file changed.

Code scanning / Trivy

python-werkzeug: high resource usage when parsing multipart form data with many fields High

Package: Werkzeug
Installed Version: 1.0.1
Vulnerability CVE-2023-25577
Severity: HIGH
Fixed Version: 2.2.3
Link: CVE-2023-25577

Check failure on line 1 in apps/iatlas/api/requirements.txt

See this annotation in the file changed.

Code scanning / Trivy

There MultipartParser usage in Encode's Starlette python framework bef ... High

Package: starlette
Installed Version: 0.13.4
Vulnerability CVE-2023-30798
Severity: HIGH
Fixed Version: 0.25.0
Link: CVE-2023-30798

Check failure on line 1 in apps/iatlas/api/requirements.txt

See this annotation in the file changed.

Code scanning / Trivy

`python-multipart` is a streaming multipart parser for Python. When us ... High

Package: starlette
Installed Version: 0.13.4
Vulnerability CVE-2024-24762
Severity: HIGH
Fixed Version: 0.36.2
Link: CVE-2024-24762