Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bumping gevent to resolve CVE-73655 #441

Closed
wants to merge 1 commit into from
Closed

Bumping gevent to resolve CVE-73655 #441

wants to merge 1 commit into from

Conversation

pricem14pc
Copy link
Contributor

What and why?

Build failure following merge to main

-> Vulnerability found in gevent version 24.2.1
Vulnerability ID: 73655
Affected spec: <24.10.1
ADVISORY: Affected versions of gevent are vulnerable to a Race
Condition leading to Unauthorized Access — CWE-362. The attack can be...
PVE-2024-73655
For more information, please visit
https://data.safetycli.com/v/73655/[74](https://github.com/ONSdigital/ras-party/actions/runs/11774400065/job/32792885285#step:5:75)2

Jira

https://jira.ons.gov.uk/browse/RAS-1345

@pricem14pc pricem14pc closed this Nov 11, 2024
@pricem14pc pricem14pc deleted the bump-gevent branch November 11, 2024 09:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant