Ask questionsDatabase false positive: Gunicorn request smuggling vulnerability
Version 19.10 is being incorrectly flagged as insecure. How would I approach fixing this? I'm happy to patch the DB myself, but it looks like it is auto generated by a bot - so if I made the change, would the bot undo it from wherever it gets its sources from?
Discussed in both Airflow and Gunicorn, and confirmed that 19.10 was patched:
The CVE also states that 19.10.0 and 20.0.1 both have the fix:
Answer questions harlekeyn
Yes, you are correct. Thanks for letting us know. We have updated our database. Note that this will not reflect in our free database until June 1st, 2021.
Related questionsNo questions were found.