Skip to content

Commit b06379b

Browse files
prowler-botjosema-xyz
prowler-bot
and
josema-xyz
authored
fix(api): Update Flask and Werkzeug to address vulnerabilities (#10431)
Co-authored-by: Josema Camacho <josema@prowler.com>
1 parent a002ec8 commit b06379b

File tree

2 files changed

+26
-7
lines changed

2 files changed

+26
-7
lines changed

api/CHANGELOG.md

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,25 @@
22

33
All notable changes to the **Prowler API** are documented in this file.
44

5+
## [1.23.0] (Prowler UNRELEASED)
6+
7+
### 🐞 Fixed
8+
9+
- Finding groups latest endpoint now aggregates the latest snapshot per provider before check-level totals, keeping impacted resources aligned across providers [(#10419)](https://github.com/prowler-cloud/prowler/pull/10419)
10+
- Mute rule creation now triggers finding-group summary re-aggregation after historical muting, keeping stats in sync after mute operations [(#10419)](https://github.com/prowler-cloud/prowler/pull/10419)
11+
12+
### 🔐 Security
13+
14+
- Replace stdlib XML parser with `defusedxml` in SAML metadata parsing to prevent XML bomb (billion laughs) DoS attacks [(#10165)](https://github.com/prowler-cloud/prowler/pull/10165)
15+
16+
## [1.22.2] (Prowler UNRELEASED)
17+
18+
### 🔐 Security
19+
20+
- Bump `flask` to 3.1.3 (CVE-2026-27205) and `werkzeug` to 3.1.6 (CVE-2026-27199) [(#10430)](https://github.com/prowler-cloud/prowler/pull/10430)
21+
22+
---
23+
524
## [1.22.1] (Prowler v5.21.1)
625

726
### 🐞 Fixed

api/poetry.lock

Lines changed: 7 additions & 7 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)