github.com/jfrog/frogbot@v1.1.1-0.20231221090046-821a26f50338/testdata/messages/reviewcomment/applicable/applicable_review_content_simplified.md

github.com/jfrog/frogbot@v1.1.1-0.20231221090046-821a26f50338/testdata/messages/reviewcomment/applicable/applicable_review_content_simplified.md (about)

     1  
     2  
     3  ---
     4  ## 📦🔍 Contextual Analysis CVE Vulnerability
     5  
     6  ---
     7  | Severity                | Impacted Dependency                  | Finding                  | CVE                  |
     8  | :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
     9  | Critical | werkzeug:1.0.1 | The vulnerable function flask.Flask.run is called | CVE-2022-29361 |
    10  
    11  ---
    12  ### Description
    13  
    14  ---
    15  The scanner checks whether the vulnerable `Development Server` of the `werkzeug` library is used by looking for calls to `werkzeug.serving.run_simple()`.
    16  
    17  ---
    18  ### CVE details
    19  
    20  ---
    21  cveDetails
    22  
    23  ---
    24  ### Remediation
    25  
    26  ---
    27  some remediation