[SNYK MEDIUM] botocore Race Condition (due by 10/27/2023)
Closed this issue · 1 comments
pkfec commented
Overview
Affected versions of this package are vulnerable to Race Condition related to assuming a role for the first time.
Introduced through
Introduced through: project@0.0.0 › boto3@1.5.13 › botocore@1.8.50
Fixed in
botocore@1.9.12
Completion criteria:
- Pin botocore to version 1.9.12
- SNYK TEST no longer flags botocore as vulnerable package
Snyk: CVSS 5.9 - Medium Severity