Deliberately downgrade to vulnerable versions

hubertp · hubertp · commit e1d8d0b3799a · 2021-11-19T19:31:50.000+01:00
Demonstrating SCA capabilities in a demo app.
Flask and Jinja2 in those versions have known CVEs
diff --git a/requirements.txt b/requirements.txt
@@ -1,6 +1,6 @@
 click==7.1.2
-Flask==1.1.2
+Flask==0.12.5
 itsdangerous==1.1.0
-Jinja2==2.11.3
+Jinja2==2.8
 MarkupSafe==1.1.1
-Werkzeug==1.0.1
+Werkzeug==0.16.1
