VULN UPGRADE: Flask (minor → 2.3.3) [citrix_hypervisor/tests]

[campaigner-prod]

Summary: High-severity security update — 1 package upgraded (MINOR changes included)

Manifests changed:

• citrix_hypervisor/tests (pip)

Updates

Package	From	To	Type	Vulnerabilities Fixed
Flask	2.0.1	2.3.3	minor	1 HIGH, 1 UNKNOWN

---

Security Details

🚨 Critical & High Severity (1 fixed)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
Flask	GHSA-m2qf-hxjv-5gpq	HIGH	Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header	2.0.1	2.3.2

ℹ️ Other Vulnerabilities (1)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
Flask	PYSEC-2023-62	unknown	-	2.0.1	70f906c51ce49c485f1d355703e9cc3386b1cc2b

---

Review Checklist

Enhanced review recommended for this update:

• Review changes for compatibility with your code
• Check release notes for breaking changes
• Run integration tests to verify service behavior
• Test in staging environment before production
• Monitor key metrics after deployment

---

Update Mode: Vulnerability Remediation (High)

🤖 Generated by DataDog Automated Dependency Management System

[github-actions]

⚠️ Recommendation: Add qa/skip-qa label

This PR does not modify any files shipped with the agent.

To help streamline the release process, please consider adding the qa/skip-qa label if these changes do not require QA testing.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.03%. Comparing base (288fc11) to head (5c6313a).
⚠️ Report is 33 commits behind head on master.

Additional details and impacted files

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Kyle-Neale]

Closing since these are just test dependencies that are only used in CI