Hi we are having CVE-2022-42889 vulnerability in
...
# all-things-deploymentb
bitter-waitress-17567
06/13/2023, 10:37 AMHi we are having CVE-2022-42889 vulnerability in
/usr/local/lib/python3.10/site-packages/pyspark/jars/commons-text-1.6.jarbitter-waitress-17567
06/13/2023, 10:39 AMThis is happening in latest release also.. Please let me know if any plans to fix this issue? Or Please let me know if someone has fixed this issue
d
delightful-ram-75848
06/15/2023, 12:34 AMHi, please avoid posting the same question in multiple channels since it's against our community guidelines. 🙂
@orange-night-91387 Any idea on this?
b
bland-orange-13353
06/15/2023, 12:34 AMYou can view our Slack Gluidelines here: https://datahubproject.io/docs/slack/
o
orange-night-91387
06/15/2023, 4:06 PMIn what image and what version? This vulnerability has been fixed in all spots where we are scanning our output images.
b
bitter-waitress-17567
06/15/2023, 5:02 PMThis is happening in 0.10.3 also..
bitter-waitress-17567
06/15/2023, 5:06 PMThis is coming from "acryldata/datahub-action - 0.0.11"
a
aloof-gpu-11378
06/15/2023, 9:40 PMTry 0.0.12
aloof-gpu-11378
06/15/2023, 9:40 PMThat's the latest release and it shows fixed on Mar 24