Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE vulnerability in pyarrow(11.0.0) used by feast #3866

Closed
knowitall12 opened this issue Dec 13, 2023 · 3 comments
Closed

CVE vulnerability in pyarrow(11.0.0) used by feast #3866

knowitall12 opened this issue Dec 13, 2023 · 3 comments
Labels
kind/feature New feature or request

Comments

@knowitall12
Copy link

Is your feature request related to a problem? Please describe.
We are using feast[aws](0.33.1) and it seems that it uses pyarrow(11.0.0) which has vulnerabilities.

Describe the solution you'd like
We suggest to upgrade the pyarrow version to 14.0.1

Describe alternatives you've considered
None

Additional context
CVE details:
@knowitall12 knowitall12 added the kind/feature New feature or request label Dec 13, 2023
@dennisobrien
Copy link

It looks like this was already addressed in 052182b

Is there a roadmap for the next release? This would be great to get the CVE addressed.

@dennisobrien
Copy link

Looks like this is a duplicate of #3832

@shuchu
Copy link
Collaborator

shuchu commented Jan 31, 2024

It is fixed in v0.35.0.

@shuchu shuchu closed this as completed Jan 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dennisobrien @shuchu @knowitall12