Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE in Pyarrow dependency #178

Open
vanHavel opened this issue Dec 8, 2023 · 1 comment
Open

CVE in Pyarrow dependency #178

vanHavel opened this issue Dec 8, 2023 · 1 comment
Assignees
@mdreves
Labels
stat:awaiting tensorflower type:support

Comments

@vanHavel
Copy link

vanHavel commented Dec 8, 2023

System information

  • Have I written custom code: no
  • OS Platform and Distribution: N/A
  • TensorFlow Model Analysis installed from: binary
  • TensorFlow Model Analysis version: 0.45.0
  • Python version: N/A
  • Jupyter Notebook version: N/A
  • Exact command to reproduce: N/A

Describe the problem

pyarrow in versions less than 14.0.1 contains the critical security vulnerability CVE-2023-47248.
If possible, please update the dependency of pyarrow to a version >= 14.0.1.
@singhniraj08
Copy link

@vanHavel, Thank you for raising this feature request. We have already received this issue in other TFX child library and are working actively on updating the pyarrow dependency. We will update this thread once pyarrow dependency is updated. Thank you!

@singhniraj08 singhniraj08 assigned mdreves and unassigned singhniraj08 Dec 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mdreves mdreves

Labels
stat:awaiting tensorflower type:support
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mdreves @vanHavel @singhniraj08 @gaikwadrahul8