spark-operator icon indicating copy to clipboard operation
spark-operator copied to clipboard

Published 20 hours ago verified publisher icon kubeflow

Vulnerability remediation for current gcp/spark-operator image

Open mshilamk8s opened this issue 3 years ago • 4 comments

gcp/spark-on-k8s-operator image: v1beta2-1.3.3-3.1.1

The current gcp/spark-on-k8s-operator have following vulnerabilities. Is there any plan to remediate them?

CVE-2017-7525 | HIGH
CVE-2021-29425 | HIGH
CVE-2005-2541 | MEDIUM | CVE-2018-11770 | MEDIUM CVE-2019-13115 | MEDIUM CVE-2019-17571 | MEDIUM CVE-2019-20330 | MEDIUM CVE-2020-8840 | MEDIUM
CVE-2020-6096 | MEDIUM CVE-2020-24616 | MEDIUM CVE-2022-23307 | MEDIUM

mshilamk8s avatar Feb 23 '22 04:02 mshilamk8s

I am trying to build image myself and unable for file Dockerfile, where I can update the Spark version ?

zencircle avatar Mar 07 '22 20:03 zencircle

Is there any update on fixing the above vulnerabilities?

Gvsridhar avatar Apr 12 '22 22:04 Gvsridhar

any update on this

moorthy156 avatar Apr 17 '22 03:04 moorthy156

Is there any update on these vulnerabilities?

psheorangithub avatar Jul 14 '22 11:07 psheorangithub