Vulnerable java driver (for postgresql)

[RMHogervorst]

What language are you using?

Python

What version are you using?

0.3.2

What database are you using?

PostgreSQL

What dataframe are you using?

Polars (so arrow)

Can you describe your bug?

For some reason you use a older version of a java postgres driver? anyways that one has a critical vulnerability CVE-2022-26520. This should be fixed in version 42.3.3

What are the steps to reproduce the behavior?

I ran a vulnerability scan on a docker image with connectorx installed. It revealed an error on org.postgresql:postgresql (federated-rewriter.jar).

That jar is used only once in this image, inside connectorx/dependencies/

Database setup if the error only happens on specific data or data type

Not relevant.

Table schema and example data Not relevant

Example query / code

Non relevant

What is the error?

Show the error result here.

[RMHogervorst]

If you update the federated query submodule in the next release this will fix the issue