[
https://issues.apache.org/jira/browse/FLINK-29300?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17610565#comment-17610565
]
xiaochen zhou commented on FLINK-29300:
---------------------------------------
hi,I would like to deal with it. Can you assign this ticket to me ?:)
> Upgrade python version to 3.10.3
> --------------------------------
>
> Key: FLINK-29300
> URL: https://issues.apache.org/jira/browse/FLINK-29300
> Project: Flink
> Issue Type: Improvement
> Reporter: Bilna
> Priority: Major
>
> Security scans listed lot of CVEs from Python 3.8. So please upgrade python
> version to 3.10.3
> |Component Name|Component Version Name|Vulnerability Name(s)|Base Score -
> cvss3|Severity - cvss3|Fix version|
> |Python programming language|3.7.3|CVE-2015-20107 (BDSA-2015-0814)
> |9.8|CRITICAL |3.10.3|
> |Python programming language|3.7.3|CVE-2022-26488 (BDSA-2022-0627) |7|HIGH
> |3.10.3|
> |Python programming language|3.7.3|CVE-2021-3737 (BDSA-2021-3183)
> |7.5|HIGH|3.10.3|
> |Python programming language|3.7.3|CVE-2022-0391 (BDSA-2021-4119)
> |7.5|HIGH|3.10.3|
> |Python programming language|3.7.3|CVE-2021-3177 (BDSA-2021-0085)
> |9.8|CRITICAL|3.10.3|
> |Python programming language|3.7.3|CVE-2020-27619 (BDSA-2020-2928)
> |9.8|CRITICAL |3.10.3|
> |Python programming language|3.7.3|CVE-2020-26116 (BDSA-2020-2544) |7.2|HIGH
> |3.10.3|
> |Python programming language|3.7.3|CVE-2019-20907 (BDSA-2019-4493)
> |7.5|HIGH|3.10.3|
> |Python programming language|3.7.3|CVE-2020-15523 (BDSA-2020-1616)
> |7.8|HIGH|3.10.3|
> |Python programming language|3.7.3|CVE-2019-16056 (BDSA-2019-2926) |7.5|HIGH
> |3.10.3|
> |Python programming language|3.7.3|CVE-2019-10160 (BDSA-2019-1748)
> |9.8|CRITICAL|3.10.3|
> |Python programming language|3.7.3|CVE-2019-9948 (BDSA-2019-0819)
> |9.1|CRITICAL|3.10.3|
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
