chrisqiqiu opened a new issue, #14391: URL: https://github.com/apache/iceberg/issues/14391
### Apache Iceberg version 1.10.0 (latest release) ### Query engine Spark ### Please describe the bug 🐞 protobuf CVE [CVE-2024-7254](https://github.com/advisories/GHSA-735f-pc8j-v9w8) is reported on the iceberg-spark-runtime-3.5_2.12:1.10.0.jar . Can anyone please advise if the CVE is applicable and is there a plan to bump up the version based on https://github.com/advisories/GHSA-735f-pc8j-v9w8 ? ### Willingness to contribute - [ ] I can contribute a fix for this bug independently - [x] I would be willing to contribute a fix for this bug with guidance from the Iceberg community - [ ] I cannot contribute a fix for this bug at this time -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
