Cameron created SPARK-53745:
-------------------------------
Summary: Update Python mlflow to 3.1.0
Key: SPARK-53745
URL: https://issues.apache.org/jira/browse/SPARK-53745
Project: Spark
Issue Type: Dependency upgrade
Components: Tests
Affects Versions: 4.1.0
Reporter: Cameron
Fix For: 4.1.0
Mlflow 2.3.1 contains the following vulnerabilities:
* CVE-2023-6909 : 8.7 Severity
* CVE-2023-6831 : 10.0 Severity
* CVE-2023-6568 : 6.5 Severity
* CVE-2023-4033 : 8.8 Severity
* CVE-2023-6709 : 8.8 Severity
* CVE-2023-3765 : 10.0 Severity
* CVE-2023-6753 : 8.8 Severity
* CVE-2024-27134 : 7.3 Severity
* CVE-2024-0520 : 10.0 Severity
* CVE-2024-27132 : 9.6 Severity
* CVE-2024-27133 : 9.6 Severity
* CVE-2024-2928 : 7.5 Severity
* CVE-2024-3573 : 9.3 Severity
* CVE-2024-3848 : 7.5 Severity
* CVE-2025-1474 : 5.5 Severity
* CVE-2025-52967 : 5.8 Severity
* CVE-2023-6014 : 9.1 Severity
* CVE-2024-8859 : 7.5 Severity
* CVE-2023-6974 : 9.8 Severity
* CVE-2023-6018 : 10.0 Severity
* CVE-2024-3099 : 5.4 Severity
* CVE-2023-6015 : 10.0 Severity
* CVE-2024-1483 : 7.5 Severity
* CVE-2023-6975 : 9.8 Severity
* CVE-2023-6940 : 8.8 Severity
* CVE-2024-1558 : 7.5 Severity
* CVE-2024-4263 : 5.4 Severity
* CVE-2023-6977 : 7.5 Severity
* CVE-2023-43472 : 7.5 Severity
* CVE-2023-6976 : 8.8 Severity
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
