Reduce vulnerabilities in syngen

tdspora / syngen

Open-source version of the TDspora synthetic data generation algorithm.

https://tdspora.ai/

GNU General Public License v3.0

17 stars 4 forks source link

Closed tdspora closed 10 months ago

tdspora commented 10 months ago

Reduce vulnerabilities with severity High, Critical in syngen

tdspora commented 10 months ago

The vulnerability CVE-2023-6015 (https://github.com/advisories/GHSA-f798-qm4r-23r5) fixed by upgrade to mlflow v.2.8.1. The vulnerability CVE-2023-47248 (https://github.com/advisories/GHSA-5wvp-7f3h-6wmm) fixed by removing the dependency from the list of required dependencies. Now the library pyarrow will be installed in v.14.0.1 as a dependency of mlflow 2.8.1.