Closed tdspora closed 10 months ago
The vulnerability CVE-2023-6015 (https://github.com/advisories/GHSA-f798-qm4r-23r5) fixed by upgrade to mlflow v.2.8.1. The vulnerability CVE-2023-47248 (https://github.com/advisories/GHSA-5wvp-7f3h-6wmm) fixed by removing the dependency from the list of required dependencies. Now the library pyarrow will be installed in v.14.0.1 as a dependency of mlflow 2.8.1.
Reduce vulnerabilities with severity High, Critical in syngen