CVE in Pyarrow dependency

[vanHavel]

System information

• Have I written custom code: no
• OS Platform and Distribution: N/A
• TensorFlow Model Analysis installed from: binary
• TensorFlow Model Analysis version: 0.45.0
• Python version: N/A
• Jupyter Notebook version: N/A
• Exact command to reproduce: N/A

Describe the problem

pyarrow in versions less than 14.0.1 contains the critical security vulnerability CVE-2023-47248. If possible, please update the dependency of pyarrow to a version >= 14.0.1.

[singhniraj08]

@vanHavel, Thank you for raising this feature request. We have already received this issue in other TFX child library and are working actively on updating the pyarrow dependency. We will update this thread once pyarrow dependency is updated. Thank you!