CVE-2022-40897 in Python runtime #352
Assignees
Labels
kind/bug
Something isn't working
Comments
|
@jenshonkan84 We are working on upgrading setuptools version for python311. I'll let you know when it is ready. |
|
@jenshonkan84 All python311 runtimes have been updated. CVE-2022-40897 is fixed. |
|
Thx! I can confirm it is fixed. But... Now it looks like there is a Critical CVE instead. Sorry if I am pushing this. But I just want to make you aware of it. This is related to Go... |
|
What go version were you using? Could you please provide more details? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
I have just started to test out buildpacks. When I build my little python API I can see that the Container Security Scanner finds a CVE marked as HIGH CVE-2022-40897.
Would be great if someone could fix that. :)
Additional context
How are you using GCP buildpacks?
packand thegcr.io/buildpacks/builderDid this used to work?
(Yes/No)
Was this working before? When did you start noticing these errors?
What language is your project primarily written in?
Python
Steps To Reproduce
Steps to reproduce the behavior:
gcloud builds submit --pack builder=gcr.io/buildpacks/builder:latest,image=<image_name>Screenshot:
The text was updated successfully, but these errors were encountered: