You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have searched Superset docs and Slack and didn't find a solution to my problem.
I have searched the GitHub issue tracker and didn't find a similar bug report.
I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section.
The text was updated successfully, but these errors were encountered:
nigzak
changed the title
Update superset "numexpr 2.8.4" dependency in docker image because of CVE-2023-39631
Update superset "numexpr 2.8.4" dependency in docker image of superset 3.1.0 because of CVE-2023-39631
Feb 1, 2024
nigzak
changed the title
Update superset "numexpr 2.8.4" dependency in docker image of superset 3.1.0 because of CVE-2023-39631
Update superset "numexpr 2.8.4" dependency in docker image of superset 3.1.0/3.1.1 because of CVE-2023-39631
Feb 21, 2024
Bug description
The docker inspector marks the image of superset 3.1.0 with a finding of numexpr 2.8.4
https://scout.docker.com/vulnerabilities/id/CVE-2023-39631?s=pypa&n=numexpr&t=pypi&vr==2.8.4&utm_source=desktop&utm_medium=ExternalLink
CVSS SCORE = 9.8
How to reproduce the bug
download image 3.1.0
open in docker inspector
Screenshots/recordings
No response
Superset version
3.1.0
3.1.1
Python version
3.9
Node version
16
Browser
Chrome
Additional context
3.0.3 is NOT affected by this
Checklist
The text was updated successfully, but these errors were encountered: