Skip to content

[Task]: Remediate CVE-2024-28397 #31799

New issue
New issue
Open
#37560
Open
[Task]: Remediate CVE-2024-28397#31799
#37560
Assignees
derrickaw
Labels
P3pythontaskyaml
@markustoivonen

Description

@markustoivonen
markustoivonen
opened on Jul 8, 2024

What needs to happen?

It seems that one of the python libraries Beam uses, js2py, has a vulnerability:

CVE-2024-28397

Exposure seems fairly limited (not sure if its even realistic to be exploited when using Beam).

Issue Priority

Priority: 3 (nice-to-have improvement)

Issue Components

  • Component: Python SDK
  • Component: Java SDK
  • Component: Go SDK
  • Component: Typescript SDK
  • Component: IO connector
  • Component: Beam YAML
  • Component: Beam examples
  • Component: Beam playground
  • Component: Beam katas
  • Component: Website
  • Component: Spark Runner
  • Component: Flink Runner
  • Component: Samza Runner
  • Component: Twister2 Runner
  • Component: Hazelcast Jet Runner
  • Component: Google Cloud Dataflow Runner

Metadata

Metadata

Assignees

Labels

P3pythontaskyaml

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions