Need fix for CVE-2022-21797
saranyareddy24 opened this issue · comments
Saranya Reddipalli commented
CVE reported in ceph container.
Image scanned: quay.io/ceph/ceph:v17
Python (python-pkg)
Library: joblib
Severity: critical
Installed version: 0.16.0
Fixed version: 1.2.0
Saranya Reddipalli commented
Looks like it needs to be fixed from Dockerfile, this yum repo yum copr enable -y tchaikov/python-scikit-learn
is installing the 0.16.0 joblib library.
Saranya Reddipalli commented
Can someone please look into this issue. Kind of critical for us.