What Spark version are you referring to? If it's an unsupported version, no, no plans to update it. What image are you referring to?
On Wed, Dec 14, 2022 at 7:14 AM haibo.w...@morganstanley.com < haibo.w...@morganstanley.com> wrote: > Hi All > > > > Hope you are doing well. > > > > Writing this email for an vulnerable issue: CVE-2018-14721 > > apache/spark-py: > gav://org.codehaus.jackson:jackson-mapper-asl:1.9.13,CVE-2018-14721,1.8.10-cloudera.2,1.5.0 > <= Version <= 1.9.13 > > > > We are trying to bring in above image into our firm, but due to the > vulnerable issue, pyspark is not allowed, understand the version was > stopped maintaining in 2013, wondering any plan to replace the > Jackson-mapper-asl or any workaround? thanks > > > > Regards > > Harper Wang > > *Morgan Stanley | Corporate & Funding Technology *Kerry Parkside | > 1155 Fang Dian Road, Pudong New Area > 201204 Shanghai > haibo.w...@morganstanley.com > > > ------------------------------ > NOTICE: Morgan Stanley is not acting as a municipal advisor and the > opinions or views contained herein are not intended to be, and do not > constitute, advice within the meaning of Section 975 of the Dodd-Frank Wall > Street Reform and Consumer Protection Act. By communicating with Morgan > Stanley you acknowledge that you have read, understand and consent, (where > applicable), to the Morgan Stanley General Disclaimers found at > http://www.morganstanley.com/disclaimers/terms. The entire content of > this email message and any files attached to it may be sensitive, > confidential, subject to legal privilege and/or otherwise protected from > disclosure. > >