Hey! We're using Fission Python Environment for our company (BMW) and currently we found that the current Python image that you provide has a potential entry point for attackers through exploitation of CVE-2022-37434 in the zlib package.
An attacker can exploit the critical vulnerability CVE-2022-37434 in the zlib package version 1.2.12-r0 present in the
docker.io/fission/python-env container image. This vulnerability has known exploits available and is actively exploited in the wild with network-based attack vectors.
Is it possible to update your dependencies of this image?
Hey! We're using Fission Python Environment for our company (BMW) and currently we found that the current Python image that you provide has a potential entry point for attackers through exploitation of CVE-2022-37434 in the zlib package.
An attacker can exploit the critical vulnerability CVE-2022-37434 in the zlib package version 1.2.12-r0 present in the
docker.io/fission/python-envcontainer image. This vulnerability has known exploits available and is actively exploited in the wild with network-based attack vectors.Is it possible to update your dependencies of this image?