CGA-p777-ph7j-fc24

Published

Last updated

https://images.chainguard.dev/security/CGA-p777-ph7j-fc24

Package

spark-3.5

RepositoryWolfi

Latest Update

Pending upstream fix

Aliases

CVE-2024-29869
GHSA-c476-j253-5rgq

Severity

Unknown

References

https://nvd.nist.gov/vuln/detail/CVE-2024-29869
https://github.com/advisories/GHSA-c476-j253-5rgq

Updates

Status

Pending upstream fix

Impact

Spark-3.5 only supports Hive 2.3.9. An initiative to upgrade Hive to a newer major version exists and is targeting the spark 4.0.0 release. This can be seen in the following PR: https://issues.apache.org/jira/browse/SPARK-44114

Status

Under investigation

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-p777-ph7j-fc24

Severity

References

Updates

Product

Solutions

Customers

Resources

Company