Safety vulnerability ID: 64612
The information on this page was manually curated by our Cybersecurity Intelligence Team.
KServe 0.12.0rc1 addresses the CVE-2023-6019 by updating the ray dependency from version ^2.8.0 to >=2.8.1.
https://github.com/kserve/kserve/pull/3285/commits/eddddc435aa487e4ed0b2dbc311af1b1b642e541
Latest version: 0.14.0
KServe Python SDK
What's Changed
* docs: Corrections and edits on release process document by terrytangyuan in https://github.com/kserve/kserve/pull/3326
* build: Switch to use kustomize in kubectl to simplify build process. Fixes 3314 by terrytangyuan in https://github.com/kserve/kserve/pull/3315
* feat: Expose defaults for several batcher handler parameters by terrytangyuan in https://github.com/kserve/kserve/pull/3301
* fix: Properly close resources and handle errors in agent and storage. Fixes 3323 by terrytangyuan in https://github.com/kserve/kserve/pull/3321
* Add model arguments to API and update BERT inference example by yuzisun in https://github.com/kserve/kserve/pull/3332
* chore: Update generated APIs and check generated manifests by terrytangyuan in https://github.com/kserve/kserve/pull/3335
* Update python model serving runtime API docstring by yuzisun in https://github.com/kserve/kserve/pull/3338
* Handles s3 download for object name starts with folder name. by andyi2it in https://github.com/kserve/kserve/pull/3205
* chore: Remove unused timeout annotation and flag in batcher by terrytangyuan in https://github.com/kserve/kserve/pull/3341
* ci: Automate release process by terrytangyuan in https://github.com/kserve/kserve/pull/3345
* fixes critical vulnerabilities on ray by spolti in https://github.com/kserve/kserve/pull/3285
* chore: Bump versions to prepare v0.12.0-rc1 release by terrytangyuan in https://github.com/kserve/kserve/pull/3352
* Change version for helm charts in README by gawsoftpl in https://github.com/kserve/kserve/pull/3353
* Fixes CVE-2023-48795 by spolti in https://github.com/kserve/kserve/pull/3354
* Fix Stack-based Buffer Overflow on protobuf by spolti in https://github.com/kserve/kserve/pull/3358
* Update knative-serving by spolti in https://github.com/kserve/kserve/pull/3362
* Fixes vulnerabilities on the otelhttp dependency by spolti in https://github.com/kserve/kserve/pull/3361
* Change the default value for enableDirectPvcVolumeMount to true by Jooho in https://github.com/kserve/kserve/pull/3371
* feat: Automatically generate Helm Chart docs. Fixes 3356 by terrytangyuan in https://github.com/kserve/kserve/pull/3363
* Modified script for include all kserve poetry projects. by andyi2it in https://github.com/kserve/kserve/pull/3350
* RawDeployment support for Inference Graph by bmopuri in https://github.com/kserve/kserve/pull/3199
* Add compatibility for Istio CNI plugin by israel-hdez in https://github.com/kserve/kserve/pull/3316
* Pass missing infer parameters during conversion by sivanantha321 in https://github.com/kserve/kserve/pull/3368
* feat: Support S3 transfer acceleration by terrytangyuan in https://github.com/kserve/kserve/pull/3305
* Implement HuggingFace model server by yuzisun in https://github.com/kserve/kserve/pull/3334
* fix: Add missing volume mount to transformer container when using modelcars by rhuss in https://github.com/kserve/kserve/pull/3384
* align cloudevents/sdk-go dependency by spolti in https://github.com/kserve/kserve/pull/3387
New Contributors
* gawsoftpl made their first contribution in https://github.com/kserve/kserve/pull/3353
**Full Changelog**: https://github.com/kserve/kserve/compare/v0.12.0-rc0...v0.12.0-rc1
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application