[pip-audit] pytigergraph 1.5 PYSEC-2022-43064

[dnovvak]

Describe the bug
Scan with pip-audit reports unfixed vulnerability:

Found 1 known vulnerability in 1 package
Name         Version ID               Fix Versions
------------ ------- ---------------- ------------
pytigergraph 1.5     PYSEC-2022-43064

To Reproduce

1. Create a sample python project: poetry new my-package
2. Add pyTigerGraph to the project: poetry add pytigergraph==1.5
3. Add pip-audit to the project: poetry add pip-audit
4. Run audit: poetry run pip-audit
5. Verify results

Expected behavior
pyTigerGraph has no known vulnerabilities.

[parkererickson-tg]

We have remedied the issues brought up by CVE-2022-30331, as described here: https://docs.tigergraph.com/home/alerts/cve-2022-30331. UDFs are not controlled by pyTigerGraph anyways. The pip-audit database appears to be out of date.

[dnovvak]

Ok, thank you @parkererickson-tg!
Ticket raised on https://github.com/pypa/advisory-database

[parkererickson-tg]

Cool, thank you!