CVE-2021-32052 is still showing up in Wiz Security Scan findings when installing the latest DataDog Agent version

[lesterianespiritu]

Hi, we made a deployment pipeline that installs (or upgrades) the latest DataDog Agent in our Azure Virtual Machines via chocolatey. Unfortunately, using the latest version still uses Python 3.11 which is getting flagged as Medium vulnerability severity with the mentioned description below:

File C:\Program Files\Datadog\Datadog Agent\embedded3\python311.dll version 3.11.8 is vulnerable to CVE-2021-32052, which exists in versions >= 3.9.5.

The vulnerability was found in the National Vulnerability Database (NVD) based on the CPE cpe:2.3:a:python:python with NVD severity: Medium.

The file is associated with the technology Python Interpreter.

Do we have a fix for this?

Thanks!

NOTE: This issue tracker is primarily used to track bugs in the Agent codebase to completion. For issues directly related to your use of the agent, we have a dedicated team who can investigate your reports directly. Please contact Datadog support and and send them a flare demonstrating the issue.

[lesterianespiritu]

Bump.

[lesterianespiritu]

Bump.

[lesterianespiritu]

bump