Grimmory
CVE's in stdlib #1668
Closed
shadybraden
started this conversation in
Backend
CVE's in stdlib
#1668
Replies: 1 comment 1 reply
-
|
There's a security reporting feature in GitHub. |
Beta Was this translation helpful? Give feedback.
1 reply
-
Oop didn't realize. Moving there |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello! First of all, I absolutely love Grimmory!.
I CVE scanned Grimmory, and the latest version and it showed multiple CVE's in
stdlib. I then looked through the code looking for this, and I clearly do not understand C and programming enough to understand this all.But per me simply running
grype grimmory/grimmory:v3.2.0andtrivy image grimmory/grimmory@sha256:a228db61f0898ab7268664093b2a17b08d80387ed7f1c39c1c7bc30fd7360022and similar, I see a known exploited vulnerability with an fix available.I'm not trying to cause extra work, just bring awareness to this. I appreciate the effort that is put into this project.
Beta Was this translation helpful? Give feedback.
All reactions