Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Latest Image have many ciritical CVES #13

Open
kumarakannan opened this issue Feb 11, 2022 · 0 comments
Open

Latest Image have many ciritical CVES #13

kumarakannan opened this issue Feb 11, 2022 · 0 comments

Comments

@kumarakannan
Copy link

CVES.txt
Vulnerabilities found for image total - 21, critical - 1, high - 13, medium - 7, low - 0
I have attached the CVES which are critical and high.

Could you please help us to fix the issue at the earliest.

Thanks,
Kumar
@arylatt arylatt mentioned this issue Apr 4, 2023
Closed
arylatt added a commit to arylatt/envoy-preflight that referenced this issue Apr 4, 2023
@arylatt
chore: update to go 1.20
5c15038 
Updates to Go 1.20, pull in updated versions of dependencies. This addresses some of the CVEs mentioned in monzo#13.

Updates the Dockerfile and go.yml Actions pipeline also, including updating permissions to a more limited set.
@arylatt arylatt mentioned this issue Apr 4, 2023
Merged
arylatt added a commit to arylatt/envoy-preflight that referenced this issue Apr 4, 2023
@arylatt
chore: update to go 1.20
87d38b4 
Updates to Go 1.20, pull in updated versions of dependencies. This addresses some of the CVEs mentioned in monzo#13.

Updates the Dockerfile and go.yml Actions pipeline also, including updating permissions to a more limited set.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Upgrade to Go 1.20 to resolve some CVEs arylatt/envoy-preflight
1 participant
@kumarakannan