You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# These AWS SDK CVEs do not impact Fleet as we do not use S3 client-side crypto features
CVE-2020-8911
CVE-2020-8912
GHSA-7f33-f4f5-xwgw
GHSA-f5pg-7wfw-84q9
# Vulnerable code in trim is not used in Fleet
CVE-2020-7753
# We feel like the risk of DoS using this technique, which requires being logged in, is low probability and low impact, as such we will not update glob-parent only for this CVE
CVE-2020-28469
# 2024/04/04 (github.com/goreleaser/nfpm/v2 should be updated)
# When packaging linux files, we do not use global permissions. Manually verified that packed fleet-osquery files do not have group/global write permissions.