Docker Container Image Vulnerability - CVE-2023-44487 #484
Assignees
Labels
Comments
|
Thanks @rlindner5 for reporting the issue. We're already working on it |
|
@Nageshbansal please feel free to take it up. I have assigned it to you. Do let me know if you have any questions. |
|
This vulnerability is no longer showing up in scans as of the 3.5.0 image. Thanks for addressing this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is this a BUG REPORT or FEATURE REQUEST?
Choose one: BUG REPORT
What happened: Docker container is showing a high vulnerability using Cisco Vulnerability Management scanning tool. This is NOT a duplicate of #380 as this vulnerability is not included in that bug report, which is now almost 3 years old.
CVE Library Version Severity Fixed By Path
CVE-2023-44487 golang.org/x/net v0.7.0 High v0.17.0 /usr/local/bin/chaos-operator
CVE-2023-44487
What you expected to happen: Scanning jobs for production level containers should not have high vulnerabilities when using the latest image.
How to reproduce it (as minimally and precisely as possible): Used the Cisco Vulnerability Management scanning tool https://www.cisco.com/site/us/en/products/security/vulnerability-management/index.html
The text was updated successfully, but these errors were encountered: