Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Request fix of CVE-2024-2961 #1452

Closed
sync-by-unito bot opened this issue Nov 19, 2024 · 8 comments
Closed

Request fix of CVE-2024-2961 #1452

sync-by-unito bot opened this issue Nov 19, 2024 · 8 comments

Comments

@sync-by-unito
Copy link

sync-by-unito bot commented Nov 19, 2024

Requested fix for 13 critical CVEs, as the result of a recent security scan. Please notify customer of the fix via support team.

|----|----|
|k8ssandracassoperator_v1.17.2|CVE20242961|

┆Issue is synchronized with this Jira Vulnerability by Unito
┆Issue Number: K8OP-293

Copy link
Author

sync-by-unito bot commented Nov 19, 2024

➤ Tiago Alves commented:

Erik Merkle could you move this to where k8ssandra-cass-operator tracks these issues?

Copy link
Author

sync-by-unito bot commented Nov 19, 2024

➤ Tiago Alves commented:

Erik Merkle no need, I’ve done it already.

@adejanovski adejanovski changed the title [Standard Chartered Bank] Customer request fix of CVE-2024-2961 Request fix of CVE-2024-2961 Nov 20, 2024
@burmanm burmanm closed this as completed Nov 21, 2024
Copy link
Author

sync-by-unito bot commented Nov 21, 2024

➤ Michael Burman commented:

Closing as 1.17.2 is not relevant version.

@adejanovski
Copy link
Contributor

@burmanm, is this CVE fixed in more recent versions?

@burmanm
Copy link
Contributor

burmanm commented Nov 21, 2024

It's a base layer vuln.

@adejanovski
Copy link
Contributor

It's a base layer vuln.

And our base layer was upgraded since then?

@burmanm
Copy link
Contributor

burmanm commented Nov 21, 2024

At least ubi images are.

@burmanm
Copy link
Contributor

burmanm commented Nov 21, 2024

And so has gcr.io/distroless/static

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
No open projects
Status: No status
Development

No branches or pull requests

2 participants