CVE's in kube-webhook-certgen image #11997
Labels
kind/bug
Categorizes issue or PR as related to a bug.
needs-priority
needs-triage
Indicates an issue or PR lacks a `triage/foo` label and requires one.
The v20231226-1a7112e06 tag of kube-webhook-certgen pulled from registry.k8s.io/ingress-nginx contains the following vulnerabilities.
These issues were found through Azure Defender and Docker Scout
Originally used tag v20221220-controller-v1.5.1-58-g787ea74b6 and noticed v20231226-1a7112e06 fixes a couple of other CVE's.
Wasn't able to pick up the tagging strategy for this image - Is v20231226-1a7112e06 considered officially released?
Updating to the latest versions of these dependencies would help with security compliance.
The text was updated successfully, but these errors were encountered: