Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add false-alarm CVE to allowlist #10

Closed
blairdrummond opened this issue Jul 20, 2021 · 2 comments · Fixed by #11
Closed

Add false-alarm CVE to allowlist #10

blairdrummond opened this issue Jul 20, 2021 · 2 comments · Fixed by #11
Assignees
@Nancy-Badran

Comments

@blairdrummond
Copy link

This image is failing the CI, we should probably fix the critical vulnerability before we can push it into the cluster.
@blairdrummond
Copy link
Author

Closed! Thanks @Jose-Matsuda

Looked into it for a sec and it seems like it's the same one Jessica encountered a while ago where it was a false positive.
Sources:
https://github.com/StatCan/kubeflow-pipelines/runs/2723098758
GHSA-8v27-2fg9-7h62
browserify/static-eval#34

@blairdrummond blairdrummond reopened this Jul 20, 2021
@blairdrummond blairdrummond changed the title Fix the critical CVE and get this image pushed Add false-alarm CVE to allowlist Jul 20, 2021
@blairdrummond
Copy link
Author

We need to add this to the allowlist so that we can deploy

@Nancy-Badran Nancy-Badran linked a pull request Jul 21, 2021 that will close this issue
Whitelisted CVEs #11
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Nancy-Badran Nancy-Badran

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Whitelisted CVEs StatCan/kubeflow-pipelines
2 participants
@blairdrummond @Nancy-Badran