-
Notifications
You must be signed in to change notification settings - Fork 285
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(security): vulnerabilities found in cactus-example-supply-chain-app #2041
Comments
Hi @petermetz Can you assign me on this one? thank you! |
Hello @petermetz Here are the screenshots of my current issue/blocker |
@aldousalvarez Done, thank you! |
@aldousalvarez Oh, that's great, thank you for investigating! We will issue a
|
Depends on #2054 |
Also marked this as P3 because the vulnerabilities are on a test or example container that does not get used in production at all. |
Hello @petermetz After examining the remaining vulnerabilities. Below is the table of the proposed solution for the remaining vulnerabilities in the supply-chain-app <style> </style>
|
Fixes hyperledger-cacti#2041 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
Fixes hyperledger-cacti#2041 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
Fixes hyperledger-cacti#2041 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
Fixes hyperledger-cacti#2041 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
Fixes hyperledger-cacti#2041 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
…-2022-24999 Fixes hyperledger-cacti#2041 These changes will fixx the following vulnerabilities with their CVE IDs: - CVE-2022-24434 - CVE-2022-24999 (express) - CVE-2022-24999 (qs) Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
…-2022-24999 Fixes hyperledger-cacti#2041 These changes will fixx the following vulnerabilities with their CVE IDs: - CVE-2022-24434 - CVE-2022-24999 (express) - CVE-2022-24999 (qs) Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com> Signed-off-by: Peter Somogyvari <peter.somogyvari@accenture.com>
List of vulnerabilities found in cactus-example-supply-chain-app image during Azure Container scan.
The text was updated successfully, but these errors were encountered: