Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multiple High and Medium CVEs in kube-bench:v0.6.11 image #1374

Open
rayandas opened this issue Feb 8, 2023 · 0 comments
Open

Multiple High and Medium CVEs in kube-bench:v0.6.11 image #1374

rayandas opened this issue Feb 8, 2023 · 0 comments

Comments

@rayandas
Copy link
Contributor

rayandas commented Feb 8, 2023

Overview

There are multiple High and Medium CVEs in kube-bench:v0.6.11 image.

What happened?

I ran trivy image aquasec/kube-bench:v0.6.11 Below is the output:

2023-02-08T21:43:44.496+0530	INFO	Vulnerability scanning is enabled
2023-02-08T21:43:44.496+0530	INFO	Secret scanning is enabled
2023-02-08T21:43:44.496+0530	INFO	If your scanning is slow, please try '--security-checks vuln' to disable secret scanning
2023-02-08T21:43:44.496+0530	INFO	Please see also https://aquasecurity.github.io/trivy/v0.36/docs/secret/scanning/#recommendation for faster secret detection
2023-02-08T21:43:47.446+0530	INFO	Detected OS: alpine
2023-02-08T21:43:47.446+0530	INFO	Detecting Alpine vulnerabilities...
2023-02-08T21:43:47.453+0530	INFO	Number of language-specific files: 1
2023-02-08T21:43:47.453+0530	INFO	Detecting gobinary vulnerabilities...

aquasec/kube-bench:v0.6.11 (alpine 3.17.0)

Total: 24 (UNKNOWN: 0, LOW: 0, MEDIUM: 21, HIGH: 3, CRITICAL: 0)

Screenshot from 2023-02-08 21-44-27

What did you expect to happen:

There shouldn't be any CVE.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rayandas