Skip to content

Fix CVEs and bump versions#69

Merged
ConnorJC3 merged 1 commit intomainfrom
fix-cves-0426
Apr 15, 2026
Merged

Fix CVEs and bump versions#69
ConnorJC3 merged 1 commit intomainfrom
fix-cves-0426

Conversation

@ConnorJC3
Copy link
Copy Markdown
Member

@ConnorJC3 ConnorJC3 commented Apr 15, 2026
edited
Loading

Issue #, if available: N/A

Description of changes:

Fix all CVEs (by bumping dependencies) and bump all versions for release
(The CVEs from the go standard lib were already addressed in #68 and just need to be released, but the otel CVE needs to be fixed manually)

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@ConnorJC3
Fix CVEs and bump versions
07ca1bb 
Signed-off-by: Connor Catlett <conncatl@amazon.com>
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 15, 2026

Trivy Output

702945799511.dkr.ecr.us-west-2.amazonaws.com/csi-snapshotter:0b1cb567784e5f5021f15e527748efd8d9600c93-v8.5.0-eksbuild.4

Report Summary

┌──────────────────────────────────────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                                      Target                                      │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ 702945799511.dkr.ecr.us-west-2.amazonaws.com/csi-snapshotter:0b1cb567784e5f5021- │  amazon  │        0        │    -    │
│ f15e527748efd8d9600c93-v8.5.0-eksbuild.4 (amazon 2023.11.20260406 (Amazon        │          │                 │         │
│ Linux))                                                                          │          │                 │         │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ csi-snapshotter                                                                  │ gobinary │        0        │    -    │
└──────────────────────────────────────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)

702945799511.dkr.ecr.us-west-2.amazonaws.com/csi-attacher:0b1cb567784e5f5021f15e527748efd8d9600c93-v4.11.0-eksbuild.4

Report Summary

┌──────────────────────────────────────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                                      Target                                      │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ 702945799511.dkr.ecr.us-west-2.amazonaws.com/csi-attacher:0b1cb567784e5f5021f15- │  amazon  │        0        │    -    │
│ e527748efd8d9600c93-v4.11.0-eksbuild.4 (amazon 2023.11.20260406 (Amazon Linux))  │          │                 │         │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ csi-attacher                                                                     │ gobinary │        0        │    -    │
└──────────────────────────────────────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)

702945799511.dkr.ecr.us-west-2.amazonaws.com/csi-provisioner:0b1cb567784e5f5021f15e527748efd8d9600c93-v6.2.0-eksbuild.3

Report Summary

┌──────────────────────────────────────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                                      Target                                      │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ 702945799511.dkr.ecr.us-west-2.amazonaws.com/csi-provisioner:0b1cb567784e5f5021- │  amazon  │        0        │    -    │
│ f15e527748efd8d9600c93-v6.2.0-eksbuild.3 (amazon 2023.11.20260406 (Amazon        │          │                 │         │
│ Linux))                                                                          │          │                 │         │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ csi-provisioner                                                                  │ gobinary │        0        │    -    │
└──────────────────────────────────────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)

702945799511.dkr.ecr.us-west-2.amazonaws.com/csi-resizer:0b1cb567784e5f5021f15e527748efd8d9600c93-v2.1.0-eksbuild.4

Report Summary

┌──────────────────────────────────────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                                      Target                                      │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ 702945799511.dkr.ecr.us-west-2.amazonaws.com/csi-resizer:0b1cb567784e5f5021f15e- │  amazon  │        0        │    -    │
│ 527748efd8d9600c93-v2.1.0-eksbuild.4 (amazon 2023.11.20260406 (Amazon Linux))    │          │                 │         │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ csi-resizer                                                                      │ gobinary │        0        │    -    │
└──────────────────────────────────────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)

702945799511.dkr.ecr.us-west-2.amazonaws.com/csi-node-driver-registrar:0b1cb567784e5f5021f15e527748efd8d9600c93-v2.16.0-eksbuild.4

Report Summary

┌──────────────────────────────────────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                                      Target                                      │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ 702945799511.dkr.ecr.us-west-2.amazonaws.com/csi-node-driver-registrar:0b1cb567- │  amazon  │        0        │    -    │
│ 784e5f5021f15e527748efd8d9600c93-v2.16.0-eksbuild.4 (amazon 2023.11.20260406     │          │                 │         │
│ (Amazon Linux))                                                                  │          │                 │         │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ csi-node-driver-registrar                                                        │ gobinary │        0        │    -    │
└──────────────────────────────────────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)

702945799511.dkr.ecr.us-west-2.amazonaws.com/livenessprobe:0b1cb567784e5f5021f15e527748efd8d9600c93-v2.18.0-eksbuild.4

Report Summary

┌──────────────────────────────────────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                                      Target                                      │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ 702945799511.dkr.ecr.us-west-2.amazonaws.com/livenessprobe:0b1cb567784e5f5021f1- │  amazon  │        0        │    -    │
│ 5e527748efd8d9600c93-v2.18.0-eksbuild.4 (amazon 2023.11.20260406 (Amazon Linux)) │          │                 │         │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ livenessprobe                                                                    │ gobinary │        0        │    -    │
└──────────────────────────────────────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)

702945799511.dkr.ecr.us-west-2.amazonaws.com/snapshot-controller:0b1cb567784e5f5021f15e527748efd8d9600c93-v8.5.0-eksbuild.4

Report Summary

┌──────────────────────────────────────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                                      Target                                      │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ 702945799511.dkr.ecr.us-west-2.amazonaws.com/snapshot-controller:0b1cb567784e5f- │  amazon  │        0        │    -    │
│ 5021f15e527748efd8d9600c93-v8.5.0-eksbuild.4 (amazon 2023.11.20260406 (Amazon    │          │                 │         │
│ Linux))                                                                          │          │                 │         │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ snapshot-controller                                                              │ gobinary │        0        │    -    │
└──────────────────────────────────────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)

702945799511.dkr.ecr.us-west-2.amazonaws.com/volume-modifier-for-k8s:0b1cb567784e5f5021f15e527748efd8d9600c93-v0.9.4-eksbuild.2

Report Summary

┌──────────────────────────────────────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                                      Target                                      │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ 702945799511.dkr.ecr.us-west-2.amazonaws.com/volume-modifier-for-k8s:0b1cb56778- │  amazon  │        0        │    -    │
│ 4e5f5021f15e527748efd8d9600c93-v0.9.4-eksbuild.2 (amazon 2023.11.20260406        │          │                 │         │
│ (Amazon Linux))                                                                  │          │                 │         │
├──────────────────────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ volume-modifier-for-k8s                                                          │ gobinary │        0        │    -    │
└──────────────────────────────────────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)

mdzraf
mdzraf approved these changes Apr 15, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@mdzraf mdzraf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@ConnorJC3 ConnorJC3 merged commit 8a70b02 into main Apr 15, 2026
13 checks passed
@ConnorJC3 ConnorJC3 deleted the fix-cves-0426 branch April 15, 2026 18:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@torredil torredil torredil approved these changes

@mdzraf mdzraf mdzraf approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ConnorJC3 @torredil @mdzraf