You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Based on Snyk report there are 5 Crytical vulnerabilities.
Is this something Circle Ci would be interested in fixing?
How does Circle Ci manage dependency management for the docker/orbs provided
?
thank you
The text was updated successfully, but these errors were encountered:
Great question. Images are snapshots in time. So we typically don't go back to a released image to update it for any reason. We will for certain security fixes but this is rare because most security problems we come across don't have have an effect in the sandboxed Docker environment that we run.
In this particular case, which image was this run on? The screenshot leads me to believe it was node:18.7.0-bullseye. If so, that is not a supported CircleCI image.
Hello,
Based on Snyk report there are 5 Crytical vulnerabilities.
Is this something Circle Ci would be interested in fixing?
How does Circle Ci manage dependency management for the docker/orbs provided
?
thank you
The text was updated successfully, but these errors were encountered: