Skip to content

Fix Medium and Low Level Vulnerabilities
Compare
Choose a tag to compare
@daniel-spray daniel-spray released this 03 Nov 21:20
· 140 commits to master since this release
v2.3
6ac20a3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

A recent vulnerability scan identified vulnerabilities in the cloudability-metrics-agent.yaml & deployment.yaml files. Below are the following vulnerabilities that were identified and fixed in this release:

cloudability-metrics-agent.yaml

Medium Severity Fixes:

  • Container is running without privilege escalation control
  • Container does not drop all default capabilities
  • Container is running without root user control

Low Severity Fixes:

  • Container is running without liveness probe

deployment.yaml (Applicable to customers who deploy with Helm)

Medium Severity Fixes:

  • Container is running without privilege escalation control
  • Container does not drop all default capabilities
  • Container is running without root user control

Low Severity Fixes:

  • Container is running without liveness probe
  • Container could be running with outdated image

Customers can download and deploy our metrics agent using the regular provisioning workflow.

Assets 2