-
-
Notifications
You must be signed in to change notification settings - Fork 431
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[bug]: CVE in codebase #1845
Comments
seems the CVE was due to an older dependency of docker . |
nope we're not dependent on any particular docker version, but if we were to upgrade the docker version me must insure that any feature we use isn't downgraded. |
Hi @shivamsouravjha @Swpn0neel, running the RHDA extension in the latest version of Kelpoy gives two errors. The CVSS score is around 5.3 and 6.9. For the fix, I tried upgrading the libraries manually, which solved the issue (it also updated some other dependencies). I don't know if that's the correct way to solve the issue, as it will require testing deployment with new dependencies. Could you guide me for this issue? Thanks |
@jaiakash that's the only way out of this issue. Feel free to raise a PR for this and also add a security check in pipeline as to avoid any future issues. |
@shivamsouravjha Thanks for clarification. You can assign this issue to me. |
Hi @shivamsouravjha @Swpn0neel i have added draft PR and need some guidance on that. Please checkout #2137 |
Is there an existing issue for this?
Current behavior
Steps to reproduce
Environment
None
Version
Cloud
Repository
keploy
The text was updated successfully, but these errors were encountered: