-
Tracking issue for:
- [ ] https://github.com/maniator/dind-buildx/security/code-scanning/5
-
/kind feature
**Describe the solution you'd like**
Today, when the `storage-initializer` container image is built, besides installing the required dependencies, it also brings all other dependenci…
-
I previously reported this behavior in https://github.com/goharbor/harbor/issues/15406, but the issue was close for being stale.
I'm sorry to say that the issue is still present under v2.9.0 (below…
-
**Fleet version**: all
### 💥 Actual behavior
The `vulnerabilities` feed build workflow is capable of pushing a release that panics Fleet server attempts to parse it (see #21239).
### 🧑💻…
-
Due to changes in #25424 kafka connect zip is now a part of hazelcast-jet-kafka-connect jar:
Which finally is available also in our zip distribution.
Zip files used just for testing should not…
-
Since Inspector doesn't do a great job with application scanning, should we monitor for CVEs on package repositories? It would be easiest to do this in the build tooling repository. Check out the repo…
-
Trivy is reporting the following number of vulnerabilities for the version [10.1.0.b50633](https://hub.docker.com/layers/redash/redash/redash/10.1.0.b50633/images/sha256-f3e8d95656255d9684051604a586df…
-
## Expected Behavior
There is no CVE found in the `temporalio/admin-tools` image.
## Actual Behavior
There are **30** vulnerabilities found for image temporalio/admin-tools:1.23.0, including 7 hi…
-
CVEs found in v1.28.7
Our Security Scanning tools have identified CVEs in v1.28.7. Can you please review this and help us with an update on following:
Documentation that explains the mitigation …
-
I scanned netshoot image with Gyrpe and it found some critical vulns. Are there any plan to mitigate these? It would be nice to have a scheduled action that scans the image for vulns.
```
NAME …