MAIF / izanami

Izanami is a centralized versatile feature flag solution, well suited for micro service architectures.
https://maif.github.io/izanami/
Apache License 2.0
189 stars 43 forks source link

Critical vulnerabilities in Docker image #649

Closed SIPR-octo closed 2 years ago

SIPR-octo commented 2 years ago

Hello again :wave:

There are some critical vulnerabilities in your latest Docker image (version 1.10.14) which are already patched.

trivy image --severity HIGH,CRITICAL --output /dev/null --ignore-unfixed maif/izanami:1.10.14

2022-04-12T10:11:06.114+0200    INFO    Detected OS: debian
2022-04-12T10:11:06.114+0200    INFO    Detecting Debian vulnerabilities...
2022-04-12T10:11:06.123+0200    INFO    Number of language-specific files: 1
2022-04-12T10:11:06.123+0200    INFO    Detecting jar vulnerabilities...

maif/izanami:1.10.14 (debian 11.2)
==================================
Total: 7 (HIGH: 1, CRITICAL: 6)

Java (jar)
==========
Total: 8 (HIGH: 7, CRITICAL: 1)

Would it be possible to fix them? :pray:

A simple rebuild could probably get rid of the ones from Debian.

Thanks!

pierrebruninmaif commented 2 years ago

Hello @SIPR-octo, all criticals are resolved in 1.10.16