Closed KevinPoole closed 1 year ago
Anchore and Twistlock both identify Pumba as being vulnerable to Github Security Advisory described here https://github.com/advisories/GHSA-qq97-vm5h-rrhg.
Described fix is to upgrade github.com/docker/distribution to at least v2.8.0-beta.1 if you are running v2.x release. If you use the code from the main branch, update at least to the commit after b59a6f827947f9e0e67df0cfb571046de4733586.
-Kevin
fixed
alexei-led
commented
1 year ago
Anchore and Twistlock both identify Pumba as being vulnerable to Github Security Advisory described here https://github.com/advisories/GHSA-qq97-vm5h-rrhg.
Described fix is to upgrade github.com/docker/distribution to at least v2.8.0-beta.1 if you are running v2.x release. If you use the code from the main branch, update at least to the commit after b59a6f827947f9e0e67df0cfb571046de4733586.
-Kevin