Open bclark-videra opened 4 months ago
AWS Inspector (via ECR Enhanced Scanning) is flagging the version of axios in /var/runtime in this image with the following CVEs:
/var/runtime
The image includes axios 1.6.2 while the fix is in axios 1.6.4.
> docker run --entrypoint "" public.ecr.aws/lambda/nodejs:18 /bin/bash -c "head /var/runtime/node_modules/\@aws-sdk/node_modules/axios/package.json" { "name": "axios", "version": "1.6.2", "description": "Promise based HTTP client for the browser and node.js", "main": "index.js", "exports": { ".": { "types": { "require": "./index.d.cts", "default": "./index.d.ts"
AWS Inspector (via ECR Enhanced Scanning) is flagging the version of axios in
/var/runtimein this image with the following CVEs:The image includes axios 1.6.2 while the fix is in axios 1.6.4.