We are using Trivy to analyse for vulnerability in the code and image in our pipelines. We stop the pipeline only on HIGH and CRITICAL vulnerability that has a fixed version. We realize that there is some of then in the frankenphp:1-php8.3 image. Is there an update planned or should we use the latest image.
For know we add these CVE code in the .trivyignore. Is there somewhere we can get alerted if a vulnerabiliy is fixed?
Hi,
We are using Trivy to analyse for vulnerability in the code and image in our pipelines. We stop the pipeline only on HIGH and CRITICAL vulnerability that has a fixed version. We realize that there is some of then in the frankenphp:1-php8.3 image. Is there an update planned or should we use the latest image.
For know we add these CVE code in the .trivyignore. Is there somewhere we can get alerted if a vulnerabiliy is fixed?
Thank you