Terragrunt is a flexible orchestration tool that allows Infrastructure as Code written in OpenTofu/Terraform to scale.
7.96k
stars
967
forks
source link
Terragrunt v0.67.12 -/usr/bin/terragrunt in docker image reports High CVE's #3434
Closed
vinnyvekaria-apra closed 4 days ago
Hello Team,
We are currently running the following versions of docker, terragrunt and terraform.
FROM ubuntu:oracular-20240913 ENV TERRAFORM_VERSION=1.9.6 ENV TERRAGRUNT_VERSION=v0.67.12
When running a vulnerability scan, terragrunt is reporting the following vulnerabilities inside the image:-
STDLIB 1.22.6 CVE-2024-34158 CVE-2024-34156 CVE-2022-30635 CVE-2024-34155
Fix version is 1.22.7
Are there any plans to address these in a future release?
Cheers Vinny