Closed nfutami closed 2 years ago
Hi @nfutami. I talked to the developer who provided that change log and they said the CVE number is correct, but we aren't sure why it's not picked up by MITRE. For now, however, you can view the info at the IBM X-force Exchange here: https://exchange.xforce.ibmcloud.com/vulnerabilities/234492
Thank you.
There is a Libxml vuln assigned 2022-2309 which may be what was intended.
@attritionorg Thank you for the info. I brought this up with the developer and we both think this is a separate vulnerability, as it also exists in the IBM X-force Exchange (https://exchange.xforce.ibmcloud.com/vulnerabilities/230470).
I'm going to close this issue for now and will continue to monitor the CVE website to see if the info becomes available. Thanks again.
Appreciate the follow up!
In Ingress ALB change log for 1.2.1 (https://cloud.ibm.com/docs/containers?topic=containers-cluster-add-ons-changelog#1_2_1), the link to CVE-2022-3209 of the latest release "Version 1.2.1_2506_iks (default), released 25 August 2022" seems incorrect as it shows the following error.
ERROR: Couldn't find 'CVE-2022-3209'
Please correct the link.