mahesh101
commented
5 months ago Hi @jtblin , could you please address above issue. its a security issue we are facing in our organization
Open mahesh101 opened 5 months ago
mahesh101
commented
5 months ago Hi @jtblin , could you please address above issue. its a security issue we are facing in our organization
Hi,
We are using wiz as a image scanning tool, and it has deducted 18 high vulnerabilities in current image, mainly in go.sum and go.mod. requesting you to update it. have attached the excel sheet with list of vulnerabilities and fixed version, please update it and release new version of it.
kube2iam-vulnerbility.xlsx
Below is the Dockerfile we are using
`golang:1.21.5 AS BUILDER WORKDIR /go/src/github.com/jtblin/kube2iam ENV ARCH=linux ENV CGO_ENABLED=0 COPY . ./ RUN make setup && make build
FROM alpine:3.18.5 RUN apk --no-cache add \ ca-certificates \ iptables COPY --from=BUILDER /go/src/github.com/jtblin/kube2iam/build/bin/linux/kube2iam /bin/kube2iam ENTRYPOINT ["kube2iam"] `