Closed manasabsv26 closed 1 year ago
Most of these shouldn't affect Kine in it's normal use as the back-end for a Kubernetes cluster, since it should not be exposed to anything other than the Kubernetes apiserver. We can take a look at updating them at some point in the next release cycle though.
Trivy scan on the image(latest version: v0.9.8) shows that it has these following security vulnerabilities ( CVE-2022-21698, CVE-2022-27191, CVE-2021-44716, CVE-2022-27664, CVE-2021-38561, CVE-2022-32149):
Can these go packages be upgraded to their 'fixed versions'.