search

kubeedge / kubeedge

Kubernetes Native Edge Computing Framework (project under CNCF)
https://kubeedge.io
Apache License 2.0
6.55k stars 1.69k forks source link

The component of KubeEdge is currently using has a security vulnerability #5701

Open My-pleasure opened 4 days ago

My-pleasure commented 4 days ago

What happened:

  1. beego v1.12.12 has four security vulnerabilities:
  2. runc v1.1.7 has one security vulnerability:

What you expected to happen:

  1. beego version is at least updated to 2.0.4
  2. runc version is at least updated to v1.1.12

Environment:

Shelley-BaoYue commented 4 days ago

We have upgraded beego version to v2.1.6 in PR https://github.com/kubeedge/kubeedge/pull/5261. Would you like help us to upgrade the runc version?