Closed yash-acquia closed 3 days ago
Ill take this. /assign
Updated the above PR with latest information and ECD June 19 was given to merge it. https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/1373#issuecomment-2168078537
Hey, just a reminder, there is CVE-2023-5528: k8s.io/kubernetes, which is a high-severity vulnerability. Please try to fix that as well; otherwise, the scan will fail. Thanks!
Fixed in the latest version v2.0.5
/kind bug
What happened? A scan detected the following CVEs: CVE-2023-45288 CVE-2023-5528 CVE-2024-24786
What you expected to happen? Update sidecar versions in the helm chart:
updating above sidecars will fix CVE-2023-45288 and CVE-2024-24786
and update the k8s.io/kubernetes version as well.
Environment