aonamrata
commented
3 months ago Can you release a new version with the security fixes?
Open aonamrata opened 6 months ago
aonamrata
commented
3 months ago Can you release a new version with the security fixes?
Hi, I was updating our packages for security vulnerabilities and updated secret-providers to version 2.3.0. But still our image scanner reported these issues
CVE-2023-44487 - io.netty:netty-codec-http2 - https://github.com/advisories/GHSA-xpw8-rcwv-8f8p Severity: High Type: Package Vulnerability Name: io.netty:netty-codec-http2 Installed version / Fixed version : 0:4.1.89.Final / 4.1.100.Final
Can you please update the package in this repo or let us know if there is a version that has this fixed. We can use that instead. Thanks.