search

milvus-io / milvus

A cloud-native vector database, storage for next generation AI applications
https://milvus.io
Apache License 2.0
29.27k stars 2.81k forks source link

[Bug]: CVEs of zilliz/attu:v2.4.3 #34623

Closed weiZhenkun closed 1 month ago

weiZhenkun commented 1 month ago

Is there an existing issue for this?

Environment

- zilliz/attu:v2.4.3

Current Behavior

image

Expected Behavior

  1. Can we update the ws from 8.11.0 to 8.17.1?
  2. Rebuilding the attu image will fix the 4 high CVEs as his base image has fixed.

image

yanliang567 commented 1 month ago

/assign @weiZhenkun /unassign

xiaofan-luan commented 1 month ago

/assign @shanghaikid please help on it

weiZhenkun commented 1 month ago

@shanghaikid when can we get a new helm version with this attu fix?

shanghaikid commented 1 month ago

@shanghaikid when can we get a new helm version with this attu fix?

There will be a new attu release in two days.

shanghaikid commented 1 month ago

https://github.com/zilliztech/attu/releases/tag/v2.4.5