nats-io / k8s

NATS on Kubernetes with Helm Charts
Apache License 2.0
455 stars 305 forks source link

Security vulnerability in natsio/nats-server-config-reloader:0.14.0 image #850

Closed vr2388 closed 7 months ago

vr2388 commented 10 months ago

What version were you using?

0.14.0

What environment was the server running in?

docker image on kubernetes (k3s)

Is this defect reproducible?

NA

Given the capability you are leveraging, describe your expectation?

We are expecting the fix for the security issue raised in the image Vulnerability-id : SEVERITY CVE-2023-39323 Critical CVE-2023-44487 High CVE-2023-39325 High

Given the expectation, what is the defect you are observing?

We are observing the security issue in the image

caleblloyd commented 7 months ago

0.14.1 has been released