Critical vulnerability CVE-2024-23652 and CVE-2024-23653 in latest `oc` cli v4.15.18

openshift / oc

The OpenShift Command Line, part of OKD

https://www.openshift.org

Apache License 2.0

196 stars 377 forks source link

Critical vulnerability CVE-2024-23652 and CVE-2024-23653 in latest `oc` cli v4.15.18 #1803

Closed dlydiard closed 3 months ago

dlydiard commented 3 months ago

Hi i'm requesting the critical vulnerability CVE-2024-23652 and CVE-2024-23653 be fixed.

CVE-2024-23652 https://github.com/advisories/GHSA-4v98-7qmw-rqr8

CVE-2024-23653 https://github.com/advisories/GHSA-wr6v-9f75-vh2g

sycophantic commented 3 months ago

This needs to be fixed ASAP.

ardaguclu commented 3 months ago

Duplicate of https://github.com/openshift/oc/issues/1761

ardaguclu commented 3 months ago

/close

openshift-ci[bot] commented 3 months ago

@ardaguclu: Closing this issue.

In response to [this](https://github.com/openshift/oc/issues/1803#issuecomment-2208520607): >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.