Hi Team, below are the CVE's vulnerable for postgres_exporter image.
1) CVE-2023-48795 :
Vulnerable library - golang.org/x/crypto with a version v0.14.0
2) CVE-2024-24786 :
Vulnerable library - google.golang.org/protobuf with a version v1.31.0
3) CVE-2023-45288 :
Vulnerable library - golang.org/x/net with a version v0.17.0
We can see upgraded versions for these libraries in master branch, so we require a release.
The last version was released on 6 November 2023. Since then there are no updates.
Can someone please take a look at it.
Please consider a JIRA from our end - https://jira.cloudera.com/browse/DSE-36793
Hi Team, below are the CVE's vulnerable for postgres_exporter image. 1) CVE-2023-48795 : Vulnerable library - golang.org/x/crypto with a version v0.14.0 2) CVE-2024-24786 : Vulnerable library - google.golang.org/protobuf with a version v1.31.0 3) CVE-2023-45288 : Vulnerable library - golang.org/x/net with a version v0.17.0
We can see upgraded versions for these libraries in master branch, so we require a release. The last version was released on 6 November 2023. Since then there are no updates. Can someone please take a look at it. Please consider a JIRA from our end - https://jira.cloudera.com/browse/DSE-36793