Closed nise-wg2 closed 1 year ago
Hi @weeco
We are really interested in using your Kafka exporter but we can't due to the vulnerabilities in the image as breaks our security policy.
Could it be possible to have a look? seems all vulnerabilities can be solved by updating the libraries.
Regards, Alberto M
Kminion: v2.2.0 ENV VERSION=sha-2a62a9d24ca6579cc5dcf30c4f56215430162fd4
Contains critical security CVE-2022-40674,
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
, refer to https://avd.aquasec.com/nvd/2022/cve-2022-40674/Also visible from https://quay.io/repository/cloudhut/kminion?tab=tags.