Closed GerardVivancos closed 10 months ago
Our organization deploys Temporal and our internal security scans detected vulnerabilities in temporalio/ui:2.22.0 and earlier.
temporalio/ui:2.22.0
The origin of them is alpine:3.18. We want to be able to deploy Temporal without these vulnerabilities.
alpine:3.18
CVE-2023-5363 detected by Trivy
trivy image --severity HIGH,CRITICAL temporalio/ui:2.22.0
What are you really trying to do?
Our organization deploys Temporal and our internal security scans detected vulnerabilities in
temporalio/ui:2.22.0and earlier.The origin of them is
alpine:3.18. We want to be able to deploy Temporal without these vulnerabilities.Describe the bug
CVE-2023-5363 detected by Trivy
Minimal Reproduction
trivy image --severity HIGH,CRITICAL temporalio/ui:2.22.0