serenagomez1304
commented
8 months ago Would it be possible for a contributor to share their email id so I can give further information regarding the security scan report?
Open serenagomez1304 opened 8 months ago
serenagomez1304
commented
8 months ago Would it be possible for a contributor to share their email id so I can give further information regarding the security scan report?
adejanovski
commented
8 months ago Hi @serenagomez1304, do you think it's unsafe to post the scan results here?
serenagomez1304
commented
8 months ago Hi @adejanovski, yes I think it isn't safe to post the results here. I was advised not to by the SecOps team at my company.
coltonfreeman26
commented
8 months ago if these are public CVE' could you post here? we are using 3.4.0 and have multiple findings from our scan tools in regards to the cassandra-reaper.jar
serenagomez1304
commented
8 months ago I wouldn't be able to post them here.
adejanovski
commented
8 months ago Hi @serenagomez1304, you can join us on the ASF Slack or the K8ssandra Discord. There we can DM about those security scans results.
Project board link
While using the image:
thelastpickle/cassandra-reaper:3.3.4, we run into a few security scan failures related to java libraries. Would we be able to fix these?