docker-splunk icon indicating copy to clipboard operation
docker-splunk copied to clipboard

Published 20 hours ago verified publisher icon splunk

9.4.x is using vulnerable postgres 16.0: CVE-2024-4317

Open yaroslav-nakonechnikov opened this issue 8 months ago • 1 comments
trafficstars

hello,

9.4.0 and 9.4.1 are affected by https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4317

yaroslav-nakonechnikov avatar Mar 14 '25 09:03 yaroslav-nakonechnikov

bash-4.4$ /opt/splunkforwarder/bin/postgres --version postgres (PostgreSQL) 16.0

yaroslav-nakonechnikov avatar Mar 14 '25 10:03 yaroslav-nakonechnikov

This is coming from the Splunk build and is not caused by what we install on top of it in the docker image. That being said, we regularly scan the images we produce from this repository for each Splunk version, and any vulnerabilities are reported to the core Splunk development team.

jmeixensperger avatar Apr 11 '25 15:04 jmeixensperger

yes, but solution from development team - remove binary completely. and as you are building container - and it is vulnerable - looks like your flow also should implement that fix

yaroslav-nakonechnikov avatar Apr 14 '25 07:04 yaroslav-nakonechnikov