k8s-device-plugin icon indicating copy to clipboard operation
k8s-device-plugin copied to clipboard
verified publisher icon NVIDIA

[Security] CVE-2022-49043 : libxml2 2.9.13-6.el9_4

Open jaymz1439 opened this issue 11 months ago • 2 comments

we detected the below security issue when we scan the latest k8s-device-plugin. may I know the ETA? https://access.redhat.com/security/cve/CVE-2022-49043

jaymz1439 avatar Feb 05 '25 02:02 jaymz1439

@elezar Hi Team, please provide the updates if this issue has been acknowledged Thanks

jaymz1439 avatar Feb 08 '25 07:02 jaymz1439

@jaymz1439 which image are you refering to? Please note that the latest image tag is deprecated and should not be used. The images for our most recent release are:

  • nvcr.io/nvidia/k8s-device-plugin:v0.17.1
  • nvcr.io/nvidia/k8s-device-plugin:v0.17.1-ubi9

Does this image show the vulnerability?

elezar avatar Apr 25 '25 10:04 elezar