awx-operator icon indicating copy to clipboard operation
awx-operator copied to clipboard
verified publisher icon ansible

Bump the kube-rbac-proxy image version to fix vulnerabilities

Open satis23 opened this issue 1 year ago • 2 comments

Please confirm the following

  • [X] I agree to follow this project's code of conduct.
  • [X] I have checked the current issues for duplicates.
  • [X] I understand that AWX Operator is open source software provided for free and that I might not receive a timely response.

Feature Summary

CVE-2023-47108 CVE-2023-45142 CVE-2023-44487 CVE-2023-45285 CVE-2023-45283 CVE-2023-45284

All these CVEs are coming from go 1.21.3 Some of the vulnerabilities belong to High

The kube-rbac-proxy v0.16.0 image is available from the below release

https://github.com/brancz/kube-rbac-proxy/commit/f0895cf3cac8d4feb32bed558909dc590c25432f

satis23 avatar Feb 26 '24 10:02 satis23

@rooftopcellist

thedoubl3j avatar Feb 28 '24 16:02 thedoubl3j