devtron Bug: update the severity of CVEs in image scanning

Bug: update the severity of CVEs in image scanning

Open jatin-jangir-0220 opened this issue 4 months ago • 0 comments

📜 Description

over the time the trivy updates the severity of CVEs and we need to update the same in DB as we are getting the old severity after scanning.

👟 Reproduction steps

use https://hub.docker.com/layers/library/node/16.17.1-alpine/images/sha256-36a2210b84cde8351597b420896d4dc071bfe5fb64552b60516422a768f90e9d?context=explore here the severity CVE-2023-42282 was critical 6months ago but currently it is medium.

👍 Expected behavior

we must get the current severities level

👎 Actual Behavior

getting severity level based on the first time it got scanned.

☸ Kubernetes version

any

Cloud provider

any

🌍 Browser

Chrome

🧱 Your Environment

No response

✅ Proposed Solution

No response

👀 Have you spent some time to check if this issue has been raised before?

[X] I checked and didn't find any similar issue

🏢 Have you read the Code of Conduct?

[X] I have read the Code of Conduct

AB#9446

Apr 19 '24 07:04 jatin-jangir-0220

devtron devtron copied to clipboard

Bug: update the severity of CVEs in image scanning

📜 Description

👟 Reproduction steps

👍 Expected behavior

👎 Actual Behavior

☸ Kubernetes version

Cloud provider

🌍 Browser

🧱 Your Environment

✅ Proposed Solution

👀 Have you spent some time to check if this issue has been raised before?

🏢 Have you read the Code of Conduct?

devtron
devtron copied to clipboard