hawkbit icon indicating copy to clipboard operation
hawkbit copied to clipboard
verified publisher icon eclipse

criticals and highs found in the image : 0.9.0 and 0.8.0

Open AshwiniRanganath2020 opened this issue 4 months ago • 2 comments

criticals and highs found in the image : 0.9.0 and 0.8.0

AshwiniRanganath2020 avatar Aug 18 '25 12:08 AshwiniRanganath2020

I suppose you are referring the Docker images - take in account that docker images are just examples of dockerizing the hawkbit - not production ready ones. It is normal that for a release at some point some vulnerabilities are found. The vulnerabilities (in hawkbit dependencies and in the docker base images) are expected to be fixed in the next releases.

avgustinmm avatar Aug 25 '25 10:08 avgustinmm

@AshwiniRanganath2020 Pretty unspecific. I'd recommend to use https://github.com/eclipse-hawkbit/hawkbit?tab=security-ov-file#readme for source code and OCI image related comments in the future.

ghost avatar Aug 25 '25 18:08 ghost