Jin Ahn

@balimidi24 did you find a resolution to this?

I don't believe this actually works in my package.json I had ``` "dependencies": { "@cdktf/provider-aws": "^9.0.0", "@cdktf/provider-null": "^2.0", "cdktf": "^0.12.0", ``` I upgraded my cdktf-cli to 14.3. I ran `npm...

I also am facing this issue from cdktf. Below is portion of my config This makes using terraform for production NACL highly unusable. ``` egress: [ { ruleNo: 1, protocol:...

@coffee-squirrel are there plans to patch the other vulnerabilites i have shown?

Hi, just thought I'd give an update. I've checked the latest 5.0 rc2 image for vulnerabilities. and although there is an improvement the critical ones still remain. I understand that...

Hi @kroepke, just to confirm - are their still plans to patch the remaining vulnerabilites? Or are we leaving them alone? 

Most recent update of 5.0.3 is vastly improved. Just 1 critical vulnerability remaining. Need to `update json-smart to 2.4.1`

New vulnerablities have come out that impact graylog image. I know the shiro-core doesn't apply but there are others 

Hi. 5.0.6 also has new vulnerablities related to org.quartz-scheduler and org.yaml:snakeyaml https://nvd.nist.gov/vuln/detail/CVE-2019-13990 https://nvd.nist.gov/vuln/detail/CVE-2022-1471 

5.0.7 has 6 critical and 11 high vulnerabilities