Wei

Prisma scan reports another CVE: Component | Version | Vulnerability | Severity -- | -- | -- | -- libtasn1-6 | 4.16.0-2 | CVE-2021-46848 | critical

> carrodher Hi @carrodher , I observed the same CVE as @squarerootwik did. I'm using images from https://hub.docker.com/layers/bitnami/kube-state-metrics/2.6.0/images/sha256-2b4cf812bd980dd0d9b8b36bac77285ce7e599e65191e478931c64b73bad84e6?context=explore I understand that the CVEs are from the base image, may I...

Hi @carrodher the trivy command only shows 4 CVEs while I observed more as @squarerootwik did do you know what are the source of other CVEs? I'm using prisma scan...

@carrodher thanks for your response. I actually get confused because you said: The mentioned CVEs are not in the base image (which is Debian bullseye) but in the kube-state-metrics binary...