Concern Regarding CVE-2021-23567 in Container Vulnerability Scan

Question

Concern Regarding CVE-2021-23567 in Container Vulnerability Scan

Closed this issue 3 months ago · 1 comments

Hello,

Our container vulnerability scanner has failed, and I wanted to bring this to your attention. Please see the attached screenshot:

Vulnerability: https://avd.aquasec.com/nvd/2021/cve-2021-23567/

However, it appears that this may be a false report, as the affected issue is likely from a previous repository (see Marak/colors.js#345)

Interestingly, the vulnerability is reported for version 1.6, but this version does not exist in the previous repository.

Could you please confirm that this is not an issue with the current fork and version?

Thank you for your help!

Answer 1 · 2024-10-14T01:48:16.000Z

Yeah, that issue is from the original repository. That issue is not present in this repository and version. You may wish to notify your vulnerability scanner vendor. Cheers!