Remediate 4.2.2 security vulnerabilities
kingnarmer opened this issue · 1 comments
kingnarmer commented
Please remediate 4.2.2 security vulnerabilities.
trivy image --ignore-unfixed --severity HIGH,CRITICAL registry.k8s.io/git-sync/git-sync:v4.2.2 --scanners vuln
2024-05-06T07:36:12-04:00 INFO Vulnerability scanning is enabled
2024-05-06T07:36:13-04:00 INFO Detected OS family="debian" version="12.5"
2024-05-06T07:36:13-04:00 INFO [debian] Detecting vulnerabilities... os_version="12" pkg_num=64
2024-05-06T07:36:13-04:00 INFO Number of language-specific files num=1
2024-05-06T07:36:13-04:00 INFO [gobinary] Detecting vulnerabilities...
registry.k8s.io/git-sync/git-sync:v4.2.2 (debian 12.5)
Total: 2 (HIGH: 2, CRITICAL: 0)
┌─────────┬────────────────┬──────────┬────────┬───────────────────┬────────────────┬────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼────────────────┼────────────────────────────────────────────────────────┤
│ libc6 │ CVE-2024-2961 │ HIGH │ fixed │ 2.36-9+deb12u4 │ 2.36-9+deb12u6 │ glibc: Out of bounds write in iconv may lead to remote │
│ │ │ │ │ │ │ code... │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-2961 │
│ ├────────────────┤ │ │ ├────────────────┼────────────────────────────────────────────────────────┤
│ │ CVE-2024-33599 │ │ │ │ 2.36-9+deb12u7 │ glibc: stack-based buffer overflow in netgroup cache │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-33599 │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴────────────────┴────────────────────────────────────────────────────────┘