Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[security] latest v0.24: 11 Vulnerabilities / 4 High / 7 Fixable #3117

Open
hpvd opened this issue Oct 26, 2022 · 2 comments
Open

[security] latest v0.24: 11 Vulnerabilities / 4 High / 7 Fixable #3117

hpvd opened this issue Oct 26, 2022 · 2 comments

Comments

@hpvd
Copy link

hpvd commented Oct 26, 2022
edited

alertmanager v0.24 contains at least:

  • 11 Vulnerabilities
  • 4 with level High
  • 7 seems to be fixable with minor version updates of dependencies

Details could be easily obtained e.g. at artifacthub.io (which uses trivy sec scanner)
when looking into helm chart of Kube Prometheus Stack which includes alertmanager v0.24

https://artifacthub.io/packages/helm/prometheus-community/kube-prometheus-stack?modal=security-report

2022-10-26_15h11_36
This was referenced Oct 26, 2022
Closed
Closed
Closed
@hpvd
Copy link
Author

hpvd commented Oct 26, 2022

regarding "disclosing" please see #3046 (comment)

@hpvd
Copy link
Author

hpvd commented Oct 26, 2022
edited

this issue is a follow up of the
global vulnerability report for the kube-prometheus-stack
see [kube-prometheus-stack] 50 fixable vulnerabilities unfixed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hpvd