CVEs in hubble-ui-backend:v0.12.2
abbyglaubit opened this issue · comments
Abby Glaubit commented
A vulnerability scanner tool identified three CVEs in the hubble-ui-backend image:
alpine 3.18.4
- CVE-2023-5363 - libcrypto3 and libssl3
- CVE-2023-5678 - libcrypto3 and libssl3
gobinary
- CVE-2022-29526 - golang.org/x/sys
This issue is a request to provide a new hubble-ui-backend image that upgrades these libraries to newer versions without the CVEs. Thank you!
Robin Hahling commented
Should be addressed in v0.12.3 released last week.