Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updating Kubectl version in container image to fix CVE #246

Merged
merged 1 commit into from
Nov 26, 2024
Merged

Updating Kubectl version in container image to fix CVE #246

merged 1 commit into from
Nov 26, 2024

Conversation

visheshtanksale
Copy link
Collaborator

fixing following CVE

 +------------+-----------------+-----------+----------------------------------+----------------------------------------------------------+---------------------+
    | GateAction | Gate            | Trigger   | Additional Info                  | Check Output                                             | Inherited from Base |
    +------------+-----------------+-----------+----------------------------------+----------------------------------------------------------+---------------------+
    | go         | vulnerabilities | package   | Cloud Native Allowlist           | HIGH Vulnerability found in non-os package type (go) -   | false               |
    |            |                 |           |                                  | /usr/local/bin/kubectl (fixed in: 1.22.7,                |                     |
    |            |                 |           |                                  | 1.23.1)(CVE-2024-34156 -                                 |                     |
    |            |                 |           |                                  | https://nvd.nist.gov/vuln/detail/CVE-2024-34156)         |                     |
    | go         | vulnerabilities | package   | Cloud Native Allowlist           | HIGH Vulnerability found in non-os package type (go) -   | false               |
    |            |                 |           |                                  | /usr/local/bin/kubectl (fixed in: 1.22.7,                |                     |
    |            |                 |           |                                  | 1.23.1)(CVE-2024-34158 -                                 |                     |
    |            |                 |           |                                  | https://nvd.nist.gov/vuln/detail/CVE-2024-34158)         |                     |
    | warn       | metadata        | attribute | 4cfbaae813afd1f28aa34cc889c06e5b | Attribute check for attribute: 'size' check: '>'         | false               |
    |            |                 |           |                                  | check_value: '3741824' matched image value: '155301888'  |                     |
    | warn       | vulnerabilities | package   | CVE-2024-34155+stdlib-go1.22.5   | MEDIUM Vulnerability found in non-os package type (go) - | false               |
    |            |                 |           |                                  | /usr/local/bin/kubectl (fixed in: 1.22.7,                |                     |
    |            |                 |           |                                  | 1.23.1)(CVE-2024-34155 -                                 |                     |
    |            |                 |           |                                  | https://nvd.nist.gov/vuln/detail/CVE-2024-34155)         |                     |
    ```

@copy-pr-bot copy-pr-bot
Copy link

copy-pr-bot bot commented Nov 26, 2024

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

@visheshtanksale visheshtanksale merged commit c7b7891 into NVIDIA:main Nov 26, 2024
9 checks passed
visheshtanksale added a commit to visheshtanksale/k8s-nim-operator that referenced this pull request Nov 26, 2024
@visheshtanksale
Updating Kubectl version in container image to fix CVE (NVIDIA#246)
7e0f313 
Signed-off-by: Vishesh Tanksale <[email protected]>
visheshtanksale added a commit that referenced this pull request Nov 26, 2024
@visheshtanksale
Updating Kubectl version in container image to fix CVE (#246) (#247)
a806e44 
Signed-off-by: Vishesh Tanksale <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shivamerla shivamerla shivamerla approved these changes

@slu2011 slu2011 slu2011 approved these changes

@ArangoGutierrez ArangoGutierrez Awaiting requested review from ArangoGutierrez ArangoGutierrez is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@visheshtanksale @slu2011 @shivamerla