Description
π Description
You check the full report here:
https://artifacthub.io/packages/helm/devtron/devtron-operator
There's an abnormal amount of fixabled CVEs in the docker images that I see here. I'm pretty sure running a package manager update would fix many of these issues.
The reason I bring this up is so I can showcase this application for my company project, but if they see the current security report, they will 100% deny its adoption. If a lot of these could be fixed, it would my case better.
π Reproduction steps
Go to https://artifacthub.io/packages/helm/devtron/devtron-operator
Then click on "Full Report":
π Expected behavior
It should not have so many vulnerabilities.
π Actual Behavior
It has a lot of vulnerabilities.
βΈ Kubernetes version
Any.
Cloud provider
π Browser
Chrome
π§± Your Environment
No response
β Proposed Solution
Perform docker image OS updates and update service dependencies so that CVEs are mitigated.
π Have you spent some time to check if this issue has been raised before?
- I checked and didn't find any similar issue
π’ Have you read the Code of Conduct?
- I have read the Code of Conduct