You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We will be integrating 7.0.0 when that is available, but not sooner then our 4.x.x releases, and we are currently at 3.x.x. From what I know, that will start happening somewhere next year.
Describe the bug
We have received a notification for a vulnerability in our project using
kubernetes-client:jar:6.9.2
. Details follow.Vulnerabilities in: pkg:maven/com.squareup.okhttp3/logging-interceptor@3.12.12 [CVE-2023-0833] (owasp)
currently there is not released version from
io.fabric8:kubernetes-client
with fixes on the reported dependency.kubernetes-client/pom.xml
Line 94 in 32b3473
Fabric8 Kubernetes Client version
SNAPSHOT
Steps to reproduce
Have the
kubernetes-client
dependency and run a SBOM vulnerability scan.Expected behavior
Depend on a
com.squareup.okhttp3:logging-interceptor
version with the vulnerability fixed.Runtime
Kubernetes (vanilla)
Kubernetes API Server version
1.25.3@latest
Environment
Linux
Fabric8 Kubernetes Client Logs
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: