fix(security): vulnerabilities found in keychain-vault-server #2058
Labels
dependencies
Pull requests that update a dependency file
Keychain
Tasks/bugs related to the Keychain plugin core interfaces or any of the implementations themselves.
P2
Priority 2: High
Security
Related to existing or potential security vulnerabilities
Comments
petermetz
added
P2
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Jan 11, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Jan 11, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Jan 23, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Jan 23, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Jan 24, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Jan 24, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Jan 25, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Jan 25, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Jan 25, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Feb 16, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Feb 16, 2023
Fixes hyperledger-cacti#2058 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
|
Hello @petermetz , can you assign this to me? Thank you. |
ruzell22
added a commit
to ruzell22/cactus
that referenced
this issue
Jul 24, 2023
…dger-cacti#2058 fixes: hyperledger-cacti#2058 Signed-off-by: ruzell22 <ruzell.vince.aquino@accenture.com>
ruzell22
added a commit
to ruzell22/cactus
that referenced
this issue
Jul 25, 2023
…dger-cacti#2058 fixes: hyperledger-cacti#2058 trivy scanner verified that the vulnerabilities in keychain-vault-server is not appearing anymore. CVEs are the following - CVE-2021-22946 - CVE-2022-1304 - CVE-2018-12886 - CVE-2022-29458 - CVE-2019-3843 - CVE-2019-3844 - CVE-2022-29458 (base) - CVE-2022-29458 (bin) - CVE-2020-16156 No changes was needed to be merged. Signed-off-by: ruzell22 <ruzell.vince.aquino@accenture.com>
ruzell22
added a commit
to ruzell22/cactus
that referenced
this issue
Jul 25, 2023
…, CVE-2018-12886, CVE-2022-29458, CVE-2019-3843, CVE-2019-3844, CVE-2022-29458, CVE-2020-16156 fixes: hyperledger-cacti#2058 trivy scanner verified that the vulnerabilities in keychain-vault-server is not appearing anymore. CVEs are the following - CVE-2021-22946 - CVE-2022-1304 - CVE-2018-12886 - CVE-2022-29458 - CVE-2019-3843 - CVE-2019-3844 - CVE-2022-29458 (base) - CVE-2022-29458 (bin) - CVE-2020-16156 No changes was needed to be merged. Signed-off-by: ruzell22 <ruzell.vince.aquino@accenture.com>
|
Closing as done because the vulnerabilities have been addressed by some other PR in the meantime as evidenced by https://github.com/hyperledger/cacti/pull/2565 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
List of vulnerabilities found in keychain-vault-server image during Azure Container scan.
The text was updated successfully, but these errors were encountered: