actions-runner-controller icon indicating copy to clipboard operation
actions-runner-controller copied to clipboard
verified publisher icon actions

High severities on summerwind/actions-runner-controller:latest found !!

Open shettarvinay opened this issue 3 years ago • 3 comments

Describe the bug High severities on summerwind/actions-runner-controller:latest found !!

To Reproduce Scan images for security check

Expected behavior Expect the image to be free from Critical and High severity issues.

Screenshots image

shettarvinay avatar Mar 15 '22 07:03 shettarvinay

@shettarvinay Thanks for reporting! Please feel free to contribute any patches if you think those vulnerabilities actually affect ARC and your use case.

mumoshu avatar Mar 15 '22 07:03 mumoshu

@mumoshu : Hope this PR helps https://github.com/actions-runner-controller/actions-runner-controller/pull/1230

I am pretty new to this Project, would request your overview on fix provided.

shettarvinay avatar Mar 16 '22 05:03 shettarvinay

@mumoshu : Hey good morning. I observe that go 1.17.7 vulnerability is fixed and longer found on latest tag now but the jwt-go is still existing.

shettarvinay avatar Mar 18 '22 07:03 shettarvinay