Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-28556

Update ACM and MCE policies to log warnings for medium and higher CVEs

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Normal Normal
    • ACM 2.16.0
    • ACM 2.16.0
    • Security
    • Product / Portfolio Work
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • Moderate
    • None

       Konflux can scan our images and produce Enterprise Contract violations and warnings around CVEs that it detects.  The documentation for this is here:

      https://conforma.dev/docs/policy/packages/release_cve.html

      We need to update ACM and MCE so that we are logging warnings for crtical, high and medium CVEs

              gparvin-redhat Gus Parvin
              gparvin-redhat Gus Parvin
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: