Uploaded image for project: 'Cert Manager support for Red Hat OpenShift'
  1. Cert Manager support for Red Hat OpenShift
  2. CM-398

Investigation spike to review Cert-manager CVE and Policy Violations seen in RHACS

XMLWordPrintable

    • Icon: Spike Spike
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      RHACS is RH Security product that provides details around Vulnerabilities and Policy Violations. The tool found CVE fixes needed and Policy Violations with Cert-manager Operator 1.14. Attached are the results shared. 

      Goal of Spike:
      1. Review the CVE fixes and determine which ones we will fix. For the ones we cannot, we need to provide explanation around why we can defer the fix. 

      2. Review Policy Violations and provide feedback on mitigation and reason to add these in exception management workflow. 

        1. image.png
          image.png
          379 kB
        2. image (2).png
          image (2).png
          350 kB
        3. image (3).png
          image (3).png
          368 kB
        4. image (1).png
          image (1).png
          465 kB
        5. image (4).png
          image (4).png
          959 kB
        6. cert-manager-policy-violations.xlsx
          10 kB

              tgeer@redhat.com Trilok Geer
              atelang@redhat.com Anjali Telang
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: