Uploaded image for project: 'Cert Manager support for Red Hat OpenShift'
  1. Cert Manager support for Red Hat OpenShift
  2. CM-398

Investigation spike to review Cert-manager CVE and Policy Violations seen in RHACS

XMLWordPrintable

    • Icon: Spike Spike
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      RHACS is RH Security product that provides details around Vulnerabilities and Policy Violations. The tool found CVE fixes needed and Policy Violations with Cert-manager Operator 1.14. Attached are the results shared. 

      Goal of Spike:
      1. Review the CVE fixes and determine which ones we will fix. For the ones we cannot, we need to provide explanation around why we can defer the fix. 

      2. Review Policy Violations and provide feedback on mitigation and reason to add these in exception management workflow. 

        1. cert-manager-policy-violations.xlsx
          10 kB
          Francois Duthilleul
        2. image.png
          379 kB
          Nick Png
        3. image (1).png
          465 kB
          Nick Png
        4. image (2).png
          350 kB
          Nick Png
        5. image (3).png
          368 kB
          Nick Png
        6. image (4).png
          959 kB
          Nick Png

              tgeer@redhat.com Trilok Geer
              atelang@redhat.com Anjali Telang
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: