Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-35586

GHSA-6wvf-f2vw-3425: ose-installer-container: containers/image allows unexpected authenticated registry accesses

XMLWordPrintable

    • Critical
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • N/A
    • CVE - Common Vulnerabilities and Exposures
    • Done

      This is a clone of issue OCPBUGS-35527. The following is the description of the original issue:

      This is a clone of issue OCPBUGS-34037. The following is the description of the original issue:

      Open Github Security Advisory for: containers/image

      https://github.com/advisories/GHSA-6wvf-f2vw-3425

      The ARO SRE team became aware of this advisory against our installer fork. Upstream installer is also pinning a vulnerable version of containerd.

      Advisory recommends to update to versions 5.30.1

              rdossant Rafael Fonseca dos Santos
              openshift-crt-jira-prow OpenShift Prow Bot
              Gaoyun Pei Gaoyun Pei
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: