Uploaded image for project: 'OpenJDK'
  1. OpenJDK
  2. OPENJDK-600

ubi8/openjdk-11 maven 3.2.1 Health index vs. SNYK results

    XMLWordPrintable

Details

    • False
    • False

    Description

      Hi Team,

      I hope this is the right place to address the topic.

      One of my TAM customer's is wondering about the Health index on ubi8/openjdk-11 [1], which is currently shown as "A". The SNYK results (Quay/Clair) [2] are showing a critical and high vulernability [2], e.g. "SNYK-JAVA-ORGAPACHEMWAVENSHARED-570592" for maven.

      Questions:
        - Is maven-shared-utils 3.2.1 (included in ubi8/openjdk-11) indeed affected?
        - Are there plans to get maven-shared-utils updated?

      References:
        1) https://catalog.redhat.com/software/containers/ubi8/openjdk-11/5dd6a4b45a13461646f677f4?container-tabs=overview
        2) https://access.redhat.com/support/cases/#/case/03117588?commentId=a0a2K00000eMWD1QAO
        
      Thanks,
      Rainer  

      Attachments

        Activity

          People

            Unassigned Unassigned
            rhn-support-rbeyel Rainer Beyel
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: