-
Bug
-
Resolution: Done
-
Critical
-
quay-v3.7.0
Description:
This is security vulnerability issue found in Quay 3.7.0 images used by Quay Operator, the following is the list, pls review.
Quay 3.7.0 operator bundle image: quay-operator-bundle-container-v3.7.0-129
Quay Postgres Image:
Fixable RHSA-2022:1065 (CVSS 7.5) (severity Important) found in component 'openssl' (version 1:1.1.1k-5.el8_5.x86_64) in container 'postgresql', resolved by version 1:1.1.1k-6.el8_5 Fixable RHSA-2022:1065 (CVSS 7.5) (severity Important) found in component 'openssl-libs' (version 1:1.1.1k-5.el8_5.x86_64) in container 'postgresql', resolved by version 1:1.1.1k-6.el8_5
Quay Redis Image:
Fixable RHSA-2022:1065 (CVSS 7.5) (severity Important) found in component 'openssl-libs' (version 1:1.1.1k-5.el8_5.x86_64) in container 'redis', resolved by version 1:1.1.1k-6.el8_5
Quay Image:
Fixable RHSA-2022:1676 (CVSS 7.1) (severity Important) found in component 'gzip' (version 1.9-12.el8.x86_64) in container 'registry-server', resolved by version 0:1.9-13.el8_4
Quay Image:quay-operator-bundle-container-v3.7.0-129
Vulnerability reported by ACS:
- is cloned by
-
PROJQUAY-3979 Quay 3.7.2 Postgres image vulnerability reported by Redhat ACS
- Closed