-
Bug
-
Resolution: Done-Errata
-
Critical
-
quay-v3.9.0
-
False
-
None
-
False
-
-
-
0
Description:
This is an issue found in Quay 3.9.0 latest build, after deploy Redhat ACS, found High Vulnerability, pls review and fix this issue before 3.9.0 is GA, see below screenshots.
Quay Version: quay-operator-bundle-container-v3.9.0-115
quay390115a-clair-postgres" deployment:
Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9 Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python-libs' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9 Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9 Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3-libs' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9
quay390115a-quay-redis" deployment:
Fixable RHSA-2023:1405 (CVSS 7.5) (severity Important) found in component 'openssl-libs' (version 1:1.1.1k-7.el8_6.x86_64) in container 'redis-master', resolved by version 1:1.1.1k-9.el8_7
quay390115a-quay-database" deployment:
Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9 Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python-libs' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9 Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9 Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3-libs' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9
High Vulnerability reported by Redhat ACS:
- links to
-
RHBA-2023:3256
Red Hat Quay v3.9.0 minor release
