Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-5642

Quay 3.9.0 image High Vulnerability reported by Redhat ACS

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Critical Critical
    • quay-v3.9.0
    • quay-v3.9.0
    • quay-operator
    • False
    • None
    • False
    • 0

      Description:

      This is an issue found in Quay 3.9.0 latest build, after deploy Redhat ACS, found High Vulnerability, pls review and fix this issue before 3.9.0 is GA, see below screenshots.

      Quay Version:  quay-operator-bundle-container-v3.9.0-115

      quay390115a-clair-postgres" deployment:

      Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9

Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python-libs' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9

Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9

Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3-libs' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9

      quay390115a-quay-redis" deployment:

      Fixable RHSA-2023:1405 (CVSS 7.5) (severity Important) found in component 'openssl-libs' (version 1:1.1.1k-7.el8_6.x86_64) in container 'redis-master', resolved by version 1:1.1.1k-9.el8_7

      quay390115a-quay-database" deployment:

      Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9

Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python-libs' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9

Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9

Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3-libs' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9
      High Vulnerability  reported by Redhat ACS:

        1. image-2023-08-03-13-39-19-823.png
          569 kB
          luffy zhang
        2. image-2023-08-02-17-36-35-585.png
          367 kB
          luffy zhang
        3. image-2023-08-02-17-36-15-216.png
          594 kB
          luffy zhang
        4. image-2023-07-20-17-35-16-580.png
          468 kB
          luffy zhang
        5. image-2023-07-20-17-33-46-361.png
          469 kB
          luffy zhang
        6. image-2023-07-20-17-30-43-362.png
          351 kB
          luffy zhang
        7. image-2023-07-20-17-29-43-689.png
          572 kB
          luffy zhang
        8. image-2023-06-15-17-25-26-981.png
          457 kB
          luffy zhang
        9. image-2023-06-15-17-25-05-567.png
          667 kB
          luffy zhang
        10. image-2023-06-13-17-47-10-377.png
          388 kB
          luffy zhang
        11. image-2023-06-13-17-46-41-314.png
          289 kB
          luffy zhang
        12. image-2023-06-13-17-46-06-483.png
          383 kB
          luffy zhang
        13. image-2023-06-13-17-42-54-834.png
          362 kB
          luffy zhang

            Unassigned Unassigned
            lzha1981 luffy zhang
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: