Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-5642

Quay 3.9.0 image High Vulnerability reported by Redhat ACS

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Critical Critical
    • quay-v3.9.0
    • quay-v3.9.0
    • quay-operator
    • False
    • None
    • False

      Description:

      This is an issue found in Quay 3.9.0 latest build, after deploy Redhat ACS, found High Vulnerability, pls review and fix this issue before 3.9.0 is GA, see below screenshots.

      Quay Version:  quay-operator-bundle-container-v3.9.0-115

      quay390115a-clair-postgres" deployment:

      Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9
      
      Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python-libs' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9
      
      Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9
      
      Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3-libs' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9

      quay390115a-quay-redis" deployment:

      Fixable RHSA-2023:1405 (CVSS 7.5) (severity Important) found in component 'openssl-libs' (version 1:1.1.1k-7.el8_6.x86_64) in container 'redis-master', resolved by version 1:1.1.1k-9.el8_7 

      quay390115a-quay-database" deployment:

      Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9
      
      Fixable RHSA-2023:3555 (CVSS 7.5) (severity Important) found in component 'python-libs' (version 2.7.5-92.el7_9.x86_64) in container 'postgres', resolved by version 0:2.7.5-93.el7_9
      
      Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9
      
      Fixable RHSA-2023:3556 (CVSS 7.5) (severity Important) found in component 'python3-libs' (version 3.6.8-18.el7.x86_64) in container 'postgres', resolved by version 0:3.6.8-19.el7_9 
      High Vulnerability  reported by Redhat ACS:

        1. image-2023-06-13-17-42-54-834.png
          362 kB
          luffy zhang
        2. image-2023-06-13-17-46-06-483.png
          383 kB
          luffy zhang
        3. image-2023-06-13-17-46-41-314.png
          289 kB
          luffy zhang
        4. image-2023-06-13-17-47-10-377.png
          388 kB
          luffy zhang
        5. image-2023-06-15-17-25-05-567.png
          667 kB
          luffy zhang
        6. image-2023-06-15-17-25-26-981.png
          457 kB
          luffy zhang
        7. image-2023-07-20-17-29-43-689.png
          572 kB
          luffy zhang
        8. image-2023-07-20-17-30-43-362.png
          351 kB
          luffy zhang
        9. image-2023-07-20-17-33-46-361.png
          469 kB
          luffy zhang
        10. image-2023-07-20-17-35-16-580.png
          468 kB
          luffy zhang
        11. image-2023-08-02-17-36-15-216.png
          594 kB
          luffy zhang
        12. image-2023-08-02-17-36-35-585.png
          367 kB
          luffy zhang
        13. image-2023-08-03-13-39-19-823.png
          569 kB
          luffy zhang

              Unassigned Unassigned
              lzha1981 luffy zhang
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: