Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-6022

Quay 3.8.12 High Image Vulnerability Reported by Redhat ACS

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • quay-v3.8.12
    • quay-v3.8.12
    • quay-operator
    • None
    • False
    • None
    • False

      Description:

      This is a Security issue of Quay 3.8.12, now after deployed Quay 3.8.12 with Quay Operator 3.8.12, found some High Image Vulnerability Reported by Redhat ACS 4.13, pls review this issue.

      Quay: quay-operator-bundle-container-v3.8.12-4

      quay3812-quay-redis:

      Fixable RHSA-2023:1405 (CVSS 7.5) (severity Important) found in component 'openssl-libs' (version 1:1.1.1k-7.el8_6.x86_64) in container 'redis-master', resolved by version 1:1.1.1k-9.el8_7

Fixable RHSA-2023:3591 (CVSS 7.5) (severity Important) found in component 'platform-python' (version 3.6.8-48.el8_7.1.x86_64) in container 'redis-master', resolved by version 0:3.6.8-51.el8_8.1

Fixable RHSA-2023:3591 (CVSS 7.5) (severity Important) found in component 'python3-libs' (version 3.6.8-48.el8_7.1.x86_64) in container 'redis-master', resolved by version 0:3.6.8-51.el8_8.1

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'dnf-plugin-subscription-manager' (version 1.28.32-1.el8.x86_64) in container 'redis-master', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'python3-cloud-what' (version 1.28.32-1.el8.x86_64) in container 'redis-master', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'python3-subscription-manager-rhsm' (version 1.28.32-1.el8.x86_64) in container 'redis-master', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'python3-syspurpose' (version 1.28.32-1.el8.x86_64) in container 'redis-master', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'subscription-manager' (version 1.28.32-1.el8.x86_64) in container 'redis-master', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'subscription-manager-rhsm-certificates' (version 1.28.32-1.el8.x86_64) in container 'redis-master', resolved by version 0:1.28.36-3.el8_8

      quay3812-clair-postgres:

      Fixable RHSA-2023:0625 (CVSS 8.6) (severity Important) found in component 'libksba' (version 1.3.5-8.el8_6.x86_64) in container 'postgres', resolved by version 0:1.3.5-9.el8_7

Fixable RHSA-2023:1405 (CVSS 7.5) (severity Important) found in component 'openssl' (version 1:1.1.1k-7.el8_6.x86_64) in container 'postgres', resolved by version 1:1.1.1k-9.el8_7

Fixable RHSA-2023:1405 (CVSS 7.5) (severity Important) found in component 'openssl-libs' (version 1:1.1.1k-7.el8_6.x86_64) in container 'postgres', resolved by version 1:1.1.1k-9.el8_7

Fixable RHSA-2023:1930 (CVSS 7.8) (severity Important) found in component 'emacs-filesystem' (version 1:26.1-7.el8.noarch) in container 'postgres', resolved by version 1:26.1-7.el8_7.1

Fixable RHSA-2023:3104 (CVSS 7.8) (severity Important) found in component 'emacs-filesystem' (version 1:26.1-7.el8.noarch) in container 'postgres', resolved by version 1:26.1-10.el8_8.2

Fixable RHSA-2023:3591 (CVSS 7.5) (severity Important) found in component 'platform-python' (version 3.6.8-48.el8_7.x86_64) in container 'postgres', resolved by version 0:3.6.8-51.el8_8.1

Fixable RHSA-2023:3591 (CVSS 7.5) (severity Important) found in component 'python3-libs' (version 3.6.8-48.el8_7.x86_64) in container 'postgres', resolved by version 0:3.6.8-51.el8_8.1

Fixable RHSA-2023:4102 (CVSS 7.5) (severity Important) found in component 'bind-libs' (version 32:9.11.36-5.el8_7.2.x86_64) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.1

Fixable RHSA-2023:4102 (CVSS 7.5) (severity Important) found in component 'bind-libs-lite' (version 32:9.11.36-5.el8_7.2.x86_64) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.1

Fixable RHSA-2023:4102 (CVSS 7.5) (severity Important) found in component 'bind-license' (version 32:9.11.36-5.el8_7.2.noarch) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.1

Fixable RHSA-2023:4102 (CVSS 7.5) (severity Important) found in component 'bind-utils' (version 32:9.11.36-5.el8_7.2.x86_64) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.1

Fixable RHSA-2023:4102 (CVSS 7.5) (severity Important) found in component 'python3-bind' (version 32:9.11.36-5.el8_7.2.noarch) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.1

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'dnf-plugin-subscription-manager' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'python3-cloud-what' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'python3-subscription-manager-rhsm' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'python3-syspurpose' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'subscription-manager' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'subscription-manager-rhsm-certificates' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

      quay3812-quay-database:

      Fixable RHSA-2023:0625 (CVSS 8.6) (severity Important) found in component 'libksba' (version 1.3.5-8.el8_6.x86_64) in container 'postgres', resolved by version 0:1.3.5-9.el8_7

Fixable RHSA-2023:1405 (CVSS 7.5) (severity Important) found in component 'openssl' (version 1:1.1.1k-7.el8_6.x86_64) in container 'postgres', resolved by version 1:1.1.1k-9.el8_7

Fixable RHSA-2023:1405 (CVSS 7.5) (severity Important) found in component 'openssl-libs' (version 1:1.1.1k-7.el8_6.x86_64) in container 'postgres', resolved by version 1:1.1.1k-9.el8_7

Fixable RHSA-2023:1930 (CVSS 7.8) (severity Important) found in component 'emacs-filesystem' (version 1:26.1-7.el8.noarch) in container 'postgres', resolved by version 1:26.1-7.el8_7.1

Fixable RHSA-2023:3104 (CVSS 7.8) (severity Important) found in component 'emacs-filesystem' (version 1:26.1-7.el8.noarch) in container 'postgres', resolved by version 1:26.1-10.el8_8.2

Fixable RHSA-2023:3591 (CVSS 7.5) (severity Important) found in component 'platform-python' (version 3.6.8-48.el8_7.x86_64) in container 'postgres', resolved by version 0:3.6.8-51.el8_8.1

Fixable RHSA-2023:3591 (CVSS 7.5) (severity Important) found in component 'python3-libs' (version 3.6.8-48.el8_7.x86_64) in container 'postgres', resolved by version 0:3.6.8-51.el8_8.1

Fixable RHSA-2023:4102 (CVSS 7.5) (severity Important) found in component 'bind-libs' (version 32:9.11.36-5.el8_7.2.x86_64) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.1

Fixable RHSA-2023:4102 (CVSS 7.5) (severity Important) found in component 'bind-libs-lite' (version 32:9.11.36-5.el8_7.2.x86_64) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.1

Fixable RHSA-2023:4102 (CVSS 7.5) (severity Important) found in component 'bind-license' (version 32:9.11.36-5.el8_7.2.noarch) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.1

Fixable RHSA-2023:4102 (CVSS 7.5) (severity Important) found in component 'bind-utils' (version 32:9.11.36-5.el8_7.2.x86_64) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.1

Fixable RHSA-2023:4102 (CVSS 7.5) (severity Important) found in component 'python3-bind' (version 32:9.11.36-5.el8_7.2.noarch) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.1

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'dnf-plugin-subscription-manager' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'python3-cloud-what' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'python3-subscription-manager-rhsm' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'python3-syspurpose' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'subscription-manager' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8

Fixable RHSA-2023:4706 (CVSS 7.8) (severity Important) found in component 'subscription-manager-rhsm-certificates' (version 1.28.32-1.el8.x86_64) in container 'postgres', resolved by version 0:1.28.36-3.el8_8
      Quay 3.8.12 High Vulnerability reported by Redhat ACS

        1. image-2023-09-11-16-22-04-153.png
          image-2023-09-11-16-22-04-153.png
          555 kB
        2. image-2023-09-11-16-26-58-095.png
          image-2023-09-11-16-26-58-095.png
          442 kB
        3. image-2023-09-11-16-28-49-910.png
          image-2023-09-11-16-28-49-910.png
          430 kB

              Unassigned Unassigned
              lzha1981 luffy zhang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: