Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-6143

Quay 3.9.3 High Images Vulnerability Reported by Redhat ACS

XMLWordPrintable

    • False
    • None
    • False

      Description:

      This is a security issue found in Quay 3.9.3, now after deployed Quay 3.9.3, Redhat ACS reported High Images Vulnerability, pls review this issue.

      Quay: quay-operator-bundle-container-v3.9.3-3

      quayregistry-clair-postgres" Deployment:

      Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc' (version 2.28-225.el8.x86_64) in container 'clair-postgres', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-common' (version 2.28-225.el8.x86_64) in container 'clair-postgres', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-langpack-en' (version 2.28-225.el8.x86_64) in container 'clair-postgres', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-locale-source' (version 2.28-225.el8.x86_64) in container 'clair-postgres', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-minimal-langpack' (version 2.28-225.el8.x86_64) in container 'clair-postgres', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5474 (CVSS 7.5) (severity Important) found in component 'bind-libs' (version 32:9.11.36-8.el8_8.1.x86_64) in container 'clair-postgres', resolved by version 32:9.11.36-8.el8_8.2

Fixable RHSA-2023:5474 (CVSS 7.5) (severity Important) found in component 'bind-libs-lite' (version 32:9.11.36-8.el8_8.1.x86_64) in container 'clair-postgres', resolved by version 32:9.11.36-8.el8_8.2

Fixable RHSA-2023:5474 (CVSS 7.5) (severity Important) found in component 'bind-license' (version 32:9.11.36-8.el8_8.1.noarch) in container 'clair-postgres', resolved by version 32:9.11.36-8.el8_8.2

Fixable RHSA-2023:5474 (CVSS 7.5) (severity Important) found in component 'bind-utils' (version 32:9.11.36-8.el8_8.1.x86_64) in container 'clair-postgres', resolved by version 32:9.11.36-8.el8_8.2

Fixable RHSA-2023:5474 (CVSS 7.5) (severity Important) found in component 'python3-bind' (version 32:9.11.36-8.el8_8.1.noarch) in container 'clair-postgres', resolved by version 32:9.11.36-8.el8_8.2

      "quayregistry-quay-database" Deployment

      Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc' (version 2.28-225.el8.x86_64) in container 'postgres', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-common' (version 2.28-225.el8.x86_64) in container 'postgres', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-langpack-en' (version 2.28-225.el8.x86_64) in container 'postgres', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-locale-source' (version 2.28-225.el8.x86_64) in container 'postgres', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-minimal-langpack' (version 2.28-225.el8.x86_64) in container 'postgres', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5474 (CVSS 7.5) (severity Important) found in component 'bind-libs' (version 32:9.11.36-8.el8_8.1.x86_64) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.2

Fixable RHSA-2023:5474 (CVSS 7.5) (severity Important) found in component 'bind-libs-lite' (version 32:9.11.36-8.el8_8.1.x86_64) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.2

Fixable RHSA-2023:5474 (CVSS 7.5) (severity Important) found in component 'bind-license' (version 32:9.11.36-8.el8_8.1.noarch) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.2

Fixable RHSA-2023:5474 (CVSS 7.5) (severity Important) found in component 'bind-utils' (version 32:9.11.36-8.el8_8.1.x86_64) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.2

Fixable RHSA-2023:5474 (CVSS 7.5) (severity Important) found in component 'python3-bind' (version 32:9.11.36-8.el8_8.1.noarch) in container 'postgres', resolved by version 32:9.11.36-8.el8_8.2

      "quayregistry-quay-redis" Deployment

      Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc' (version 2.28-225.el8.x86_64) in container 'redis-master', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-common' (version 2.28-225.el8.x86_64) in container 'redis-master', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-langpack-en' (version 2.28-225.el8.x86_64) in container 'redis-master', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-locale-source' (version 2.28-225.el8.x86_64) in container 'redis-master', resolved by version 0:2.28-225.el8_8.6

Fixable RHSA-2023:5455 (CVSS 7.8) (severity Important) found in component 'glibc-minimal-langpack' (version 2.28-225.el8.x86_64) in container 'redis-master', resolved by version 0:2.28-225.el8_8.6
      High Images Vulnerability Reported by Redhat ACS latest 4.2.1:

        1. image-2023-10-11-14-31-30-611.png
          image-2023-10-11-14-31-30-611.png
          587 kB
        2. image-2023-10-12-14-08-58-451.png
          image-2023-10-12-14-08-58-451.png
          569 kB

              obulatov@redhat.com Oleg Bulatov (Inactive)
              lzha1981 luffy zhang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: