Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability CVE-2024-41110 #787

Open
haarvester opened this issue Aug 4, 2024 · 2 comments
Open

Vulnerability CVE-2024-41110 #787

haarvester opened this issue Aug 4, 2024 · 2 comments
Assignees
@scbizu
Labels
dependencies Pull requests that update a dependency file

Comments

@haarvester
Copy link

Message: 'Critical vulnerability detected: CVE-2024-41110 Score: 9.9 in helm/chartmuseum'

The library github.com/docker/docker version: v23.0.3+incompatible was detected and is vulnerable to GHSA-v23v-6jw2-98fq, which exists in versions >= 24.0.0, < 26.1.4.

Can you please release a new version to fix this high severity security issue? Thank you
@jnac1984
Copy link

jnac1984 commented Oct 9, 2024

I met the same issue and blocked by vulnerabilities scan. Anyone can help to release new version for this critical issue?

@scbizu scbizu self-assigned this Oct 23, 2024
@scbizu scbizu added the dependencies Pull requests that update a dependency file label Oct 23, 2024
@scbizu
Copy link
Contributor

scbizu commented Oct 23, 2024

our dependabot will be broken due to upgrade , I will do this manually.

#786

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@scbizu scbizu

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@scbizu @jnac1984 @haarvester