We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
The alpine version of this image seems to be vulnerable to GHSA-v23v-6jw2-98fq You need to update your docker static source version Image: https://hub.docker.com/layers/google/cloud-sdk/492.0.0-alpine/images/sha256-201db51115dc28aea998b5caf581233733957b289169acd1d54b7102a41d4bab?context=explore
There are also other high vulnerabilites in cryptography package and the fix is available GHSA-3ww4-gg4f-jr7f GHSA-6vqw-3v5j-54x4
When can we expect an upgrade
The text was updated successfully, but these errors were encountered:
There are 20 Vul, out of which these are fixable
Sorry, something went wrong.
google/cloud-sdk/493.0.0-alpine also has security issues:
493.0 went back to Alpine 3.19 from Alpine 3.20. Alpine 3.20.3 currently has no known vulnerabilities: https://hub.docker.com/layers/library/alpine/3.20.3/images/sha256-33735bd63cf84d7e388d9f6d297d348c523c044410f553bd878c6d7829612735?context=explore.
Wondering if it's possible to upgrade to Alpine 3.20.3? 🙏 Thank you!
Correction: even when upgrading to Alpine 3.20.3, there seem to be vulnerabilities specifically in py3-openssl and the google cloud CLI:
No branches or pull requests
The alpine version of this image seems to be vulnerable to GHSA-v23v-6jw2-98fq
You need to update your docker static source version
Image: https://hub.docker.com/layers/google/cloud-sdk/492.0.0-alpine/images/sha256-201db51115dc28aea998b5caf581233733957b289169acd1d54b7102a41d4bab?context=explore
There are also other high vulnerabilites in cryptography package and the fix is available
GHSA-3ww4-gg4f-jr7f
GHSA-6vqw-3v5j-54x4
When can we expect an upgrade
The text was updated successfully, but these errors were encountered: