Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

CVEs discovered from different releases #3112

Open
jingxu97 opened this issue Nov 18, 2024 · 0 comments
Open

CVEs discovered from different releases #3112

jingxu97 opened this issue Nov 18, 2024 · 0 comments
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@jingxu97
Copy link

Is this a BUG REPORT or FEATURE REQUEST?:

Uncomment only one, leave it on its own line:

/kind bug

/kind feature

What happened:

name: vsphere-csi-driver
tag: v3.3.1-gke.2
cves:

  • id: CVE-2024-3177
    severity: LOW
    type: GO
    package: k8s.io/kubernetes
    file_location: '/usr/bin/vsphere-csi '
    affected_version: 1.27.10
    fixed_version: 1.27.13
    false_positive: false
  • id: CVE-2024-5321
    severity: LOW
    type: GO
    package: k8s.io/kubernetes
    file_location: '/usr/bin/vsphere-csi '
    affected_version: 1.27.10
    fixed_version: 1.27.16
    false_positive: false

What you expected to happen:

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know?:

Environment:

  • csi-vsphere version:
  • vsphere-cloud-controller-manager version:
  • Kubernetes version:
  • vSphere version:
  • OS (e.g. from /etc/os-release):
  • Kernel (e.g. uname -a):
  • Install tools:
  • Others:
@k8s-ci-robot k8s-ci-robot added the kind/bug Categorizes issue or PR as related to a bug. label Nov 18, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jingxu97 @k8s-ci-robot