Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Vulnerabilities in the Hatchet Docker Image #761

Open
chaitanyakoodoo opened this issue Aug 2, 2024 · 1 comment
Open

Fix Vulnerabilities in the Hatchet Docker Image #761

chaitanyakoodoo opened this issue Aug 2, 2024 · 1 comment

Comments

@chaitanyakoodoo
Copy link

chaitanyakoodoo commented Aug 2, 2024
edited
Loading

403 vulnerabilities have been found in the Hatchet Docker image obtained from ArtifactHub. The image requires a thorough security review and patching of all identified vulnerabilities.
https://artifacthub.io/packages/helm/hatchet/hatchet-stack
@chaitanyakoodoo chaitanyakoodoo changed the title Fix vulnerabilities in the Hatchet Docker image and deploy in Kubernetes cluster with custom SSL and DNS. Fix Vulnerabilities in the Hatchet Docker Image Aug 5, 2024
@abelanger5
Copy link
Contributor

Hi @chaitanyakoodoo, the hatchet-stack image bundles rabbitmq and postgres as dependencies, which is where the vast majority of these vulnerabilities are coming from, and most of them are not fixed in any rabbitmq/postgres version and are likely not considered vulnerabilities by those projects.

We'll go through and look at any criticals reported in the Hatchet images there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@abelanger5 @chaitanyakoodoo