deps: Update deps to fix kyverno critical vulnerability #236

anurag-rajawat · 2024-08-14T09:30:40Z

Description

This PR updates all dependencies to fix a critical vulnerability in the nimbus-kyverno adapter.

Library: github.com/docker/docker
Vulnerability: CVE-2024-41110
Severity: CRITICAL
Title: moby: Authz zero length regression

Fixes # (issue)

Does this PR introduce a breaking change?
No.

PR title follows the <type>: <description> convention
I use conventional commits in my commit messages
I have updated the documentation accordingly
I Keep It Small and Simple: The smaller the PR is, the easier it is to review and have it merged
I have performed a self-review of my code
I have added tests that prove my fix is effective or that my feature works
New and existing unit tests pass locally with my changes

Signed-off-by: Anurag Rajawat <anurag@accuknox.com>

anurag-rajawat marked this pull request as draft August 14, 2024 09:38

anurag-rajawat force-pushed the fix-vuln branch from 5f3b667 to 9f31780 Compare August 14, 2024 11:03

anurag-rajawat self-assigned this Aug 14, 2024

anurag-rajawat marked this pull request as ready for review August 14, 2024 11:13

anurag-rajawat requested review from shivaccuknox and VedRatan August 14, 2024 11:13

VedRatan approved these changes Aug 14, 2024

View reviewed changes

anurag-rajawat force-pushed the fix-vuln branch from 9f31780 to 0266d11 Compare August 20, 2024 19:23

Anurag Rajawat added 2 commits August 21, 2024 08:56

CI: Add scan image in image build jobs

1edcc48

Signed-off-by: Anurag Rajawat <anurag@accuknox.com>

deps: Update deps to fix kyverno critical vulnerability

f5c7005

Signed-off-by: Anurag Rajawat <anurag@accuknox.com>

anurag-rajawat force-pushed the fix-vuln branch from 0266d11 to f5c7005 Compare August 21, 2024 03:26

anurag-rajawat requested a review from JonesJefferson August 21, 2024 04:00

VedRatan merged commit 3e4fbc2 into 5GSEC:main Aug 21, 2024
12 checks passed

anurag-rajawat deleted the fix-vuln branch August 21, 2024 04:01