Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience.
02-10-2022 05:10 AM
Hi Prismacloud team,
We are getting below three golang vulnerabilities in all images and hosts which don't have golang installed.
These go vulnerabilities are reported even in all the node based docker images and also in all hosts which don’t have any jar or application related to golang.
Could you please explain to us why we are getting these vulnerabilities in all hosts and images. Please refer to the screenshot attached.
CVE-2021-45046
CVE-2020-29652
CVE-2021-44716
02-10-2022 12:39 PM
Are you able to find the vulnerable package by searching within the "Package Info" tab?
02-10-2022 08:48 PM
Let me check. Thanks for the reply.
07-13-2022 02:45 PM
Sometimes a CVE can belong to a different application, we need to understand what images they are scanning if they can give us the pull URL, we can download the image from the repo and scan it individually and see what's going on.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
