Where can I get details about Security vulnerability details for Calico? #9955
Unanswered
nagasatish007
asked this question in
Q&A
Replies: 1 comment
-
Hi @nagasatish007, Can you please be a little more specific about what CVEs you are looking into? Are you talking about CVEs that Tigera/Calico issued or the CVEs that exist in libraries that are used in the product (e.g., golang/x/net). It's also very important to use the latest patch version of the supported version, for example, currently, 3.28.3 is the latest 3.28. We always expect all the customers to use the latest patch version of a supported version to get all the security fixes. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi All,
We have a security tool that scans for docker image vulnerabilities.
It scanned for an image that spins up a calico apiserver application.
Its version is calico apiserver v3.28.1
Now I need find out the false positives frm these CVEs flagged by the security tool.
I need help with calico documentation that publishes the CVEs related to this application including false positives.
Can you help me in this regard?
Beta Was this translation helpful? Give feedback.
All reactions