You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current version of yarn used on all (?) images has a vulnerablilty which may be exploited depending on how your images are used or what software is installed on top of it.
Please update all images to the bugfixed version as some automated security scanners start to pick up this vulnerability in docker images (e.g. Anchore).
I have looked if there is a helper script to update all instances easily without missing on but there seems nothing like it. is there another preferred way or search-replace? I can create a PR than.
Thanks
The text was updated successfully, but these errors were encountered:
#1241 merged! Just wait to be deployed on Docker hub, thanks for the notification, I'll close this issue first, feel free to reopen it if there is still an issue.
Please note that there will be a delay between the PR merging and being built and deployed on Docker Hub, please follow #1241 and its auto PR to the official Docker Hub image repository for more details.
Current version of yarn used on all (?) images has a vulnerablilty which may be exploited depending on how your images are used or what software is installed on top of it.
https://nvd.nist.gov/vuln/detail/CVE-2020-8131 - Rating of 7.5 (HIGH)
Please update all images to the bugfixed version as some automated security scanners start to pick up this vulnerability in docker images (e.g. Anchore).
I have looked if there is a helper script to update all instances easily without missing on but there seems nothing like it. is there another preferred way or search-replace? I can create a PR than.
Thanks
The text was updated successfully, but these errors were encountered: