Security vulnerabilities in sidecar proxy

deepak_deore · September 23, 2020, 3:18am

our security tool shows below vulnerabilities in proxyv2:1.5.8 image, is there a place to find if these are fixed in newer images? i couldn’t find doc mentioning what goes in the image

Fixable CVE-2018-7738 (CVSS 7.8) found in component ‘util-linux’ (version 2.31.1-0.4ubuntu3.6) in container ‘istio-proxy’, resolved by version 2.31.1-0.4ubuntu3.7
Fixable CVE-2019-14855 (CVSS 7.5) found in component ‘gnupg2’ (version 2.2.4-1ubuntu1.2) in container ‘istio-proxy’, resolved by version 2.2.4-1ubuntu1.3
Fixable CVE-2019-17514 (CVSS 7.5) found in component ‘python3.6’ (version 3.6.9-1~18.04ubuntu1) in container ‘istio-proxy’, resolved by version 3.6.9-1~18.04ubuntu1.1
Fixable CVE-2019-20907 (CVSS 7.5) found in component ‘python3.6’ (version 3.6.9-1~18.04ubuntu1) in container ‘istio-proxy’, resolved by version 3.6.9-1~18.04ubuntu1.1
Fixable CVE-2019-9674 (CVSS 7.5) found in component ‘python3.6’ (version 3.6.9-1~18.04ubuntu1) in container ‘istio-proxy’, resolved by version 3.6.9-1~18.04ubuntu1.1

Topic		Replies	Views
Difficulties building istio/proxy Test and Release	3	1759	July 9, 2020
Canary upgrade Istio 1.6.13 to 1.7.8 problem	0	1482	September 1, 2021
Unable to bypass containerized build for istio-proxy tag 1.4.3 on RHEL 7 ppc64le Test and Release	0	579	February 14, 2020
Any recommendation/caveats for use of istio distroless version in production? security	0	262	June 21, 2023
How to build istio-proxy image more smaller Test and Release	3	856	November 16, 2020

Security vulnerabilities in sidecar proxy

Related Topics