[FOLIO-3361] Update kubernetes-utilities/ci-cleanup/module-cleanup dependencies Created: 09/Dec/21  Updated: 08/Aug/22  Resolved: 19/Jan/22

Status: Closed
Project: FOLIO
Components: Continuous Integration
Affects versions: None
Fix versions: None

Type: Bug Priority: TBD
Reporter: Julian Ladisch Assignee: Ian Hardy
Resolution: Done Votes: 0
Labels: security
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Sprint: DevOps Sprint 146
Development Team: FOLIO DevOps

 Description   

https://github.com/folio-org/folio-tools/blob/master/kubernetes-utilities/ci-cleanup/module-cleanup/requirements.txt
has dependencies with security vulnerabilities:

urllib3@1.25.6: https://nvd.nist.gov/vuln/detail/CVE-2020-26137 ,
https://nvd.nist.gov/vuln/detail/CVE-2020-7212 , https://nvd.nist.gov/vuln/detail/CVE-2021-33503
rsa@4.0: https://nvd.nist.gov/vuln/detail/CVE-2020-25658 , https://nvd.nist.gov/vuln/detail/CVE-2020-13757

Please update to fixed versions, or explain why module-cleanup is not affected.



 Comments   
Comment by Ian Hardy [ 19/Jan/22 ]

patched requirements

Generated at Thu Feb 08 23:27:32 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.