-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Please cut a new release to address CVEs affecting the IsLoopback function used in node_exporter #3154
Comments
They are not exploitable. |
Thanks @discordianfish for confirming. However, I find it sometimes easier to build a new release than explain that a vulnerability is not exploitable.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Host operating system: output of
uname -a
n/a
node_exporter version: output of
node_exporter --version
1.8.2
node_exporter command line flags
n/a
node_exporter log output
n/a
Are you running node_exporter in Docker?
Yes
What did you do that produced an error?
trivy scan highlights CVEs, with at least one impacting node_exporter:
What did you expect to see?
Clean scan
What did you see instead?
CVEs that have been resolved in master on HEAD, but not in latest release
The text was updated successfully, but these errors were encountered: