Skip to content

chore: fix apecloud-addon-charts trivy vulnerabilities#2273

Merged
JashBook merged 1 commit intomainfrom
support/fix_apecloud-addon-charts_trivy_vulnerabilities
Nov 26, 2025
Merged

chore: fix apecloud-addon-charts trivy vulnerabilities#2273
JashBook merged 1 commit intomainfrom
support/fix_apecloud-addon-charts_trivy_vulnerabilities

Conversation

@JashBook
Copy link
Collaborator

@JashBook JashBook commented Nov 26, 2025

fix

trivy image --format table --severity CRITICAL,HIGH --ignore-unfixed  apecloud-registry.cn-zhangjiakou.cr.aliyuncs.com/apecloud/apecloud-addon-charts:clickhouse-0.9.3

Report Summary

┌──────────────────────────────────────────────────────────────────────────────────┬────────┬─────────────────┬─────────┐
│                                      Target                                      │  Type  │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────────────────────┼────────┼─────────────────┼─────────┤
│ apecloud-registry.cn-zhangjiakou.cr.aliyuncs.com/apecloud/apecloud-addon-charts- │ alpine │        2        │    -    │
│ :clickhouse-0.9.3 (alpine 3.22.0_alpha20250108)                                  │        │                 │         │
└──────────────────────────────────────────────────────────────────────────────────┴────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)


apecloud-registry.cn-zhangjiakou.cr.aliyuncs.com/apecloud/apecloud-addon-charts:clickhouse-0.9.3 (alpine 3.22.0_alpha20250108)

Total: 2 (HIGH: 2, CRITICAL: 0)

┌────────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────┐
│  Library   │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                          Title                           │
├────────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────┤
│ libcrypto3 │ CVE-2024-12797 │ HIGH     │ fixed  │ 3.3.2-r4          │ 3.3.3-r0      │ openssl: RFC7250 handshakes with unauthenticated servers │
│            │                │          │        │                   │               │ don't abort as expected                                  │
│            │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-12797               │
├────────────┤                │          │        │                   │               │                                                          │
│ libssl3    │                │          │        │                   │               │                                                          │
│            │                │          │        │                   │               │                                                          │
│            │                │          │        │                   │               │                                                          │
└────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────┘

📣 Notices:
  - Version 0.67.2 of Trivy is now available, current version is 0.63.0

To suppress version checks, run Trivy scans with the --skip-version-check flag

@JashBook JashBook added the pick-0.9 Auto cherry-pick to release-0.9 when PR merged label Nov 26, 2025
@JashBook JashBook requested review from a team and leon-inf as code owners November 26, 2025 03:43
@JashBook JashBook added the pick-1.0 Auto cherry-pick to release-1.0 when PR merged label Nov 26, 2025
@JashBook JashBook merged commit f73d9d5 into main Nov 26, 2025
11 checks passed
@JashBook JashBook deleted the support/fix_apecloud-addon-charts_trivy_vulnerabilities branch November 26, 2025 04:00
@apecloud-bot
Copy link
Collaborator

apecloud-bot commented Nov 26, 2025

/cherry-pick release-0.9

@apecloud-bot
Copy link
Collaborator

apecloud-bot commented Nov 26, 2025

/cherry-pick release-1.0

@apecloud-bot
Copy link
Collaborator

apecloud-bot commented Nov 26, 2025

🤖 says: cherry pick action finished successfully 🎉!
See: https://github.com/apecloud/kubeblocks-addons/actions/runs/19692050600

apecloud-bot pushed a commit that referenced this pull request Nov 26, 2025
@JashBook @apecloud-bot
chore: fix apecloud-addon-charts trivy vulnerabilities (#2273)
71b049f 
(cherry picked from commit f73d9d5)
@apecloud-bot
Copy link
Collaborator

apecloud-bot commented Nov 26, 2025

🤖 says: cherry pick action finished successfully 🎉!
See: https://github.com/apecloud/kubeblocks-addons/actions/runs/19692051239

apecloud-bot pushed a commit that referenced this pull request Nov 26, 2025
@JashBook @apecloud-bot
chore: fix apecloud-addon-charts trivy vulnerabilities (#2273)
800d3fd 
(cherry picked from commit f73d9d5)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wangyelei wangyelei wangyelei approved these changes

@leon-inf leon-inf Awaiting requested review from leon-inf

Assignees

No one assigned

Labels

pick-0.9 Auto cherry-pick to release-0.9 when PR merged pick-1.0 Auto cherry-pick to release-1.0 when PR merged

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JashBook @apecloud-bot @wangyelei