-
Notifications
You must be signed in to change notification settings - Fork 313
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] deepflow-agent镜像存在严重漏洞 #7497
Comments
Is it convenient to list the vulnerabilities directly? Propose solutions and whether you intend to submit a PR |
Library:usr/bin/ecapture stdlib |
@Nick-0314 deepflow-app and deepflow-stella-agent-ce has high-risk vulnerability and critical vulnerability。 |
Search before asking
DeepFlow Component
Agent
What you expected to happen
deepflow-agent.log
How to reproduce
run
trivy image --db-repository m.daocloud.io/ghcr.io/aquasecurity/trivy-db --java-db-repository m.daocloud.io/ghcr.io/aquasecurity/trivy-java-db registry.cn-hongkong.aliyuncs.com/deepflow-ce/deepflow-agent:v6.5
DeepFlow version
Defaulted container "deepflow-agent" out of: deepflow-agent, configure-sysctl (init)
10695-abf34f6137e57ec3371caa8ab72433f3343bbe81
Name: deepflow-agent community edition
Branch: v6.5
CommitId: abf34f6
RevCount: 10695
Compiler: rustc 1.77.1 (7cf61ebde 2024-03-27)
CompileTime: 2024-07-11 12:04:49
DeepFlow agent list
ID NAME TYPE CTRL_IP CTRL_MAC STATE GROUP EXCEPTIONS REVISION UPGRADE_REVISION
1 xx.xx.xx.xx-V3 K8S_VM xx.xx.xx.xx 00:50:56:ad:1d:01 NORMAL default CONTROLLER_SOCKET_ERROR v6.5 10695
2 xx.xx.xx.xx-V1 K8S_VM xx.xx.xx.xx 00:50:56:ad:35:7f NORMAL default v6.5 10614
3 xx.xx.xx.xx-V2 K8S_VM xx.xx.xx.xx 00:50:56:ad:4e:74 NORMAL default v6.5 10614
Kubernetes CNI
flannel
Operation-System/Kernel version
4.4.0-142-generic
Anything else
No response
Are you willing to submit a PR?
Code of Conduct
The text was updated successfully, but these errors were encountered: