Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Terraform kubcectl provider sysdig scan shows critical vulnerability #292

Open
nandikatlakishore opened this issue May 8, 2024 · 1 comment
Open

Terraform kubcectl provider sysdig scan shows critical vulnerability #292

nandikatlakishore opened this issue May 8, 2024 · 1 comment

Comments

@nandikatlakishore
Copy link

While scanning the terraform kubectl provider plugin, sysdig scan is reporting critical vulnerability. below are the details.

Severity; critical
package : github.com/hashicorp/go-getter - v1.5.3
package path : /usr/local/share/terraform/plugins/registry.terraform.io/gavinbunney/kubectl/1.14.0/linux_amd64/terraform-provider-kubectl_v1.14.0
Fixed in v1.6.1

Can you help with overcoming this vulnerability
@alekc
Copy link
Contributor

alekc commented May 8, 2024

If you want updated kubectl provider your better bet would be to switch to https://registry.terraform.io/providers/alekc/kubectl/latest/docs (full disclosure: I am the author).

It's a maintained fork of this repo with some additional features/hot fixes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alekc @nandikatlakishore