Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

False positives? #242

Open
michelesr opened this issue Oct 19, 2023 · 0 comments
Open

False positives? #242

michelesr opened this issue Oct 19, 2023 · 0 comments

Comments

@michelesr
Copy link

michelesr commented Oct 19, 2023

Have a look at https://github.com/citizensadvice/fluentd-docker/security/code-scanning/30, the CVE is about busybox < 1.35 , and busybox is on 1.35.0-r29 (and so is ssl_client) ... interestingly when running grype on an image built in the same way locally, I don't get this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant