CGA-795w-j5w8-fmg3

Published

Last updated

https://images.chainguard.dev/security/CGA-795w-j5w8-fmg3

Package

grafana-agent-operator

RepositoryWolfi

Latest Update

Pending upstream fix

Aliases

Severity

Unknown

References

Updates

Status

Pending upstream fix

Impact

Currently grafana-agent-operator is dependent on golang 1.22. There is work upstream to bump the golang version to 1.24, and we are pending for upstream to cut a version with the new golang version in order to fix this CVE. More information can be found here: https://github.com/grafana/agent/commit/1d3100817f6c84454ee9155c7bdfe6008dd15ef8

Status

Affected

Impact

Govulncheck found vulnerable symbols in Go binaries at the following locations: in grafana-agent-operator-0.44.2-r37.apk, at usr/bin/grafana-agent-operator, usr/bin/grafana-agent-operator.

Status

Under investigation

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Private Policy

Product

Chainguard Containers Chainguard Libraries Chainguard VMs Integrations Pricing

Solutions

FedRAMP PCI DSS Golden Images CVE Remediation Public Sector

Customers

Customer Stories Chainguard Reviews

Resources

Events & Webinars Chainguard Courses Documentation Trust Center

Company

About Us Blog Partners Newsroom Careers Legal