/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-gf7w-xx6p-76mv

Published

Last updated

https://images.chainguard.dev/security/CGA-gf7w-xx6p-76mv
Package

kubeflow-fips

Repository

Chainguard

Latest Update
Pending upstream fix
Aliases
  • GHSA-74fp-r6jw-h4mp

Severity

Unknown

References

  • https://github.com/advisories/GHSA-74fp-r6jw-h4mp

Updates

Status

Pending upstream fix

Impact

Upstream has pinned these dependency versions and will require functional changes from upstream maintainers to upgrade. The k8s.io/apimachinery dependency is intentionally pinned to a 2019 commit via replace directives to maintain compatibility with Kubeflow's custom role system.

Status

Affected

Impact

Govulncheck found vulnerable symbols in Go binaries at the following locations: in kubeflow-access-management-fips-1.10.0-r2.apk, at usr/bin/access-management, usr/bin/access-management.

Status

Under investigation


Safe Source for Open Sourceâ„¢
Contact us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing