skaffold-fips
Chainguard
5.2
CVSS V3
Status
Impact
The vulnerability remediation requires upgrading github.com/docker/docker to v28. However, this upgrade introduces breaking API changes (ImageHistory, ImageLoad, types.ImageLoadResponse) that are not yet supported by dependent libraries (go-containerregistry, imgutil, skaffold). As a result, the build fails when attempting to move to v28. Upstream projects need to update their dependency trees and adapt their code to the new Docker client API. Once upstream resolves these incompatibilities, we can safely upgrade to v28 and remediate the vulnerability.
Status