cluster-autoscaler-1.29
Chainguard
Status
Impact
The vulnerability cannot be remediated at this time because upgrading the dependency is not possible without breaking the build. The affected component still relies on deprecated Kubernetes APIs, and the current code is incompatible with k8s.io v1.31. Upstream needs to properly refactor and align the implementation with the v1.31 API surface. Once upstream completes this alignment, we can upgrade the dependency chain and remediate the CVE.
Status