Two risks found in image oneagent deployed with dynatrace-operator #3945

kapsonic · 2024-10-17T11:25:33Z

We use a CVE scanner to scan all the images of our environment.
For oneagent with tag latest, we found two CVE reported on date 14 Oct 24.

CVE-2024-48958: execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
CVE-2024-48957: execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.

Is the component impacted by these CVEs?
Are there any fix available or any recommendation for these.

github-actions · 2024-10-18T10:32:45Z

Thank you for opening a Dynatrace Operator Issue. We've identified and tagged the issue as a "Support request".

Dynatrace responds to requests like these via Dynatrace ONE support rather than Github. This helps our team respond as quickly as possible using the support team's tools and procedures.

Thanks for your help!

luhi-DT added the support request request for further assistance with an issue label Oct 18, 2024

github-actions bot closed this as completed Oct 18, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Two risks found in image oneagent deployed with dynatrace-operator #3945

Two risks found in image oneagent deployed with dynatrace-operator #3945

kapsonic commented Oct 17, 2024

github-actions bot commented Oct 18, 2024

Two risks found in image oneagent deployed with dynatrace-operator #3945

Two risks found in image oneagent deployed with dynatrace-operator #3945

Comments

kapsonic commented Oct 17, 2024

github-actions bot commented Oct 18, 2024