Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Opener Stable Version #37

Open
Prudhvicharan opened this issue Sep 23, 2022 · 2 comments
Open

Opener Stable Version #37

Prudhvicharan opened this issue Sep 23, 2022 · 2 comments

Comments

@Prudhvicharan
Copy link

Prudhvicharan commented Sep 23, 2022
edited
Loading

Hi,
We have updated the Opener package to the latest version(1.5.2)

The latest version of opener has 4 High Vulnerabilities (CVE-2021-27478, CVE-2021-27482, CVE-2021-27498, CVE-2021-27500) with scores 7.5 for both
Is there a way to fix those vulnerabilities. If so, can you please let us know how to do?

And Latest Version was published on 08/30/2020. Can you please also state the release date of next version?
@TonyMasse
Copy link

@Prudhvicharan , our scanner flags these 4 vulnerabilities too, but they are false positives.
Do read the content of each of them, as you'll notice that they are targeting a different piece of software altogether, that just happens to be called "OpENer" (See their Github page: https://github.com/EIPStackGroup/OpENer ).

Tony

@TonyMasse
Copy link

Just to complete my post above, there is an issue already created on the Grype repo to report these 4 false positives:
anchore/grype#932

@ddamw ddamw mentioned this issue May 8, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Prudhvicharan @TonyMasse