-
Notifications
You must be signed in to change notification settings - Fork 869
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Question]: Have there been any progress in resolving the following CVEs in the latest releases? #5034
Comments
@marlenkassym, thank you for bringing this to our attention. We will review these CG alerts shortly. |
@marlenkassym Thanks for your question.
|
Hi @DergachevE, thanks for the prompt response. Please see my response below.
CVE-2016-10540 CVE-2017-18077 CVE-2022-0144 CVE-2022-34716 CVE-2022-3517 CVE-2024-27086 CVE-2024-35255 |
@DergachevE Hi, have there been any update on your findings? Thanks. |
CVE-2016-10540 CVE-2017-18077 CVE-2022-0144 CVE-2022-3517 I found related issue #5008.
CVE-2022-34716 This CVE was resolved in #4996 CVE-2024-35255 This CVE was resolved in #4910 CVE-2024-27086 This CVE has low severity and includes a warning within the CVE:
|
Describe your question
The following CVEs are being detected by Microsoft Defender for Cloud in the current version of v3.243.1 that I am using in the ADO agents. Is there any update on fixing these as some are dated all the way to 2016?
CVE
CVE-2016-10540
CVE-2017-18077
CVE-2022-3517
CVE-2022-0144
CVE-2022-34716
CVE-2024-27086
CVE-2024-35255
Versions
Azure pipelines v3.243.1
Environment type (Please select at least one environment where you face this issue)
Azure DevOps Server type
dev.azure.com (formerly visualstudio.com)
Operation system
Ubuntu 24.04
Version controll system
Azure Repos
Azure DevOps Server Version (if applicable)
No response
The text was updated successfully, but these errors were encountered: