Skip to content

STREAM-799: [fix] CVEs found in KAAP operator#241

Merged
hshankar31 merged 2 commits intomainfrom
STREAM-799-cv-es-found-in-kaap-operator
Feb 25, 2026
Merged

STREAM-799: [fix] CVEs found in KAAP operator#241
hshankar31 merged 2 commits intomainfrom
STREAM-799-cv-es-found-in-kaap-operator

Conversation

@hshankar31
Copy link
Collaborator

@hshankar31 hshankar31 commented Feb 17, 2026
edited
Loading

CVE List

CVE ID Component Published Current Version (UBI8:latest) Required Version Status Fix Method
CVE-2024-51504 ZooKeeper 2024-11-07 3.9.4 (Maven) 3.9.4+ ✅ Resolved Dependency update to 3.9.4
CVE-2018-20225 python3-pip-wheel 2018-12-18 (updated) N/A ✅ Resolved Base image :latest
CVE-2019-19244 sqlite-libs 2019-11-25 (updated) N/A ✅ Resolved Base image :latest
CVE-2020-35512 dbus-libs 2021-02-15 (updated) N/A ✅ Resolved Base image :latest
CVE-2023-4504 cups-libs 2023-09-21 (updated) N/A ✅ Resolved Base image :latest
CVE-2005-2541 tar 2005-09-06 (updated) N/A ✅ Resolved Base image :latest
CVE-2026-22184 zlib (untgz) 2026-01-07 N/A N/A ⚠️ Not Applicable Affects demo utility only (DISPUTED)
CVE-2026-21945 java-21-openjdk 2026-01-20 21.0.10.0.7-1.el8 21.0.10+ ✅ Resolved Fixed in OpenJDK 21.0.10 (base image :latest)
CVE-2025-68973 gnupg2 2025-12-28 2.2.20-4.el8_10 2.2.51+ or 2.4.9+ ✅ Resolved Red Hat backport (RHSA-2026:0728)
CVE-2025-13601 glib2 2025-11-26 2.56.4-168.el8_10 2.86.3+ ✅ Resolved Red Hat backport
CVE-2025-6176 brotli (Scrapy) 2025-10-31 1.0.6-4.el8_10 N/A ⚠️ Not Applicable Affects Scrapy library, not system brotli
CVE-2025-64720 libpng 2025-11-25 1.6.34-9.el8_10 1.6.51+ ✅ Resolved Red Hat backport (RHEL-131452)
CVE-2025-65018 libpng 2025-11-25 1.6.34-9.el8_10 1.6.51+ ✅ Resolved Red Hat backport (RHEL-131465)
CVE-2025-66293 libpng 2025-12-03 1.6.34-9.el8_10 1.6.52+ ✅ Resolved Red Hat backport (RHEL-133226)

ganesh-ctds
ganesh-ctds approved these changes Feb 25, 2026
View reviewed changes
Copy link
Collaborator

@ganesh-ctds ganesh-ctds left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@hshankar31 hshankar31 removed the request for review from sandeep-ctds February 25, 2026 14:42
@hshankar31 hshankar31 merged commit 9eb3ce3 into main Feb 25, 2026
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ganesh-ctds ganesh-ctds ganesh-ctds approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hshankar31 @ganesh-ctds