|
|
|
|
|
|
by kevcampb
31 days ago
|
|
|
It seems that Snyk isn't picking this up on our docker images. They have a vulnerability published for the nginx binary itself. https://security.snyk.io/vuln/SNYK-UNMANAGED-NGINX-16679754 But they've not released any vulnerability for the Alpine or Debian packages. Does anyone know what's happening here? Seems concerning that there's a 2 day old RCE not being picked up. |
|
|
https://security.snyk.io/vuln/SNYK-DEBIAN13-NGINX-16732761
https://security.snyk.io/vuln/SNYK-ALPINE323-NGINX-16722461
So it seems that Snyk is taking almost a week to get advisories out for an RCE