Following are the security vulnerability reported by twistlock scan at RHEL 8 UBI. CVE-2023-24536 - https://access.redhat.com/security/cve/CVE-2023-24536 CVE-2023-24537 - https://access.redhat.com/security/cve/CVE-2023-24537 CVE-2023-24538 - https://access.redhat.com/security/cve/CVE-2023-24538 As it is critical for our product and it has crossed the fix timeline, looking for a fix.
Hi Gandhimathy, the security vulnerabilities that you are reporting are known Golang vulnerabilities that may affect a host of packages across different products. The vulnerabilities themselves will need to be fixed in their respective RHEL package/component, and if/when that happens those packages will be updated in our RHEL container images. I will close this bug as a duplicate of one of the other tracked CVE items, and if you have further questions please feel free to reach out to Red Hat Support. They can help answer questions about specific packages and track down the status of any planned fixes for those packages. *** This bug has been marked as a duplicate of bug 2184482 ***
It is fixed can be closed.