I have been running Anchore security scans against Vault 1.9.0 and 1.9.2 Docker images and have identified a couple of vulnerabilities.
Based off the report, could any of these findings be mitigated, resolved, or plans to be fix in the next version of Vault?
Thank you for your time.
Hello, @dhongyt , thanks for your message.
Per our security policy, email@example.com is the preferred communication method for future vulnerability reports.
We take a risk-based approach to adopting dependency updates including security fixes as part of our ongoing product development lifecycle. You’ll generally see these addressed in future releases.