Skip to content

[PROPOSAL] To change image on which kubeRbacProxy is dependant #1093

New issue
New issue
Closed
Closed
[PROPOSAL] To change image on which kubeRbacProxy is dependant#1093
Labels
untriagedIssues that have not yet been triaged
@bananasplit393

Description

@bananasplit393
bananasplit393
opened on Sep 11, 2025

What/Why

What are you proposing?

The image on which the kubeRbacProxy flag is dependant needs a change

What problems are you trying to solve?

CVE's

The image has 3 critical dependencies. Because it depends on an old version of Golang 0.20.0

Image

As you can see from the picture these CVE's are handled in Golang 0.44.0.

Update Image

THIS WON'T HANDLE CVE'S
The overview above was made using docker scout compare *image --to *image.
I compared the highest version (0.16.0) to the image used in the code (0.15.0). The overview of all CVE's in the image can be seen in the picture below.

Image

The reason i say 'highest' image instead of 'newest' is because as far as i understand it. The newest image is literally called deprecated. The deprecated image has 5 critical CVE's. 3 of which are the same as mentioned above.
Check out kubebuilder on docker hub for the source.

https://hub.docker.com/r/kubebuilder/kube-rbac-proxy/tags

Questions

What will you do about this ?

Also
Are there any metrics which would be particularly critical to expose to the public?

Metadata

Metadata

Assignees

No one assigned

    Labels

    untriagedIssues that have not yet been triaged

    Type

    No type

    Projects

    Engineering Effectiveness Board

    Status

    ✅ Done

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions