vulnerabilities with tag 2.9.5 image:

We are seeing many vulnerabilities with tag 2.9.5 image: We scanned with Docker and Wiz and both show multiple.

What is the solution? Do w ehave a clean image from 1Password?

Docker Scan
1 Critical - CVE-2024-24790
1 High - CVE 2024-24791

Wiz Scan
1 HIGH CVE-2024-22189,Source: https://github.com/advisories/GHSA-c33x-xqrf-c478

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

We are seeing many vulnerabilities with tag 2.9.5 image: We scanned with Docker and Wiz and both show multiple.

What is the solution? Do we have a clean image from 1Password?

Docker Scan
1 Critical - CVE-2024-24790
1 High - CVE 2024-24791

Wiz Scan
1 HIGH CVE-2024-22189,Source: https://github.com/advisories/GHSA-c33x-xqrf-c478

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

We are seeing many vulnerabilities with tag 2.9.5 image: We scanned with Docker and Wiz and both show multiple.

What is the solution? Do w ehave a clean image from 1Password?

Docker Scan
1 Critical - CVE-2024-24790
1 High - CVE 2024-24791

Wiz Scan
1 HIGH CVE-2024-22189,Source: https://github.com/advisories/GHSA-c33x-xqrf-c478

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Hey radew,

Thank you for bringing this to our attention.

We have reviewed the vulnerabilities you've reported for the 2.9.5 image tag, and after a thorough investigation, we have determined that at this time there is no evidence we are impacted, nor that they are exploitable in our product. We understand the importance of maintaining a secure environment and take such reports seriously.

Please feel free to reach out if you have any further questions or need additional assistance.