Skip to content
This repository was archived by the owner on Jan 7, 2026. It is now read-only.

Commit f2af1cc

Browse files
dnegreiradnegreira
authored
falco-no-driver: update advisories (#27842)
Update advisories for CVE-2025-61727 and CVE-2025-61729 falco-no-driver itself does not contain any code that is vulnerable to this CVE; however it pulls in libcontainer plugin from https://github.com/falcosecurity/plugins/tree/main/plugins/container which is vulnerable. The upstream maintainers will need to update to a new version of > golang 1.24 and pull that in to fix the CVE. See also falcosecurity/plugins#1056 Signed-off-by: David Negreira <david.negreira@chainguard.dev>
1 parent 840a0bb commit f2af1cc

1 file changed

Lines changed: 14 additions & 0 deletions

File tree

falco-no-driver.advisories.yaml

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,13 @@ advisories:
7070
componentType: go-module
7171
componentLocation: /usr/share/falco/plugins/libcontainer.so
7272
scanner: grype
73+
- timestamp: 2025-12-10T14:49:35Z
74+
type: pending-upstream-fix
75+
data:
76+
note: |
77+
falco-no-driver itself does not contain any code that is vulnerable to this CVE; however it pulls in libcontainer plugin from https://github.com/falcosecurity/plugins/tree/main/plugins/container which is vulnerable.
78+
The upstream maintainers will need to update to a new version of > golang 1.24 and pull that in to fix the CVE.
79+
See also https://github.com/falcosecurity/plugins/issues/1056
7380
7481
- id: CGA-4j34-g5f9-xvpm
7582
aliases:
@@ -301,6 +308,13 @@ advisories:
301308
componentType: go-module
302309
componentLocation: /usr/share/falco/plugins/libcontainer.so
303310
scanner: grype
311+
- timestamp: 2025-12-10T14:50:36Z
312+
type: pending-upstream-fix
313+
data:
314+
note: |
315+
falco-no-driver itself does not contain any code that is vulnerable to this CVE; however it pulls in libcontainer plugin from https://github.com/falcosecurity/plugins/tree/main/plugins/container which is vulnerable.
316+
The upstream maintainers will need to update to a new version of > golang 1.24 and pull that in to fix the CVE.
317+
See also https://github.com/falcosecurity/plugins/issues/1056
304318
305319
- id: CGA-cmfv-j6fr-3w46
306320
aliases:

0 commit comments

Comments
 (0)