I have a docker image using the linux arm64 telegraf executable and am using trivy to scan this image for vulnerabilities.
I am seeing this CVE for the telegraf dependency github.com/apache/thrift:
I checked that this still exists in the latest telegraf version 1.19.3. The thrift vulnerability is fixed in 0.14.0. Please consider bumping the version of this dependency. Thanks!
I have a docker image using the linux arm64 telegraf executable and am using trivy to scan this image for vulnerabilities.
I am seeing this CVE for the telegraf dependency
github.com/apache/thrift:I checked that this still exists in the latest telegraf version 1.19.3. The thrift vulnerability is fixed in 0.14.0. Please consider bumping the version of this dependency. Thanks!