DEV Community

Cover image for πŸ›‘οΈ Is Redmine affected by CVE-2022-32209 ?
opt-nc profile image adriens
adriens for opt-nc

Posted on

2 2

πŸ›‘οΈ Is Redmine affected by CVE-2022-32209 ?

#security #docker #devops #ruby

❔ About

Last week I got the following question :

"Do we have running RoR applications ? I saw a Post... are we affected by CVE-2022-32209 ?"
Image description

πŸ‘‰ The post is about how fast we could answer the questions.

First answer :

"Yes, we are running a Redmine instance and are up-to-date with the redmine:latest Docker Image"

The rest of the answer is coming below.

πŸ›‘οΈ Security scan

To answer if we are affected, the question can be answered within a single line of code, thanks to grype :

grype redmine:latest \
    | grep CVE-2022-32209 \
    | wc -l
Enter fullscreen mode Exit fullscreen mode

See it live :

πŸ“° About Redmine

Redmine is a great tool which is...

"free and open source, web-based project management and issue tracking tool. It allows users to manage multiple projects"

Image description

AWS
 Promoted

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

Top comments (1)

Collapse
 
adriens profile image
adriens β€’
profile
Sentry
 Promoted

Sentry image

See why 4M developers consider Sentry, β€œnot bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Read next

jajera profile image

Granting User Access to Unraid Shares

John Ajera -

jajera profile image

Creating a User in Unraid for Secure Access

John Ajera -

tuxmea profile image

The Ruby side of Puppet - Part 3 - Custom Types and Providers

Martin Alfke -

adrian_zuplo profile image

How RBAC Improves API Permission Management

Adrian Machado -