🛡️ Is Redmine affected by CVE-2022-32209 ?

❔ About

Last week I got the following question :

"Do we have running RoR applications ? I saw a Post... are we affected by CVE-2022-32209 ?"

👉 The post is about how fast we could answer the questions.

First answer :

"Yes, we are running a Redmine instance and are up-to-date with the redmine:latest Docker Image"

The rest of the answer is coming below.

🛡️ Security scan

To answer if we are affected, the question can be answered within a single line of code, thanks to grype :

grype redmine:latest \
    | grep CVE-2022-32209 \
    | wc -l

See it live :

📰 About Redmine

Redmine is a great tool which is...

"free and open source, web-based project management and issue tracking tool. It allows users to manage multiple projects"

Comments

[adriens]

Adrien SALES

@rastadidi

🛡️ Is Redmine affected by CVE-2022-32209 ❔
dev.to/optnc/is-redmi…
@redmine_feed @GrypeProject #docker #DevSecOps #security #DevOps #k8s #Kubernetes #CVE #cybersecurity

20:31 PM - 23 Jun 2022