CVE-2023-2976
Hi,
Thank you very much for the Keycloak image. We are using it as a base image within our Eggplant / DAI project.
I would like to query a a VAT finding which are currently making the image go ABC non-complient.
CVE-2023-2976 is listed twice once as a “True Positive” and once as “False Positive”. The “False Positive” interpretation appears to be correct as it is fixed in 32.0.0.
I was wondering if it would be possible to update the finding status so both versions align?
MAny Thanks