Update kubeclient to >4.9.3
A customer scanner identified that kubeclient
is potentially susceptible to a man-in-the-middle vulnerability.
- Where
gitlab
uses kubeclient
: link
- Vendor/CVE comment on the vulnerability: link
- Vendor CVSS: 8.1
This vulnerability was patched in 4.9.3
Edited
by
Greg Alfaro