request #47562 Ignore Docker CVE-2026-33997 and CVE-2026-34040

Infos

Artifact ID#47562

Submitted byThomas Gerbet (tgerbet)

Last Modified On2026-04-02 12:14

Submitted on2026-04-01 17:21

Rank49289

Details

Summary *

Ignore Docker CVE-2026-33997 and CVE-2026-34040

Original Submission

Both issues are not relevant for our Vault plugins. The Vault plugins have a dependency upon github.com/docker/docker to allow them to be executed inside a container. The usage of Docker plugins is not something happening in this context.

https://github.com/moby/moby/security/advisories/GHSA-pxq6-2prw-chj9
https://github.com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2

CategoryOther

Reported in versionEmpty

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toThomas Gerbet (tgerbet)

StatusClosed

Close date2026-04-02

Attachments

AttachmentsEmpty

References

Cross references

Show items referenced by request #47562

Referenced by request #47562

Artifact

rel #47138 17.6

Other

gerrit #37310

Follow-ups

Joris MASSON (jmasson)

2026-04-02 12:14

Connected artifacts
- Added Fixed in: rel #47138

Tracker Workflow Manager (forge__tracker_workflow_manager)

2026-04-02 12:13

Closed by Thomas Gerbet with git #tuleap/tuleap/aeca6d8499252a213b1d7f823d0c1cb77df386bc.

Status changed from Under review to Closed
Close date set to 2026-04-02

Thomas Gerbet (tgerbet)

2026-04-02 11:36

Original Submission

Something went wrong, the follow up content couldn't be loaded

Only formatting have been changed, you should switch to markup to see the changes

Thomas Gerbet (tgerbet)

2026-04-01 17:36

See gerrit #37310.

Status changed from Under implementation to Under review

Public

Referenced by request #47562

Artifact

Other

Follow-ups