DEV Community

Cover image for πŸ›‘οΈ Is Redmine affected by CVE-2022-32209 ?
adriens for opt-nc

Posted on

πŸ›‘οΈ Is Redmine affected by CVE-2022-32209 ?

❔ About

Last week I got the following question :

"Do we have running RoR applications ? I saw a Post... are we affected by CVE-2022-32209 ?"

Image description

πŸ‘‰ The post is about how fast we could answer the questions.

First answer :

"Yes, we are running a Redmine instance and are up-to-date with the redmine:latest Docker Image"

The rest of the answer is coming below.

πŸ›‘οΈ Security scan

To answer if we are affected, the question can be answered within a single line of code, thanks to grype :

grype redmine:latest \
    | grep CVE-2022-32209 \
    | wc -l
Enter fullscreen mode Exit fullscreen mode

See it live :

πŸ“° About Redmine

Redmine is a great tool which is...

"free and open source, web-based project management and issue tracking tool. It allows users to manage multiple projects"

Image description

Discussion (1)

Collapse
adriens profile image
adriens Author