Zeebe vulnerabilities with version 0.23.1

Hi,
we are trying to get the zeebe version uploaded to our company system but due to the following vulnerabilities we are not able to complete the job.

  1. With Zeebe docker image
    Type: VULNERABILITY
    Name: CVE-2020-11612
    CVSS Score v2: 7.5
    Severity: high
    https://nvd.nist.gov/vuln/detail/CVE-2020-11612
  2. with maven jar file
    Type: VULNERABILITY
    Name: SNYK-JAVA-IONETTY-564897
    CVSS Score v3: 8.2
    Severity: high
    Description Link: https://snyk.io/vuln/SNYK-JAVA-IONETTY-564897

please can you able to help me with resolving the above issues ?

Thanks
Eapen John

@eapenjohn the best way to resolve these issues is to open an issue for each of them in http://github.com/zeebe-io/zeebe so you can keep track of the progress

thanks, l have a raised in Github

1 Like

@eapenjohn thanks a lot… now you can keep track of that issue.