fix(api): patch dependency and container CVEs (#11596)

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Davidm4r
2026-06-15 18:24:55 +02:00
committed by GitHub
parent e5bbffd47c
commit 36fe48dbc5
8 changed files with 232 additions and 194 deletions
+2
View File
@@ -6,6 +6,8 @@ All notable changes to the **Prowler API** are documented in this file.
### 🔐 Security
- `aiohttp` to 3.14.0 and `idna` to 3.15, patching known CVEs [(#11596)](https://github.com/prowler-cloud/prowler/pull/11596)
- Container base image to `python:3.12.13-slim-bookworm` and `trivy` to 0.71.0, patching OS and Go module CVEs [(#11596)](https://github.com/prowler-cloud/prowler/pull/11596)
- `trivy` binary bumped to 0.71.0 patching embedded `golang.org/x/crypto`, `golang.org/x/net`, and Go `stdlib` CVEs [(#11592)](https://github.com/prowler-cloud/prowler/pull/11592)
---