Skip to main content

Common Vulnerabilities and Exposures (CVE) Reports - Armory Continuous Delivery

Please note that all CVE Reports are classified as Armory Confidential and Proprietary Information, and should not be shared outside of a customer's organization.  The documents fall under the customer's MSA and NDA agreements. As a part of our commitment to providing transparency to our customers, Armory generates a CVE report for each Armory Continuous Deployment release.   Armory currently uses Aqua Security to scan images for vulnerabilities. AquaSec scans are the only scans that Armory can process, as our Engineers can test the efficacy of any changes by rerunning scans to ensure the resolution of the identified vulnerabilities.   Armory runs Aqua Security scans on code throughout the continuous integration (CI) process and runs scans for all new releases. For more information on our Vulnerability Management Policy, please visit our KB article on the subject.

CVE Reports

The most recent CVE Reports from Aqua Security are available as attachments below the article for the supported versions of Armory Continuous Delivery.

Armory Plugin CVE Reports

To find Armory CVE Reports for various Plugins, please visit our KB article, Common Vulnerabilities and Exposures (CVE) Reports - Armory Plugins