Name: 🛡️ Is Redmine affected by CVE-2022-32209 ?
Rating: 2.1 (2427 reviews)
Author: adriens

🛡️ Is Redmine affected by CVE-2022-32209 ?

adriens - Jun 23 '22 -

❔ About

Last week I got the following question :

"Do we have running RoR applications ? I saw a Post... are we affected by CVE-2022-32209 ?"

👉 The post is about how fast we could answer the questions.

First answer :

"Yes, we are running a Redmine instance and are up-to-date with the redmine:latest Docker Image"

The rest of the answer is coming below.

To answer if we are affected, the question can be answered within a single line of code, thanks to grype :

grype redmine:latest \
    | grep CVE-2022-32209 \
    | wc -l

See it live :

Redmine is a great tool which is...

"free and open source, web-based project management and issue tracking tool. It allows users to manage multiple projects"