Investigate unresolved Prometheus CVEs after upgrade to v3.5.1

## Overview

Track unresolved Prometheus vulnerabilities after upgrade to `v3.5.1` in issue #428.

## Context

Upgrade improved findings but did not clear critical vulnerabilities:

- Before (`v3.5.0`): 16 HIGH, 4 CRITICAL
- After (`v3.5.1`): 6 HIGH, 4 CRITICAL

## Goals

- Identify if newer Prometheus tags reduce remaining CRITICAL findings
- Track upstream binary dependency fixes
- Recommend final safe tag for deployer defaults

## Acceptance Criteria

- [ ] Evaluate candidate tags and compare vulnerability deltas
- [ ] Document recommended version and rationale
- [ ] Update deployer defaults when validated
- [ ] Pre-commit checks pass: `./scripts/pre-commit.sh`

## Related

- Parent: #428
- Epic: #250


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Investigate unresolved Prometheus CVEs after upgrade to v3.5.1 #433

Overview

Context

Goals

Acceptance Criteria

Related

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Investigate unresolved Prometheus CVEs after upgrade to v3.5.1 #433

Description

Overview

Context

Goals

Acceptance Criteria

Related

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions