[🐛 Bug]: Vulnerabilities in envsubst and postgresql-42.7.5.jar

[amardeep2006]

What happened?

I scanned the version 4.34 and here are few vulnerabilities in following binaries.

/usr/local/bin/envsubst
/external_jars/https/repo1.maven.org/maven2/org/postgresql/postgresql/42.7.5/postgresql-42.7.5.jar

I have raised a PR for golang related vulnerabilities.
NDViet/envsubst#1

and for Postgres

#2884

Can we get a new release for 4.34 again once these PRs are merged and rebuilt.

Command used to start Selenium Grid with Docker (or Kubernetes)

helm chart

Relevant log output

NA

Operating System

EKS

Docker Selenium version (image tag)

4.34.0

Selenium Grid chart version (chart version)

No response

[github-actions]

@amardeep2006, thank you for creating this issue. We will troubleshoot it as soon as we can.

---

Info for maintainers

Triage this issue by using labels.

If information is missing, add a helpful comment and then I-issue-template label.

If the issue is a question, add the I-question label.

If the issue is valid but there is no time to troubleshoot it, consider adding the help wanted label.

If the issue requires changes or fixes from an external project (e.g., ChromeDriver, GeckoDriver, MSEdgeDriver, W3C), add the applicable G-* label, and it will provide the correct link and auto-close the issue.

After troubleshooting the issue, please add the R-awaiting answer label.

Thank you!

[VietND96]

I delivered the patch to the same image tag 4.34.0-20250707

[amardeep2006]

Thanks scans are all green now after the patch. Appreciate your help on this.

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.