Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add zookeeper docker image to the allowed images list #261

Closed
wants to merge 1 commit into from
Closed

Add zookeeper docker image to the allowed images list #261

wants to merge 1 commit into from

Conversation

linghengqian
Copy link
Contributor

@linghengqian linghengqian commented Apr 3, 2023
edited
Loading

What does this PR do?

grype zookeeper:3.8.1
 ✔ Vulnerability DB        [updated]
 ✔ Pulled image            
 ✔ Loaded image            
 ✔ Parsed image            
 ✔ Cataloged packages      [185 packages]
 ✔ Scanning image...       [37 vulnerabilities]
   ├── 0 critical, 0 high, 3 medium, 25 low, 9 negligible
   └── 10 fixed
NAME            INSTALLED                 FIXED-IN            TYPE  VULNERABILITY   SEVERITY   
bash            5.1-6ubuntu1                                  deb   CVE-2022-3715   Low         
coreutils       8.32-4.1ubuntu1                               deb   CVE-2016-2781   Low         
curl            7.81.0-1ubuntu1.8         7.81.0-1ubuntu1.10  deb   CVE-2023-27533  Low         
curl            7.81.0-1ubuntu1.8         7.81.0-1ubuntu1.10  deb   CVE-2023-27534  Low         
curl            7.81.0-1ubuntu1.8         7.81.0-1ubuntu1.10  deb   CVE-2023-27535  Medium      
curl            7.81.0-1ubuntu1.8         7.81.0-1ubuntu1.10  deb   CVE-2023-27536  Low         
curl            7.81.0-1ubuntu1.8         7.81.0-1ubuntu1.10  deb   CVE-2023-27538  Low         
dirmngr         2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
gnupg           2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
gnupg-l10n      2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
gnupg-utils     2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
gpg             2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
gpg-agent       2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
gpg-wks-client  2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
gpg-wks-server  2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
gpgconf         2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
gpgsm           2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
gpgv            2.2.27-3ubuntu2.1                             deb   CVE-2022-3219   Low         
libc-bin        2.35-0ubuntu3.1                               deb   CVE-2016-20013  Negligible  
libc6           2.35-0ubuntu3.1                               deb   CVE-2016-20013  Negligible  
libcurl4        7.81.0-1ubuntu1.8         7.81.0-1ubuntu1.10  deb   CVE-2023-27533  Low         
libcurl4        7.81.0-1ubuntu1.8         7.81.0-1ubuntu1.10  deb   CVE-2023-27534  Low         
libcurl4        7.81.0-1ubuntu1.8         7.81.0-1ubuntu1.10  deb   CVE-2023-27535  Medium      
libcurl4        7.81.0-1ubuntu1.8         7.81.0-1ubuntu1.10  deb   CVE-2023-27536  Low         
libcurl4        7.81.0-1ubuntu1.8         7.81.0-1ubuntu1.10  deb   CVE-2023-27538  Low         
libncurses6     6.3-2                                         deb   CVE-2022-29458  Negligible  
libncursesw6    6.3-2                                         deb   CVE-2022-29458  Negligible  
libpcre3        2:8.39-13ubuntu0.22.04.1                      deb   CVE-2017-11164  Negligible  
libpng16-16     1.6.37-3build5                                deb   CVE-2022-3857   Low         
libsqlite3-0    3.37.2-2ubuntu0.1                             deb   CVE-2022-46908  Low         
libssl3         3.0.2-0ubuntu1.8                              deb   CVE-2022-3996   Low         
libtinfo6       6.3-2                                         deb   CVE-2022-29458  Negligible  
locales         2.35-0ubuntu3.1                               deb   CVE-2016-20013  Negligible  
ncurses-base    6.3-2                                         deb   CVE-2022-29458  Negligible  
ncurses-bin     6.3-2                                         deb   CVE-2022-29458  Negligible  
openssl         3.0.2-0ubuntu1.8                              deb   CVE-2022-3996   Low         
wget            1.21.2-2ubuntu1                               deb   CVE-2021-31879  Medium

Checklist before merging

  • I have properly formatted metadata files (see CONTRIBUTING document)
  • I have added thorough tests. (see this)

@linghengqian linghengqian requested a review from a team as a code owner April 3, 2023 17:56
@linghengqian linghengqian requested a review from melix April 3, 2023 17:56
@dnestoro dnestoro requested a review from matneu April 4, 2023 08:02
@linghengqian linghengqian mentioned this pull request Apr 6, 2023
Closed
7 tasks
@linghengqian linghengqian mentioned this pull request Jun 6, 2023
Closed
2 tasks
@linghengqian
Copy link
Contributor Author

@linghengqian linghengqian deleted the new-image-first branch June 6, 2023 16:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matneu matneu matneu approved these changes

@melix melix Awaiting requested review from melix melix is a code owner automatically assigned from oracle/graalvm-reachability-maintainer

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@linghengqian @matneu