Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE's #120

Open
mcandre opened this issue Dec 27, 2023 · 0 comments
Open

CVE's #120

mcandre opened this issue Dec 27, 2023 · 0 comments

Comments

@mcandre
Copy link

mcandre commented Dec 27, 2023

Docker Scout reports one hundred and eleven CVE's for the xgo Docker image. That's the bad news.

The good news is that the majority of these vulnerabilities appear to spring from the base Debian operating system. Debian seems to lag way behind regarding security patches. Neither testing nor sid include all the Python 3 security patches, for example.

Additionally, the official golang Docker images appear to have some CVE's of their own, though not as many.

When I roll my own images, I have better luck regarding vulnerabilities by using a Fedora base image.

$ docker scout cves crazymax/xgo:1.21
    i New version 1.2.2 available (installed version is 1.2.0) at https://github.com/docker/scout-cli
    ✓ Provenance obtained from attestation
    ✓ Pulled
    ✓ Image stored for indexing
    ✓ Indexed 570 packages
    ✗ Detected 22 vulnerable packages with a total of 108 vulnerabilities


## Overview

                    │               Analyzed Image                
────────────────────┼─────────────────────────────────────────────
  Target            │  crazymax/xgo:1.21                          
    digest          │  b19f1b7fc2c2                               
    platform        │ linux/arm64                                 
    provenance      │ https://github.com/crazy-max/xgo            
                    │  de20bfd1d4ce282c13b051b23ac15ceb5b6e761b   
    vulnerabilities │    0C     4H    57M    50L                  
    size            │ 1.3 GB                                      
    packages        │ 570                                         


## Packages and Vulnerabilities

   0C     2H    36M    35L  linux 5.4.0-169.187
pkg:deb/ubuntu/linux@5.4.0-169.187?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ HIGH CVE-2023-4244
      https://scout.docker.com/v/CVE-2023-4244
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.0                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ HIGH CVE-2023-20569
      https://scout.docker.com/v/CVE-2023-20569
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 4.7                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N  
    
    ✗ MEDIUM CVE-2023-26242
      https://scout.docker.com/v/CVE-2023-26242
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2023-2007
      https://scout.docker.com/v/CVE-2023-2007
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2023-0030
      https://scout.docker.com/v/CVE-2023-0030
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2022-39189
      https://scout.docker.com/v/CVE-2022-39189
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2020-12362
      https://scout.docker.com/v/CVE-2020-12362
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2022-25836
      https://scout.docker.com/v/CVE-2022-25836
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.5                                           
      CVSS Vector    : CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N  
    
    ✗ MEDIUM CVE-2022-0400
      https://scout.docker.com/v/CVE-2022-0400
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.5                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-2961
      https://scout.docker.com/v/CVE-2022-2961
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.0                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2022-1247
      https://scout.docker.com/v/CVE-2022-1247
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.0                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2021-3864
      https://scout.docker.com/v/CVE-2021-3864
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.0                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2022-29900
      https://scout.docker.com/v/CVE-2022-29900
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 6.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N  
    
    ✗ MEDIUM CVE-2020-26144
      https://scout.docker.com/v/CVE-2020-26144
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 6.5                                           
      CVSS Vector    : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N  
    
    ✗ MEDIUM CVE-2015-8553
      https://scout.docker.com/v/CVE-2015-8553
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 6.5                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N  
    
    ✗ MEDIUM CVE-2023-45863
      https://scout.docker.com/v/CVE-2023-45863
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 6.4                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2023-39198
      https://scout.docker.com/v/CVE-2023-39198
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 6.4                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2022-1280
      https://scout.docker.com/v/CVE-2022-1280
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 6.3                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H  
    
    ✗ MEDIUM CVE-2023-31082
      https://scout.docker.com/v/CVE-2023-31082
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2023-28327
      https://scout.docker.com/v/CVE-2023-28327
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2023-23004
      https://scout.docker.com/v/CVE-2023-23004
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2023-23000
      https://scout.docker.com/v/CVE-2023-23000
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-4543
      https://scout.docker.com/v/CVE-2022-4543
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  
    
    ✗ MEDIUM CVE-2022-40133
      https://scout.docker.com/v/CVE-2022-40133
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-38457
      https://scout.docker.com/v/CVE-2022-38457
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-38096
      https://scout.docker.com/v/CVE-2022-38096
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-36402
      https://scout.docker.com/v/CVE-2022-36402
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-3344
      https://scout.docker.com/v/CVE-2022-3344
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-0480
      https://scout.docker.com/v/CVE-2022-0480
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2020-36310
      https://scout.docker.com/v/CVE-2020-36310
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2020-24504
      https://scout.docker.com/v/CVE-2020-24504
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2016-8660
      https://scout.docker.com/v/CVE-2016-8660
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-3523
      https://scout.docker.com/v/CVE-2022-3523
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.3                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2023-1582
      https://scout.docker.com/v/CVE-2023-1582
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 4.7                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2020-27835
      https://scout.docker.com/v/CVE-2020-27835
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 4.4                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2018-17977
      https://scout.docker.com/v/CVE-2018-17977
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 4.4                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2023-34324
      https://scout.docker.com/v/CVE-2023-34324
      Affected range : >=0        
      Fixed version  : not fixed  
    
    ✗ MEDIUM CVE-2013-7445
      https://scout.docker.com/v/CVE-2013-7445
      Affected range : >=0        
      Fixed version  : not fixed  
    
    ✗ LOW CVE-2023-33053
      https://scout.docker.com/v/CVE-2023-33053
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2023-22995
      https://scout.docker.com/v/CVE-2023-22995
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2022-47519
      https://scout.docker.com/v/CVE-2022-47519
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2022-47518
      https://scout.docker.com/v/CVE-2022-47518
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2021-39801
      https://scout.docker.com/v/CVE-2021-39801
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2021-26934
      https://scout.docker.com/v/CVE-2021-26934
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2019-19814
      https://scout.docker.com/v/CVE-2019-19814
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2019-19378
      https://scout.docker.com/v/CVE-2019-19378
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2018-12931
      https://scout.docker.com/v/CVE-2018-12931
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2018-12930
      https://scout.docker.com/v/CVE-2018-12930
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2017-13165
      https://scout.docker.com/v/CVE-2017-13165
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2019-14899
      https://scout.docker.com/v/CVE-2019-14899
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.4                                           
      CVSS Vector    : CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2021-32078
      https://scout.docker.com/v/CVE-2021-32078
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.1                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H  
    
    ✗ LOW CVE-2023-1989
      https://scout.docker.com/v/CVE-2023-1989
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.0                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2022-45885
      https://scout.docker.com/v/CVE-2022-45885
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.0                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2022-45884
      https://scout.docker.com/v/CVE-2022-45884
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.0                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2022-44034
      https://scout.docker.com/v/CVE-2022-44034
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 6.4                                           
      CVSS Vector    : CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2022-44033
      https://scout.docker.com/v/CVE-2022-44033
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 6.4                                           
      CVSS Vector    : CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H  
    
    ✗ LOW CVE-2018-1121
      https://scout.docker.com/v/CVE-2018-1121
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.9                                           
      CVSS Vector    : CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N  
    
    ✗ LOW CVE-2023-4133
      https://scout.docker.com/v/CVE-2023-4133
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2022-0854
      https://scout.docker.com/v/CVE-2022-0854
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  
    
    ✗ LOW CVE-2021-44879
      https://scout.docker.com/v/CVE-2021-44879
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2020-12364
      https://scout.docker.com/v/CVE-2020-12364
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2020-12363
      https://scout.docker.com/v/CVE-2020-12363
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2018-12929
      https://scout.docker.com/v/CVE-2018-12929
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2018-12928
      https://scout.docker.com/v/CVE-2018-12928
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2017-13693
      https://scout.docker.com/v/CVE-2017-13693
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  
    
    ✗ LOW CVE-2023-33288
      https://scout.docker.com/v/CVE-2023-33288
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 4.7                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2017-0537
      https://scout.docker.com/v/CVE-2017-0537
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 4.7                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N  
    
    ✗ LOW CVE-2019-15213
      https://scout.docker.com/v/CVE-2019-15213
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 4.6                                           
      CVSS Vector    : CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2020-14304
      https://scout.docker.com/v/CVE-2020-14304
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 4.4                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N  
    
    ✗ LOW CVE-2022-41848
      https://scout.docker.com/v/CVE-2022-41848
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 4.2                                           
      CVSS Vector    : CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2020-35501
      https://scout.docker.com/v/CVE-2020-35501
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 3.4                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N  
    
    ✗ LOW CVE-2023-4134
      https://scout.docker.com/v/CVE-2023-4134
      Affected range : >=0        
      Fixed version  : not fixed  
    
    ✗ LOW CVE-2021-34981
      https://scout.docker.com/v/CVE-2021-34981
      Affected range : >=0        
      Fixed version  : not fixed  
    

   0C     1H     3M     0L  urllib3 1.25.8
pkg:pypi/urllib3@1.25.8

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ HIGH CVE-2021-33503 [Uncontrolled Resource Consumption]
      https://scout.docker.com/v/CVE-2021-33503
      Affected range : >=1.25.4                                      
                     : <1.26.5                                       
      Fixed version  : 1.26.5                                        
      CVSS Score     : 7.5                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2020-26137 [Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')]
      https://scout.docker.com/v/CVE-2020-26137
      Affected range : <1.25.9                                       
      Fixed version  : 1.25.9                                        
      CVSS Score     : 6.5                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N  
    
    ✗ MEDIUM CVE-2023-43804 [Exposure of Sensitive Information to an Unauthorized Actor]
      https://scout.docker.com/v/CVE-2023-43804
      Affected range : <1.26.17                                      
      Fixed version  : 1.26.17                                       
      CVSS Score     : 5.9                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N  
    
    ✗ MEDIUM CVE-2023-45803 [Exposure of Sensitive Information to an Unauthorized Actor]
      https://scout.docker.com/v/CVE-2023-45803
      Affected range : <1.26.18                                      
      Fixed version  : 1.26.18                                       
      CVSS Score     : 4.2                                           
      CVSS Vector    : CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N  
    

   0C     1H     1M     0L  certifi 2019.11.28
pkg:pypi/certifi@2019.11.28

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ HIGH CVE-2023-37920 [Insufficient Verification of Data Authenticity]
      https://scout.docker.com/v/CVE-2023-37920
      Affected range : >=2015.4.28                                   
                     : <2023.7.22                                    
      Fixed version  : 2023.7.22                                     
      CVSS Score     : 7.5                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N  
    
    ✗ MEDIUM CVE-2022-23491 [Insufficient Verification of Data Authenticity]
      https://scout.docker.com/v/CVE-2022-23491
      Affected range : >=2017.11.05                                  
                     : <2022.12.07                                   
      Fixed version  : 2022.12.07                                    
      CVSS Score     : 6.8                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N  
    

   0C     0H     9M     4L  binutils 2.34-6ubuntu1.7
pkg:deb/ubuntu/binutils@2.34-6ubuntu1.7?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ MEDIUM CVE-2022-47695
      https://scout.docker.com/v/CVE-2022-47695
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2022-45703
      https://scout.docker.com/v/CVE-2022-45703
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2022-44840
      https://scout.docker.com/v/CVE-2022-44840
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H  
    
    ✗ MEDIUM CVE-2022-48065
      https://scout.docker.com/v/CVE-2022-48065
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-48063
      https://scout.docker.com/v/CVE-2022-48063
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-47011
      https://scout.docker.com/v/CVE-2022-47011
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-47010
      https://scout.docker.com/v/CVE-2022-47010
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-47008
      https://scout.docker.com/v/CVE-2022-47008
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H  
    
    ✗ MEDIUM CVE-2022-47007
      https://scout.docker.com/v/CVE-2022-47007
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2018-20657
      https://scout.docker.com/v/CVE-2018-20657
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.5                                           
      CVSS Vector    : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2022-48064
      https://scout.docker.com/v/CVE-2022-48064
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2019-1010204
      https://scout.docker.com/v/CVE-2019-1010204
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H  
    
    ✗ LOW CVE-2017-13716
      https://scout.docker.com/v/CVE-2017-13716
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H  
    

   0C     0H     1M     0L  requests 2.22.0
pkg:pypi/requests@2.22.0

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ MEDIUM CVE-2023-32681 [Exposure of Sensitive Information to an Unauthorized Actor]
      https://scout.docker.com/v/CVE-2023-32681
      Affected range : >=2.3.0                                       
                     : <2.31.0                                       
      Fixed version  : 2.31.0                                        
      CVSS Score     : 6.1                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N  
    

   0C     0H     1M     0L  gcc-mingw-w64 22~exp1ubuntu4
pkg:deb/ubuntu/gcc-mingw-w64@22~exp1ubuntu4?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ MEDIUM CVE-2020-13844
      https://scout.docker.com/v/CVE-2020-13844
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  
    

   0C     0H     1M     0L  gcc-9-cross-ports 18ubuntu5
pkg:deb/ubuntu/gcc-9-cross-ports@18ubuntu5?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ MEDIUM CVE-2020-13844
      https://scout.docker.com/v/CVE-2020-13844
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  
    

   0C     0H     1M     0L  gcc-defaults 1.185.1ubuntu2
pkg:deb/ubuntu/gcc-defaults@1.185.1ubuntu2?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ MEDIUM CVE-2020-13844
      https://scout.docker.com/v/CVE-2020-13844
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  
    

   0C     0H     1M     0L  gcc-9-cross 21ubuntu7
pkg:deb/ubuntu/gcc-9-cross@21ubuntu7?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ MEDIUM CVE-2020-13844
      https://scout.docker.com/v/CVE-2020-13844
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.5                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  
    

   0C     0H     1M     0L  apparmor 2.13.3-7ubuntu5.3
pkg:deb/ubuntu/apparmor@2.13.3-7ubuntu5.3?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ MEDIUM CVE-2016-1585
      https://scout.docker.com/v/CVE-2016-1585
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 9.8                                           
      CVSS Vector    : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H  
    

   0C     0H     1M     0L  libssh 0.9.3-2ubuntu2.3
pkg:deb/ubuntu/libssh@0.9.3-2ubuntu2.3?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ MEDIUM CVE-2023-48795
      https://scout.docker.com/v/CVE-2023-48795
      Affected range : <0.9.3-2ubuntu2.4  
      Fixed version  : 0.9.3-2ubuntu2.4   
    

   0C     0H     1M     0L  python3.8 3.8.10-0ubuntu1~20.04.9
pkg:deb/ubuntu/python3.8@3.8.10-0ubuntu1~20.04.9?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ MEDIUM CVE-2023-27043
      https://scout.docker.com/v/CVE-2023-27043
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 5.3                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N  
    

   0C     0H     0M     2L  shadow 1:4.8.1-1ubuntu5.20.04.4
pkg:deb/ubuntu/shadow@1:4.8.1-1ubuntu5.20.04.4?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ LOW CVE-2013-4235
      https://scout.docker.com/v/CVE-2013-4235
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 4.7                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N  
    
    ✗ LOW CVE-2023-29383
      https://scout.docker.com/v/CVE-2023-29383
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 3.3                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N  
    

   0C     0H     0M     1L  coreutils 8.30-3ubuntu2
pkg:deb/ubuntu/coreutils@8.30-3ubuntu2?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ LOW CVE-2016-2781
      https://scout.docker.com/v/CVE-2016-2781
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 6.5                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N  
    

   0C     0H     0M     1L  dbus 1.12.16-2ubuntu2.3
pkg:deb/ubuntu/dbus@1.12.16-2ubuntu2.3?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ LOW CVE-2023-34969
      https://scout.docker.com/v/CVE-2023-34969
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 6.5                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  
    

   0C     0H     0M     1L  pcre3 2:8.39-12ubuntu0.1
pkg:deb/ubuntu/pcre3@2:8.39-12ubuntu0.1?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ LOW CVE-2017-11164
      https://scout.docker.com/v/CVE-2017-11164
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.5                                           
      CVSS Vector    : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H  
    

   0C     0H     0M     1L  systemd 245.4-4ubuntu3.22
pkg:deb/ubuntu/systemd@245.4-4ubuntu3.22?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ LOW CVE-2023-26604
      https://scout.docker.com/v/CVE-2023-26604
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  
    

   0C     0H     0M     1L  git 1:2.43.0-0ppa1~ubuntu20.04.1
pkg:deb/ubuntu/git@1:2.43.0-0ppa1~ubuntu20.04.1?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ LOW CVE-2018-1000021
      https://scout.docker.com/v/CVE-2018-1000021
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 8.8                                           
      CVSS Vector    : CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H  
    

   0C     0H     0M     1L  gnupg2 2.2.19-3ubuntu2.2
pkg:deb/ubuntu/gnupg2@2.2.19-3ubuntu2.2?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ LOW CVE-2022-3219
      https://scout.docker.com/v/CVE-2022-3219
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 3.3                                           
      CVSS Vector    : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L  
    

   0C     0H     0M     1L  policykit-1 0.105-26ubuntu1.3
pkg:deb/ubuntu/policykit-1@0.105-26ubuntu1.3?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ LOW CVE-2016-2568
      https://scout.docker.com/v/CVE-2016-2568
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.8                                           
      CVSS Vector    : CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H  
    

   0C     0H     0M     1L  glibc 2.31-0ubuntu9.14
pkg:deb/ubuntu/glibc@2.31-0ubuntu9.14?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ LOW CVE-2016-20013
      https://scout.docker.com/v/CVE-2016-20013
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.5                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H  
    

   0C     0H     0M     1L  openldap 2.4.49+dfsg-2ubuntu1.9
pkg:deb/ubuntu/openldap@2.4.49+dfsg-2ubuntu1.9?os_distro=focal&os_name=ubuntu&os_version=20.04

Dockerfile (85:98)
RUN <<EOT
  set -e
  export GOXX_SKIP_APT_PORTS=1
  export DEBIAN_FRONTEND="noninteractive"
  apt-get update
  apt-get install --no-install-recommends -y git zip
  for p in $PLATFORMS; do
    TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config
  done
  apt-get -y autoremove
  apt-get clean
  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
  ln -sf /usr/include/asm-generic /usr/include/asm
EOT

    ✗ LOW CVE-2023-2953
      https://scout.docker.com/v/CVE-2023-2953
      Affected range : >=0                                           
      Fixed version  : not fixed                                     
      CVSS Score     : 7.5                                           
      CVSS Vector    : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H  
    


111 vulnerabilities found in 22 packages
  LOW       50  
  MEDIUM    57  
  HIGH      4   
  CRITICAL  0   


What's Next?
  View base image update recommendations → docker scout recommendations crazymax/xgo:1.21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant