You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Docker Scout reports one hundred and eleven CVE's for the xgo Docker image. That's the bad news.
The good news is that the majority of these vulnerabilities appear to spring from the base Debian operating system. Debian seems to lag way behind regarding security patches. Neither testing nor sid include all the Python 3 security patches, for example.
Additionally, the official golang Docker images appear to have some CVE's of their own, though not as many.
When I roll my own images, I have better luck regarding vulnerabilities by using a Fedora base image.
$ docker scout cves crazymax/xgo:1.21 i New version 1.2.2 available (installed version is 1.2.0) at https://github.com/docker/scout-cli ✓ Provenance obtained from attestation ✓ Pulled ✓ Image stored for indexing ✓ Indexed 570 packages ✗ Detected 22 vulnerable packages with a total of 108 vulnerabilities## Overview │ Analyzed Image ────────────────────┼───────────────────────────────────────────── Target │ crazymax/xgo:1.21 digest │ b19f1b7fc2c2 platform │ linux/arm64 provenance │ https://github.com/crazy-max/xgo │ de20bfd1d4ce282c13b051b23ac15ceb5b6e761b vulnerabilities │ 0C 4H 57M 50L size │ 1.3 GB packages │ 570 ## Packages and Vulnerabilities 0C 2H 36M 35L linux 5.4.0-169.187pkg:deb/ubuntu/linux@5.4.0-169.187?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ HIGH CVE-2023-4244 https://scout.docker.com/v/CVE-2023-4244 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.0 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ HIGH CVE-2023-20569 https://scout.docker.com/v/CVE-2023-20569 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.7 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N ✗ MEDIUM CVE-2023-26242 https://scout.docker.com/v/CVE-2023-26242 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2023-2007 https://scout.docker.com/v/CVE-2023-2007 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2023-0030 https://scout.docker.com/v/CVE-2023-0030 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2022-39189 https://scout.docker.com/v/CVE-2022-39189 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2020-12362 https://scout.docker.com/v/CVE-2020-12362 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2022-25836 https://scout.docker.com/v/CVE-2022-25836 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N ✗ MEDIUM CVE-2022-0400 https://scout.docker.com/v/CVE-2022-0400 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-2961 https://scout.docker.com/v/CVE-2022-2961 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.0 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2022-1247 https://scout.docker.com/v/CVE-2022-1247 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.0 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2021-3864 https://scout.docker.com/v/CVE-2021-3864 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.0 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2022-29900 https://scout.docker.com/v/CVE-2022-29900 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N ✗ MEDIUM CVE-2020-26144 https://scout.docker.com/v/CVE-2020-26144 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.5 CVSS Vector : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N ✗ MEDIUM CVE-2015-8553 https://scout.docker.com/v/CVE-2015-8553 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.5 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N ✗ MEDIUM CVE-2023-45863 https://scout.docker.com/v/CVE-2023-45863 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.4 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2023-39198 https://scout.docker.com/v/CVE-2023-39198 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.4 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2022-1280 https://scout.docker.com/v/CVE-2022-1280 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.3 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H ✗ MEDIUM CVE-2023-31082 https://scout.docker.com/v/CVE-2023-31082 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2023-28327 https://scout.docker.com/v/CVE-2023-28327 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2023-23004 https://scout.docker.com/v/CVE-2023-23004 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2023-23000 https://scout.docker.com/v/CVE-2023-23000 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-4543 https://scout.docker.com/v/CVE-2022-4543 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N ✗ MEDIUM CVE-2022-40133 https://scout.docker.com/v/CVE-2022-40133 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-38457 https://scout.docker.com/v/CVE-2022-38457 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-38096 https://scout.docker.com/v/CVE-2022-38096 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-36402 https://scout.docker.com/v/CVE-2022-36402 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-3344 https://scout.docker.com/v/CVE-2022-3344 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-0480 https://scout.docker.com/v/CVE-2022-0480 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2020-36310 https://scout.docker.com/v/CVE-2020-36310 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2020-24504 https://scout.docker.com/v/CVE-2020-24504 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2016-8660 https://scout.docker.com/v/CVE-2016-8660 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-3523 https://scout.docker.com/v/CVE-2022-3523 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.3 CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2023-1582 https://scout.docker.com/v/CVE-2023-1582 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.7 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2020-27835 https://scout.docker.com/v/CVE-2020-27835 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.4 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2018-17977 https://scout.docker.com/v/CVE-2018-17977 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.4 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2023-34324 https://scout.docker.com/v/CVE-2023-34324 Affected range : >=0 Fixed version : not fixed ✗ MEDIUM CVE-2013-7445 https://scout.docker.com/v/CVE-2013-7445 Affected range : >=0 Fixed version : not fixed ✗ LOW CVE-2023-33053 https://scout.docker.com/v/CVE-2023-33053 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2023-22995 https://scout.docker.com/v/CVE-2023-22995 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2022-47519 https://scout.docker.com/v/CVE-2022-47519 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2022-47518 https://scout.docker.com/v/CVE-2022-47518 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2021-39801 https://scout.docker.com/v/CVE-2021-39801 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2021-26934 https://scout.docker.com/v/CVE-2021-26934 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2019-19814 https://scout.docker.com/v/CVE-2019-19814 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ✗ LOW CVE-2019-19378 https://scout.docker.com/v/CVE-2019-19378 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ✗ LOW CVE-2018-12931 https://scout.docker.com/v/CVE-2018-12931 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2018-12930 https://scout.docker.com/v/CVE-2018-12930 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2017-13165 https://scout.docker.com/v/CVE-2017-13165 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2019-14899 https://scout.docker.com/v/CVE-2019-14899 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.4 CVSS Vector : CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H ✗ LOW CVE-2021-32078 https://scout.docker.com/v/CVE-2021-32078 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.1 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H ✗ LOW CVE-2023-1989 https://scout.docker.com/v/CVE-2023-1989 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.0 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2022-45885 https://scout.docker.com/v/CVE-2022-45885 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.0 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2022-45884 https://scout.docker.com/v/CVE-2022-45884 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.0 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2022-44034 https://scout.docker.com/v/CVE-2022-44034 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.4 CVSS Vector : CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2022-44033 https://scout.docker.com/v/CVE-2022-44033 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.4 CVSS Vector : CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H ✗ LOW CVE-2018-1121 https://scout.docker.com/v/CVE-2018-1121 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.9 CVSS Vector : CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N ✗ LOW CVE-2023-4133 https://scout.docker.com/v/CVE-2023-4133 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ LOW CVE-2022-0854 https://scout.docker.com/v/CVE-2022-0854 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N ✗ LOW CVE-2021-44879 https://scout.docker.com/v/CVE-2021-44879 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ LOW CVE-2020-12364 https://scout.docker.com/v/CVE-2020-12364 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ LOW CVE-2020-12363 https://scout.docker.com/v/CVE-2020-12363 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ LOW CVE-2018-12929 https://scout.docker.com/v/CVE-2018-12929 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ LOW CVE-2018-12928 https://scout.docker.com/v/CVE-2018-12928 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ LOW CVE-2017-13693 https://scout.docker.com/v/CVE-2017-13693 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N ✗ LOW CVE-2023-33288 https://scout.docker.com/v/CVE-2023-33288 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.7 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H ✗ LOW CVE-2017-0537 https://scout.docker.com/v/CVE-2017-0537 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.7 CVSS Vector : CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N ✗ LOW CVE-2019-15213 https://scout.docker.com/v/CVE-2019-15213 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.6 CVSS Vector : CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ✗ LOW CVE-2020-14304 https://scout.docker.com/v/CVE-2020-14304 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.4 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N ✗ LOW CVE-2022-41848 https://scout.docker.com/v/CVE-2022-41848 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.2 CVSS Vector : CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H ✗ LOW CVE-2020-35501 https://scout.docker.com/v/CVE-2020-35501 Affected range : >=0 Fixed version : not fixed CVSS Score : 3.4 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N ✗ LOW CVE-2023-4134 https://scout.docker.com/v/CVE-2023-4134 Affected range : >=0 Fixed version : not fixed ✗ LOW CVE-2021-34981 https://scout.docker.com/v/CVE-2021-34981 Affected range : >=0 Fixed version : not fixed 0C 1H 3M 0L urllib3 1.25.8pkg:pypi/urllib3@1.25.8Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ HIGH CVE-2021-33503 [Uncontrolled Resource Consumption] https://scout.docker.com/v/CVE-2021-33503 Affected range : >=1.25.4 : <1.26.5 Fixed version : 1.26.5 CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2020-26137 [Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')] https://scout.docker.com/v/CVE-2020-26137 Affected range : <1.25.9 Fixed version : 1.25.9 CVSS Score : 6.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N ✗ MEDIUM CVE-2023-43804 [Exposure of Sensitive Information to an Unauthorized Actor] https://scout.docker.com/v/CVE-2023-43804 Affected range : <1.26.17 Fixed version : 1.26.17 CVSS Score : 5.9 CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N ✗ MEDIUM CVE-2023-45803 [Exposure of Sensitive Information to an Unauthorized Actor] https://scout.docker.com/v/CVE-2023-45803 Affected range : <1.26.18 Fixed version : 1.26.18 CVSS Score : 4.2 CVSS Vector : CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N 0C 1H 1M 0L certifi 2019.11.28pkg:pypi/certifi@2019.11.28Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ HIGH CVE-2023-37920 [Insufficient Verification of Data Authenticity] https://scout.docker.com/v/CVE-2023-37920 Affected range : >=2015.4.28 : <2023.7.22 Fixed version : 2023.7.22 CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N ✗ MEDIUM CVE-2022-23491 [Insufficient Verification of Data Authenticity] https://scout.docker.com/v/CVE-2022-23491 Affected range : >=2017.11.05 : <2022.12.07 Fixed version : 2022.12.07 CVSS Score : 6.8 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N 0C 0H 9M 4L binutils 2.34-6ubuntu1.7pkg:deb/ubuntu/binutils@2.34-6ubuntu1.7?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ MEDIUM CVE-2022-47695 https://scout.docker.com/v/CVE-2022-47695 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2022-45703 https://scout.docker.com/v/CVE-2022-45703 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2022-44840 https://scout.docker.com/v/CVE-2022-44840 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ✗ MEDIUM CVE-2022-48065 https://scout.docker.com/v/CVE-2022-48065 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-48063 https://scout.docker.com/v/CVE-2022-48063 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-47011 https://scout.docker.com/v/CVE-2022-47011 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-47010 https://scout.docker.com/v/CVE-2022-47010 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-47008 https://scout.docker.com/v/CVE-2022-47008 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ MEDIUM CVE-2022-47007 https://scout.docker.com/v/CVE-2022-47007 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ LOW CVE-2018-20657 https://scout.docker.com/v/CVE-2018-20657 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.5 CVSS Vector : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ✗ LOW CVE-2022-48064 https://scout.docker.com/v/CVE-2022-48064 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ LOW CVE-2019-1010204 https://scout.docker.com/v/CVE-2019-1010204 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H ✗ LOW CVE-2017-13716 https://scout.docker.com/v/CVE-2017-13716 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 0C 0H 1M 0L requests 2.22.0pkg:pypi/requests@2.22.0Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ MEDIUM CVE-2023-32681 [Exposure of Sensitive Information to an Unauthorized Actor] https://scout.docker.com/v/CVE-2023-32681 Affected range : >=2.3.0 : <2.31.0 Fixed version : 2.31.0 CVSS Score : 6.1 CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N 0C 0H 1M 0L gcc-mingw-w64 22~exp1ubuntu4pkg:deb/ubuntu/gcc-mingw-w64@22~exp1ubuntu4?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ MEDIUM CVE-2020-13844 https://scout.docker.com/v/CVE-2020-13844 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 0C 0H 1M 0L gcc-9-cross-ports 18ubuntu5pkg:deb/ubuntu/gcc-9-cross-ports@18ubuntu5?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ MEDIUM CVE-2020-13844 https://scout.docker.com/v/CVE-2020-13844 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 0C 0H 1M 0L gcc-defaults 1.185.1ubuntu2pkg:deb/ubuntu/gcc-defaults@1.185.1ubuntu2?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ MEDIUM CVE-2020-13844 https://scout.docker.com/v/CVE-2020-13844 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 0C 0H 1M 0L gcc-9-cross 21ubuntu7pkg:deb/ubuntu/gcc-9-cross@21ubuntu7?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ MEDIUM CVE-2020-13844 https://scout.docker.com/v/CVE-2020-13844 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.5 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 0C 0H 1M 0L apparmor 2.13.3-7ubuntu5.3pkg:deb/ubuntu/apparmor@2.13.3-7ubuntu5.3?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ MEDIUM CVE-2016-1585 https://scout.docker.com/v/CVE-2016-1585 Affected range : >=0 Fixed version : not fixed CVSS Score : 9.8 CVSS Vector : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0C 0H 1M 0L libssh 0.9.3-2ubuntu2.3pkg:deb/ubuntu/libssh@0.9.3-2ubuntu2.3?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ MEDIUM CVE-2023-48795 https://scout.docker.com/v/CVE-2023-48795 Affected range : <0.9.3-2ubuntu2.4 Fixed version : 0.9.3-2ubuntu2.4 0C 0H 1M 0L python3.8 3.8.10-0ubuntu1~20.04.9pkg:deb/ubuntu/python3.8@3.8.10-0ubuntu1~20.04.9?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ MEDIUM CVE-2023-27043 https://scout.docker.com/v/CVE-2023-27043 Affected range : >=0 Fixed version : not fixed CVSS Score : 5.3 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 0C 0H 0M 2L shadow 1:4.8.1-1ubuntu5.20.04.4pkg:deb/ubuntu/shadow@1:4.8.1-1ubuntu5.20.04.4?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ LOW CVE-2013-4235 https://scout.docker.com/v/CVE-2013-4235 Affected range : >=0 Fixed version : not fixed CVSS Score : 4.7 CVSS Vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N ✗ LOW CVE-2023-29383 https://scout.docker.com/v/CVE-2023-29383 Affected range : >=0 Fixed version : not fixed CVSS Score : 3.3 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 0C 0H 0M 1L coreutils 8.30-3ubuntu2pkg:deb/ubuntu/coreutils@8.30-3ubuntu2?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ LOW CVE-2016-2781 https://scout.docker.com/v/CVE-2016-2781 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.5 CVSS Vector : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N 0C 0H 0M 1L dbus 1.12.16-2ubuntu2.3pkg:deb/ubuntu/dbus@1.12.16-2ubuntu2.3?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ LOW CVE-2023-34969 https://scout.docker.com/v/CVE-2023-34969 Affected range : >=0 Fixed version : not fixed CVSS Score : 6.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 0C 0H 0M 1L pcre3 2:8.39-12ubuntu0.1pkg:deb/ubuntu/pcre3@2:8.39-12ubuntu0.1?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ LOW CVE-2017-11164 https://scout.docker.com/v/CVE-2017-11164 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.5 CVSS Vector : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0C 0H 0M 1L systemd 245.4-4ubuntu3.22pkg:deb/ubuntu/systemd@245.4-4ubuntu3.22?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ LOW CVE-2023-26604 https://scout.docker.com/v/CVE-2023-26604 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 0C 0H 0M 1L git 1:2.43.0-0ppa1~ubuntu20.04.1pkg:deb/ubuntu/git@1:2.43.0-0ppa1~ubuntu20.04.1?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ LOW CVE-2018-1000021 https://scout.docker.com/v/CVE-2018-1000021 Affected range : >=0 Fixed version : not fixed CVSS Score : 8.8 CVSS Vector : CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 0C 0H 0M 1L gnupg2 2.2.19-3ubuntu2.2pkg:deb/ubuntu/gnupg2@2.2.19-3ubuntu2.2?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ LOW CVE-2022-3219 https://scout.docker.com/v/CVE-2022-3219 Affected range : >=0 Fixed version : not fixed CVSS Score : 3.3 CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 0C 0H 0M 1L policykit-1 0.105-26ubuntu1.3pkg:deb/ubuntu/policykit-1@0.105-26ubuntu1.3?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ LOW CVE-2016-2568 https://scout.docker.com/v/CVE-2016-2568 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.8 CVSS Vector : CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H 0C 0H 0M 1L glibc 2.31-0ubuntu9.14pkg:deb/ubuntu/glibc@2.31-0ubuntu9.14?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ LOW CVE-2016-20013 https://scout.docker.com/v/CVE-2016-20013 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0C 0H 0M 1L openldap 2.4.49+dfsg-2ubuntu1.9pkg:deb/ubuntu/openldap@2.4.49+dfsg-2ubuntu1.9?os_distro=focal&os_name=ubuntu&os_version=20.04Dockerfile (85:98)RUN <<EOT set -e export GOXX_SKIP_APT_PORTS=1 export DEBIAN_FRONTEND="noninteractive" apt-get update apt-get install --no-install-recommends -y git zip for p in $PLATFORMS; do TARGETPLATFORM=$p goxx-apt-get install -y binutils gcc g++ pkg-config done apt-get -y autoremove apt-get clean rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ln -sf /usr/include/asm-generic /usr/include/asmEOT ✗ LOW CVE-2023-2953 https://scout.docker.com/v/CVE-2023-2953 Affected range : >=0 Fixed version : not fixed CVSS Score : 7.5 CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 111 vulnerabilities found in 22 packages LOW 50 MEDIUM 57 HIGH 4 CRITICAL 0 What's Next? View base image update recommendations → docker scout recommendations crazymax/xgo:1.21
The text was updated successfully, but these errors were encountered:
Docker Scout reports one hundred and eleven CVE's for the xgo Docker image. That's the bad news.
The good news is that the majority of these vulnerabilities appear to spring from the base Debian operating system. Debian seems to lag way behind regarding security patches. Neither testing nor sid include all the Python 3 security patches, for example.
Additionally, the official golang Docker images appear to have some CVE's of their own, though not as many.
When I roll my own images, I have better luck regarding vulnerabilities by using a Fedora base image.
The text was updated successfully, but these errors were encountered: