Mitigating vulnerabilities / CVE's reported by Docker Hub scans #112

mdeguzis · 2017-05-03T14:06:13Z

All of the images have vulnerabilities listed of some number/type. It is concerning to large organizations I would think. How are these treated/tracked/mitigated? You can reference these from the tags page on Docker Hub after logging in.

Some examples for 8-ire used by jenkins:

glibc 2.19-18+deb8u7
selinux 2.3-2
systemd 215-17+deb8u6
pcre 8.35-3.3+deb8u4
...

yosifkit · 2017-05-18T19:10:03Z

Basically the same as docker-library/postgres#286

Related issues:
docker-library/drupal#84
docker-library/official-images#2740
docker-library/ruby#117
docker-library/ruby#94
docker-library/python#152
docker-library/php#242
docker-library/buildpack-deps#46

This was referenced May 18, 2017

"This image has vulnerabilities" on Docker Hub docker-library/buildpack-deps#46

Closed

Vulnerable components (CVEs) in docker images docker-library/postgres#286

Closed

yosifkit closed this as completed May 18, 2017

yosifkit mentioned this issue Jan 24, 2018

AWS Linux - Vulnerabilities amazonlinux/container-images#8

Closed

tianon mentioned this issue Apr 12, 2018

CVEs in openjdk:8-jre-slim #185

Closed

tianon mentioned this issue Apr 20, 2018

Multiple Vulnerabilities in php 7.0.x docker-library/owncloud#90

Closed

tianon mentioned this issue May 7, 2018

Update Base Images? docker-library/official-images#4315

Closed

wglambert mentioned this issue May 22, 2018

Image tags have known vulnerabilities docker-library/golang#222

Closed

wglambert mentioned this issue Jul 9, 2018

vulnerability in 8-jdk-alpine image #213

Closed

wglambert mentioned this issue Jul 19, 2018

Scan results mismatch docker-library/mysql#455

Closed

This was referenced Oct 24, 2018

Security vulnerabilities Tomcat 8.5.34-jre8-slim docker-library/tomcat#136

Closed

Security vulnerabilities 9.5.14 docker-library/postgres#514

Closed

wglambert mentioned this issue Nov 30, 2018

Security issues in official ruby 2.3.1 image - Quay Scan docker-library/ruby#248

Closed

wglambert mentioned this issue Feb 8, 2019

Vulnerabilities reported by hub.docker.com docker-library/mysql#538

Closed

wglambert mentioned this issue May 21, 2019

openjdk:8u212-jdk-alpine3.9 Docker image has high security vulnerability #321

Closed

wglambert mentioned this issue Jul 16, 2019

[Question] procps runtime dependency docker-library/ruby#291

Closed

wglambert mentioned this issue Aug 12, 2019

musl vulnerability in alpine docker-library/docker#186

Closed

wglambert mentioned this issue Aug 23, 2019

Security vulnerabilities with version 8-jre-slim #349

Closed

wglambert mentioned this issue Oct 23, 2019

Vulnerabilities in Docker images 3.0 and 3.11 docker-library/cassandra#194

Closed

wglambert mentioned this issue Dec 17, 2019

request contact with devs docker-library/postgres#655

Closed

wglambert mentioned this issue Jan 13, 2020

vulnaribilities detected by aqua #385

Closed

wglambert mentioned this issue Jan 22, 2020

Updates debian version docker-library/python#449

Closed

wglambert mentioned this issue Feb 3, 2020

Security Contact #388

Closed

wglambert mentioned this issue Feb 27, 2020

ECR image scanning criticals for latest image docker-library/wordpress#472

Closed

wglambert mentioned this issue Mar 19, 2020

CVE’s in base Postgres image docker-library/postgres#701

Closed

wglambert mentioned this issue Apr 8, 2020

Image fails security scan docker-library/rabbitmq#401

Closed

This was referenced Apr 21, 2020

3.7.7-alpine-3.11 sqlite vulnerabilities docker-library/python#471

Closed

Multiple CVEs docker-library/ruby#316

Closed

wglambert mentioned this issue Apr 30, 2020

CVE vulnerabilities of latest docker docker-library/rabbitmq#407

Closed

wglambert mentioned this issue May 11, 2021

Current Alpine image contains 2 high severity CVEs docker-library/memcached#66

Closed

This was referenced Jun 3, 2021

vulnerabilities in openjdk 8jdk #457

Closed

CVE-2020-8130 docker-library/ruby#347

Closed

wglambert mentioned this issue Jun 22, 2021

Security vulnerabilities docker-library/docs#1979

Closed

This was referenced Jul 28, 2021

Vulnerabilities on base image 5.6 docker-library/mysql#780

Closed

cwe-444 docker-library/redmine#247

Closed

wglambert mentioned this issue Sep 10, 2021

Security vulnerabilities with Aquasec docker-library/elasticsearch#198

Closed

wglambert mentioned this issue Sep 17, 2021

openjdk:latest image scan finds ELSA-2021-9344 on AWS #467

Closed

wglambert mentioned this issue Nov 8, 2021

Vulnerabilities Issue Within 7.4-fpm-alpine Image docker-library/php#1219

Closed

wglambert mentioned this issue Dec 27, 2021

I have completed all official images docker scan, how can I contribute my scan results? docker-library/official-images#11577

Closed

wglambert mentioned this issue Jan 19, 2022

GO vulnerabilities found in Cassandra 4.0.1 image docker-library/cassandra#241

Closed

wglambert mentioned this issue Jan 28, 2022

python:3.8-buster base images shows a lot of issues when scanned by ECR docker-library/python#688

Closed

This was referenced Feb 25, 2022

Docker Image Contains Multiple CVEs docker-library/mongo#523

Closed

RabbitMQ image 3.9.13-management vulnerabilities docker-library/rabbitmq#546

Closed

This was referenced Mar 16, 2022

How to handle Critical Security Issues of Base Images docker-library/docs#2122

Closed

CVEs during security scan docker-library/php#1273

Closed

wglambert mentioned this issue Jun 21, 2022

The base linux image being used has a package with vulnerability CVE-2022-29162 docker-library/mysql#869

Closed

wglambert mentioned this issue Jul 22, 2022

The redis:7.0.4-alpine image has a High saverity vulnerabilities. redis/docker-library-redis#324

Closed

wglambert mentioned this issue Aug 19, 2022

python:slim-bullseye – Is affected by CVE-2005-2541 docker-library/python#751

Closed

wglambert mentioned this issue Sep 12, 2022

Image vulnerability in postgres:latest docker-library/postgres#995

Closed

wglambert mentioned this issue Sep 19, 2022

Security vulnerability with redis:7.0.4-alpine3.16 redis/docker-library-redis#328

Closed

wglambert mentioned this issue Feb 28, 2023

Linux kernel vulenrability docker-library/php#1379

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Mitigating vulnerabilities / CVE's reported by Docker Hub scans #112

Mitigating vulnerabilities / CVE's reported by Docker Hub scans #112

mdeguzis commented May 3, 2017 •

edited

Loading

yosifkit commented May 18, 2017

Mitigating vulnerabilities / CVE's reported by Docker Hub scans #112

Mitigating vulnerabilities / CVE's reported by Docker Hub scans #112

Comments

mdeguzis commented May 3, 2017 • edited Loading

yosifkit commented May 18, 2017

mdeguzis commented May 3, 2017 •

edited

Loading