idealista/prom2teams

update Docker Image - fix security issues

Closed this issue 3 years ago · 1 comments

ebini commented 3 years ago

Description

The current docker image (3.2.3) has some security issues .
Please update the image with newer versions.

Thanks

Why is this needed?

get rid (at least of critical and high) of these security issues

ID | Severity | Resource | Installed Version | Fixed Version
CVE-2022-22822 | CRITICAL | expat | 2.4.1-r0 | 2.4.3-r0
CVE-2022-22823 | CRITICAL | expat | 2.4.1-r0 | 2.4.3-r0
CVE-2022-22824 | CRITICAL | expat | 2.4.1-r0 | 2.4.3-r0
CVE-2021-42378 | HIGH | busybox | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42379 | HIGH | busybox | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42380 | HIGH | busybox | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42381 | HIGH | busybox | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42382 | HIGH | busybox | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42383 | HIGH | busybox | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42384 | HIGH | busybox | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42385 | HIGH | busybox | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42386 | HIGH | busybox | 1.33.1-r3 | 1.33.1-r6
CVE-2021-45960 | HIGH | expat | 2.4.1-r0 | 2.4.3-r0
CVE-2021-46143 | HIGH | expat | 2.4.1-r0 | 2.4.3-r0
CVE-2022-22825 | HIGH | expat | 2.4.1-r0 | 2.4.3-r0
CVE-2022-22826 | HIGH | expat | 2.4.1-r0 | 2.4.3-r0
CVE-2022-22827 | HIGH | expat | 2.4.1-r0 | 2.4.3-r0
CVE-2021-42378 | HIGH | ssl_client | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42379 | HIGH | ssl_client | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42380 | HIGH | ssl_client | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42381 | HIGH | ssl_client | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42382 | HIGH | ssl_client | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42383 | HIGH | ssl_client | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42384 | HIGH | ssl_client | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42385 | HIGH | ssl_client | 1.33.1-r3 | 1.33.1-r6
CVE-2021-42386 | HIGH | ssl_client | 1.33.1-r3 | 1.33.1-r6
CVE-2021-33503 | HIGH | urllib3 | 1.24.3 | 1.26.5
CVE-2021-42374 | MEDIUM | busybox | 1.33.1-r3 | 1.33.1-r4
CVE-2021-42375 | MEDIUM | busybox | 1.33.1-r3 | 1.33.1-r5
CVE-2021-37600 | MEDIUM | libuuid | 2.37-r0 | 2.37.2-r0
CVE-2021-42374 | MEDIUM | ssl_client | 1.33.1-r3 | 1.33.1-r4
CVE-2021-42375 | MEDIUM | ssl_client | 1.33.1-r3 | 1.33.1-r5
CVE-2020-26137 | MEDIUM | urllib3 | 1.24.3 | 1.25.9

Additional Information

scannertool https://github.com/aquasecurity/trivy

stale commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.