Vulnerabilities in sj26/mailcatcher:v0.10.0 image

Question

Vulnerabilities in sj26/mailcatcher:v0.10.0 image

Opened this issue a year ago · 1 comments

Detected by Grype in Docker image sj26/mailcatcher:v0.10.0:

NAME           INSTALLED   FIXED-IN    TYPE  VULNERABILITY        SEVERITY
busybox        1.36.1-r28  1.36.1-r29  apk   CVE-2023-42365       Medium
busybox        1.36.1-r28  1.36.1-r29  apk   CVE-2023-42364       Medium
busybox-binsh  1.36.1-r28  1.36.1-r29  apk   CVE-2023-42365       Medium
busybox-binsh  1.36.1-r28  1.36.1-r29  apk   CVE-2023-42364       Medium
libcrypto3     3.3.0-r2    3.3.1-r1    apk   CVE-2024-5535        Critical
libcrypto3     3.3.0-r2    3.3.0-r3    apk   CVE-2024-4741        Unknown
libssl3        3.3.0-r2    3.3.1-r1    apk   CVE-2024-5535        Critical
libssl3        3.3.0-r2    3.3.0-r3    apk   CVE-2024-4741        Unknown
rexml          3.2.6       3.3.6       gem   GHSA-vmwr-mc7x-5vc3  Medium
rexml          3.2.6       3.2.7       gem   GHSA-vg3r-rm7w-2xgh  Medium
rexml          3.2.6       3.3.3       gem   GHSA-r55c-59qm-vjw6  Medium
rexml          3.2.6       3.3.3       gem   GHSA-5866-49gr-22v4  Medium
rexml          3.2.6       3.3.2       gem   GHSA-4xqq-m2hx-25v8  Medium
ssl_client     1.36.1-r28  1.36.1-r29  apk   CVE-2023-42365       Medium
ssl_client     1.36.1-r28  1.36.1-r29  apk   CVE-2023-42364       Medium

Answer 1 · 2025-01-28T21:51:09.000Z

New report:

NAME           INSTALLED   FIXED-IN    TYPE  VULNERABILITY        SEVERITY
busybox        1.36.1-r28  1.36.1-r29  apk   CVE-2023-42365       Medium    
busybox        1.36.1-r28  1.36.1-r29  apk   CVE-2023-42364       Medium    
busybox-binsh  1.36.1-r28  1.36.1-r29  apk   CVE-2023-42365       Medium    
busybox-binsh  1.36.1-r28  1.36.1-r29  apk   CVE-2023-42364       Medium    
libcrypto3     3.3.0-r2    3.3.1-r1    apk   CVE-2024-5535        Critical  
libcrypto3     3.3.0-r2    3.3.2-r0    apk   CVE-2024-6119        High      
libcrypto3     3.3.0-r2    3.3.0-r3    apk   CVE-2024-4741        High      
libcrypto3     3.3.0-r2    3.3.2-r1    apk   CVE-2024-9143        Medium    
libcrypto3     3.3.0-r2                apk   CVE-2024-13176       Unknown   
libssl3        3.3.0-r2    3.3.1-r1    apk   CVE-2024-5535        Critical  
libssl3        3.3.0-r2    3.3.2-r0    apk   CVE-2024-6119        High      
libssl3        3.3.0-r2    3.3.0-r3    apk   CVE-2024-4741        High      
libssl3        3.3.0-r2    3.3.2-r1    apk   CVE-2024-9143        Medium    
libssl3        3.3.0-r2                apk   CVE-2024-13176       Unknown   
rexml          3.2.6       3.3.6       gem   GHSA-vmwr-mc7x-5vc3  High      
rexml          3.2.6       3.2.7       gem   GHSA-vg3r-rm7w-2xgh  Medium    
rexml          3.2.6       3.3.3       gem   GHSA-r55c-59qm-vjw6  Medium    
rexml          3.2.6       3.3.3       gem   GHSA-5866-49gr-22v4  Medium    
rexml          3.2.6       3.3.2       gem   GHSA-4xqq-m2hx-25v8  Medium    
rexml          3.2.6       3.3.9       gem   GHSA-2rxp-v6pw-ch6m  Medium    
sinatra        3.2.0       4.1.0       gem   GHSA-hxx2-7vcw-mqr3  Medium    
ssl_client     1.36.1-r28  1.36.1-r29  apk   CVE-2023-42365       Medium    
ssl_client     1.36.1-r28  1.36.1-r29  apk   CVE-2023-42364       Medium