Vulnerabilities in Docker image timescale/timescaledb-postgis:2.3.0-pg12
ngosang opened this issue · 1 comments
ngosang commented
Vulnerabilities in Docker images
https://github.com/anchore/grype
grype timescale/timescaledb-postgis:2.3.0-pg12
✔ Vulnerability DB [no update available]
✔ Loaded image
✔ Parsed image
✔ Cataloged packages [99 packages]
✔ Scanned image [60 vulnerabilities]
NAME INSTALLED FIXED-IN VULNERABILITY SEVERITY
apk-tools 2.12.5-r0 2.12.6-r0 CVE-2021-36159 Critical
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42374 Medium
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42375 Medium
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42378 High
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42379 High
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42380 High
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42381 High
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42382 High
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42383 High
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42384 High
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42385 High
busybox 1.32.1-r6 1.32.1-r7 CVE-2021-42386 High
golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7 0.0.0-20200220183623-bac4c82f6975 GHSA-ffhg-7mh4-33c4 Medium
krb5-libs 1.18.3-r1 1.18.4-r0 CVE-2021-36222 High
libcrypto1.1 1.1.1k-r0 1.1.1l-r0 CVE-2021-3711 Critical
libcrypto1.1 1.1.1k-r0 1.1.1l-r0 CVE-2021-3712 High
libcurl 7.76.1-r0 7.77.0-r0 CVE-2021-22898 Low
libcurl 7.76.1-r0 7.77.0-r0 CVE-2021-22901 High
libcurl 7.76.1-r0 7.78.0-r0 CVE-2021-22922 Medium
libcurl 7.76.1-r0 7.78.0-r0 CVE-2021-22923 Medium
libcurl 7.76.1-r0 7.78.0-r0 CVE-2021-22925 Medium
libcurl 7.76.1-r0 7.78.0-r0 CVE-2021-22924 Low
libcurl 7.76.1-r0 7.79.0-r0 CVE-2021-22945 Critical
libcurl 7.76.1-r0 7.79.0-r0 CVE-2021-22946 High
libcurl 7.76.1-r0 7.79.0-r0 CVE-2021-22947 Medium
libgcrypt 1.8.7-r0 1.8.8-r0 CVE-2021-33560 High
libgcrypt 1.8.7-r0 1.8.8-r1 CVE-2021-40528 Medium
libldap 2.4.57-r1 CVE-2015-3276 Medium
libpq 13.3-r0 13.4-r0 CVE-2021-3677 Unknown
libpq 13.3-r0 13.5-r0 CVE-2021-23214 Unknown
libpq 13.3-r0 13.5-r0 CVE-2021-23222 Unknown
libpq 13.3-r0 CVE-2017-8806 Medium
libssl1.1 1.1.1k-r0 1.1.1l-r0 CVE-2021-3711 Critical
libssl1.1 1.1.1k-r0 1.1.1l-r0 CVE-2021-3712 High
libxml2 2.9.10-r6 2.9.10-r7 CVE-2021-3517 High
libxml2 2.9.10-r6 2.9.10-r7 CVE-2021-3518 High
libxml2 2.9.10-r6 2.9.10-r7 CVE-2021-3537 Medium
libxml2 2.9.10-r6 2.9.11-r0 CVE-2021-3541 Medium
openexr 2.5.4-r0 CVE-2021-23169 High
openexr 2.5.4-r0 CVE-2021-26260 Medium
openexr 2.5.4-r0 CVE-2021-3598 Medium
openexr 2.5.4-r0 CVE-2021-3605 Medium
openexr 2.5.4-r0 CVE-2021-3474 Medium
openexr 2.5.4-r0 CVE-2021-3476 Medium
openexr 2.5.4-r0 CVE-2021-23215 Medium
openexr 2.5.4-r0 CVE-2021-3475 Medium
openexr 2.5.4-r0 CVE-2021-20296 Medium
openexr 2.5.4-r0 CVE-2021-26945 Medium
sqlite-libs 3.34.1-r0 CVE-2021-20227 Medium
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42374 Medium
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42375 Medium
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42378 High
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42379 High
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42380 High
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42381 High
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42382 High
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42383 High
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42384 High
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42385 High
ssl_client 1.32.1-r6 1.32.1-r7 CVE-2021-42386 High
svenklemm commented
timescale/timescaledb-postgis is no longer maintained by