rawmind0 / alpine-sysctl Goto Github PK
View Code? Open in Web Editor NEWA base image to check and set hosts sysctl parameter.
alpine-sysctl's People
Contributors
Stargazers
Watchers
alpine-sysctl's Issues
Update docker base to fix critical vulnerability CVE-2018-14618
Hello,
If you run the Clair scanner on both rawmind/alpine-sysctl:0.1-1 and rawmind/alpine-sysctl:0.1 images, you will receive the Critical CVE-2018-14618 vulnerability due to the curl version.
Can you please update the docker image base you are using to a more recent one ( 3.10-1 does not have any vulnerabilities) ?
Thanks
2019/11/26 11:12:06 [INFO] ▶ Start clair-scanner
2019/11/26 11:12:06 [INFO] ▶ Server listening on port 9279
2019/11/26 11:12:06 [INFO] ▶ Analyzing 5489a8916f69666309a361b226e90f75f59a5423e8d8eeb29e5786f9d593ad1c
2019/11/26 11:12:07 [INFO] ▶ Analyzing 01a8d40bc9e31aba8a13e465d22486697b11f4ee8216efc948f489c17c6e138d
2019/11/26 11:12:07 [INFO] ▶ Analyzing 5a58f231a512bbef5770fa98f53e36cbe644d1768ec768b32708835753a7de5d
2019/11/26 11:12:07 [INFO] ▶ Analyzing 2cd5c1bb336a90488c93fcea5bfda4d85e343e10b1d9a249cfe751dca0886878
2019/11/26 11:12:07 [WARN] ▶ Image [rawmind/alpine-sysctl:0.1-1] contains 30 total vulnerabilities
2019/11/26 11:12:07 [ERRO] ▶ Image [rawmind/alpine-sysctl:0.1-1] contains 1 unapproved vulnerabilities
+------------+-------------------------+--------------+-----------------+---------------------------------------------------------------+
| STATUS | CVE SEVERITY | PACKAGE NAME | PACKAGE VERSION | CVE DESCRIPTION |
+------------+-------------------------+--------------+-----------------+---------------------------------------------------------------+
| Unapproved | Critical CVE-2018-14618 | curl | 7.52.1-r0 | |
| | | | | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618 |
+------------+-------------------------+--------------+-----------------+---------------------------------------------------------------+
2019/11/26 11:21:41 [INFO] ▶ Start clair-scanner
2019/11/26 11:21:41 [INFO] ▶ Server listening on port 9279
2019/11/26 11:21:41 [INFO] ▶ Analyzing a61298a1d179786c2c176dc6c3e20c2d0cad25582e53a7bbec428fc4370a679e
2019/11/26 11:21:41 [INFO] ▶ Analyzing 522875b547c6932d90a453e4565cbedc6e0f494c61fc6d8206ef88de18492bc4
2019/11/26 11:21:42 [INFO] ▶ Image [rawmind/alpine-base:3.10-1] contains NO unapproved vulnerabilities
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.