rawmind0 / alpine-sysctl Goto Github PK
View Code? Open in Web Editor NEWA base image to check and set hosts sysctl parameter.
A base image to check and set hosts sysctl parameter.
Hello,
If you run the Clair scanner on both rawmind/alpine-sysctl:0.1-1 and rawmind/alpine-sysctl:0.1 images, you will receive the Critical CVE-2018-14618 vulnerability due to the curl version.
Can you please update the docker image base you are using to a more recent one ( 3.10-1 does not have any vulnerabilities) ?
Thanks
2019/11/26 11:12:06 [INFO] ▶ Start clair-scanner
2019/11/26 11:12:06 [INFO] ▶ Server listening on port 9279
2019/11/26 11:12:06 [INFO] ▶ Analyzing 5489a8916f69666309a361b226e90f75f59a5423e8d8eeb29e5786f9d593ad1c
2019/11/26 11:12:07 [INFO] ▶ Analyzing 01a8d40bc9e31aba8a13e465d22486697b11f4ee8216efc948f489c17c6e138d
2019/11/26 11:12:07 [INFO] ▶ Analyzing 5a58f231a512bbef5770fa98f53e36cbe644d1768ec768b32708835753a7de5d
2019/11/26 11:12:07 [INFO] ▶ Analyzing 2cd5c1bb336a90488c93fcea5bfda4d85e343e10b1d9a249cfe751dca0886878
2019/11/26 11:12:07 [WARN] ▶ Image [rawmind/alpine-sysctl:0.1-1] contains 30 total vulnerabilities
2019/11/26 11:12:07 [ERRO] ▶ Image [rawmind/alpine-sysctl:0.1-1] contains 1 unapproved vulnerabilities
+------------+-------------------------+--------------+-----------------+---------------------------------------------------------------+
| STATUS | CVE SEVERITY | PACKAGE NAME | PACKAGE VERSION | CVE DESCRIPTION |
+------------+-------------------------+--------------+-----------------+---------------------------------------------------------------+
| Unapproved | Critical CVE-2018-14618 | curl | 7.52.1-r0 | |
| | | | | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618 |
+------------+-------------------------+--------------+-----------------+---------------------------------------------------------------+
2019/11/26 11:21:41 [INFO] ▶ Start clair-scanner
2019/11/26 11:21:41 [INFO] ▶ Server listening on port 9279
2019/11/26 11:21:41 [INFO] ▶ Analyzing a61298a1d179786c2c176dc6c3e20c2d0cad25582e53a7bbec428fc4370a679e
2019/11/26 11:21:41 [INFO] ▶ Analyzing 522875b547c6932d90a453e4565cbedc6e0f494c61fc6d8206ef88de18492bc4
2019/11/26 11:21:42 [INFO] ▶ Image [rawmind/alpine-base:3.10-1] contains NO unapproved vulnerabilities
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.