We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Scanned docker image with grype. Facing the vaularability issue.
❯ grype thirdparty-app-reg-crds ✔ Vulnerability DB [no update available] ✔ Loaded image athena-thirdparty-app-reg-crds:latest ✔ Parsed image sha256:1af2ea6f88c4c6e49b2bbdbe0d31cb781c4f748618ca9f651b6238ada0878c2c ✔ Cataloged contents 7d1168fa380f44f6050f6f8d069b8ce31c88b0407b48d49fdcfd1c96bb46f235 ├── ✔ Packages [63 packages] ├── ✔ File digests [1,205 files] ├── ✔ File metadata [1,205 locations] └── ✔ Executables [1 executables] ✔ Scanned for vulnerabilities [9 vulnerability matches] ├── by severity: 0 critical, 1 high, 2 medium, 0 low, 0 negligible (6 unknown) └── by status: 1 fixed, 8 not-fixed, 0 ignored [0001] WARN unable to read dynamic symbols from elf file error=no symbol section [0001] WARN unable to read dynamic symbols from elf file error=no symbol section [0001] WARN some package(s) are missing CPEs. This may result in missing vulnerabilities. You may autogenerate these using: --add-cpes-if-none NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY google.golang.org/protobuf v1.30.0 1.33.0 go-module GHSA-8r3f-844c-mc37 Medium stdlib go1.21.3 go-module CVE-2023-45285 High stdlib go1.21.3 go-module CVE-2023-39326 Medium stdlib go1.21.3 go-module CVE-2024-24785 Unknown stdlib go1.21.3 go-module CVE-2024-24784 Unknown stdlib go1.21.3 go-module CVE-2024-24783 Unknown stdlib go1.21.3 go-module CVE-2023-45290 Unknown stdlib go1.21.3 go-module CVE-2023-45289 Unknown stdlib go1.21.3 go-module CVE-2023-45288 Unknown A newer version of grype is available for download: 0.77.0 (installed version is 0.74.5)
Solution:
The text was updated successfully, but these errors were encountered:
Hi, if you're using this component in a commercial setting, feel free to send your own Pull Request or sponsor my time via GitHub.
Alex
Sorry, something went wrong.
Closing given no response in over 6 weeks from original issue creator.
No branches or pull requests
Scanned docker image with grype.
Facing the vaularability issue.
❯ grype thirdparty-app-reg-crds
✔ Vulnerability DB [no update available]
✔ Loaded image athena-thirdparty-app-reg-crds:latest
✔ Parsed image sha256:1af2ea6f88c4c6e49b2bbdbe0d31cb781c4f748618ca9f651b6238ada0878c2c
✔ Cataloged contents 7d1168fa380f44f6050f6f8d069b8ce31c88b0407b48d49fdcfd1c96bb46f235
├── ✔ Packages [63 packages]
├── ✔ File digests [1,205 files]
├── ✔ File metadata [1,205 locations]
└── ✔ Executables [1 executables]
✔ Scanned for vulnerabilities [9 vulnerability matches]
├── by severity: 0 critical, 1 high, 2 medium, 0 low, 0 negligible (6 unknown)
└── by status: 1 fixed, 8 not-fixed, 0 ignored
[0001] WARN unable to read dynamic symbols from elf file error=no symbol section
[0001] WARN unable to read dynamic symbols from elf file error=no symbol section
[0001] WARN some package(s) are missing CPEs. This may result in missing vulnerabilities. You may autogenerate these using: --add-cpes-if-none
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
google.golang.org/protobuf v1.30.0 1.33.0 go-module GHSA-8r3f-844c-mc37 Medium
stdlib go1.21.3 go-module CVE-2023-45285 High
stdlib go1.21.3 go-module CVE-2023-39326 Medium
stdlib go1.21.3 go-module CVE-2024-24785 Unknown
stdlib go1.21.3 go-module CVE-2024-24784 Unknown
stdlib go1.21.3 go-module CVE-2024-24783 Unknown
stdlib go1.21.3 go-module CVE-2023-45290 Unknown
stdlib go1.21.3 go-module CVE-2023-45289 Unknown
stdlib go1.21.3 go-module CVE-2023-45288 Unknown
A newer version of grype is available for download: 0.77.0 (installed version is 0.74.5)
Solution:
The text was updated successfully, but these errors were encountered: