Skip to content

[SECURITY] Container vulnerabilities in main image (2026-02-01) #115

New issue
New issue
Open
Open
[SECURITY] Container vulnerabilities in main image (2026-02-01)#115
Labels
automatedcontainer-vulnerabilitysecurity
@github-actions

Description

@github-actions
github-actions
bot
opened on Feb 1, 2026

🚨 Container Image Vulnerabilities Detected

Image: ghcr.io/firestoned/bindy:main
Scan Date: 2026-02-01T02:40:36.886Z

Summary

  • 🔴 CRITICAL: 0
  • 🟠 HIGH: 3
  • 🟡 MEDIUM: 6

ghcr.io/firestoned/bindy:main (wolfi 20230201)

🟠 HIGH

  • CVE-2026-0861: glibc@2.42-r4

    • glibc: Integer overflow in memalign leads to heap corruption
    • Fix: Upgrade to 2.42-r6

  • CVE-2026-0861: glibc-locale-posix@2.42-r4

    • glibc: Integer overflow in memalign leads to heap corruption
    • Fix: Upgrade to 2.42-r6

  • CVE-2026-0861: ld-linux@2.42-r4

    • glibc: Integer overflow in memalign leads to heap corruption
    • Fix: Upgrade to 2.42-r6

Action Required: Review and remediate vulnerabilities within SLA.

  • CRITICAL: 24 hours
  • HIGH: 7 days

Compliance: PCI-DSS 6.2, SOX IT Controls, Basel III Cyber Risk
Full Report: Check workflow artifacts for complete Trivy scan results

Metadata

Metadata

Assignees

No one assigned

    Labels

    automatedcontainer-vulnerabilitysecurity

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions