Several CVEs - Image include vulnerabilities

[andresC98]

Our Trivy scans are reporting the following vulnerabilities, present in version v0.9.4

Vulnerability information: 
+-------------+--------------------------------+----------+-------------------+------------------+--------------------------------------------------------------------------------------------------------------------------+--------------------------------------------+
|     Type    |            Library             | Severity | Installed Version |  Fixed Version   |                                                         Summary                                                          |                More Details                |
+-------------+--------------------------------+----------+-------------------+------------------+--------------------------------------------------------------------------------------------------------------------------+--------------------------------------------+
| debian 12.7 |   gstreamer1.0-plugins-base    | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |          gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet           | https://avd.aquasec.com/nvd/cve-2024-47538 |
| debian 12.7 |   gstreamer1.0-plugins-base    | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |                        gstreamer1-plugins-base: GStreamer has an OOB-read in format_channel_mask                         | https://avd.aquasec.com/nvd/cve-2024-47600 |
| debian 12.7 |   gstreamer1.0-plugins-base    | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |                       gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header                        | https://avd.aquasec.com/nvd/cve-2024-47607 |
| debian 12.7 |   gstreamer1.0-plugins-base    | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |                               gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer                                | https://avd.aquasec.com/nvd/cve-2024-47615 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                                  gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c                                  | https://avd.aquasec.com/nvd/cve-2024-47537 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                                 gstreamer1-plugins-good: OOB-write in convert_to_s334_1a                                 | https://avd.aquasec.com/nvd/cve-2024-47539 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                       gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer                       | https://avd.aquasec.com/nvd/cve-2024-47540 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                                gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples                                | https://avd.aquasec.com/nvd/cve-2024-47597 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                             gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table                              | https://avd.aquasec.com/nvd/cve-2024-47598 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 | gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes | https://avd.aquasec.com/nvd/cve-2024-47606 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                      gstreamer1-plugins-good: null pointer dereference in gst_gdk_pixbuf_dec_flush                       | https://avd.aquasec.com/nvd/cve-2024-47613 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                 gstreamer1-plugins-good: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk                  | https://avd.aquasec.com/nvd/cve-2024-47774 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                                     gstreamer1-plugins-good: OOB-read in parse_ds64                                      | https://avd.aquasec.com/nvd/cve-2024-47775 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                               gstreamer1-plugins-good: OOB-read in gst_wavparse_cue_chunk                                | https://avd.aquasec.com/nvd/cve-2024-47776 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                               gstreamer1-plugins-good: OOB-read in gst_wavparse_smpl_chunk                               | https://avd.aquasec.com/nvd/cve-2024-47777 |
| debian 12.7 |   gstreamer1.0-plugins-good    | CRITICAL |  1.22.0-5+deb12u1 | 1.22.0-5+deb12u2 |                          gstreamer1-plugins-good: Use-After-Free read in Matroska CodecPrivate                           | https://avd.aquasec.com/nvd/cve-2024-47834 |
| debian 12.7 |      libgstreamer-gl1.0-0      | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |          gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet           | https://avd.aquasec.com/nvd/cve-2024-47538 |
| debian 12.7 |      libgstreamer-gl1.0-0      | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |                        gstreamer1-plugins-base: GStreamer has an OOB-read in format_channel_mask                         | https://avd.aquasec.com/nvd/cve-2024-47600 |
| debian 12.7 |      libgstreamer-gl1.0-0      | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |                       gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header                        | https://avd.aquasec.com/nvd/cve-2024-47607 |
| debian 12.7 |      libgstreamer-gl1.0-0      | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |                               gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer                                | https://avd.aquasec.com/nvd/cve-2024-47615 |
| debian 12.7 | libgstreamer-plugins-base1.0-0 | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |          gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbis_handle_identification_packet           | https://avd.aquasec.com/nvd/cve-2024-47538 |
| debian 12.7 | libgstreamer-plugins-base1.0-0 | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |                        gstreamer1-plugins-base: GStreamer has an OOB-read in format_channel_mask                         | https://avd.aquasec.com/nvd/cve-2024-47600 |
| debian 12.7 | libgstreamer-plugins-base1.0-0 | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |                       gstreamer1-plugins-base: stack-buffer overflow in gst_opus_dec_parse_header                        | https://avd.aquasec.com/nvd/cve-2024-47607 |
| debian 12.7 | libgstreamer-plugins-base1.0-0 | CRITICAL |  1.22.0-3+deb12u2 | 1.22.0-3+deb12u3 |                               gstreamer1-plugins-base: out-of-bounds write in Ogg demuxer                                | https://avd.aquasec.com/nvd/cve-2024-47615 |
| debian 12.7 |       libgstreamer1.0-0        | CRITICAL |      1.22.0-2     | 1.22.0-2+deb12u1 | gstreamer1-plugins-good: integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes | https://avd.aquasec.com/nvd/cve-2024-47606 |

[andresC98]

Seems like bumping from 1.22.0-3+deb12u2 to 1.22.0-3+deb12u3 should address the CVE vulnerabilities.