grype
grype copied to clipboard
anchore
A vulnerability scanner for container images and filesystems
**What happened**: Scan on image that has ruby2.5-stdlib-2.5.9-150000.4.29.1.x86_64 installed. It generates high vulnerability: { "vulnerability": { "id": "GHSA-gwfg-cqmg-cf8f", "dataSource": "https://github.com/advisories/GHSA-gwfg-cqmg-cf8f", "namespace": "github:language:ruby", "severity": "High", "urls": [ "https://github.com/advisories/GHSA-gwfg-cqmg-cf8f" ], "description": "WEBRick...
**What happened**: Scan on image that has python3-rsa-3.4.2-150000.3.7.1.noarch installed. It generates high vulnerability: **What you expected to happen**: In SLES 15.5 context, this CVE has fixed from version python3-rsa >=...
**What happened**: I am scanning ec2 with newest grype, and get the CVE-2019-10222 on ceph package. however, I did a little research and I think it might be a FP,...
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.10 to 3.25.11. Commits b611370 Merge pull request #2357 from github/update-v3.25.11-de945755c 3e6431f Update changelog for v3.25.11 de94575 Merge pull request #2352 from github/update-bundle/codeql-bundle-v2.17.6 a32d305 Add changelog note...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.4+incompatible to 27.0.2+incompatible. Release notes Sourced from github.com/docker/docker's releases. v27.0.2 27.0.2 For a full list of pull requests and changes in this release, refer to the relevant...
**What happened**: Scan on image that has python3-Babel-2.8.0-3.3.1.noarch installed. It generates high vulnerability: $ grype --distro sles:15.5 suse15.5_python3-babel:v1 NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY Babel 2.8.0 2.9.1 python GHSA-h4m5-qpfp-3mpv High...
**What happened**: Scan on image that has python3-Mako-1.0.7-150000.3.3.1.noarch installed. It generates high vulnerability: NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY Mako 1.0.7 1.2.2 python GHSA-v973-fxgf-6xhp High "vulnerability": { "id": "GHSA-v973-fxgf-6xhp", "dataSource":...
**What happened**: Scan on image that has apache2-mod_wsgi-4.7.1-150400.3.9.4.x86_64 installed. It generates high vulnerability: $ grype --distro sles:15.5 suse15.5_apache2-mod_wsgi:v1 NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY mod-wsgi 4.7.1 4.9.3 python GHSA-7527-8855-9cf8 High...
**What happened**: After updating to grype `0.79.1` which now emits v1.6 spec cyclonedx-json (and cascading that spec change down through all our internal utils that deal with cyclonedx and needed...
**What happened**: Scan on image that has ruby2.5-stdlib-2.5.9-150000.4.29.1.x86_64.noarch installed. It generates vulnerability: NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY stringio 0.0.1 3.0.1.1 gem GHSA-v5h6-c2hv-hv3r High webrick 1.4.2.1 1.6.1 gem GHSA-gwfg-cqmg-cf8f High...