cp-docker-images
cp-docker-images copied to clipboard
Published
20 hours ago •
confluentinc
confluentinc
Vulnerabilities for confluentinc/cp-zookeeper:5.3.1 image
Hello, we used anchore utility for docker image scanning and faced with some security issues
List of high issues:
CVE-2015-5652 Python-2.7.9 High None https://nvd.nist.gov/vuln/detail/CVE-2015-5652
CVE-2016-5636 Python-2.7.9 High None https://nvd.nist.gov/vuln/detail/CVE-2016-5636
CVE-2017-1000158 Python-2.7.9 High None https://nvd.nist.gov/vuln/detail/CVE-2017-1000158
CVE-2019-13404 Python-2.7.9 High None https://nvd.nist.gov/vuln/detail/CVE-2019-13404
CVE-2019-14540 jackson-databind-2.9.9.3 High None https://nvd.nist.gov/vuln/detail/CVE-2019-14540
CVE-2019-14540 jackson-databind-2.9.9.3 High None https://nvd.nist.gov/vuln/detail/CVE-2019-14540
CVE-2019-16335 jackson-databind-2.9.9.3 High None https://nvd.nist.gov/vuln/detail/CVE-2019-16335
CVE-2019-16335 jackson-databind-2.9.9.3 High None https://nvd.nist.gov/vuln/detail/CVE-2019-16335
CVE-2019-5482 curl-7.38.0-4+deb8u15 High 7.38.0-4+deb8u16 https://security-tracker.debian.org/tracker/CVE-2019-5482
CVE-2019-5482 libcurl3-7.38.0-4+deb8u15 High 7.38.0-4+deb8u16 https://security-tracker.debian.org/tracker/CVE-2019-5482
CVE-2019-5482 libcurl3-gnutls-7.38.0-4+deb8u15 High 7.38.0-4+deb8u16 https://security-tracker.debian.org/tracker/CVE-2019-5482
List of medium issues:
CVE-2010-3492 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2010-3492
CVE-2011-3389 libgnutls-deb0-28-3.3.30-0+deb8u1 Medium None https://security-tracker.debian.org/tracker/CVE-2011-3389
CVE-2011-3389 libgnutls-openssl27-3.3.30-0+deb8u1 Medium None https://security-tracker.debian.org/tracker/CVE-2011-3389
CVE-2014-4616 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2014-4616
CVE-2016-0772 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2016-0772
CVE-2016-5699 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2016-5699
CVE-2017-17522 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2017-17522
CVE-2017-18207 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2017-18207
CVE-2017-2616 libblkid1-2.25.2-6 Medium None https://security-tracker.debian.org/tracker/CVE-2017-2616
CVE-2017-2616 libmount1-2.25.2-6 Medium None https://security-tracker.debian.org/tracker/CVE-2017-2616
CVE-2017-2616 libsmartcols1-2.25.2-6 Medium None https://security-tracker.debian.org/tracker/CVE-2017-2616
CVE-2017-2616 libuuid1-2.25.2-6 Medium None https://security-tracker.debian.org/tracker/CVE-2017-2616
CVE-2017-2616 mount-2.25.2-6 Medium None https://security-tracker.debian.org/tracker/CVE-2017-2616
CVE-2017-2616 util-linux-2.25.2-6 Medium None https://security-tracker.debian.org/tracker/CVE-2017-2616
CVE-2018-1000030 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2018-1000030
CVE-2018-10237 guava-11.0.2 Medium None https://nvd.nist.gov/vuln/detail/CVE-2018-10237
CVE-2018-10237 guava-20.0 Medium None https://nvd.nist.gov/vuln/detail/CVE-2018-10237
CVE-2018-1060 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2018-1060
CVE-2018-1061 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2018-1061
CVE-2018-11771 commons-compress-1.8.1 Medium None https://nvd.nist.gov/vuln/detail/CVE-2018-11771
CVE-2018-14647 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2018-14647
CVE-2018-18074 requests-2.11.1 Medium None https://nvd.nist.gov/vuln/detail/CVE-2018-18074
CVE-2018-20852 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2018-20852
CVE-2019-13627 libgcrypt20-1.6.3-2+deb8u5 Medium 1.6.3-2+deb8u6 https://security-tracker.debian.org/tracker/CVE-2019-13627
CVE-2019-1563 libssl1.0.0-1.0.1t-1+deb8u11 Medium 1.0.1t-1+deb8u12 https://security-tracker.debian.org/tracker/CVE-2019-1563
CVE-2019-1563 openssl-1.0.1t-1+deb8u11 Medium 1.0.1t-1+deb8u12 https://security-tracker.debian.org/tracker/CVE-2019-1563
CVE-2019-15903 libexpat1-2.1.0-6+deb8u5 Medium 2.1.0-6+deb8u6 https://security-tracker.debian.org/tracker/CVE-2019-15903
CVE-2019-16056 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2019-16056
CVE-2019-16056 libpython2.7-minimal-2.7.9-2+deb8u4 Medium 2.7.9-2+deb8u5 https://security-tracker.debian.org/tracker/CVE-2019-16056
CVE-2019-16056 libpython2.7-stdlib-2.7.9-2+deb8u4 Medium 2.7.9-2+deb8u5 https://security-tracker.debian.org/tracker/CVE-2019-16056
CVE-2019-16056 python2.7-2.7.9-2+deb8u4 Medium 2.7.9-2+deb8u5 https://security-tracker.debian.org/tracker/CVE-2019-16056
CVE-2019-16056 python2.7-minimal-2.7.9-2+deb8u4 Medium 2.7.9-2+deb8u5 https://security-tracker.debian.org/tracker/CVE-2019-16056
CVE-2019-5094 e2fslibs-1.42.12-2+b1 Medium 1.42.12-2+deb8u1 https://security-tracker.debian.org/tracker/CVE-2019-5094
CVE-2019-5094 e2fsprogs-1.42.12-2+b1 Medium 1.42.12-2+deb8u1 https://security-tracker.debian.org/tracker/CVE-2019-5094
CVE-2019-5094 libcomerr2-1.42.12-2+b1 Medium 1.42.12-2+deb8u1 https://security-tracker.debian.org/tracker/CVE-2019-5094
CVE-2019-5094 libss2-1.42.12-2+b1 Medium 1.42.12-2+deb8u1 https://security-tracker.debian.org/tracker/CVE-2019-5094
CVE-2019-9636 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2019-9636
CVE-2019-9740 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2019-9740
CVE-2019-9947 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2019-9947
CVE-2019-9948 Python-2.7.9 Medium None https://nvd.nist.gov/vuln/detail/CVE-2019-9948
List of low level issues:
```
CVE-2019-1547 libssl1.0.0-1.0.1t-1+deb8u11 Low 1.0.1t-1+deb8u12 https://security-tracker.debian.org/tracker/CVE-2019-1547
CVE-2019-1547 openssl-1.0.1t-1+deb8u11 Low 1.0.1t-1+deb8u12 https://security-tracker.debian.org/tracker/CVE-2019-1547
Thank you for raising this issue. Confluent Platform updates (including image upgrades) are made available on a quarterly cadence. The issues have been addressed at this point in time.
