docker icon indicating copy to clipboard operation
docker copied to clipboard

Published 20 hours ago verified publisher icon getredash

Vulnerabilities in version redash/redash:10.1.0.b50633

Open phillipjohnson opened this issue 2 years ago • 1 comments

Trivy is reporting the following number of vulnerabilities for the version 10.1.0.b50633.

trivy image -s HIGH,CRITICAL redash/redash:10.1.0.b50633

redash/redash:10.1.0.b50633 (debian 10.11)
==========================================
Total: 194 (HIGH: 165, CRITICAL: 29)

Node.js (node-pkg)
==================
Total: 0 (HIGH: 0, CRITICAL: 0)


Python (python-pkg)
===================
Total: 9 (HIGH: 5, CRITICAL: 4)

Would it be possible to bump some of the underlying image layers in a new release to get these numbers down?

phillipjohnson avatar Mar 23 '22 20:03 phillipjohnson

@phillipjohnson - thanks for your comment on my related post ...

https://discuss.redash.io/t/what-to-do-about-hundreds-of-cve-reported-by-scanning-redash-container/10523

I was not aware of trivy - very cool. appreciate the tip on that too 🫡

superwesman avatar May 26 '22 14:05 superwesman