zero-to-jupyterhub-k8s
zero-to-jupyterhub-k8s copied to clipboard
Published
20 hours ago •
jupyterhub
jupyterhub
Vulnerability patch in hub
trafficstars
A rebuild of quay.io/jupyterhub/k8s-hub has been found to influence the detected vulnerabilities! This PR will trigger a rebuild because it has updated a comment in the Dockerfile.
About
This scan for known vulnerabilities has been made by aquasecurity/trivy. Trivy was configured to filter the vulnerabilities with the following settings:
- ignore-unfixed:
true
Before
Before trying to rebuild the image, the following vulnerabilities was detected in quay.io/jupyterhub/k8s-hub:4.0.0-0.dev.git.6588.hd5ba9a9f.
| Target | Vuln. ID | Package Name | Installed v. | Fixed v. |
|---|---|---|---|---|
| debian | CVE-2022-48624 | less | 551-2 | 551-2+deb11u2 |
| debian | CVE-2024-32487 | less | 551-2 | 551-2+deb11u2 |
| debian | CVE-2024-33599 | libc-bin | 2.31-13+deb11u9 | 2.31-13+deb11u10 |
| debian | CVE-2024-33599 | libc6 | 2.31-13+deb11u9 | 2.31-13+deb11u10 |
| debian | CVE-2024-33600 | libc-bin | 2.31-13+deb11u9 | 2.31-13+deb11u10 |
| debian | CVE-2024-33600 | libc6 | 2.31-13+deb11u9 | 2.31-13+deb11u10 |
| debian | CVE-2024-33601 | libc-bin | 2.31-13+deb11u9 | 2.31-13+deb11u10 |
| debian | CVE-2024-33601 | libc6 | 2.31-13+deb11u9 | 2.31-13+deb11u10 |
| debian | CVE-2024-33602 | libc-bin | 2.31-13+deb11u9 | 2.31-13+deb11u10 |
| debian | CVE-2024-33602 | libc6 | 2.31-13+deb11u9 | 2.31-13+deb11u10 |
After
| Target | Vuln. ID | Package Name | Installed v. | Fixed v. |
|---|
