search

Azure / azure-functions-docker

This repo contains the base Docker images for working with azure functions
MIT License
261 stars 117 forks source link

Cloud Defender: Azure registry container images should have vulnerabilities resolved #1062

Open kousei2040 opened 5 months ago

kousei2040 commented 5 months ago

Getting this in Cloud Defender but not able to resolve as it was not used in code

Using mcr.microsoft.com/azure-functions/python:4.33.1-python3.10

HIGH Vulnerability CVE-2017-0249 - system.net.security needs to be upgraded from 4.3.0.0 to 4.3.1 MEDIUM Vulnerability CVE-2018-8292 - system.net.http needs to be updated to 4.3.0.0 to 4.3.4 MEDIUM Vulnerability CVE-2017-0248 - system.net.security needs to be updated to 4.3.0.0 to 4.3.1 MEDIUM Vulnerability CVE-2017-0256 - system.net.security needs to be updated to 4.3.0.0 to 4.3.1

Container: image

Repository: image

For the used packages: image

This is causing a block to our deployment due to this vulnerability picked up by Cloud Defender

FinVamp1 commented 5 months ago

I was not able to see these issues in my scan. Is there a docker file you can share or a Hash of the image fle?