[SECU] image nlp

[revolunet]

Le container nlp doit être mis à jour niveau dépendances car pas mal de vulns potentielles :

Testing registry.gitlab.factory.social.gouv.fr/socialgouv/code-du-travail-numerique/nlp:facc7023851d2d85703cb5df716cfa1b22dd2c03...

✗ Low severity vulnerability found in shadow/passwd
  Description: CVE-2013-4235
  Info: https://snyk.io/vuln/SNYK-LINUX-SHADOW-106309
  Introduced through: shadow/passwd@1:4.5-1ubuntu2, apt@1.6.11, shadow/login@1:4.5-1ubuntu2
  From: shadow/passwd@1:4.5-1ubuntu2
  From: apt@1.6.11 > adduser@3.116ubuntu1 > shadow/passwd@1:4.5-1ubuntu2
  From: shadow/login@1:4.5-1ubuntu2
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Low severity vulnerability found in openssl/libssl1.1
  Description: Missing Encryption of Sensitive Data
  Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSL-466459
  Introduced through: meta-common-packages@meta, python-pip/python3-pip@9.0.1-2.3~ubuntu1.18.04.1
  From: meta-common-packages@meta > openssl/libssl1.1@1.1.1-1ubuntu2.1~18.04.2
  From: python-pip/python3-pip@9.0.1-2.3~ubuntu1.18.04.1 > ca-certificates@20180409 > openssl@1.1.1-1ubuntu2.1~18.04.2
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in tar
  Description: Out-of-bounds Read
  Info: https://snyk.io/vuln/SNYK-LINUX-TAR-220695
  Introduced through: meta-common-packages@meta
  From: meta-common-packages@meta > tar@1.29b-2ubuntu0.1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in systemd/libsystemd0
  Description: Improper Access Control
  Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-460670
  Introduced through: systemd/libsystemd0@237-3ubuntu10.22, apt/libapt-pkg5.0@1.6.11, procps/libprocps6@2:3.3.12-3ubuntu1.1, util-linux/bsdutils@1:2.31.1-0.4ubuntu3.3, dbus-python/python3-dbus@1.2.6-1, util-linux/mount@2.31.1-0.4ubuntu3.3, python-keyring/python3-keyring@10.6.0-1, systemd/libudev1@237-3ubuntu10.22
  From: systemd/libsystemd0@237-3ubuntu10.22
  From: apt/libapt-pkg5.0@1.6.11 > systemd/libsystemd0@237-3ubuntu10.22
  From: procps/libprocps6@2:3.3.12-3ubuntu1.1 > systemd/libsystemd0@237-3ubuntu10.22
  and 7 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 237-3ubuntu10.28

✗ Medium severity vulnerability found in sqlite3/libsqlite3-0
  Description: Divide By Zero
  Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-466334
  Introduced through: meta-common-packages@meta
  From: meta-common-packages@meta > sqlite3/libsqlite3-0@3.22.0-1ubuntu0.1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in shadow/passwd
  Description: Security Features
  Info: https://snyk.io/vuln/SNYK-LINUX-SHADOW-107359
  Introduced through: shadow/passwd@1:4.5-1ubuntu2, apt@1.6.11, shadow/login@1:4.5-1ubuntu2
  From: shadow/passwd@1:4.5-1ubuntu2
  From: apt@1.6.11 > adduser@3.116ubuntu1 > shadow/passwd@1:4.5-1ubuntu2
  From: shadow/login@1:4.5-1ubuntu2
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in patch
  Description: Link Following
  Info: https://snyk.io/vuln/SNYK-LINUX-PATCH-451939
  Introduced through: patch@2.7.6-2ubuntu1, build-essential@12.4ubuntu1
  From: patch@2.7.6-2ubuntu1
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > patch@2.7.6-2ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 2.7.6-2ubuntu1.1

✗ Medium severity vulnerability found in openssl/libssl1.1
  Description: Use of Insufficiently Random Values
  Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSL-466463
  Introduced through: meta-common-packages@meta, python-pip/python3-pip@9.0.1-2.3~ubuntu1.18.04.1
  From: meta-common-packages@meta > openssl/libssl1.1@1.1.1-1ubuntu2.1~18.04.2
  From: python-pip/python3-pip@9.0.1-2.3~ubuntu1.18.04.1 > ca-certificates@20180409 > openssl@1.1.1-1ubuntu2.1~18.04.2
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in openssl/libssl1.1
  Description: Missing Encryption of Sensitive Data
  Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSL-466465
  Introduced through: meta-common-packages@meta, python-pip/python3-pip@9.0.1-2.3~ubuntu1.18.04.1
  From: meta-common-packages@meta > openssl/libssl1.1@1.1.1-1ubuntu2.1~18.04.2
  From: python-pip/python3-pip@9.0.1-2.3~ubuntu1.18.04.1 > ca-certificates@20180409 > openssl@1.1.1-1ubuntu2.1~18.04.2
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in openldap/libldap-common
  Description: Access Restriction Bypass
  Info: https://snyk.io/vuln/SNYK-LINUX-OPENLDAP-119313
  Introduced through: curl@7.58.0-2ubuntu3.8, git@1:2.17.1-1ubuntu0.4, gnupg2/gnupg@2.2.4-1ubuntu1.2
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2 > openldap/libldap-common@2.4.45+dfsg-1ubuntu1.2
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2
  From: git@1:2.17.1-1ubuntu0.4 > curl/libcurl3-gnutls@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2
  and 1 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in openldap/libldap-common
  Description: Improper Authentication
  Info: https://snyk.io/vuln/SNYK-LINUX-OPENLDAP-455341
  Introduced through: curl@7.58.0-2ubuntu3.8, git@1:2.17.1-1ubuntu0.4, gnupg2/gnupg@2.2.4-1ubuntu1.2
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2 > openldap/libldap-common@2.4.45+dfsg-1ubuntu1.2
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2
  From: git@1:2.17.1-1ubuntu0.4 > curl/libcurl3-gnutls@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2
  and 1 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 2.4.45+dfsg-1ubuntu1.3

✗ Medium severity vulnerability found in openldap/libldap-common
  Description: Improper Authentication
  Info: https://snyk.io/vuln/SNYK-LINUX-OPENLDAP-455343
  Introduced through: curl@7.58.0-2ubuntu3.8, git@1:2.17.1-1ubuntu0.4, gnupg2/gnupg@2.2.4-1ubuntu1.2
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2 > openldap/libldap-common@2.4.45+dfsg-1ubuntu1.2
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2
  From: git@1:2.17.1-1ubuntu0.4 > curl/libcurl3-gnutls@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2
  and 1 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 2.4.45+dfsg-1ubuntu1.3

✗ Medium severity vulnerability found in nettle/libnettle6
  Description: Cryptographic Issues
  Info: https://snyk.io/vuln/SNYK-LINUX-NETTLE-177804
  Introduced through: nettle/libnettle6@3.4-1, git@1:2.17.1-1ubuntu0.4, curl@7.58.0-2ubuntu3.8, nettle/libhogweed4@3.4-1
  From: nettle/libnettle6@3.4-1
  From: git@1:2.17.1-1ubuntu0.4 > curl/libcurl3-gnutls@7.58.0-2ubuntu3.8 > nettle/libnettle6@3.4-1
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > rtmpdump/librtmp1@2.4+20151223.gitfa8646d.1-1 > nettle/libnettle6@3.4-1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in libtasn1-6
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-LIBTASN16-172697
  Introduced through: libtasn1-6@4.13-2, curl@7.58.0-2ubuntu3.8
  From: libtasn1-6@4.13-2
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2 > gnutls28/libgnutls30@3.5.18-1ubuntu1.1 > libtasn1-6@4.13-2
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in libgcrypt20
  Description: Cryptographic Issues
  Info: https://snyk.io/vuln/SNYK-LINUX-LIBGCRYPT20-450655
  Introduced through: libgcrypt20@1.8.1-4ubuntu1.1, gnupg2/gpgv@2.2.4-1ubuntu1.2, gnupg2/gpgconf@2.2.4-1ubuntu1.2, apt/libapt-pkg5.0@1.6.11, gnupg2/gnupg@2.2.4-1ubuntu1.2
  From: libgcrypt20@1.8.1-4ubuntu1.1
  From: gnupg2/gpgv@2.2.4-1ubuntu1.2 > libgcrypt20@1.8.1-4ubuntu1.1
  From: gnupg2/gpgconf@2.2.4-1ubuntu1.2 > libgcrypt20@1.8.1-4ubuntu1.1
  and 8 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in libgcrypt20
  Description: Race Condition
  Info: https://snyk.io/vuln/SNYK-LINUX-LIBGCRYPT20-460484
  Introduced through: libgcrypt20@1.8.1-4ubuntu1.1, gnupg2/gpgv@2.2.4-1ubuntu1.2, gnupg2/gpgconf@2.2.4-1ubuntu1.2, apt/libapt-pkg5.0@1.6.11, gnupg2/gnupg@2.2.4-1ubuntu1.2
  From: libgcrypt20@1.8.1-4ubuntu1.1
  From: gnupg2/gpgv@2.2.4-1ubuntu1.2 > libgcrypt20@1.8.1-4ubuntu1.1
  From: gnupg2/gpgconf@2.2.4-1ubuntu1.2 > libgcrypt20@1.8.1-4ubuntu1.1
  and 8 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in krb5/libkrb5support0
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-LINUX-KRB5-221142
  Introduced through: curl@7.58.0-2ubuntu3.8, git@1:2.17.1-1ubuntu0.4
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > krb5/libgssapi-krb5-2@1.16-2ubuntu0.1 > krb5/libkrb5support0@1.16-2ubuntu0.1
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > krb5/libgssapi-krb5-2@1.16-2ubuntu0.1 > krb5/libk5crypto3@1.16-2ubuntu0.1 > krb5/libkrb5support0@1.16-2ubuntu0.1
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > krb5/libgssapi-krb5-2@1.16-2ubuntu0.1 > krb5/libkrb5-3@1.16-2ubuntu0.1 > krb5/libkrb5support0@1.16-2ubuntu0.1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in gnutls28/libgnutls30
  Description: Cryptographic Issues
  Info: https://snyk.io/vuln/SNYK-LINUX-GNUTLS28-178366
  Introduced through: gnutls28/libgnutls30@3.5.18-1ubuntu1.1, apt@1.6.11, git@1:2.17.1-1ubuntu0.4, gnupg2/gnupg@2.2.4-1ubuntu1.2, curl@7.58.0-2ubuntu3.8
  From: gnutls28/libgnutls30@3.5.18-1ubuntu1.1
  From: apt@1.6.11 > gnutls28/libgnutls30@3.5.18-1ubuntu1.1
  From: git@1:2.17.1-1ubuntu0.4 > curl/libcurl3-gnutls@7.58.0-2ubuntu3.8 > gnutls28/libgnutls30@3.5.18-1ubuntu1.1
  and 3 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in glibc/libc6-dev
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-107098
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in glibc/libc6-dev
  Description: Improper Data Handling
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-108050
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in glibc/libc6-dev
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-257895
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in glibc/libc6-dev
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-259447
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in glib2.0/libglib2.0-0
  Description: Cryptographic Issues
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIB20-112085
  Introduced through: glib2.0/libglib2.0-0@2.56.4-0ubuntu0.18.04.3, dbus-python/python3-dbus@1.2.6-1, pygobject/python3-gi@3.26.1-2ubuntu1, shared-mime-info@1.9-2, glib2.0/libglib2.0-data@2.56.4-0ubuntu0.18.04.3
  From: glib2.0/libglib2.0-0@2.56.4-0ubuntu0.18.04.3
  From: dbus-python/python3-dbus@1.2.6-1 > glib2.0/libglib2.0-0@2.56.4-0ubuntu0.18.04.3
  From: pygobject/python3-gi@3.26.1-2ubuntu1 > glib2.0/libglib2.0-0@2.56.4-0ubuntu0.18.04.3
  and 4 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in e2fsprogs/libext2fs2
  Description: Out-of-bounds Write
  Info: https://snyk.io/vuln/SNYK-LINUX-E2FSPROGS-468973
  Introduced through: e2fsprogs/libext2fs2@1.44.1-1ubuntu1.1, e2fsprogs@1.44.1-1ubuntu1.1, e2fsprogs/libss2@1.44.1-1ubuntu1.1, meta-common-packages@meta
  From: e2fsprogs/libext2fs2@1.44.1-1ubuntu1.1
  From: e2fsprogs@1.44.1-1ubuntu1.1 > e2fsprogs/libext2fs2@1.44.1-1ubuntu1.1
  From: e2fsprogs/libss2@1.44.1-1ubuntu1.1
  and 3 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 1.44.1-1ubuntu1.2

✗ Medium severity vulnerability found in coreutils
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-LINUX-COREUTILS-104909
  Introduced through: coreutils@8.28-1ubuntu1
  From: coreutils@8.28-1ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-103671
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Out-of-bounds Write
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-112071
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-128255
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-130995
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: NULL Pointer Dereference
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-140876
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: NULL Pointer Dereference
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-146541
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Out-of-bounds Read
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-150282
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-159655
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-171165
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: NULL Pointer Dereference
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-173369
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-173414
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Resource Exhaustion
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-173420
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-173422
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-173427
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-173746
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Resource Exhaustion
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-173906
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-174825
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: NULL Pointer Dereference
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-174826
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: NULL Pointer Dereference
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-174838
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Resource Exhaustion
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-174869
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Resource Exhaustion
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-174870
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Integer Overflow or Wraparound
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-180552
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-185805
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: NULL Pointer Dereference
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-235893
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Integer Overflow or Wraparound
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-246088
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ Medium severity vulnerability found in binutils
  Description: Integer Overflow or Wraparound
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-455991
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in xdg-user-dirs
  Description: Access Restriction Bypass
  Info: https://snyk.io/vuln/SNYK-LINUX-XDGUSERDIRS-158582
  Introduced through: xdg-user-dirs@0.17-1ubuntu1
  From: xdg-user-dirs@0.17-1ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in util-linux/libmount1
  Description: CVE-2018-7738
  Info: https://snyk.io/vuln/SNYK-LINUX-UTILLINUX-108356
  Introduced through: util-linux/libmount1@2.31.1-0.4ubuntu3.3, util-linux/mount@2.31.1-0.4ubuntu3.3, util-linux/fdisk@2.31.1-0.4ubuntu3.3, dbus-python/python3-dbus@1.2.6-1, util-linux/libblkid1@2.31.1-0.4ubuntu3.3, e2fsprogs@1.44.1-1ubuntu1.1, util-linux/libuuid1@2.31.1-0.4ubuntu3.3, util-linux@2.31.1-0.4ubuntu3.3, sysvinit/sysvinit-utils@2.88dsf-59.10ubuntu1, util-linux/bsdutils@1:2.31.1-0.4ubuntu3.3, util-linux/libfdisk1@2.31.1-0.4ubuntu3.3, util-linux/libsmartcols1@2.31.1-0.4ubuntu3.3
  From: util-linux/libmount1@2.31.1-0.4ubuntu3.3
  From: util-linux/mount@2.31.1-0.4ubuntu3.3 > util-linux/libmount1@2.31.1-0.4ubuntu3.3
  From: util-linux/fdisk@2.31.1-0.4ubuntu3.3 > util-linux/libmount1@2.31.1-0.4ubuntu3.3
  and 26 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in unzip
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-UNZIP-107689
  Introduced through: unzip@6.0-21ubuntu1
  From: unzip@6.0-21ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in systemd/libsystemd0
  Description: Access Restriction Bypass
  Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-445382
  Introduced through: systemd/libsystemd0@237-3ubuntu10.22, apt/libapt-pkg5.0@1.6.11, procps/libprocps6@2:3.3.12-3ubuntu1.1, util-linux/bsdutils@1:2.31.1-0.4ubuntu3.3, dbus-python/python3-dbus@1.2.6-1, util-linux/mount@2.31.1-0.4ubuntu3.3, python-keyring/python3-keyring@10.6.0-1, systemd/libudev1@237-3ubuntu10.22
  From: systemd/libsystemd0@237-3ubuntu10.22
  From: apt/libapt-pkg5.0@1.6.11 > systemd/libsystemd0@237-3ubuntu10.22
  From: procps/libprocps6@2:3.3.12-3ubuntu1.1 > systemd/libsystemd0@237-3ubuntu10.22
  and 7 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in systemd/libsystemd0
  Description: Access Restriction Bypass
  Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-445385
  Introduced through: systemd/libsystemd0@237-3ubuntu10.22, apt/libapt-pkg5.0@1.6.11, procps/libprocps6@2:3.3.12-3ubuntu1.1, util-linux/bsdutils@1:2.31.1-0.4ubuntu3.3, dbus-python/python3-dbus@1.2.6-1, util-linux/mount@2.31.1-0.4ubuntu3.3, python-keyring/python3-keyring@10.6.0-1, systemd/libudev1@237-3ubuntu10.22
  From: systemd/libsystemd0@237-3ubuntu10.22
  From: apt/libapt-pkg5.0@1.6.11 > systemd/libsystemd0@237-3ubuntu10.22
  From: procps/libprocps6@2:3.3.12-3ubuntu1.1 > systemd/libsystemd0@237-3ubuntu10.22
  and 7 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in systemd/libsystemd0
  Description: Credentials Management
  Info: https://snyk.io/vuln/SNYK-LINUX-SYSTEMD-446728
  Introduced through: systemd/libsystemd0@237-3ubuntu10.22, apt/libapt-pkg5.0@1.6.11, procps/libprocps6@2:3.3.12-3ubuntu1.1, util-linux/bsdutils@1:2.31.1-0.4ubuntu3.3, dbus-python/python3-dbus@1.2.6-1, util-linux/mount@2.31.1-0.4ubuntu3.3, python-keyring/python3-keyring@10.6.0-1, systemd/libudev1@237-3ubuntu10.22
  From: systemd/libsystemd0@237-3ubuntu10.22
  From: apt/libapt-pkg5.0@1.6.11 > systemd/libsystemd0@237-3ubuntu10.22
  From: procps/libprocps6@2:3.3.12-3ubuntu1.1 > systemd/libsystemd0@237-3ubuntu10.22
  and 7 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in sqlite3/libsqlite3-0
  Description: Integer Overflow or Wraparound
  Info: https://snyk.io/vuln/SNYK-LINUX-SQLITE3-449600
  Introduced through: meta-common-packages@meta
  From: meta-common-packages@meta > sqlite3/libsqlite3-0@3.22.0-1ubuntu0.1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in pyxdg/python3-xdg
  Description: XML Injection
  Info: https://snyk.io/vuln/SNYK-LINUX-PYXDG-448924
  Introduced through: pyxdg/python3-xdg@0.25-4ubuntu1
  From: pyxdg/python3-xdg@0.25-4ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in pcre3/libpcre3
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-PCRE3-115388
  Introduced through: meta-common-packages@meta
  From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-9
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in pcre3/libpcre3
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-PCRE3-123374
  Introduced through: meta-common-packages@meta
  From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-9
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in pcre3/libpcre3
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-PCRE3-126449
  Introduced through: meta-common-packages@meta
  From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-9
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in patch
  Description: Double Free
  Info: https://snyk.io/vuln/SNYK-LINUX-PATCH-118966
  Introduced through: patch@2.7.6-2ubuntu1, build-essential@12.4ubuntu1
  From: patch@2.7.6-2ubuntu1
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > patch@2.7.6-2ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in patch
  Description: OS Command Injection
  Info: https://snyk.io/vuln/SNYK-LINUX-PATCH-451978
  Introduced through: patch@2.7.6-2ubuntu1, build-essential@12.4ubuntu1
  From: patch@2.7.6-2ubuntu1
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > patch@2.7.6-2ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 2.7.6-2ubuntu1.1

✗ High severity vulnerability found in patch
  Description: OS Command Injection
  Info: https://snyk.io/vuln/SNYK-LINUX-PATCH-459564
  Introduced through: patch@2.7.6-2ubuntu1, build-essential@12.4ubuntu1
  From: patch@2.7.6-2ubuntu1
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > patch@2.7.6-2ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 2.7.6-2ubuntu1.1

✗ High severity vulnerability found in openssl/libssl1.1
  Description: Cryptographic Issues
  Info: https://snyk.io/vuln/SNYK-LINUX-OPENSSL-439848
  Introduced through: meta-common-packages@meta, python-pip/python3-pip@9.0.1-2.3~ubuntu1.18.04.1
  From: meta-common-packages@meta > openssl/libssl1.1@1.1.1-1ubuntu2.1~18.04.2
  From: python-pip/python3-pip@9.0.1-2.3~ubuntu1.18.04.1 > ca-certificates@20180409 > openssl@1.1.1-1ubuntu2.1~18.04.2
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in nghttp2/libnghttp2-14
  Description: Resource Exhaustion
  Info: https://snyk.io/vuln/SNYK-LINUX-NGHTTP2-459147
  Introduced through: curl@7.58.0-2ubuntu3.8, git@1:2.17.1-1ubuntu0.4
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > nghttp2/libnghttp2-14@1.30.0-1ubuntu1
  From: git@1:2.17.1-1ubuntu0.4 > curl/libcurl3-gnutls@7.58.0-2ubuntu3.8 > nghttp2/libnghttp2-14@1.30.0-1ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in nghttp2/libnghttp2-14
  Description: Resource Exhaustion
  Info: https://snyk.io/vuln/SNYK-LINUX-NGHTTP2-459189
  Introduced through: curl@7.58.0-2ubuntu3.8, git@1:2.17.1-1ubuntu0.4
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > nghttp2/libnghttp2-14@1.30.0-1ubuntu1
  From: git@1:2.17.1-1ubuntu0.4 > curl/libcurl3-gnutls@7.58.0-2ubuntu3.8 > nghttp2/libnghttp2-14@1.30.0-1ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in libzstd/libzstd1
  Description: Race Condition
  Info: https://snyk.io/vuln/SNYK-LINUX-LIBZSTD-455527
  Introduced through: meta-common-packages@meta
  From: meta-common-packages@meta > libzstd/libzstd1@1.3.3+dfsg-2ubuntu1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 1.3.3+dfsg-2ubuntu1.1

✗ High severity vulnerability found in libidn2/libidn2-0
  Description: Out-of-bounds Write
  Info: https://snyk.io/vuln/SNYK-LINUX-LIBIDN2-474085
  Introduced through: libidn2/libidn2-0@2.0.4-1.1build2, curl@7.58.0-2ubuntu3.8, git@1:2.17.1-1ubuntu0.4
  From: libidn2/libidn2-0@2.0.4-1.1build2
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > libidn2/libidn2-0@2.0.4-1.1build2
  From: git@1:2.17.1-1ubuntu0.4 > curl/libcurl3-gnutls@7.58.0-2ubuntu3.8 > libidn2/libidn2-0@2.0.4-1.1build2
  and 2 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in krb5/libkrb5support0
  Description: Integer Overflow or Wraparound
  Info: https://snyk.io/vuln/SNYK-LINUX-KRB5-116700
  Introduced through: curl@7.58.0-2ubuntu3.8, git@1:2.17.1-1ubuntu0.4
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > krb5/libgssapi-krb5-2@1.16-2ubuntu0.1 > krb5/libkrb5support0@1.16-2ubuntu0.1
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > krb5/libgssapi-krb5-2@1.16-2ubuntu0.1 > krb5/libk5crypto3@1.16-2ubuntu0.1 > krb5/libkrb5support0@1.16-2ubuntu0.1
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > krb5/libgssapi-krb5-2@1.16-2ubuntu0.1 > krb5/libkrb5-3@1.16-2ubuntu0.1 > krb5/libkrb5support0@1.16-2ubuntu0.1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in heimdal/libhcrypto4-heimdal
  Description: Key Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-HEIMDAL-446600
  Introduced through: curl@7.58.0-2ubuntu3.8, meta-common-packages@meta
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2 > heimdal/libgssapi3-heimdal@7.5.0+dfsg-1 > heimdal/libhcrypto4-heimdal@7.5.0+dfsg-1
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2 > heimdal/libgssapi3-heimdal@7.5.0+dfsg-1 > heimdal/libheimntlm0-heimdal@7.5.0+dfsg-1 > heimdal/libhcrypto4-heimdal@7.5.0+dfsg-1
  From: curl@7.58.0-2ubuntu3.8 > curl/libcurl4@7.58.0-2ubuntu3.8 > openldap/libldap-2.4-2@2.4.45+dfsg-1ubuntu1.2 > heimdal/libgssapi3-heimdal@7.5.0+dfsg-1 > heimdal/libheimntlm0-heimdal@7.5.0+dfsg-1 > heimdal/libkrb5-26-heimdal@7.5.0+dfsg-1 > heimdal/libhcrypto4-heimdal@7.5.0+dfsg-1
  and 12 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in gnupg2/gpgv
  Description: Improper Validation of Certificate with Host Mismatch
  Info: https://snyk.io/vuln/SNYK-LINUX-GNUPG2-452423
  Introduced through: gnupg2/gpgv@2.2.4-1ubuntu1.2, apt@1.6.11, gnupg2/gnupg@2.2.4-1ubuntu1.2, gnupg2/dirmngr@2.2.4-1ubuntu1.2, gnupg2/gpgconf@2.2.4-1ubuntu1.2, gnupg2/gnupg-l10n@2.2.4-1ubuntu1.2, gnupg2/gnupg-utils@2.2.4-1ubuntu1.2, gnupg2/gpg@2.2.4-1ubuntu1.2, gnupg2/gpg-agent@2.2.4-1ubuntu1.2, gnupg2/gpg-wks-client@2.2.4-1ubuntu1.2, gnupg2/gpg-wks-server@2.2.4-1ubuntu1.2, gnupg2/gpgsm@2.2.4-1ubuntu1.2
  From: gnupg2/gpgv@2.2.4-1ubuntu1.2
  From: apt@1.6.11 > gnupg2/gpgv@2.2.4-1ubuntu1.2
  From: gnupg2/gnupg@2.2.4-1ubuntu1.2 > gnupg2/gpgv@2.2.4-1ubuntu1.2
  and 27 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in glibc/libc6-dev
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-121976
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in glibc/libc6-dev
  Description: Integer Overflow or Wraparound
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-138936
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in glibc/libc6-dev
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-176185
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in glibc/libc6-dev
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-438096
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in glibc/libc6-dev
  Description: Out-of-bounds Read
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-438153
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in glibc/libc6-dev
  Description: Improper Data Handling
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-438155
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in glibc/libc6-dev
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIBC-438162
  Introduced through: glibc/libc6-dev@2.27-3ubuntu1, build-essential@12.4ubuntu1, python3-defaults/python3-dev@3.6.7-1~18.04, glibc/libc-dev-bin@2.27-3ubuntu1, glibc/libc-bin@2.27-3ubuntu1, meta-common-packages@meta
  From: glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > glibc/libc6-dev@2.27-3ubuntu1
  From: build-essential@12.4ubuntu1 > gcc-defaults/g++@4:7.4.0-1ubuntu2.3 > gcc-7/g++-7@7.4.0-1ubuntu1~18.04.1 > gcc-7/libstdc++-7-dev@7.4.0-1ubuntu1~18.04.1 > glibc/libc6-dev@2.27-3ubuntu1
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in glib2.0/libglib2.0-0
  Description: Permission Issues
  Info: https://snyk.io/vuln/SNYK-LINUX-GLIB20-451222
  Introduced through: glib2.0/libglib2.0-0@2.56.4-0ubuntu0.18.04.3, dbus-python/python3-dbus@1.2.6-1, pygobject/python3-gi@3.26.1-2ubuntu1, shared-mime-info@1.9-2, glib2.0/libglib2.0-data@2.56.4-0ubuntu0.18.04.3
  From: glib2.0/libglib2.0-0@2.56.4-0ubuntu0.18.04.3
  From: dbus-python/python3-dbus@1.2.6-1 > glib2.0/libglib2.0-0@2.56.4-0ubuntu0.18.04.3
  From: pygobject/python3-gi@3.26.1-2ubuntu1 > glib2.0/libglib2.0-0@2.56.4-0ubuntu0.18.04.3
  and 4 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 2.56.4-0ubuntu0.18.04.4

✗ High severity vulnerability found in git/git-man
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-LINUX-GIT-129319
  Introduced through: git@1:2.17.1-1ubuntu0.4
  From: git@1:2.17.1-1ubuntu0.4 > git/git-man@1:2.17.1-1ubuntu0.4
  From: git@1:2.17.1-1ubuntu0.4
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in expat/libexpat1-dev
  Description: XML External Entity (XXE) Injection
  Info: https://snyk.io/vuln/SNYK-LINUX-EXPAT-450908
  Introduced through: expat/libexpat1-dev@2.2.5-3, python3-defaults/python3-dev@3.6.7-1~18.04, git@1:2.17.1-1ubuntu0.4, python-keyring/python3-keyring@10.6.0-1, python3-defaults/python3@3.6.7-1~18.04
  From: expat/libexpat1-dev@2.2.5-3
  From: python3-defaults/python3-dev@3.6.7-1~18.04 > python3.6/python3.6-dev@3.6.8-1~18.04.3 > expat/libexpat1-dev@2.2.5-3
  From: python3-defaults/python3-dev@3.6.7-1~18.04 > python3-defaults/libpython3-dev@3.6.7-1~18.04 > python3.6/libpython3.6-dev@3.6.8-1~18.04.3 > expat/libexpat1-dev@2.2.5-3
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 2.2.5-3ubuntu0.1

✗ High severity vulnerability found in expat/libexpat1-dev
  Description: XML External Entity (XXE) Injection
  Info: https://snyk.io/vuln/SNYK-LINUX-EXPAT-460765
  Introduced through: expat/libexpat1-dev@2.2.5-3, python3-defaults/python3-dev@3.6.7-1~18.04, git@1:2.17.1-1ubuntu0.4, python-keyring/python3-keyring@10.6.0-1, python3-defaults/python3@3.6.7-1~18.04
  From: expat/libexpat1-dev@2.2.5-3
  From: python3-defaults/python3-dev@3.6.7-1~18.04 > python3.6/python3.6-dev@3.6.8-1~18.04.3 > expat/libexpat1-dev@2.2.5-3
  From: python3-defaults/python3-dev@3.6.7-1~18.04 > python3-defaults/libpython3-dev@3.6.7-1~18.04 > python3.6/libpython3.6-dev@3.6.8-1~18.04.3 > expat/libexpat1-dev@2.2.5-3
  and 5 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 2.2.5-3ubuntu0.2

✗ High severity vulnerability found in dpkg/libdpkg-perl
  Description: Directory Traversal
  Info: https://snyk.io/vuln/SNYK-LINUX-DPKG-130415
  Introduced through: dpkg/libdpkg-perl@1.19.0.5ubuntu2.1, build-essential@12.4ubuntu1, dpkg/dpkg-dev@1.19.0.5ubuntu2.1, meta-common-packages@meta
  From: dpkg/libdpkg-perl@1.19.0.5ubuntu2.1
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > dpkg/libdpkg-perl@1.19.0.5ubuntu2.1
  From: dpkg/dpkg-dev@1.19.0.5ubuntu2.1
  and 2 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in bzip2
  Description: Out-of-bounds Write
  Info: https://snyk.io/vuln/SNYK-LINUX-BZIP2-450767
  Introduced through: bzip2@1.0.6-8.1, build-essential@12.4ubuntu1, meta-common-packages@meta
  From: bzip2@1.0.6-8.1
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > bzip2@1.0.6-8.1
  From: meta-common-packages@meta > bzip2/libbz2-1.0@1.0.6-8.1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)
  Fixed in: 1.0.6-8.1ubuntu0.2

✗ High severity vulnerability found in binutils
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-171215
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in binutils
  Description: NULL Pointer Dereference
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-171216
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in binutils
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-171217
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in binutils
  Description: Out-of-bounds Write
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-171218
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in binutils
  Description: Out-of-Bounds
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-180568
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in binutils
  Description: Integer Overflow or Wraparound
  Info: https://snyk.io/vuln/SNYK-LINUX-BINUTILS-202970
  Introduced through: binutils@2.30-21ubuntu1~18.04.2, gcc-7@7.4.0-1ubuntu1~18.04.1, build-essential@12.4ubuntu1, binutils/binutils-common@2.30-21ubuntu1~18.04.2, binutils/binutils-x86-64-linux-gnu@2.30-21ubuntu1~18.04.2, binutils/libbinutils@2.30-21ubuntu1~18.04.2
  From: binutils@2.30-21ubuntu1~18.04.2
  From: gcc-7@7.4.0-1ubuntu1~18.04.1 > binutils@2.30-21ubuntu1~18.04.2
  From: build-essential@12.4ubuntu1 > dpkg/dpkg-dev@1.19.0.5ubuntu2.1 > binutils@2.30-21ubuntu1~18.04.2
  and 9 more...
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

✗ High severity vulnerability found in apparmor/libapparmor1
  Description: Security Features
  Info: https://snyk.io/vuln/SNYK-LINUX-APPARMOR-111398
  Introduced through: apparmor/libapparmor1@2.12-4ubuntu5.1, python-keyring/python3-keyring@10.6.0-1
  From: apparmor/libapparmor1@2.12-4ubuntu5.1
  From: python-keyring/python3-keyring@10.6.0-1 > python-secretstorage/python3-secretstorage@2.3.1-2 > dbus@1.12.2-1ubuntu1.1 > apparmor/libapparmor1@2.12-4ubuntu5.1
  Introduced by your base image (tensorflow/tensorflow:1.14.0-py3)

Organization:      socialgouv
Package manager:   deb
Target file:       ./packages/code-du-travail-nlp/Dockerfile
Docker image:      registry.gitlab.factory.social.gouv.fr/socialgouv/code-du-travail-numerique/nlp:facc7023851d2d85703cb5df716cfa1b22dd2c03
Base image:        tensorflow/tensorflow:1.14.0-py3
Licenses:          enabled

Tested 242 dependencies for known issues, found 93 issues.

[lionelB]

@ArmandGiraud right on time #1558

[lionelB]

we probably should try to migrate to Tf (not TeamFortress) 2

[ArmandGiraud]

Unfortunately, we can't bump to tf 2.0 since this package does not allow backward compatibility, Sentence Piece also compatible only with tf 1.3. Might be solvable by compiling tensorflow from source. Might be worth waiting the test of other frameworks.

[revolunet]

meanwhile can we make sure this container is not exposed directly but behind the API ?

[lionelB]

should we close it since nlp container is no more exposed and @rmelisson reduced a lot of these errors

[revolunet]

yep thanks