Vulnerability update in gcr.io/atomist-container-skills/clj-checks-skill (unstable)

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability changes detected in image gcr.io/atomist-container-skills/clj-checks-skill set as unstable:

Vulnerability updates

CVE	Severity	CVSS	Packages	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-42739	~~severity_unspecified~~ > high	~~`n/a`~~ > `7.8`	`linux-libc-dev` _4.19.194-3	12
CVE-2021-42327	~~severity_unspecified~~ > high	~~`n/a`~~ > `7.8`	`linux-libc-dev` _4.19.194-3	12

Details

_{Commit 9cd86280b5dfdde91ffe3ebe48b6afdfdd96fa9e

Image gcr.io/atomist-container-skills/clj-checks-skill

Tag 9cd86280b5dfdde91ffe3ebe48b6afdfdd96fa9e

Digest sha256:64820ccc2d7133db7ab8d972e3b14276f9a20f64c9facc6823c1111e396fcf24

Scanned October 28, 2021, 12:06 AM UTC

unstable set October 7, 2021, 7:29 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/clj-checks-skill set as unstable:

New vulnerability

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-42740	critical	`9.8`	`shell-quote` _1.7.2		23

Details

_{Commit 9cd86280b5dfdde91ffe3ebe48b6afdfdd96fa9e

Image gcr.io/atomist-container-skills/clj-checks-skill

Tag 9cd86280b5dfdde91ffe3ebe48b6afdfdd96fa9e

Digest sha256:64820ccc2d7133db7ab8d972e3b14276f9a20f64c9facc6823c1111e396fcf24

Scanned October 31, 2021, 12:01 AM UTC

unstable set October 7, 2021, 7:29 PM UTC}

atomist[bot] commented 2 years ago

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-43975	high	`7.8`	`linux-libc-dev` _4.19.194-3		9

CVE	Severity	CVSS	Packages	Fix	Line
Base image `clojure:openjdk-11-lein-2.9.3`
CVE-2021-43618	~~severity_unspecified~~ > high	~~`n/a`~~ > `7.5`	`gmp` _{2:6.1.2+dfsg-4}		1

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-3918	critical	`9.8`	`json-schema` _{0.2.3 > 0.4.0}	`x`	12
CVE-2021-4028	high	`n/a`	`linux-libc-dev` _4.19.194-3		9

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-3864	high	`n/a`	`linux-libc-dev` _4.19.194-3		9

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-0920	~~medium~~ > high	`n/a`	`linux` _{4.19.194-3 > 4.19.208-1}	`x`	9

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-4083	high	`n/a`	`linux-libc-dev` _4.19.194-3		9

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-44733	high	`n/a`	`linux-libc-dev` _4.19.194-3		9

CVE	Severity	CVSS	Packages	Line
Base image `clojure:openjdk-11-lein-2.9.3`
CVE-2020-16156	~~medium~~ > high	~~`n/a`~~ > `7.8`	`perl` _{5.28.1-6+deb10u1}	1
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-37322	~~critical~~ > high	~~`9.8`~~ > `7.8`	`binutils` _2.31.1-16	9

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-0929	~~low~~ > high	`7.8`	`linux` _4.19.194-3		9

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-45469	~~severity_unspecified~~ > high	`n/a`	`linux` _4.19.194-3		9

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-39685	~~medium~~ > high	`n/a`	`linux` _4.19.194-3		9

CVE	Severity	CVSS	Packages	Fix	Line
Base image `clojure:openjdk-11-lein-2.9.3`
CVE-2021-45960	~~severity_unspecified~~ > high	~~`n/a`~~ > `7.5`	`expat` _{2.2.6-2+deb10u1}		1
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-45485	~~severity_unspecified~~ > high	~~`n/a`~~ > `7.5`	`linux` _{4.19.194-3 > 4.19.208-1}	`x`	9

CVE	Severity	CVSS	Packages	Line
Base image `clojure:openjdk-11-lein-2.9.3`
CVE-2022-22824	~~severity_unspecified~~ > critical	~~`n/a`~~ > `9.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2022-22823	~~severity_unspecified~~ > critical	~~`n/a`~~ > `9.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2022-22822	~~severity_unspecified~~ > critical	~~`n/a`~~ > `9.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2022-22827	~~severity_unspecified~~ > high	~~`n/a`~~ > `8.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2022-22826	~~severity_unspecified~~ > high	~~`n/a`~~ > `8.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2022-22825	~~severity_unspecified~~ > high	~~`n/a`~~ > `8.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2021-46143	~~severity_unspecified~~ > high	~~`n/a`~~ > `7.8`	`expat` _{2.2.6-2+deb10u1}	1

CVE	Severity	CVSS	Packages	Line
Base image `clojure:openjdk-11-lein-2.9.3`
CVE-2022-23219	~~severity_unspecified~~ > high	`n/a`	`glibc` _2.28-10	1
CVE-2022-23218	~~severity_unspecified~~ > high	`n/a`	`glibc` _2.28-10	1
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2022-23219	~~severity_unspecified~~ > high	`n/a`	`glibc` _2.28-10	9
CVE-2022-23218	~~severity_unspecified~~ > high	`n/a`	`glibc` _2.28-10	9

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2021-44533	~~medium~~ > high	`n/a`	`nodejs` _{12.22.6-deb-1nodesource1}		12

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2022-0330	~~severity_unspecified~~ > high	`n/a`	`linux` _4.19.194-3		9

CVE	Severity	CVSS	Packages	Fix	Line
Base image `clojure:openjdk-11-lein-2.9.3`
CVE-2022-23852	~~medium~~ > critical	~~`n/a`~~ > `9.8`	`expat` _{2.2.6-2+deb10u1}		1

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2022-22942	~~severity_unspecified~~ > high	`n/a`	`linux` _4.19.194-3		9

CVE	Severity	CVSS	Packages	Fix	Line
Base image `clojure:openjdk-11-lein-2.9.3`
CVE-2022-23990	~~medium~~ > critical	~~`n/a`~~ > `9.8`	`expat` _{2.2.6-2+deb10u1}		1

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/clj-checks-skill`
CVE-2022-0487	high	`n/a`	`linux` _4.19.194-3		9

atomist-skills / clj-checks-skill