Vulnerability update in gcr.io/atomist-container-skills/lein-deps-tree-skill (branch master)

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

New vulnerability

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/lein-deps-tree-skill`
CVE-2021-42740	critical	`9.8`	`shell-quote` _1.7.2		18

Details

_{Commit ab9623871f376b40cf798e0cf45c9c44fa6380b5

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag ab9623871f376b40cf798e0cf45c9c44fa6380b5

Digest sha256:78c712fb552d082e34bba6bbdfe80db845d82317b18ec8a878dbd9a14bea9c9f

Scanned October 31, 2021, 12:05 AM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability changes detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

New vulnerabilities

CVE	Severity	CVSS	Packages	Fix	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2021-35942	critical	`9.1`	`libc-bin` _2.28-10 `libc-bin` _2.28-10 `libc6` _2.28-10 `libc6` _2.28-10		1
CVE-2021-33574	critical	`9.8`	`libc-bin` _2.28-10 `libc-bin` _2.28-10 `libc6` _2.28-10 `libc6` _2.28-10		1
CVE-2021-29940	critical	`9.8`	`through` _2.3.8		1
CVE-2021-26291	critical	`9.1`	`maven-artifact` _3.6.1 `maven-artifact` _3.6.3 `maven-builder-support` _3.6.1 `maven-builder-support` _3.6.3 `maven-core` _3.6.3 `maven-model` _3.6.1 `maven-model` _3.6.3 `maven-model-builder` _3.6.1 `maven-model-builder` _3.6.3 `maven-repository-metadata` _3.6.1 `maven-repository-metadata` _3.6.3 `maven-resolver-api` _1.3.3 `maven-resolver-api` _1.6.1 `maven-resolver-api` _1.6.2 `maven-resolver-connector-basic` _1.3.3 `maven-resolver-connector-basic` _1.6.1 `maven-resolver-connector-basic` _1.6.2 `maven-resolver-impl` _1.3.3 `maven-resolver-impl` _1.6.1 `maven-resolver-impl` _1.6.2 `maven-resolver-provider` _3.6.1 `maven-resolver-provider` _3.6.3 `maven-resolver-spi` _1.3.3 `maven-resolver-spi` _1.6.1 `maven-resolver-spi` _1.6.2 `maven-resolver-transport-file` _1.3.3 `maven-resolver-transport-file` _1.6.1 `maven-resolver-transport-http` _1.3.3 `maven-resolver-transport-http` _1.6.1 `maven-resolver-transport-wagon` _1.3.3 `maven-resolver-transport-wagon` _1.6.2 `maven-resolver-util` _1.3.3 `maven-resolver-util` _1.6.1 `maven-resolver-util` _1.6.2 `maven-settings` _3.6.3 `maven-settings-builder` _3.6.3 `maven-shared-utils` _3.2.1		1
CVE-2021-22930	critical	`9.8`	`nodejs` _{12.22.1-1nodesource1} `nodejs` _{12.22.1-1nodesource1}		1
CVE-2021-3711	critical	`9.8`	`libssl1.1` _{1.1.1d-0+deb10u6 > 1.1.1d-0+deb10u7} `libssl1.1` _{1.1.1d-0+deb10u6 > 1.1.1d-0+deb10u7} `openssl` _{1.1.1d-0+deb10u6 > 1.1.1d-0+deb10u7} `openssl` _{1.1.1d-0+deb10u6 > 1.1.1d-0+deb10u7}	`x`	1
CVE-2021-3177	critical	`9.8`	`libpython2.7-minimal` _{2.7.16-2+deb10u1} `libpython2.7-minimal` _{2.7.16-2+deb10u1} `python2.7-minimal` _{2.7.16-2+deb10u1} `python2.7-minimal` _{2.7.16-2+deb10u1}		1
CVE-2020-27619	critical	`9.8`	`libpython3.7-minimal` _{3.7.3-2+deb10u3} `libpython3.7-minimal` _{3.7.3-2+deb10u3} `libpython3.7-stdlib` _{3.7.3-2+deb10u3} `libpython3.7-stdlib` _{3.7.3-2+deb10u3} `python3.7` _{3.7.3-2+deb10u3} `python3.7` _{3.7.3-2+deb10u3} `python3.7-minimal` _{3.7.3-2+deb10u3} `python3.7-minimal` _{3.7.3-2+deb10u3}		1
CVE-2020-11656	critical	`9.8`	`libsqlite3-0` _{3.27.2-3+deb10u1} `libsqlite3-0` _{3.27.2-3+deb10u1}		1
CVE-2019-1010022	critical	`9.8`	`libc-bin` _2.28-10 `libc-bin` _2.28-10 `libc6` _2.28-10 `libc6` _2.28-10		1
CVE-2019-9893	critical	`9.8`	`libseccomp2` _2.3.3-4 `libseccomp2` _2.3.3-4		1
CVE-2021-40330	high	`7.5`	`git` _{1:2.20.1-2+deb10u3} `git` _{1:2.20.1-2+deb10u3} `git-man` _{1:2.20.1-2+deb10u3} `git-man` _{1:2.20.1-2+deb10u3}		1
CVE-2021-39537	high	`8.8`	`libncursesw6` _{6.1+20181013-2+deb10u2} `libncursesw6` _{6.1+20181013-2+deb10u2} `libtinfo6` _{6.1+20181013-2+deb10u2} `libtinfo6` _{6.1+20181013-2+deb10u2} `ncurses-base` _{6.1+20181013-2+deb10u2} `ncurses-base` _{6.1+20181013-2+deb10u2} `ncurses-bin` _{6.1+20181013-2+deb10u2} `ncurses-bin` _{6.1+20181013-2+deb10u2}		1
CVE-2021-37714	high	`7.5`	`jsoup` _{1.11.3 > 1.14.2} `jsoup` _{1.12.1 > 1.14.2} `org.jsoup:jsoup` _{1.11.3 > 1.14.2} `org.jsoup:jsoup` _{1.12.1 > 1.14.2}	`x`	1
CVE-2021-37713	high	`8.6`	`tar` _{4.4.13 > 4.4.18}	`x`	1
CVE-2021-37712	high	`8.6`	`tar` _{4.4.13 > 4.4.18}	`x`	1
CVE-2021-37701	high	`8.6`	`tar` _{4.4.13 > 4.4.16}	`x`	1
CVE-2021-36690	high	`7.5`	`libsqlite3-0` _{3.27.2-3+deb10u1} `libsqlite3-0` _{3.27.2-3+deb10u1}		1
CVE-2021-36222	high	`7.5`	`libgssapi-krb5-2` _{1.17-3+deb10u1 > 1.17-3+deb10u2} `libgssapi-krb5-2` _{1.17-3+deb10u1 > 1.17-3+deb10u2} `libk5crypto3` _{1.17-3+deb10u1 > 1.17-3+deb10u2} `libk5crypto3` _{1.17-3+deb10u1 > 1.17-3+deb10u2} `libkrb5-3` _{1.17-3+deb10u1 > 1.17-3+deb10u2} `libkrb5-3` _{1.17-3+deb10u1 > 1.17-3+deb10u2} `libkrb5support0` _{1.17-3+deb10u1 > 1.17-3+deb10u2} `libkrb5support0` _{1.17-3+deb10u1 > 1.17-3+deb10u2}	`x`	1
CVE-2021-32804	high	`8.1`	`tar` _{4.4.13 > 4.4.14}	`x`	1
CVE-2021-32803	high	`8.1`	`tar` _{4.4.13 > 4.4.15}	`x`	1
CVE-2021-28165	high	`7.5`	`jetty-client` _{9.4.36.v20210114} `jetty-http` _{9.4.36.v20210114} `jetty-io` _{9.4.36.v20210114 > 9.4.39} `jetty-util` _{9.4.36.v20210114} `org.eclipse.jetty:jetty-client` _{9.4.36.v20210114 > 9.4.39.v20210325, 10.0.2, 11.0.2} `org.eclipse.jetty:jetty-http` _{9.4.36.v20210114 > 9.4.39.v20210325, 10.0.2, 11.0.2} `org.eclipse.jetty:jetty-io` _{9.4.36.v20210114 > 10.0.2, 9.4.39, 11.0.2} `org.eclipse.jetty:jetty-util` _{9.4.36.v20210114 > 9.4.39.v20210325, 10.0.2, 11.0.2}		1
CVE-2021-27290	high	`7.5`	`ssri` _{6.0.1 > 6.0.2}	`x`	1
CVE-2021-23343	high	`7.5`	`path-parse` _{1.0.6 > 1.0.7}	`x`	1
CVE-2021-22946	high	`7.5`	`libcurl3-gnutls` _{7.64.0-4+deb10u2} `libcurl3-gnutls` _{7.64.0-4+deb10u2}		1
CVE-2021-21300	high	`7.5`	`git` _{1:2.20.1-2+deb10u3} `git` _{1:2.20.1-2+deb10u3} `git-man` _{1:2.20.1-2+deb10u3} `git-man` _{1:2.20.1-2+deb10u3}		1
CVE-2021-3807	high	`7.5`	`ansi-regex` _{3.0.0 > 5.0.1} `ansi-regex` _{4.1.0 > 5.0.1}	`x`	1
CVE-2021-3712	high	`7.4`	`libssl1.1` _{1.1.1d-0+deb10u6 > 1.1.1d-0+deb10u7} `libssl1.1` _{1.1.1d-0+deb10u6 > 1.1.1d-0+deb10u7} `openssl` _{1.1.1d-0+deb10u6 > 1.1.1d-0+deb10u7} `openssl` _{1.1.1d-0+deb10u6 > 1.1.1d-0+deb10u7}	`x`	1
CVE-2021-3326	high	`7.5`	`libc-bin` _2.28-10 `libc-bin` _2.28-10 `libc6` _2.28-10 `libc6` _2.28-10		1
CVE-2020-11080	high	`7.5`	`libnghttp2-14` _{1.36.0-2+deb10u1} `libnghttp2-14` _{1.36.0-2+deb10u1}		1
CVE-2020-8116	high	`7.3`	`dot-prop` _4.2.1		1
CVE-2020-6096	high	`8.1`	`libc-bin` _2.28-10 `libc-bin` _2.28-10 `libc6` _2.28-10 `libc6` _2.28-10		1
CVE-2020-1752	high	`7`	`libc-bin` _2.28-10 `libc-bin` _2.28-10 `libc6` _2.28-10 `libc6` _2.28-10		1
CVE-2020-1751	high	`7`	`libc-bin` _2.28-10 `libc-bin` _2.28-10 `libc6` _2.28-10 `libc6` _2.28-10		1
CVE-2019-1010023	high	`8.8`	`libc-bin` _2.28-10 `libc-bin` _2.28-10 `libc6` _2.28-10 `libc6` _2.28-10		1
CVE-2019-20907	high	`7.5`	`libpython2.7-minimal` _{2.7.16-2+deb10u1} `libpython2.7-minimal` _{2.7.16-2+deb10u1} `python2.7-minimal` _{2.7.16-2+deb10u1} `python2.7-minimal` _{2.7.16-2+deb10u1}		1
CVE-2019-20838	high	`7.5`	`libpcre3` _2:8.39-12 `libpcre3` _2:8.39-12		1
CVE-2019-20454	high	`7.5`	`libpcre2-8-0` _10.32-5 `libpcre2-8-0` _10.32-5		1
CVE-2019-19882	high	`7.8`	`login` _1:4.5-1.1 `login` _1:4.5-1.1 `passwd` _1:4.5-1.1 `passwd` _1:4.5-1.1		1
CVE-2019-19603	high	`7.5`	`libsqlite3-0` _{3.27.2-3+deb10u1} `libsqlite3-0` _{3.27.2-3+deb10u1}		1
CVE-2019-19244	high	`7.5`	`libsqlite3-0` _{3.27.2-3+deb10u1} `libsqlite3-0` _{3.27.2-3+deb10u1}		1
CVE-2019-18276	high	`7.8`	`bash` _5.0-4 `bash` _5.0-4		1
CVE-2019-17543	high	`8.1`	`liblz4-1` _{1.8.3-1+deb10u1} `liblz4-1` _{1.8.3-1+deb10u1}		1
CVE-2019-17498	high	`8.1`	`libssh2-1` _1.8.0-2.1 `libssh2-1` _1.8.0-2.1		1
CVE-2019-15847	high	`7.5`	`gcc-8-base` _8.3.0-6 `gcc-8-base` _8.3.0-6 `libgcc1` _1:8.3.0-6 `libgcc1` _1:8.3.0-6 `libgcc1` _8.3.0-6 `libstdc++6` _8.3.0-6 `libstdc++6` _8.3.0-6		1
CVE-2019-14855	high	`7.5`	`dirmngr` _{2.2.12-1+deb10u1} `dirmngr` _{2.2.12-1+deb10u1} `gnupg` _{2.2.12-1+deb10u1} `gnupg` _{2.2.12-1+deb10u1} `gnupg-l10n` _{2.2.12-1+deb10u1} `gnupg-l10n` _{2.2.12-1+deb10u1} `gnupg-utils` _{2.2.12-1+deb10u1} `gnupg-utils` _{2.2.12-1+deb10u1} `gpg` _{2.2.12-1+deb10u1} `gpg` _{2.2.12-1+deb10u1} `gpg-agent` _{2.2.12-1+deb10u1} `gpg-agent` _{2.2.12-1+deb10u1} `gpg-wks-client` _{2.2.12-1+deb10u1} `gpg-wks-client` _{2.2.12-1+deb10u1} `gpg-wks-server` _{2.2.12-1+deb10u1} `gpg-wks-server` _{2.2.12-1+deb10u1} `gpgconf` _{2.2.12-1+deb10u1} `gpgconf` _{2.2.12-1+deb10u1} `gpgsm` _{2.2.12-1+deb10u1} `gpgsm` _{2.2.12-1+deb10u1} `gpgv` _{2.2.12-1+deb10u1} `gpgv` _{2.2.12-1+deb10u1}		1
CVE-2019-13115	high	`8.1`	`libssh2-1` _1.8.0-2.1 `libssh2-1` _1.8.0-2.1		1
CVE-2019-12290	high	`7.5`	`libidn2-0` _{2.0.5-1+deb10u1} `libidn2-0` _{2.0.5-1+deb10u1}		1
CVE-2019-9923	high	`7.5`	`tar` _1.30+dfsg-6 `tar` _1.30+dfsg-6		1
CVE-2019-9674	high	`7.5`	`libpython2.7-minimal` _{2.7.16-2+deb10u1} `libpython2.7-minimal` _{2.7.16-2+deb10u1} `libpython3.7-minimal` _{3.7.3-2+deb10u3} `libpython3.7-minimal` _{3.7.3-2+deb10u3} `libpython3.7-stdlib` _{3.7.3-2+deb10u3} `libpython3.7-stdlib` _{3.7.3-2+deb10u3} `python2.7-minimal` _{2.7.16-2+deb10u1} `python2.7-minimal` _{2.7.16-2+deb10u1} `python3.7` _{3.7.3-2+deb10u3} `python3.7` _{3.7.3-2+deb10u3} `python3.7-minimal` _{3.7.3-2+deb10u3} `python3.7-minimal` _{3.7.3-2+deb10u3}		1
CVE-2019-9192	high	`7.5`	`libc-bin` _2.28-10 `libc-bin` _2.28-10 `libc6` _2.28-10 `libc6` _2.28-10		1
CVE-2019-3844	high	`7.8`	`libsystemd0` _{241-7~deb10u7} `libsystemd0` _{241-7~deb10u7} `libudev1` _{241-7~deb10u7} `libudev1` _{241-7~deb10u7}		1
CVE-2019-3843	high	`7.8`	`libsystemd0` _{241-7~deb10u7} `libsystemd0` _{241-7~deb10u7} `libudev1` _{241-7~deb10u7} `libudev1` _{241-7~deb10u7}		1
CVE-2018-1000021	high	`8.8`	`git` _{1:2.20.1-2+deb10u3} `git` _{1:2.20.1-2+deb10u3} `git-man` _{1:2.20.1-2+deb10u3} `git-man` _{1:2.20.1-2+deb10u3}		1
CVE-2018-20796	high	`7.5`	`libc-bin` _2.28-10 `libc-bin` _2.28-10 `libc6` _2.28-10 `libc6` _2.28-10		1
CVE-2018-12886	high	`8.1`	`gcc-8-base` _8.3.0-6 `gcc-8-base` _8.3.0-6 `libgcc1` _1:8.3.0-6 `libgcc1` _1:8.3.0-6 `libgcc1` _8.3.0-6 `libstdc++6` _8.3.0-6 `libstdc++6` _8.3.0-6		1
CVE-2018-6829	high	`7.5`	`libgcrypt20` _{1.8.4-5+deb10u1} `libgcrypt20` _{1.8.4-5+deb10u1}		1
CVE-2018-5709	high	`7.5`	`libgssapi-krb5-2` _{1.17-3+deb10u1} `libgssapi-krb5-2` _{1.17-3+deb10u1} `libk5crypto3` _{1.17-3+deb10u1} `libk5crypto3` _{1.17-3+deb10u1} `libkrb5-3` _{1.17-3+deb10u1} `libkrb5-3` _{1.17-3+deb10u1} `libkrb5support0` _{1.17-3+deb10u1} `libkrb5support0` _{1.17-3+deb10u1}		1
CVE-2017-17740	high	`7.5`	`libldap-2.4-2` _{2.4.47+dfsg-3+deb10u6} `libldap-2.4-2` _{2.4.47+dfsg-3+deb10u6} `libldap-common` _{2.4.47+dfsg-3+deb10u6} `libldap-common` _{2.4.47+dfsg-3+deb10u6}		1
CVE-2017-17522	high	`8.8`	`libpython2.7-minimal` _{2.7.16-2+deb10u1} `libpython2.7-minimal` _{2.7.16-2+deb10u1} `libpython3.7-minimal` _{3.7.3-2+deb10u3} `libpython3.7-minimal` _{3.7.3-2+deb10u3} `libpython3.7-stdlib` _{3.7.3-2+deb10u3} `libpython3.7-stdlib` _{3.7.3-2+deb10u3} `python2.7-minimal` _{2.7.16-2+deb10u1} `python2.7-minimal` _{2.7.16-2+deb10u1} `python3.7` _{3.7.3-2+deb10u3} `python3.7` _{3.7.3-2+deb10u3} `python3.7-minimal` _{3.7.3-2+deb10u3} `python3.7-minimal` _{3.7.3-2+deb10u3}		1
CVE-2017-11164	high	`7.5`	`libpcre3` _2:8.39-12 `libpcre3` _2:8.39-12		1
CVE-2017-7246	high	`7.8`	`libpcre3` _2:8.39-12 `libpcre3` _2:8.39-12		1
CVE-2017-7245	high	`7.8`	`libpcre3` _2:8.39-12 `libpcre3` _2:8.39-12		1
CVE-2015-0903	high	`7.5`	`editor` _1.0.0		1
CVE-2011-4116	high	`7.5`	`libperl5.28` _{5.28.1-6+deb10u1} `libperl5.28` _{5.28.1-6+deb10u1} `perl` _{5.28.1-6+deb10u1} `perl` _{5.28.1-6+deb10u1} `perl` _{5.28.1-6+deb10u1} `perl-base` _{5.28.1-6+deb10u1} `perl-base` _{5.28.1-6+deb10u1} `perl-modules-5.28` _{5.28.1-6+deb10u1} `perl-modules-5.28` _{5.28.1-6+deb10u1}		1
CVE-2008-4108	high	`7.2`	`python-minimal` _2.7.16-1 `python-minimal` _2.7.16-1 `python2-minimal` _2.7.16-1 `python2-minimal` _2.7.16-1		1
CVE-2005-2541	high	`10`	`tar` _1.30+dfsg-6 `tar` _1.30+dfsg-6		1
Image `gcr.io/atomist-container-skills/lein-deps-tree-skill`
CVE-2021-42740	critical	`9.8`	`shell-quote` _1.7.2		18
CVE-2021-41720	critical	`9.8`	`lodash` _4.17.21		18
CVE-2021-26291	critical	`9.1`	`maven-artifact` _3.5.3 `maven-builder-support` _3.5.3 `maven-model` _3.5.3 `maven-model-builder` _3.5.3 `maven-repository-metadata` _3.5.3 `maven-resolver-api` _1.1.1 `maven-resolver-connector-basic` _1.0.3 `maven-resolver-impl` _1.1.1 `maven-resolver-provider` _3.5.3 `maven-resolver-spi` _1.1.1 `maven-resolver-transport-file` _1.0.3 `maven-resolver-transport-http` _1.0.3 `maven-resolver-transport-wagon` _1.0.3 `maven-resolver-util` _1.1.1		18
CVE-2020-9548	critical	`9.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-9547	critical	`9.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-9546	critical	`9.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-8840	critical	`9.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.3, 2.8.11.5} `jackson-databind` _{2.9.10.1 > 2.9.10.3}	`x`	18
CVE-2019-20330	critical	`9.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.2, 2.8.11.5} `jackson-databind` _{2.9.10.1 > 2.9.10.2}	`x`	18
CVE-2021-37714	high	`7.5`	`jsoup` _{1.7.2 > 1.14.2} `org.jsoup:jsoup` _{1.7.2 > 1.14.2}	`x`	18
CVE-2021-20190	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.7} `jackson-databind` _{2.9.10.1 > 2.9.10.7}	`x`	18
CVE-2021-3807	high	`7.5`	`ansi-regex` _{6.0.0 > 6.0.1}	`x`	18
CVE-2021-3795	high	`7.5`	`semver-regex` _{2.0.0 > 3.1.3}	`x`	18
CVE-2020-36189	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-36188	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-36187	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-36186	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-36185	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-36184	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-36183	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-36182	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-36181	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-36180	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-36179	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-35728	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-35491	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-35490	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.8} `jackson-databind` _2.9.10.1		18
CVE-2020-25649	high	`7.5`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.10.5.1, 2.9.10.7, 2.6.7.4} `jackson-databind` _{2.9.10.1 > 2.9.10.7}	`x`	18
CVE-2020-24750	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.6} `jackson-databind` _2.9.10.1		18
CVE-2020-24616	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.6} `jackson-databind` _2.9.10.1		18
CVE-2020-14195	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.5} `jackson-databind` _{2.9.10.1 > 2.9.10.5}	`x`	18
CVE-2020-14062	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.5} `jackson-databind` _{2.9.10.1 > 2.9.10.5}	`x`	18
CVE-2020-14061	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.5} `jackson-databind` _{2.9.10.1 > 2.9.10.5}	`x`	18
CVE-2020-14060	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.5} `jackson-databind` _{2.9.10.1 > 2.9.10.5}	`x`	18
CVE-2020-11620	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-11619	high	`8.1`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-11113	high	`8.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-11112	high	`8.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-11111	high	`8.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-10969	high	`8.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-10968	high	`8.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-10673	high	`8.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2020-10672	high	`8.8`	`com.fasterxml.jackson.core:jackson-databind` _{2.9.10.1 > 2.9.10.4} `jackson-databind` _{2.9.10.1 > 2.9.10.4}	`x`	18
CVE-2017-18589	high	`7.5`	`cookie` _0.4.0		18
CVE-2014-1936	high	`7.5`	`rc` _1.2.8		18

Details

_{Commit ab9623871f376b40cf798e0cf45c9c44fa6380b5

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag ab9623871f376b40cf798e0cf45c9c44fa6380b5

Digest sha256:78c712fb552d082e34bba6bbdfe80db845d82317b18ec8a878dbd9a14bea9c9f

Scanned November 2, 2021, 10:21 AM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability update

CVE	Severity	CVSS	Packages	Fix	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2021-43618	~~severity_unspecified~~ > high	~~`n/a`~~ > `7.5`	`gmp` _{2:6.1.2+dfsg-4}		1

Details

_{Commit ab9623871f376b40cf798e0cf45c9c44fa6380b5

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag ab9623871f376b40cf798e0cf45c9c44fa6380b5

Digest sha256:78c712fb552d082e34bba6bbdfe80db845d82317b18ec8a878dbd9a14bea9c9f

Scanned November 19, 2021, 6:20 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability update

CVE	Severity	CVSS	Packages	Fix	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2020-16156	~~medium~~ > high	~~`n/a`~~ > `7.8`	`perl` _{5.28.1-6+deb10u1}		1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned December 18, 2021, 9:41 AM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability update

CVE	Severity	CVSS	Packages	Fix	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2021-45960	~~severity_unspecified~~ > high	~~`n/a`~~ > `7.5`	`expat` _{2.2.6-2+deb10u1}		1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned January 13, 2022, 2:15 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability changes detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability updates

CVE	Severity	CVSS	Packages	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2022-22824	~~severity_unspecified~~ > critical	~~`n/a`~~ > `9.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2022-22823	~~severity_unspecified~~ > critical	~~`n/a`~~ > `9.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2022-22822	~~severity_unspecified~~ > critical	~~`n/a`~~ > `9.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2022-22827	~~severity_unspecified~~ > high	~~`n/a`~~ > `8.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2022-22826	~~severity_unspecified~~ > high	~~`n/a`~~ > `8.8`	`expat` _{2.2.6-2+deb10u1}	1
CVE-2022-22825	~~severity_unspecified~~ > high	~~`n/a`~~ > `8.8`	`expat` _{2.2.6-2+deb10u1}	1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned January 14, 2022, 2:21 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability update

CVE	Severity	CVSS	Packages	Fix	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2021-46143	~~severity_unspecified~~ > high	~~`n/a`~~ > `7.8`	`expat` _{2.2.6-2+deb10u1}		1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned January 15, 2022, 2:26 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

New vulnerability

CVE	Severity	CVSS	Packages	Fix	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2021-3999	high	`n/a`	`glibc` _2.28-10		1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned January 16, 2022, 2:31 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability changes detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability updates

CVE	Severity	CVSS	Packages	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2022-23219	~~severity_unspecified~~ > high	`n/a`	`glibc` _2.28-10	1
CVE-2022-23218	~~severity_unspecified~~ > high	`n/a`	`glibc` _2.28-10	1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned January 19, 2022, 2:46 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability update

CVE	Severity	CVSS	Packages	Fix	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2022-23218	~~high~~ > critical	~~`n/a`~~ > `9.8`	`glibc` _2.28-10		1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned January 21, 2022, 2:55 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability changes detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability updates

CVE	Severity	CVSS	Packages	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2022-23219	~~high~~ > critical	~~`n/a`~~ > `9.8`	`glibc` _2.28-10	1
CVE-2021-44532	~~medium~~ > high	`n/a`	`nodejs` _{16.13.1-deb-1nodesource1}	1
CVE-2021-44531	~~medium~~ > high	`n/a`	`nodejs` _{16.13.1-deb-1nodesource1}	1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned January 22, 2022, 3:01 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability update

CVE	Severity	CVSS	Packages	Fix	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2021-44533	~~medium~~ > high	`n/a`	`nodejs` _{16.13.1-deb-1nodesource1}		1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned January 27, 2022, 4:57 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability update

CVE	Severity	CVSS	Packages	Fix	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2022-23852	~~medium~~ > critical	~~`n/a`~~ > `9.8`	`expat` _{2.2.6-2+deb10u1}		1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned January 28, 2022, 5:22 PM UTC}

atomist[bot] commented 2 years ago

Vulnerabilities

Following vulnerability change detected in image gcr.io/atomist-container-skills/lein-deps-tree-skill from branch master:

Vulnerability update

CVE	Severity	CVSS	Packages	Fix	Line
Base image `gcr.io/atomist-container-skills/clojure-base:openjdk11`
CVE-2022-23990	~~medium~~ > critical	~~`n/a`~~ > `9.8`	`expat` _{2.2.6-2+deb10u1}		1

Details

_{Commit 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Image gcr.io/atomist-container-skills/lein-deps-tree-skill

Tag 9dbdea745a5da30f1a1bbe182cb7cd7ca92555d4

Digest sha256:778ded81ba8cbf50e5b839263e7f42e892f43df3de156a2a746a63b5f9ea0dbe

Scanned February 1, 2022, 5:40 PM UTC}

atomist[bot] commented 2 years ago

Thanks for your contribution!

This issue has been automatically marked with stale because it has not had any activity in last 50 days. It will be closed in 7 days if no further activity occurs. To prevent closing, label with defer or blocked or any of the changelog: labels.

atomist-skills / lein-deps-tree-skill