Vulnerability update in gcr.io/atomist-container-skills/yamllint-skill (branch main)

atomist[bot] commented 3 years ago

Vulnerabilities

Following vulnerability changes detected in image gcr.io/atomist-container-skills/yamllint-skill from branch main:

Vulnerability updates

CVE	Severity	CVSS	Packages	Fix	`FROM`	Line
CVE-2021-38300	~~_severityunspecified~~ > high	~~`n/a`~~ > `7.8`	`linux-libc-dev` _5.10.46-4			3
CVE-2020-21598	~~_severityunspecified~~ > high	`8.8`	`libde265-0` _1.0.8-1			3

Details

_{Commit 8bb57876e2058ad703bf0a2632fc0ca4e339ab4a

Image gcr.io/atomist-container-skills/yamllint-skill

Tag 8bb57876e2058ad703bf0a2632fc0ca4e339ab4a

Digest sha256:da7847ea98f31922c50bd420b24042c1c0eb0b753b531ecd58735f853c379399

Scanned September 30, 2021, 12:01 AM UTC}

atomist[bot] commented 3 years ago

Vulnerabilities

Following vulnerability changes detected in image gcr.io/atomist-container-skills/yamllint-skill from branch main:

Vulnerability updates

CVE	Severity	CVSS	Packages	Fix	`FROM`	Line
CVE-2021-38300	~~_severityunspecified~~ > high	~~`n/a`~~ > `7.8`	`linux-libc-dev` _5.10.46-4			3
CVE-2020-21598	~~_severityunspecified~~ > high	`8.8`	`libde265-0` _1.0.8-1			3

Details

_{Commit 8bb57876e2058ad703bf0a2632fc0ca4e339ab4a

Image gcr.io/atomist-container-skills/yamllint-skill

Tag 8bb57876e2058ad703bf0a2632fc0ca4e339ab4a

Digest sha256:da7847ea98f31922c50bd420b24042c1c0eb0b753b531ecd58735f853c379399

Scanned September 30, 2021, 12:01 AM UTC}

atomist[bot] commented 3 years ago

Vulnerabilities

Following vulnerability changes detected in image gcr.io/atomist-container-skills/yamllint-skill from branch main:

New vulnerability

CVE	Severity	CVSS	Packages	Fix	Line
Base image `python:rc`
CVE-2021-20322	high	`n/a`	`linux-libc-dev` _{5.10.46-5 > 5.10.70-1}	`x`	1

Vulnerability updates

CVE	Severity	CVSS	Packages	Fix	Line
Image `gcr.io/atomist-container-skills/yamllint-skill`
CVE-2019-1010022	critical	~~`7.5`~~ > `9.8`	`libc-bin` _2.31-13 `libc-dev-bin` _2.31-13 `libc6` _2.31-13 `libc6-dev` _2.31-13		3
CVE-2017-17479	critical	~~`7.5`~~ > `9.8`	`libopenjp2-7` _2.4.0-3 `libopenjp2-7-dev` _2.4.0-3		3
CVE-2017-9117	critical	~~`7.5`~~ > `9.8`	`libtiff-dev` _4.2.0-1 `libtiff5` _4.2.0-1 `libtiffxx5` _4.2.0-1		3
CVE-2021-42252	~~severity_unspecified~~ > high	~~`n/a`~~ > `7.8`	`linux-libc-dev` _{5.10.46-5 > 5.10.70-1}	`x`	3
CVE-2019-1010023	high	~~`6.8`~~ > `8.8`	`libc-bin` _2.31-13 `libc-dev-bin` _2.31-13 `libc6` _2.31-13 `libc6-dev` _2.31-13		3
CVE-2019-12456	high	~~`7.2`~~ > `7.8`	`linux-libc-dev` _5.10.46-5		3
CVE-2019-9192	high	~~`5`~~ > `7.5`	`libc-bin` _2.31-13 `libc-dev-bin` _2.31-13 `libc6` _2.31-13 `libc6-dev` _2.31-13		3
CVE-2018-20796	high	~~`5`~~ > `7.5`	`libc-bin` _2.31-13 `libc-dev-bin` _2.31-13 `libc6` _2.31-13 `libc6-dev` _2.31-13		3
CVE-2018-18483	high	~~`6.8`~~ > `7.8`	`binutils` _2.35.2-2 `binutils-common` _2.35.2-2 `binutils-x86-64-linux-gnu` _2.35.2-2 `libbinutils` _2.35.2-2 `libctf-nobfd0` _2.35.2-2 `libctf0` _2.35.2-2		3
CVE-2018-16376	high	~~`6.8`~~ > `8.8`	`libopenjp2-7` _2.4.0-3 `libopenjp2-7-dev` _2.4.0-3		3
CVE-2018-16375	high	~~`6.8`~~ > `8.8`	`libopenjp2-7` _2.4.0-3 `libopenjp2-7-dev` _2.4.0-3		3
CVE-2018-12934	high	~~`5`~~ > `7.5`	`binutils` _2.35.2-2 `binutils-common` _2.35.2-2 `binutils-x86-64-linux-gnu` _2.35.2-2 `libbinutils` _2.35.2-2 `libctf-nobfd0` _2.35.2-2 `libctf0` _2.35.2-2		3
CVE-2018-6951	high	~~`5`~~ > `7.5`	`patch` _2.7.6-7		3
CVE-2018-6829	high	~~`5`~~ > `7.5`	`libgcrypt20` _1.8.7-6		3
CVE-2017-17973	high	~~`6.8`~~ > `8.8`	`libtiff-dev` _4.2.0-1 `libtiff5` _4.2.0-1 `libtiffxx5` _4.2.0-1		3
CVE-2017-17740	high	~~`5`~~ > `7.5`	`libldap-2.4-2` _{2.4.57+dfsg-3}		3
CVE-2017-16232	high	~~`5`~~ > `7.5`	`libtiff-dev` _4.2.0-1 `libtiff5` _4.2.0-1 `libtiffxx5` _4.2.0-1		3
CVE-2017-7246	high	~~`6.8`~~ > `7.8`	`libpcre16-3` _2:8.39-13 `libpcre3` _2:8.39-13 `libpcre3-dev` _2:8.39-13 `libpcre32-3` _2:8.39-13 `libpcrecpp0v5` _2:8.39-13		3
CVE-2017-7245	high	~~`6.8`~~ > `7.8`	`libpcre16-3` _2:8.39-13 `libpcre3` _2:8.39-13 `libpcre3-dev` _2:8.39-13 `libpcre32-3` _2:8.39-13 `libpcrecpp0v5` _2:8.39-13		3
CVE-2017-5563	high	~~`6.8`~~ > `8.8`	`libtiff-dev` _4.2.0-1 `libtiff5` _4.2.0-1 `libtiffxx5` _4.2.0-1		3
CVE-2016-9918	high	~~`5`~~ > `7.5`	`libbluetooth-dev` _5.55-3.1 `libbluetooth3` _5.55-3.1		3
CVE-2016-9581	high	~~`6.8`~~ > `8.8`	`libopenjp2-7` _2.4.0-3 `libopenjp2-7-dev` _2.4.0-3		3
CVE-2016-9580	high	~~`6.8`~~ > `8.8`	`libopenjp2-7` _2.4.0-3 `libopenjp2-7-dev` _2.4.0-3		3
CVE-2016-9114	high	~~`5`~~ > `7.5`	`libopenjp2-7` _2.4.0-3 `libopenjp2-7-dev` _2.4.0-3		3
CVE-2016-9113	high	~~`5`~~ > `7.5`	`libopenjp2-7` _2.4.0-3 `libopenjp2-7-dev` _2.4.0-3		3

Details

_{Commit 0a216df93cde9f24888dcbc6a2d8c910e2baad95

Image gcr.io/atomist-container-skills/yamllint-skill

Tag 0a216df93cde9f24888dcbc6a2d8c910e2baad95

Digest sha256:2da395323eb2ba056aec14c43e1e73ac11b11703633b876734da61abc40ef0b2

Scanned October 20, 2021, 12:01 AM UTC}

atomist-skills / yamllint-skill