search

bzkf / onco-analytics-on-fhir

Onco Analytics on FHIR
GNU Affero General Public License v3.0
6 stars 3 forks source link

chore(deps): update docker.io/bitnami/kafka:3.6.1 docker digest to 9f05290 #159

Open renovate[bot] opened 6 months ago

renovate[bot] commented 6 months ago

This PR contains the following updates:

Package Update Change
docker.io/bitnami/kafka (source) digest b525405 -> 9f05290

Configuration

📅 Schedule: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.

github-actions[bot] commented 6 months ago

🦙 MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Elapsed time
✅ ACTION actionlint 6 0 0.11s
✅ BASH bash-exec 2 0 0.03s
✅ BASH shellcheck 2 0 0.11s
✅ BASH shfmt 2 0 0.04s
✅ DOCKERFILE hadolint 2 0 0.19s
✅ EDITORCONFIG editorconfig-checker 86 0 0.53s
✅ ENV dotenv-linter 1 0 0.02s
✅ JSON jsonlint 3 0 0.19s
✅ JSON prettier 3 0 0.65s
✅ JSON v8r 3 0 4.41s
⚠️ MARKDOWN markdownlint 8 99 1.42s
⚠️ MARKDOWN markdown-table-formatter 8 1 0.42s
✅ PYTHON bandit 7 0 1.35s
✅ PYTHON black 7 0 1.96s
✅ PYTHON flake8 7 0 0.95s
✅ PYTHON isort 7 0 0.39s
✅ PYTHON mypy 7 0 2.29s
✅ PYTHON pyright 7 0 8.38s
✅ PYTHON ruff 7 0 0.06s
✅ REPOSITORY checkov yes no 19.85s
✅ REPOSITORY dustilock yes no 1.85s
✅ REPOSITORY gitleaks yes no 1.01s
✅ REPOSITORY git_diff yes no 0.02s
✅ REPOSITORY grype yes no 16.31s
✅ REPOSITORY kics yes no 41.67s
✅ REPOSITORY secretlint yes no 1.04s
✅ REPOSITORY syft yes no 0.42s
✅ REPOSITORY trivy yes no 9.8s
✅ REPOSITORY trivy-sbom yes no 1.4s
✅ REPOSITORY trufflehog yes no 5.39s
✅ XML xmllint 3 0 0.02s
✅ YAML prettier 28 0 1.2s
✅ YAML v8r 28 0 39.77s
✅ YAML yamllint 28 0 0.65s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

_MegaLinter is graciously provided by OX Security_

github-actions[bot] commented 1 week ago

Trivy image scan report

ghcr.io/bzkf/onco-analytics-on-fhir/obds-fhir-to-opal:pr-159 (debian 11.7)

53 known vulnerabilities found (HIGH: 28 MEDIUM: 19 LOW: 2 CRITICAL: 4)

Show detailed table of vulnerabilities
Package ID Severity Installed Version Fixed Version
bsdutils CVE-2024-28085 HIGH 1:2.36.1-8+deb11u1 2.36.1-8+deb11u2
libblkid1 CVE-2024-28085 HIGH 2.36.1-8+deb11u1 2.36.1-8+deb11u2
libc-bin CVE-2023-4911 HIGH 2.31-13+deb11u6 2.31-13+deb11u7
libc-bin CVE-2024-2961 HIGH 2.31-13+deb11u6 2.31-13+deb11u9
libc-bin CVE-2024-33599 HIGH 2.31-13+deb11u6 2.31-13+deb11u10
libc-bin CVE-2024-33600 MEDIUM 2.31-13+deb11u6 2.31-13+deb11u10
libc-bin CVE-2024-33601 MEDIUM 2.31-13+deb11u6 2.31-13+deb11u10
libc-bin CVE-2024-33602 MEDIUM 2.31-13+deb11u6 2.31-13+deb11u10
libc6 CVE-2023-4911 HIGH 2.31-13+deb11u6 2.31-13+deb11u7
libc6 CVE-2024-2961 HIGH 2.31-13+deb11u6 2.31-13+deb11u9
libc6 CVE-2024-33599 HIGH 2.31-13+deb11u6 2.31-13+deb11u10
libc6 CVE-2024-33600 MEDIUM 2.31-13+deb11u6 2.31-13+deb11u10
libc6 CVE-2024-33601 MEDIUM 2.31-13+deb11u6 2.31-13+deb11u10
libc6 CVE-2024-33602 MEDIUM 2.31-13+deb11u6 2.31-13+deb11u10
libgnutls30 CVE-2024-0553 HIGH 3.7.1-5+deb11u3 3.7.1-5+deb11u5
libgnutls30 CVE-2024-0567 HIGH 3.7.1-5+deb11u3 3.7.1-5+deb11u5
libgnutls30 CVE-2023-5981 MEDIUM 3.7.1-5+deb11u3 3.7.1-5+deb11u4
libgnutls30 CVE-2024-28834 MEDIUM 3.7.1-5+deb11u3 3.7.1-5+deb11u6
libgnutls30 CVE-2024-28835 MEDIUM 3.7.1-5+deb11u3 3.7.1-5+deb11u6
libgssapi-krb5-2 CVE-2024-37371 CRITICAL 1.18.3-6+deb11u3 1.18.3-6+deb11u5
libgssapi-krb5-2 CVE-2024-37370 HIGH 1.18.3-6+deb11u3 1.18.3-6+deb11u5
libgssapi-krb5-2 CVE-2023-36054 MEDIUM 1.18.3-6+deb11u3 1.18.3-6+deb11u4
libk5crypto3 CVE-2024-37371 CRITICAL 1.18.3-6+deb11u3 1.18.3-6+deb11u5
libk5crypto3 CVE-2024-37370 HIGH 1.18.3-6+deb11u3 1.18.3-6+deb11u5
libk5crypto3 CVE-2023-36054 MEDIUM 1.18.3-6+deb11u3 1.18.3-6+deb11u4
libkrb5-3 CVE-2024-37371 CRITICAL 1.18.3-6+deb11u3 1.18.3-6+deb11u5
libkrb5-3 CVE-2024-37370 HIGH 1.18.3-6+deb11u3 1.18.3-6+deb11u5
libkrb5-3 CVE-2023-36054 MEDIUM 1.18.3-6+deb11u3 1.18.3-6+deb11u4
libkrb5support0 CVE-2024-37371 CRITICAL 1.18.3-6+deb11u3 1.18.3-6+deb11u5
libkrb5support0 CVE-2024-37370 HIGH 1.18.3-6+deb11u3 1.18.3-6+deb11u5
libkrb5support0 CVE-2023-36054 MEDIUM 1.18.3-6+deb11u3 1.18.3-6+deb11u4
libmount1 CVE-2024-28085 HIGH 2.36.1-8+deb11u1 2.36.1-8+deb11u2
libncurses6 CVE-2023-29491 HIGH 6.2+20201114-2+deb11u1 6.2+20201114-2+deb11u2
libncursesw6 CVE-2023-29491 HIGH 6.2+20201114-2+deb11u1 6.2+20201114-2+deb11u2
libsmartcols1 CVE-2024-28085 HIGH 2.36.1-8+deb11u1 2.36.1-8+deb11u2
libssl1.1 CVE-2023-3446 MEDIUM 1.1.1n-0+deb11u5 1.1.1v-0~deb11u1
libssl1.1 CVE-2023-3817 MEDIUM 1.1.1n-0+deb11u5 1.1.1v-0~deb11u1
libsystemd0 CVE-2023-50387 HIGH 247.3-7+deb11u4 247.3-7+deb11u6
libsystemd0 CVE-2023-50868 HIGH 247.3-7+deb11u4 247.3-7+deb11u6
libsystemd0 CVE-2023-7008 MEDIUM 247.3-7+deb11u4 247.3-7+deb11u6
libtinfo6 CVE-2023-29491 HIGH 6.2+20201114-2+deb11u1 6.2+20201114-2+deb11u2
libudev1 CVE-2023-50387 HIGH 247.3-7+deb11u4 247.3-7+deb11u6
libudev1 CVE-2023-50868 HIGH 247.3-7+deb11u4 247.3-7+deb11u6
libudev1 CVE-2023-7008 MEDIUM 247.3-7+deb11u4 247.3-7+deb11u6
libuuid1 CVE-2024-28085 HIGH 2.36.1-8+deb11u1 2.36.1-8+deb11u2
mount CVE-2024-28085 HIGH 2.36.1-8+deb11u1 2.36.1-8+deb11u2
ncurses-base CVE-2023-29491 HIGH 6.2+20201114-2+deb11u1 6.2+20201114-2+deb11u2
openssl CVE-2023-3446 MEDIUM 1.1.1n-0+deb11u5 1.1.1v-0~deb11u1
openssl CVE-2023-3817 MEDIUM 1.1.1n-0+deb11u5 1.1.1v-0~deb11u1
perl-base CVE-2023-47038 HIGH 5.32.1-4+deb11u2 5.32.1-4+deb11u3
tar CVE-2022-48303 LOW 1.34+dfsg-1 1.34+dfsg-1+deb11u1
tar CVE-2023-39804 LOW 1.34+dfsg-1 1.34+dfsg-1+deb11u1
util-linux CVE-2024-28085 HIGH 2.36.1-8+deb11u1 2.36.1-8+deb11u2

No Misconfigurations found

Java

237 known vulnerabilities found (MEDIUM: 82 LOW: 16 CRITICAL: 18 HIGH: 121)

Show detailed table of vulnerabilities
Package ID Severity Installed Version Fixed Version
ca.uhn.hapi.fhir:org.hl7.fhir.r4 CVE-2024-45294 HIGH 5.6.971 6.3.23
ca.uhn.hapi.fhir:org.hl7.fhir.r4 CVE-2024-45294 HIGH 5.6.971 6.3.23
ca.uhn.hapi.fhir:org.hl7.fhir.r4 CVE-2024-45294 HIGH 5.6.971 6.3.23
ca.uhn.hapi.fhir:org.hl7.fhir.utilities CVE-2024-45294 HIGH 5.6.971 6.3.23
ca.uhn.hapi.fhir:org.hl7.fhir.utilities CVE-2024-45294 HIGH 5.6.971 6.3.23
ca.uhn.hapi.fhir:org.hl7.fhir.utilities CVE-2024-45294 HIGH 5.6.971 6.3.23
ch.qos.logback:logback-classic CVE-2023-6378 HIGH 1.2.11 1.3.12, 1.4.12, 1.2.13
ch.qos.logback:logback-classic CVE-2023-6378 HIGH 1.2.11 1.3.12, 1.4.12, 1.2.13
ch.qos.logback:logback-core CVE-2023-6378 HIGH 1.2.11 1.3.12, 1.4.12, 1.2.13
ch.qos.logback:logback-core CVE-2023-6378 HIGH 1.2.11 1.3.12, 1.4.12, 1.2.13
com.amazonaws:aws-java-sdk-s3 CVE-2022-31159 HIGH 1.11.1026 1.12.261
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 HIGH 2.11.4 2.13.2.1, 2.12.6.1
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 HIGH 2.11.4 2.12.6, 2.13.1
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 HIGH 2.11.4 2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 HIGH 2.11.4 2.12.7.1, 2.13.4
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 HIGH 2.13.0 2.13.2.1, 2.12.6.1
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 HIGH 2.13.0 2.13.2.1, 2.12.6.1
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 HIGH 2.13.0 2.13.2.1, 2.12.6.1
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 HIGH 2.13.0 2.12.6, 2.13.1
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 HIGH 2.13.0 2.12.6, 2.13.1
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 HIGH 2.13.0 2.12.6, 2.13.1
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 HIGH 2.13.0 2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 HIGH 2.13.0 2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 HIGH 2.13.0 2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 HIGH 2.13.0 2.12.7.1, 2.13.4
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 HIGH 2.13.0 2.12.7.1, 2.13.4
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 HIGH 2.13.0 2.12.7.1, 2.13.4
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 HIGH 2.13.4 2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind CVE-2017-17485 CRITICAL 2.6.7.4 2.9.4, 2.8.11, 2.7.9.2
com.fasterxml.jackson.core:jackson-databind CVE-2018-11307 CRITICAL 2.6.7.4 2.7.9.4, 2.8.11.2, 2.9.6
com.fasterxml.jackson.core:jackson-databind CVE-2018-14719 CRITICAL 2.6.7.4 2.9.7, 2.8.11.3, 2.7.9.5
com.fasterxml.jackson.core:jackson-databind CVE-2018-7489 CRITICAL 2.6.7.4 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
com.fasterxml.jackson.core:jackson-databind CVE-2019-14379 CRITICAL 2.6.7.4 2.9.9.2, 2.8.11.4, 2.7.9.6
com.fasterxml.jackson.core:jackson-databind CVE-2019-17267 CRITICAL 2.6.7.4 2.9.10, 2.8.11.5
com.fasterxml.jackson.core:jackson-databind CVE-2020-9547 CRITICAL 2.6.7.4 2.9.10.4, 2.8.11.6, 2.7.9.7
com.fasterxml.jackson.core:jackson-databind CVE-2020-9548 CRITICAL 2.6.7.4 2.9.10.4, 2.8.11.6, 2.7.9.7
com.fasterxml.jackson.core:jackson-databind CVE-2018-12022 HIGH 2.6.7.4 2.7.9.4, 2.8.11.2, 2.9.6
com.fasterxml.jackson.core:jackson-databind CVE-2018-5968 HIGH 2.6.7.4 2.8.11.1, 2.9.4, 2.7.9.5
com.fasterxml.jackson.core:jackson-databind CVE-2020-10650 HIGH 2.6.7.4 2.9.10.4
com.fasterxml.jackson.core:jackson-databind CVE-2020-24616 HIGH 2.6.7.4 2.9.10.6
com.fasterxml.jackson.core:jackson-databind CVE-2020-24750 HIGH 2.6.7.4 2.6.7.5, 2.9.10.6
com.fasterxml.jackson.core:jackson-databind CVE-2020-35490 HIGH 2.6.7.4 2.9.10.8
com.fasterxml.jackson.core:jackson-databind CVE-2020-35491 HIGH 2.6.7.4 2.9.10.8
com.fasterxml.jackson.core:jackson-databind CVE-2020-35728 HIGH 2.6.7.4 2.9.10.8
com.fasterxml.jackson.core:jackson-databind CVE-2020-36179 HIGH 2.6.7.4 2.9.10.8, 2.6.7.5
com.fasterxml.jackson.core:jackson-databind CVE-2020-36180 HIGH 2.6.7.4 2.9.10.8, 2.6.7.5
com.fasterxml.jackson.core:jackson-databind CVE-2020-36181 HIGH 2.6.7.4 2.9.10.8, 2.6.7.5
com.fasterxml.jackson.core:jackson-databind CVE-2020-36182 HIGH 2.6.7.4 2.9.10.8, 2.6.7.5
com.fasterxml.jackson.core:jackson-databind CVE-2020-36183 HIGH 2.6.7.4 2.9.10.8, 2.6.7.5
com.fasterxml.jackson.core:jackson-databind CVE-2020-36184 HIGH 2.6.7.4 2.9.10.8
com.fasterxml.jackson.core:jackson-databind CVE-2020-36185 HIGH 2.6.7.4 2.9.10.8
com.fasterxml.jackson.core:jackson-databind CVE-2020-36186 HIGH 2.6.7.4 2.9.10.8
com.fasterxml.jackson.core:jackson-databind CVE-2020-36187 HIGH 2.6.7.4 2.9.10.8
com.fasterxml.jackson.core:jackson-databind CVE-2020-36188 HIGH 2.6.7.4 2.9.10.8, 2.6.7.5
com.fasterxml.jackson.core:jackson-databind CVE-2020-36189 HIGH 2.6.7.4 2.9.10.8, 2.6.7.5
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 HIGH 2.6.7.4 2.13.2.1, 2.12.6.1
com.fasterxml.jackson.core:jackson-databind CVE-2021-20190 HIGH 2.6.7.4 2.9.10.7, 2.6.7.5
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 HIGH 2.6.7.4 2.12.7.1, 2.13.4.2
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 HIGH 2.6.7.4 2.12.7.1, 2.13.4
com.fasterxml.woodstox:woodstox-core CVE-2022-40152 MEDIUM 5.3.0 6.4.0, 5.4.0
com.fasterxml.woodstox:woodstox-core CVE-2022-40152 MEDIUM 5.3.0 6.4.0, 5.4.0
com.fasterxml.woodstox:woodstox-core CVE-2022-40152 MEDIUM 5.3.0 6.4.0, 5.4.0
com.google.code.gson:gson CVE-2022-25647 HIGH 2.2.4 2.8.9
com.google.code.gson:gson CVE-2022-25647 HIGH 2.8.6 2.8.9
com.google.guava:guava CVE-2018-10237 MEDIUM 14.0.1 24.1.1-android
com.google.guava:guava CVE-2018-10237 MEDIUM 14.0.1 24.1.1-android
com.google.guava:guava CVE-2023-2976 MEDIUM 14.0.1 32.0.0-android
com.google.guava:guava CVE-2023-2976 MEDIUM 14.0.1 32.0.0-android
com.google.guava:guava CVE-2020-8908 LOW 14.0.1 32.0.0-android
com.google.guava:guava CVE-2020-8908 LOW 14.0.1 32.0.0-android
com.google.guava:guava CVE-2023-2976 MEDIUM 30.1.1-jre 32.0.0-android
com.google.guava:guava CVE-2023-2976 MEDIUM 30.1.1-jre 32.0.0-android
com.google.guava:guava CVE-2023-2976 MEDIUM 30.1.1-jre 32.0.0-android
com.google.guava:guava CVE-2020-8908 LOW 30.1.1-jre 32.0.0-android
com.google.guava:guava CVE-2020-8908 LOW 30.1.1-jre 32.0.0-android
com.google.guava:guava CVE-2020-8908 LOW 30.1.1-jre 32.0.0-android
com.google.guava:guava CVE-2023-2976 MEDIUM 31.0.1-jre 32.0.0-android
com.google.guava:guava CVE-2023-2976 MEDIUM 31.0.1-jre 32.0.0-android
com.google.guava:guava CVE-2023-2976 MEDIUM 31.0.1-jre 32.0.0-android
com.google.guava:guava CVE-2020-8908 LOW 31.0.1-jre 32.0.0-android
com.google.guava:guava CVE-2020-8908 LOW 31.0.1-jre 32.0.0-android
com.google.guava:guava CVE-2020-8908 LOW 31.0.1-jre 32.0.0-android
com.google.protobuf:protobuf-java CVE-2021-22569 HIGH 2.5.0 3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java CVE-2021-22570 HIGH 2.5.0 3.15.0
com.google.protobuf:protobuf-java CVE-2022-3509 HIGH 2.5.0 3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java CVE-2022-3510 HIGH 2.5.0 3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java CVE-2022-3171 MEDIUM 2.5.0 3.21.7, 3.20.3, 3.19.6, 3.16.3
com.google.protobuf:protobuf-java CVE-2021-22569 HIGH 3.3.0 3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java CVE-2021-22570 HIGH 3.3.0 3.15.0
com.google.protobuf:protobuf-java CVE-2022-3509 HIGH 3.3.0 3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java CVE-2022-3510 HIGH 3.3.0 3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java CVE-2022-3171 MEDIUM 3.3.0 3.21.7, 3.20.3, 3.19.6, 3.16.3
com.google.protobuf:protobuf-java CVE-2021-22569 HIGH 3.7.1 3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java CVE-2021-22569 HIGH 3.7.1 3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java CVE-2021-22569 HIGH 3.7.1 3.16.1, 3.18.2, 3.19.2
com.google.protobuf:protobuf-java CVE-2021-22570 HIGH 3.7.1 3.15.0
com.google.protobuf:protobuf-java CVE-2021-22570 HIGH 3.7.1 3.15.0
com.google.protobuf:protobuf-java CVE-2021-22570 HIGH 3.7.1 3.15.0
com.google.protobuf:protobuf-java CVE-2022-3509 HIGH 3.7.1 3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java CVE-2022-3509 HIGH 3.7.1 3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java CVE-2022-3509 HIGH 3.7.1 3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java CVE-2022-3510 HIGH 3.7.1 3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java CVE-2022-3510 HIGH 3.7.1 3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java CVE-2022-3510 HIGH 3.7.1 3.16.3, 3.19.6, 3.20.3, 3.21.7
com.google.protobuf:protobuf-java CVE-2022-3171 MEDIUM 3.7.1 3.21.7, 3.20.3, 3.19.6, 3.16.3
com.google.protobuf:protobuf-java CVE-2022-3171 MEDIUM 3.7.1 3.21.7, 3.20.3, 3.19.6, 3.16.3
com.google.protobuf:protobuf-java CVE-2022-3171 MEDIUM 3.7.1 3.21.7, 3.20.3, 3.19.6, 3.16.3
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 MEDIUM 9.8.1 9.37.2
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 MEDIUM 9.8.1 9.37.2
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 MEDIUM 9.8.1 9.37.2
com.squareup.okio:okio CVE-2023-3635 MEDIUM 1.14.0 3.4.0, 1.17.6
com.squareup.okio:okio CVE-2023-3635 MEDIUM 1.6.0 3.4.0, 1.17.6
com.squareup.okio:okio CVE-2023-3635 MEDIUM 1.6.0 3.4.0, 1.17.6
com.squareup.okio:okio CVE-2023-3635 MEDIUM 1.6.0 3.4.0, 1.17.6
com.squareup.okio:okio-jvm CVE-2023-3635 MEDIUM 3.2.0 3.4.0
com.squareup.okio:okio-jvm CVE-2023-3635 MEDIUM 3.2.0 3.4.0
commons-net:commons-net CVE-2021-37533 MEDIUM 3.6 3.9.0
commons-net:commons-net CVE-2021-37533 MEDIUM 3.6 3.9.0
commons-net:commons-net CVE-2021-37533 MEDIUM 3.6 3.9.0
dnsjava:dnsjava CVE-2024-25638 HIGH 2.1.7 3.6.0
dnsjava:dnsjava CVE-2024-25638 HIGH 2.1.7 3.6.0
dnsjava:dnsjava CVE-2024-25638 HIGH 2.1.7 3.6.0
dnsjava:dnsjava GHSA-crjg-w57m-rqqf MEDIUM 2.1.7 3.6.0
dnsjava:dnsjava GHSA-crjg-w57m-rqqf MEDIUM 2.1.7 3.6.0
dnsjava:dnsjava GHSA-crjg-w57m-rqqf MEDIUM 2.1.7 3.6.0
dnsjava:dnsjava GHSA-mmwx-rj87-vfgr MEDIUM 2.1.7 3.6.0
dnsjava:dnsjava GHSA-mmwx-rj87-vfgr MEDIUM 2.1.7 3.6.0
dnsjava:dnsjava GHSA-mmwx-rj87-vfgr MEDIUM 2.1.7 3.6.0
io.airlift:aircompressor CVE-2024-36114 HIGH 0.21 0.27
io.netty:netty CVE-2019-20444 CRITICAL 3.7.0.Final 4.0.0
io.netty:netty CVE-2019-20444 CRITICAL 3.7.0.Final 4.0.0
io.netty:netty CVE-2015-2156 HIGH 3.7.0.Final 3.10.3.Final, 3.9.8.Final
io.netty:netty CVE-2015-2156 HIGH 3.7.0.Final 3.10.3.Final, 3.9.8.Final
io.netty:netty CVE-2021-37136 HIGH 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-37136 HIGH 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-37137 HIGH 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-37137 HIGH 3.7.0.Final 4.0.0
io.netty:netty CVE-2014-0193 MEDIUM 3.7.0.Final 3.6.9.Final, 3.7.1.Final, 3.8.2.Final, 3.9.1.Final, 4.0.19.Final
io.netty:netty CVE-2014-0193 MEDIUM 3.7.0.Final 3.6.9.Final, 3.7.1.Final, 3.8.2.Final, 3.9.1.Final, 4.0.19.Final
io.netty:netty CVE-2019-20445 MEDIUM 3.7.0.Final 4.0.0
io.netty:netty CVE-2019-20445 MEDIUM 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-21290 MEDIUM 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-21290 MEDIUM 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-21295 MEDIUM 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-21295 MEDIUM 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-21409 MEDIUM 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-21409 MEDIUM 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-43797 MEDIUM 3.7.0.Final 4.0.0
io.netty:netty CVE-2021-43797 MEDIUM 3.7.0.Final 4.0.0
io.netty:netty-codec CVE-2021-37136 HIGH 4.1.61.Final 4.1.68.Final
io.netty:netty-codec CVE-2021-37137 HIGH 4.1.61.Final 4.1.68.Final
io.netty:netty-codec-http CVE-2021-43797 MEDIUM 4.1.61.Final 4.1.71.Final
io.netty:netty-codec-http CVE-2022-24823 MEDIUM 4.1.61.Final 4.1.77.Final
io.netty:netty-codec-http CVE-2024-29025 MEDIUM 4.1.61.Final 4.1.108.Final
io.netty:netty-handler CVE-2023-34462 MEDIUM 4.1.61.Final 4.1.94.Final
io.netty:netty-handler CVE-2023-34462 MEDIUM 4.1.74.Final 4.1.94.Final
net.minidev:json-smart CVE-2021-31684 HIGH 1.3.2 1.3.3, 2.4.4
net.minidev:json-smart CVE-2021-31684 HIGH 1.3.2 1.3.3, 2.4.4
net.minidev:json-smart CVE-2021-31684 HIGH 1.3.2 1.3.3, 2.4.4
net.minidev:json-smart CVE-2023-1370 HIGH 1.3.2 2.4.9
net.minidev:json-smart CVE-2023-1370 HIGH 1.3.2 2.4.9
net.minidev:json-smart CVE-2023-1370 HIGH 1.3.2 2.4.9
org.apache.avro:avro CVE-2023-39410 HIGH 1.11.0 1.11.3
org.apache.avro:avro CVE-2023-39410 HIGH 1.7.7 1.11.3
org.apache.avro:avro CVE-2023-39410 HIGH 1.7.7 1.11.3
org.apache.avro:avro CVE-2023-39410 HIGH 1.7.7 1.11.3
org.apache.commons:commons-compress CVE-2024-25710 HIGH 1.21 1.26.0
org.apache.commons:commons-compress CVE-2024-25710 HIGH 1.21 1.26.0
org.apache.commons:commons-compress CVE-2024-25710 HIGH 1.21 1.26.0
org.apache.commons:commons-compress CVE-2024-26308 MEDIUM 1.21 1.26.0
org.apache.commons:commons-compress CVE-2024-26308 MEDIUM 1.21 1.26.0
org.apache.commons:commons-compress CVE-2024-26308 MEDIUM 1.21 1.26.0
org.apache.commons:commons-configuration2 CVE-2024-29131 MEDIUM 2.1.1 2.10.1
org.apache.commons:commons-configuration2 CVE-2024-29131 MEDIUM 2.1.1 2.10.1
org.apache.commons:commons-configuration2 CVE-2024-29131 MEDIUM 2.1.1 2.10.1
org.apache.commons:commons-configuration2 CVE-2024-29133 MEDIUM 2.1.1 2.10.1
org.apache.commons:commons-configuration2 CVE-2024-29133 MEDIUM 2.1.1 2.10.1
org.apache.commons:commons-configuration2 CVE-2024-29133 MEDIUM 2.1.1 2.10.1
org.apache.derby:derby CVE-2022-46337 CRITICAL 10.14.2.0 10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0
org.apache.hadoop:hadoop-common CVE-2022-25168 CRITICAL 3.3.2 2.10.2, 3.2.4, 3.3.3
org.apache.hadoop:hadoop-common CVE-2022-25168 CRITICAL 3.3.2 2.10.2, 3.2.4, 3.3.3
org.apache.hadoop:hadoop-common CVE-2022-25168 CRITICAL 3.3.2 2.10.2, 3.2.4, 3.3.3
org.apache.ivy:ivy CVE-2022-46751 HIGH 2.5.1 2.5.2
org.apache.mesos:mesos CVE-2018-1330 HIGH 1.4.3 1.6.0
org.apache.mesos:mesos CVE-2018-1330 HIGH 1.4.3-shaded-protobuf 1.6.0
org.apache.thrift:libthrift CVE-2019-0205 HIGH 0.12.0 0.13.0
org.apache.thrift:libthrift CVE-2020-13949 HIGH 0.12.0 0.14.0
org.apache.zookeeper:zookeeper CVE-2023-44981 CRITICAL 3.4.8 3.7.2, 3.8.3, 3.9.1
org.apache.zookeeper:zookeeper CVE-2023-44981 CRITICAL 3.4.8 3.7.2, 3.8.3, 3.9.1
org.apache.zookeeper:zookeeper CVE-2017-5637 HIGH 3.4.8 3.4.10, 3.5.3
org.apache.zookeeper:zookeeper CVE-2017-5637 HIGH 3.4.8 3.4.10, 3.5.3
org.apache.zookeeper:zookeeper CVE-2018-8012 HIGH 3.4.8 3.4.10, 3.5.4-beta
org.apache.zookeeper:zookeeper CVE-2018-8012 HIGH 3.4.8 3.4.10, 3.5.4-beta
org.apache.zookeeper:zookeeper CVE-2019-0201 MEDIUM 3.4.8 3.4.14, 3.5.5
org.apache.zookeeper:zookeeper CVE-2019-0201 MEDIUM 3.4.8 3.4.14, 3.5.5
org.apache.zookeeper:zookeeper CVE-2023-44981 CRITICAL 3.6.2 3.7.2, 3.8.3, 3.9.1
org.apache.zookeeper:zookeeper CVE-2023-44981 CRITICAL 3.6.2 3.7.2, 3.8.3, 3.9.1
org.apache.zookeeper:zookeeper CVE-2024-23944 MEDIUM 3.6.2 3.8.4, 3.9.2
org.apache.zookeeper:zookeeper CVE-2024-23944 MEDIUM 3.6.2 3.8.4, 3.9.2
org.eclipse.jetty:jetty-http CVE-2023-40167 MEDIUM 9.4.43.v20210629 9.4.52, 10.0.16, 11.0.16, 12.0.1
org.eclipse.jetty:jetty-http CVE-2023-40167 MEDIUM 9.4.43.v20210629 9.4.52, 10.0.16, 11.0.16, 12.0.1
org.eclipse.jetty:jetty-http CVE-2023-40167 MEDIUM 9.4.43.v20210629 9.4.52, 10.0.16, 11.0.16, 12.0.1
org.eclipse.jetty:jetty-http CVE-2022-2047 LOW 9.4.43.v20210629 9.4.47, 10.0.10, 11.0.10
org.eclipse.jetty:jetty-http CVE-2022-2047 LOW 9.4.43.v20210629 9.4.47, 10.0.10, 11.0.10
org.eclipse.jetty:jetty-http CVE-2022-2047 LOW 9.4.43.v20210629 9.4.47, 10.0.10, 11.0.10
org.eclipse.jetty:jetty-http CVE-2023-40167 MEDIUM 9.4.48.v20220622 9.4.52, 10.0.16, 11.0.16, 12.0.1
org.eclipse.jetty:jetty-server CVE-2023-26048 MEDIUM 9.4.48.v20220622 9.4.51.v20230217, 10.0.14, 11.0.14
org.eclipse.jetty:jetty-server CVE-2023-26049 LOW 9.4.48.v20220622 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0
org.eclipse.jetty:jetty-servlets CVE-2023-36479 LOW 9.4.48.v20220622 9.4.52, 10.0.16, 11.0.16
org.eclipse.jetty:jetty-xml GHSA-58qw-p7qm-5rvh LOW 9.4.43.v20210629 10.0.16, 11.0.16, 12.0.0, 9.4.52
org.eclipse.jetty:jetty-xml GHSA-58qw-p7qm-5rvh LOW 9.4.43.v20210629 10.0.16, 11.0.16, 12.0.0, 9.4.52
org.eclipse.jetty:jetty-xml GHSA-58qw-p7qm-5rvh LOW 9.4.43.v20210629 10.0.16, 11.0.16, 12.0.0, 9.4.52
org.hibernate.validator:hibernate-validator CVE-2020-10693 MEDIUM 6.0.13.Final 6.1.5.Final, 6.0.20.Final
org.hibernate.validator:hibernate-validator CVE-2020-10693 MEDIUM 6.0.13.Final 6.1.5.Final, 6.0.20.Final
org.hibernate.validator:hibernate-validator CVE-2020-10693 MEDIUM 6.0.13.Final 6.1.5.Final, 6.0.20.Final
org.json:json CVE-2022-45688 HIGH 20220924 20230227
org.json:json CVE-2022-45688 HIGH 20220924 20230227
org.json:json CVE-2022-45688 HIGH 20220924 20230227
org.json:json CVE-2023-5072 HIGH 20220924 20231013
org.json:json CVE-2023-5072 HIGH 20220924 20231013
org.json:json CVE-2023-5072 HIGH 20220924 20231013
org.xerial.snappy:snappy-java CVE-2023-34455 HIGH 1.1.8.4 1.1.10.1
org.xerial.snappy:snappy-java CVE-2023-34455 HIGH 1.1.8.4 1.1.10.1
org.xerial.snappy:snappy-java CVE-2023-34455 HIGH 1.1.8.4 1.1.10.1
org.xerial.snappy:snappy-java CVE-2023-43642 HIGH 1.1.8.4 1.1.10.4
org.xerial.snappy:snappy-java CVE-2023-43642 HIGH 1.1.8.4 1.1.10.4
org.xerial.snappy:snappy-java CVE-2023-43642 HIGH 1.1.8.4 1.1.10.4
org.xerial.snappy:snappy-java CVE-2023-34453 MEDIUM 1.1.8.4 1.1.10.1
org.xerial.snappy:snappy-java CVE-2023-34453 MEDIUM 1.1.8.4 1.1.10.1
org.xerial.snappy:snappy-java CVE-2023-34453 MEDIUM 1.1.8.4 1.1.10.1
org.xerial.snappy:snappy-java CVE-2023-34454 MEDIUM 1.1.8.4 1.1.10.1
org.xerial.snappy:snappy-java CVE-2023-34454 MEDIUM 1.1.8.4 1.1.10.1
org.xerial.snappy:snappy-java CVE-2023-34454 MEDIUM 1.1.8.4 1.1.10.1
org.yaml:snakeyaml CVE-2022-1471 HIGH 1.31 2.0
org.yaml:snakeyaml CVE-2022-38752 MEDIUM 1.31 1.32
org.yaml:snakeyaml CVE-2022-41854 MEDIUM 1.31 1.32
software.amazon.ion:ion-java CVE-2024-21634 HIGH 1.0.2 1.10.5

No Misconfigurations found

Python

4 known vulnerabilities found (CRITICAL: 0 HIGH: 2 MEDIUM: 2 LOW: 0)

Show detailed table of vulnerabilities
Package ID Severity Installed Version Fixed Version
pip CVE-2023-5752 MEDIUM 21.3.1 23.3
pip CVE-2023-5752 MEDIUM 21.3.1 23.3
setuptools CVE-2024-6345 HIGH 65.7.0 70.0.0
setuptools CVE-2024-6345 HIGH 65.7.0 70.0.0

No Misconfigurations found

opt/bitnami/java

No Vulnerabilities found

No Misconfigurations found

opt/bitnami/python

13 known vulnerabilities found (CRITICAL: 0 HIGH: 6 MEDIUM: 5 LOW: 2)

Show detailed table of vulnerabilities
Package ID Severity Installed Version Fixed Version
pip CVE-2023-5752 LOW 21.3.1 23.3.0
python CVE-2023-36632 HIGH 3.9.17 3.11.4
python CVE-2023-6597 HIGH 3.9.17 3.12.3, 3.11.9, 3.10.14, 3.9.19, 3.8.19
python CVE-2024-0397 HIGH 3.9.17 3.12.3, 3.11.9, 3.10.14
python CVE-2024-4032 HIGH 3.9.17 3.12.4
python CVE-2024-7592 HIGH 3.9.17 3.13.0
python CVE-2023-27043 MEDIUM 3.9.17 2.7.18, 3.11.0
python CVE-2023-40217 MEDIUM 3.9.17 3.8.18, 3.9.18, 3.10.13, 3.11.5
python CVE-2024-0450 MEDIUM 3.9.17 3.12.3, 3.11.9, 3.10.14, 3.9.19, 3.8.19
python CVE-2024-6923 MEDIUM 3.9.17 3.12.5
python CVE-2024-8088 MEDIUM 3.9.17 3.13.0
python CVE-2024-5642 LOW 3.9.17 3.10.0
setuptools CVE-2024-6345 HIGH 65.7.0 70.0.0

No Misconfigurations found

opt/bitnami/spark

No Vulnerabilities found

No Misconfigurations found