Fixing vulnerabilities in Docker images

e-mission / em-public-dashboard

A simple and stupid public dashboard prototype.

BSD 3-Clause "New" or "Revised" License

1 stars 23 forks source link

Fixing vulnerabilities in Docker images #98

Closed MukuFlash03 closed 11 months ago

MukuFlash03 commented 11 months ago

Critical vulnerability - busybox

Fixed by upgrading system package to required version.

High vulnerability - semver

Need to upgrade node npm package depedency.
Fixed in following commits.

10/13/23 - Found 2 additional vulnerabilities in Docker images:

urllib3 - [FIXED] by removing stale versions; latest new fixed version was already present. libc6 - buffer overflow issue mentioned - however no remediation provided as yet.

shankari commented 11 months ago

@MukuFlash03 I'm going to squash merge this to clean up the reversions. Please account for that when you pull.