search

microsoft / mssql-docker

Official Microsoft repository for SQL Server in Docker resources
MIT License
1.74k stars 760 forks source link

Security vulnerabilites identified in sqlserver linux docker image #866

Open wong0703 opened 10 months ago

wong0703 commented 10 months ago

Docker container scan has identified following CVE's in sqlserver image, using Trivy and Grype. Is there any plan to remediate the findings (especially for those with medium severity) or are there any alternate solutions we can look forward to? Many thanks!

Image dated as of 16 Nov 2023 (mssql/server:2022-latest)

Finding severity
CVE-2016-20013 LOW
CVE-2016-2781 LOW
CVE-2017-11164 LOW
CVE-2022-27943 LOW
CVE-2022-3219 LOW
CVE-2022-36227 LOW
CVE-2022-3715 LOW
CVE-2022-46908 LOW
CVE-2022-48522 LOW
CVE-2022-4899 LOW
CVE-2023-29383 LOW
CVE-2023-2953 LOW
CVE-2023-3326 LOW
CVE-2023-39128 LOW
CVE-2023-39129 LOW
CVE-2023-39130 LOW
CVE-2023-4016 LOW
CVE-2023-4806 LOW
CVE-2023-4813 LOW
CVE-2021-3530 LOW
CVE-2020-22916 MEDIUM
CVE-2021-31879 MEDIUM
CVE-2023-27043 MEDIUM
CVE-2023-36054 MEDIUM
CVE-2023-39804 MEDIUM
CVE-2023-40217 MEDIUM
CVE-2023-44487 MEDIUM
CVE-2023-46218 MEDIUM
CVE-2023-47038 MEDIUM
CVE-2023-48795 MEDIUM
CVE-2023-5156 MEDIUM
CVE-2023-5981 MEDIUM

Regards Wong