To Reproduce
Use Docker Scout or a similar CVE scanner to check the stable image.
Expected behavior
It's not entirely unreasonable for there to be some CVEs found within the dependencies, but since there hasn't been an update to the image in 7 months many of these vulnerabilities are likely very easily fixed with some dependency bumps.
Perhaps dependabot or a similar tool with some CI steps to automate the deployments could help reduce the time cost with updating the images moving forward keeping this project healthier?
Describe the bug There are several known CVEs found within the dependencies of the
https://quay.io/repository/mittwald/kube-httpcache/manifest/sha256:ed153b482be398b8d979cf4983b1936a97ca734837aac588e4e5e2f3fca58cbe?tab=vulnerabilities&fixable=true
stableimage.To Reproduce Use Docker Scout or a similar CVE scanner to check the stable image.
Expected behavior It's not entirely unreasonable for there to be some CVEs found within the dependencies, but since there hasn't been an update to the image in 7 months many of these vulnerabilities are likely very easily fixed with some dependency bumps.
Perhaps dependabot or a similar tool with some CI steps to automate the deployments could help reduce the time cost with updating the images moving forward keeping this project healthier?