1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65
| Testing hashicorp/terraform:0.14.2...
✗ Medium severity vulnerability found in openssl/libcrypto1.1 Description: NULL Pointer Dereference Info: https://snyk.io/vuln/SNYK-ALPINE312-OPENSSL-1050745 Introduced through: openssl/libcrypto1.1@1.1.1g-r0, openssl/libssl1.1@1.1.1g-r0, apk-tools/apk-tools@2.10.5-r1, libtls-standalone/libtls-standalone@2.9.1-r1, ca-certificates/ca-certificates@20191127-r4, curl/libcurl@7.69.1-r1, openssh/openssh-client@8.3_p1-r0, openssh/openssh-server@8.3_p1-r0, openssh/openssh-sftp-server@8.3_p1-r0, openssh/openssh@8.3_p1-r0, openssh/openssh-keygen@8.3_p1-r0 From: openssl/libcrypto1.1@1.1.1g-r0 From: openssl/libssl1.1@1.1.1g-r0 > openssl/libcrypto1.1@1.1.1g-r0 From: apk-tools/apk-tools@2.10.5-r1 > openssl/libcrypto1.1@1.1.1g-r0 and 12 more... Fixed in: 1.1.1i-r0
✗ Medium severity vulnerability found in openssh/openssh-client Description: Information Exposure Info: https://snyk.io/vuln/SNYK-ALPINE312-OPENSSH-1051927 Introduced through: openssh/openssh-client@8.3_p1-r0, openssh/openssh@8.3_p1-r0, openssh/openssh-server@8.3_p1-r0, openssh/openssh-sftp-server@8.3_p1-r0, openssh/openssh-keygen@8.3_p1-r0, openssh/openssh-server-common@8.3_p1-r0 From: openssh/openssh-client@8.3_p1-r0 From: openssh/openssh@8.3_p1-r0 > openssh/openssh-client@8.3_p1-r0 From: openssh/openssh-server@8.3_p1-r0 and 9 more... Fixed in: 8.3_p1-r1
✗ Medium severity vulnerability found in musl/musl Description: Out-of-bounds Write Info: https://snyk.io/vuln/SNYK-ALPINE312-MUSL-1042762 Introduced through: musl/musl@1.1.24-r9, busybox/busybox@1.31.1-r19, alpine-baselayout/alpine-baselayout@3.2.0-r7, openssl/libcrypto1.1@1.1.1g-r0, openssl/libssl1.1@1.1.1g-r0, zlib/zlib@1.2.11-r3, apk-tools/apk-tools@2.10.5-r1, libtls-standalone/libtls-standalone@2.9.1-r1, busybox/ssl_client@1.31.1-r19, ca-certificates/ca-certificates@20191127-r4, nghttp2/nghttp2-libs@1.41.0-r0, curl/libcurl@7.69.1-r1, expat/expat@2.2.9-r1, pcre2/pcre2@10.35-r0, git/git@2.26.2-r0, musl/musl-utils@1.1.24-r9, ncurses/ncurses-libs@6.2_p20200523-r0, libedit/libedit@20191231.3.1-r0, pax-utils/scanelf@1.2.6-r0, openssh/openssh-client@8.3_p1-r0, openssh/openssh-server@8.3_p1-r0, openssh/openssh-sftp-server@8.3_p1-r0, openssh/openssh@8.3_p1-r0, openssh/openssh-keygen@8.3_p1-r0, libc-dev/libc-utils@0.7.2-r3 From: musl/musl@1.1.24-r9 From: busybox/busybox@1.31.1-r19 > musl/musl@1.1.24-r9 From: alpine-baselayout/alpine-baselayout@3.2.0-r7 > musl/musl@1.1.24-r9 and 23 more... Fixed in: 1.1.24-r10
✗ High severity vulnerability found in curl/libcurl Description: Use After Free Info: https://snyk.io/vuln/SNYK-ALPINE312-CURL-1050049 Introduced through: curl/libcurl@7.69.1-r1, git/git@2.26.2-r0 From: curl/libcurl@7.69.1-r1 From: git/git@2.26.2-r0 > curl/libcurl@7.69.1-r1 Fixed in: 7.69.1-r2
✗ High severity vulnerability found in curl/libcurl Description: Out-of-bounds Write Info: https://snyk.io/vuln/SNYK-ALPINE312-CURL-1050731 Introduced through: curl/libcurl@7.69.1-r1, git/git@2.26.2-r0 From: curl/libcurl@7.69.1-r1 From: git/git@2.26.2-r0 > curl/libcurl@7.69.1-r1 Fixed in: 7.69.1-r3
✗ High severity vulnerability found in curl/libcurl Description: Improper Certificate Validation Info: https://snyk.io/vuln/SNYK-ALPINE312-CURL-1050732 Introduced through: curl/libcurl@7.69.1-r1, git/git@2.26.2-r0 From: curl/libcurl@7.69.1-r1 From: git/git@2.26.2-r0 > curl/libcurl@7.69.1-r1 Fixed in: 7.69.1-r3
Organization: undefined Package manager: apk Project name: docker-image|hashicorp/terraform Docker image: hashicorp/terraform:0.14.2 Platform: linux/amd64
Tested 29 dependencies for known vulnerabilities, found 6 vulnerabilities.
For more free scans that keep your images secure, sign up to Snyk at https://dockr.ly/3ePqVcp
|