New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerabilities in version redash/redash:10.1.0.b50633 #13

Open

phillipjohnson opened this issue Mar 23, 2022 · 1 comment

phillipjohnson commented Mar 23, 2022

Trivy is reporting the following number of vulnerabilities for the version 10.1.0.b50633.

trivy image -s HIGH,CRITICAL redash/redash:10.1.0.b50633

redash/redash:10.1.0.b50633 (debian 10.11)
==========================================
Total: 194 (HIGH: 165, CRITICAL: 29)

Node.js (node-pkg)
==================
Total: 0 (HIGH: 0, CRITICAL: 0)


Python (python-pkg)
===================
Total: 9 (HIGH: 5, CRITICAL: 4)

Would it be possible to bump some of the underlying image layers in a new release to get these numbers down?

The text was updated successfully, but these errors were encountered:

superwesman commented May 26, 2022

@phillipjohnson - thanks for your comment on my related post ...

https://discuss.redash.io/t/what-to-do-about-hundreds-of-cve-reported-by-scanning-redash-container/10523

I was not aware of trivy - very cool. appreciate the tip on that too 🫡

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment