You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Could you please create a new Docker image? kishwars/pepper_deepvariant:r0.8 has a number of vulnerabilities flagged as critical and high by our security scanner. I can't deploy anything that is flagged at those levels. Or if you could share the Dockerfile used to create this image I can take a crack at it myself.
Evaluation results
- go vulnerabilities:package CRITICAL Vulnerability found in non-os package type (binary) - /opt/conda/bin/python3.9 (CVE-2015-20107 - https://nvd.nist.gov/vuln/detail/CVE-2015-20107)
- go vulnerabilities:package CRITICAL Vulnerability found in non-os package type (binary) - /opt/conda/bin/python3.9 (CVE-2019-12900 - https://nvd.nist.gov/vuln/detail/CVE-2019-12900)
- stop vulnerabilities:package CRITICAL Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2021-29921 - https://nvd.nist.gov/vuln/detail/CVE-2021-29921)
- stop vulnerabilities:package CRITICAL Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2020-27619 - https://nvd.nist.gov/vuln/detail/CVE-2020-27619)
- stop vulnerabilities:package CRITICAL Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2021-3177 - https://nvd.nist.gov/vuln/detail/CVE-2021-3177)
- go vulnerabilities:package CRITICAL Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2015-20107 - https://nvd.nist.gov/vuln/detail/CVE-2015-20107)
- go vulnerabilities:package CRITICAL Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2019-12900 - https://nvd.nist.gov/vuln/detail/CVE-2019-12900)
- stop vulnerabilities:package CRITICAL Vulnerability found in non-os package type (python) - /usr/local/lib/python3.8/dist-packages/Pillow (CVE-2022-22817 - https://nvd.nist.gov/vuln/detail/CVE-2022-22817)
- stop vulnerabilities:package CRITICAL Vulnerability found in non-os package type (python) - /usr/local/lib/python3.8/dist-packages/Pillow (CVE-2022-24303 - https://nvd.nist.gov/vuln/detail/CVE-2022-24303)
- stop vulnerabilities:package CRITICAL Vulnerability found in non-os package type (python) - /usr/local/lib/python3.8/dist-packages/Pillow (VULNDB-278400 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-278400)
- stop vulnerabilities:package CRITICAL Vulnerability found in non-os package type (python) - /usr/local/lib/python3.8/dist-packages/protobuf (VULNDB-243350 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-243350)
- stop vulnerabilities:package CRITICAL Vulnerability found in non-os package type (python) - /usr/local/lib/python3.8/dist-packages/protobuf (VULNDB-243351 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-243351)
- stop vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /opt/conda/bin/python3.9 (fixed in: 3.10.3, 3.7.13, 3.8.13, 3.9.11)(VULNDB-284248 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-284248)
- stop vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (fixed in: 3.8.3rc1, 3.7.8rc1, 3.6.11, 3.7.8, 3.6.11rc1, 3.5.10rc1)(VULNDB-222554 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-222554)
- stop vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (fixed in: 3.6.12, 3.7.9, 3.5.10rc1)(VULNDB-232139 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-232139)
- stop vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (fixed in: 3.9.5)(VULNDB-255505 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-255505)
- stop vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (fixed in: 3.10.3, 3.7.13, 3.8.13, 3.9.11)(VULNDB-284248 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-284248)
- stop vulnerabilities:package HIGH Vulnerability found in non-os package type (python) - /usr/local/lib/python3.8/dist-packages/Pillow (fixed in: 9.0.0)(VULNDB-278401 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-278401)
- stop vulnerabilities:package HIGH Vulnerability found in non-os package type (python) - /usr/local/lib/python3.8/dist-packages/Pillow (fixed in: 9.0.0)(VULNDB-278565 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-278565)
- stop vulnerabilities:package HIGH Vulnerability found in non-os package type (python) - /usr/local/lib/python3.8/dist-packages/Pillow (fixed in: 9.0.0)(VULNDB-277515 - http://sysdigcloud-anchore-api:8228/v1/query/vulnerabilities?id=VULNDB-277515)
- warn vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /opt/conda/bin/python3.9 (CVE-2021-3737 - https://nvd.nist.gov/vuln/detail/CVE-2021-3737)
- warn vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /opt/conda/bin/python3.9 (CVE-2018-25032 - https://nvd.nist.gov/vuln/detail/CVE-2018-25032)
- warn vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /opt/conda/bin/python3.9 (CVE-2021-28861 - https://nvd.nist.gov/vuln/detail/CVE-2021-28861)
- warn vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2020-26116 - https://nvd.nist.gov/vuln/detail/CVE-2020-26116)
- warn vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2022-0391 - https://nvd.nist.gov/vuln/detail/CVE-2022-0391)
- warn vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2021-3737 - https://nvd.nist.gov/vuln/detail/CVE-2021-3737)
- warn vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2019-20907 - https://nvd.nist.gov/vuln/detail/CVE-2019-20907)
- warn vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2021-28861 - https://nvd.nist.gov/vuln/detail/CVE-2021-28861)
- warn vulnerabilities:package HIGH Vulnerability found in non-os package type (binary) - /usr/local/lib/python3.8/dist-packages/tensorflow/include/external/local_config_python/python_include/patchlevel.h (CVE-2018-25032 - https://nvd.nist.gov/vuln/detail/CVE-2018-25032)
- warn vulnerabilities:package HIGH Vulnerability found in non-os package type (python) - /usr/local/lib/python3.8/dist-packages/ipython (CVE-2022-21699 - https://nvd.nist.gov/vuln/detail/CVE-2022-21699)
- warn secret_scans:content_regex_checks Secret content search analyzer found regexp match in container: file=/usr/local/lib/python3.8/dist-packages/future/backports/test/badcert.pem regexp=PRIV_KEY=(?i)-+BEGIN(.*)PRIVATE KEY-+
- warn secret_scans:content_regex_checks Secret content search analyzer found regexp match in container: file=/usr/local/lib/python3.8/dist-packages/future/backports/test/badkey.pem regexp=PRIV_KEY=(?i)-+BEGIN(.*)PRIVATE KEY-+
- warn secret_scans:content_regex_checks Secret content search analyzer found regexp match in container: file=/usr/local/lib/python3.8/dist-packages/future/backports/test/keycert2.pem regexp=PRIV_KEY=(?i)-+BEGIN(.*)PRIVATE KEY-+
- warn secret_scans:content_regex_checks Secret content search analyzer found regexp match in container: file=/usr/local/lib/python3.8/dist-packages/future/backports/test/keycert.passwd.pem regexp=PRIV_KEY=(?i)-+BEGIN(.*)PRIVATE KEY-+
- warn secret_scans:content_regex_checks Secret content search analyzer found regexp match in container: file=/usr/local/lib/python3.8/dist-packages/future/backports/test/keycert.pem regexp=PRIV_KEY=(?i)-+BEGIN(.*)PRIVATE KEY-+
- warn secret_scans:content_regex_checks Secret content search analyzer found regexp match in container: file=/usr/local/lib/python3.8/dist-packages/future/backports/test/ssl_key.passwd.pem regexp=PRIV_KEY=(?i)-+BEGIN(.*)PRIVATE KEY-+
- warn secret_scans:content_regex_checks Secret content search analyzer found regexp match in container: file=/usr/local/lib/python3.8/dist-packages/future/backports/test/ssl_key.pem regexp=PRIV_KEY=(?i)-+BEGIN(.*)PRIVATE KEY-+
- warn secret_scans:content_regex_checks Secret content search analyzer found regexp match in container: file=/usr/local/lib/python3.8/dist-packages/tornado/test/test.key regexp=PRIV_KEY=(?i)-+BEGIN(.*)PRIVATE KEY-+
The text was updated successfully, but these errors were encountered:
Hello,
Could you please create a new Docker image? kishwars/pepper_deepvariant:r0.8 has a number of vulnerabilities flagged as critical and high by our security scanner. I can't deploy anything that is flagged at those levels. Or if you could share the Dockerfile used to create this image I can take a crack at it myself.
It looks like the issues are in
python 3.8
python 3.9
tensorflow
pillow
protobuf
ipython
Thanks!
The text was updated successfully, but these errors were encountered: