Created
September 7, 2024 14:39
-
-
Save castrojo/2209647b21ec733346c8a9a6fb36f57a to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jorge@exo ~ | |
| ❯ grype docker.io/library/ubuntu:latest | |
| ⠦ Vulnerability DB ━━━━━━━━━━━━━━━━━━━━ [validating] | |
| ✔ Loaded image index.docker.io/library/ubuntu:latest | |
| ✔ Parsed image sha256:edbfe74c41f8a3501ce542e137cf28ea04dd03e6df8c9d66519b6ad761c2598a | |
| ✔ Cataloged contents 0e561039576c19dde14168c53775ee33f6a2bddc4aad62ea3fdcd699369b1e85 | |
| ✔ Vulnerability DB [updated] | |
| ✔ Loaded image index.docker.io/library/ubuntu:latest | |
| ✔ Parsed image sha256:edbfe74c41f8a3501ce542e137cf28ea04dd03e6df8c9d66519b6ad761c2598a | |
| ✔ Cataloged contents 0e561039576c19dde14168c53775ee33f6a2bddc4aad62ea3fdcd699369b1e85 | |
| ├── ✔ Packages [91 packages] | |
| ├── ✔ File digests [2,038 files] | |
| ├── ✔ File metadata [2,038 locations] | |
| └── ✔ Executables [722 executables] | |
| ✔ Scanned for vulnerabilities [8 vulnerability matches] | |
| ├── by severity: 0 critical, 0 high, 3 medium, 3 low, 2 negligible | |
| └── by status: 1 fixed, 7 not-fixed, 0 ignored | |
| NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY | |
| coreutils 9.4-3ubuntu6 deb CVE-2016-2781 Low | |
| gpgv 2.4.4-2ubuntu17 deb CVE-2022-3219 Low | |
| libc-bin 2.39-0ubuntu8.2 deb CVE-2016-20013 Negligible | |
| libc6 2.39-0ubuntu8.2 deb CVE-2016-20013 Negligible | |
| libgcrypt20 1.10.3-2build1 deb CVE-2024-2236 Medium | |
| libpcre2-8-0 10.42-4ubuntu2 deb CVE-2022-41409 Low | |
| libssl3t64 3.0.13-0ubuntu3.2 3.0.13-0ubuntu3.4 deb CVE-2024-6119 Medium | |
| libssl3t64 3.0.13-0ubuntu3.2 deb CVE-2024-41996 Medium | |
| jorge@exo ~ took 6s | |
| ❯ grype docker.io/library/debian:latest | |
| ✔ Vulnerability DB [no update available] | |
| ✔ Pulled image | |
| ✔ Loaded image index.docker.io/library/debian:latest | |
| ✔ Parsed image sha256:4fd3f4b75df372cc4fd60fd5c133c666cf4738ca0973523513f564076395f8ad | |
| ✔ Cataloged contents 7ba778ccd7f52b790db76d5f01b931953b8a08c9f0e4b2c8e00488b73ca2be64 | |
| ├── ✔ Packages [88 packages] | |
| ├── ✔ File digests [4,732 files] | |
| ├── ✔ File metadata [4,732 locations] | |
| └── ✔ Executables [694 executables] | |
| ✔ Scanned for vulnerabilities [67 vulnerability matches] | |
| ├── by severity: 1 critical, 1 high, 13 medium, 3 low, 46 negligible (3 unknown) | |
| └── by status: 0 fixed, 67 not-fixed, 0 ignored | |
| NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY | |
| apt 2.6.1 deb CVE-2011-3374 Negligible | |
| bsdutils 1:2.38.1-5+deb12u1 deb CVE-2022-0563 Negligible | |
| coreutils 9.1-1 (won't fix) deb CVE-2016-2781 Low | |
| coreutils 9.1-1 deb CVE-2017-18018 Negligible | |
| gcc-12-base 12.2.0-14 (won't fix) deb CVE-2023-4039 Medium | |
| gcc-12-base 12.2.0-14 deb CVE-2022-27943 Negligible | |
| gpgv 2.2.40-1.1 deb CVE-2022-3219 Negligible | |
| libapt-pkg6.0 2.6.1 deb CVE-2011-3374 Negligible | |
| libblkid1 2.38.1-5+deb12u1 deb CVE-2022-0563 Negligible | |
| libc-bin 2.36-9+deb12u8 deb CVE-2019-9192 Negligible | |
| libc-bin 2.36-9+deb12u8 deb CVE-2019-1010025 Negligible | |
| libc-bin 2.36-9+deb12u8 deb CVE-2019-1010024 Negligible | |
| libc-bin 2.36-9+deb12u8 deb CVE-2019-1010023 Negligible | |
| libc-bin 2.36-9+deb12u8 deb CVE-2019-1010022 Negligible | |
| libc-bin 2.36-9+deb12u8 deb CVE-2018-20796 Negligible | |
| libc-bin 2.36-9+deb12u8 deb CVE-2010-4756 Negligible | |
| libc6 2.36-9+deb12u8 deb CVE-2019-9192 Negligible | |
| libc6 2.36-9+deb12u8 deb CVE-2019-1010025 Negligible | |
| libc6 2.36-9+deb12u8 deb CVE-2019-1010024 Negligible | |
| libc6 2.36-9+deb12u8 deb CVE-2019-1010023 Negligible | |
| libc6 2.36-9+deb12u8 deb CVE-2019-1010022 Negligible | |
| libc6 2.36-9+deb12u8 deb CVE-2018-20796 Negligible | |
| libc6 2.36-9+deb12u8 deb CVE-2010-4756 Negligible | |
| libgcc-s1 12.2.0-14 (won't fix) deb CVE-2023-4039 Medium | |
| libgcc-s1 12.2.0-14 deb CVE-2022-27943 Negligible | |
| libgcrypt20 1.10.1-3 (won't fix) deb CVE-2024-2236 Medium | |
| libgcrypt20 1.10.1-3 deb CVE-2018-6829 Negligible | |
| libgnutls30 3.7.9-2+deb12u3 deb CVE-2011-3389 Negligible | |
| libmount1 2.38.1-5+deb12u1 deb CVE-2022-0563 Negligible | |
| libpam-modules 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-22365 Medium | |
| libpam-modules-bin 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-22365 Medium | |
| libpam-runtime 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-22365 Medium | |
| libpam0g 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-22365 Medium | |
| libsmartcols1 2.38.1-5+deb12u1 deb CVE-2022-0563 Negligible | |
| libstdc++6 12.2.0-14 (won't fix) deb CVE-2023-4039 Medium | |
| libstdc++6 12.2.0-14 deb CVE-2022-27943 Negligible | |
| libsystemd0 252.30-1~deb12u2 deb CVE-2023-31439 Negligible | |
| libsystemd0 252.30-1~deb12u2 deb CVE-2023-31438 Negligible | |
| libsystemd0 252.30-1~deb12u2 deb CVE-2023-31437 Negligible | |
| libsystemd0 252.30-1~deb12u2 deb CVE-2013-4392 Negligible | |
| libtinfo6 6.4-4 (won't fix) deb CVE-2023-50495 Medium | |
| libtinfo6 6.4-4 (won't fix) deb CVE-2023-45918 Unknown | |
| libudev1 252.30-1~deb12u2 deb CVE-2023-31439 Negligible | |
| libudev1 252.30-1~deb12u2 deb CVE-2023-31438 Negligible | |
| libudev1 252.30-1~deb12u2 deb CVE-2023-31437 Negligible | |
| libudev1 252.30-1~deb12u2 deb CVE-2013-4392 Negligible | |
| libuuid1 2.38.1-5+deb12u1 deb CVE-2022-0563 Negligible | |
| login 1:4.13+dfsg1-1+b1 (won't fix) deb CVE-2023-4641 Medium | |
| login 1:4.13+dfsg1-1+b1 (won't fix) deb CVE-2023-29383 Low | |
| login 1:4.13+dfsg1-1+b1 deb CVE-2019-19882 Negligible | |
| login 1:4.13+dfsg1-1+b1 deb CVE-2007-5686 Negligible | |
| mount 2.38.1-5+deb12u1 deb CVE-2022-0563 Negligible | |
| ncurses-base 6.4-4 (won't fix) deb CVE-2023-50495 Medium | |
| ncurses-base 6.4-4 (won't fix) deb CVE-2023-45918 Unknown | |
| ncurses-bin 6.4-4 (won't fix) deb CVE-2023-50495 Medium | |
| ncurses-bin 6.4-4 (won't fix) deb CVE-2023-45918 Unknown | |
| passwd 1:4.13+dfsg1-1+b1 (won't fix) deb CVE-2023-4641 Medium | |
| passwd 1:4.13+dfsg1-1+b1 (won't fix) deb CVE-2023-29383 Low | |
| passwd 1:4.13+dfsg1-1+b1 deb CVE-2019-19882 Negligible | |
| passwd 1:4.13+dfsg1-1+b1 deb CVE-2007-5686 Negligible | |
| perl-base 5.36.0-7+deb12u1 (won't fix) deb CVE-2023-31484 High | |
| perl-base 5.36.0-7+deb12u1 deb CVE-2023-31486 Negligible | |
| perl-base 5.36.0-7+deb12u1 deb CVE-2011-4116 Negligible | |
| tar 1.34+dfsg-1.2+deb12u1 deb CVE-2005-2541 Negligible | |
| util-linux 2.38.1-5+deb12u1 deb CVE-2022-0563 Negligible | |
| util-linux-extra 2.38.1-5+deb12u1 deb CVE-2022-0563 Negligible | |
| zlib1g 1:1.2.13.dfsg-1 (won't fix) deb CVE-2023-45853 Critical |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment