docker image build vulnerability issue #424
Description
Hello team,
I am planning to start mwaa locally and getting this vulnerability issue !
./mwaa-local-env build-image
[+] Building 0.8s (27/27) FINISHED docker:desktop-linux
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 1.95kB 0.0s
=> [internal] load metadata for docker.io/library/amazonlinux:2023 0.7s
=> [auth] library/amazonlinux:pull token for registry-1.docker.io 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [ 1/21] FROM docker.io/library/amazonlinux:2023@sha256:8217eec04f21ec88f5fd0ce57641a9fa9a586af5c4d2a68c7fcd50f2146ddb03 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 537B 0.0s
=> CACHED [ 2/21] COPY script/bootstrap.sh /bootstrap.sh 0.0s
=> CACHED [ 3/21] COPY script/systemlibs.sh /systemlibs.sh 0.0s
=> CACHED [ 4/21] COPY script/generate_key.sh /generate_key.sh 0.0s
=> CACHED [ 5/21] COPY script/run-startup.sh /run-startup.sh 0.0s
=> CACHED [ 6/21] COPY script/shell-launch-script.sh /shell-launch-script.sh 0.0s
=> CACHED [ 7/21] COPY script/verification.sh /verification.sh 0.0s
=> CACHED [ 8/21] COPY config/constraints.txt /constraints.txt 0.0s
=> CACHED [ 9/21] COPY config/mwaa-base-providers-requirements.txt /mwaa-base-providers-requirements.txt 0.0s
=> CACHED [10/21] RUN chmod u+x /systemlibs.sh && /systemlibs.sh 0.0s
=> CACHED [11/21] RUN chmod u+x /bootstrap.sh && /bootstrap.sh 0.0s
=> CACHED [12/21] RUN chmod u+x /generate_key.sh && /generate_key.sh 0.0s
=> CACHED [13/21] RUN chmod u+x /run-startup.sh 0.0s
=> CACHED [14/21] RUN chmod u+x /shell-launch-script.sh 0.0s
=> CACHED [15/21] RUN chmod u+x /verification.sh 0.0s
=> CACHED [16/21] COPY script/entrypoint.sh /entrypoint.sh 0.0s
=> CACHED [17/21] COPY config/airflow.cfg /usr/local/airflow/airflow.cfg 0.0s
=> CACHED [18/21] COPY config/webserver_config.py /usr/local/airflow/webserver_config.py 0.0s
=> CACHED [19/21] RUN chown -R airflow: /usr/local/airflow 0.0s
=> CACHED [20/21] RUN chmod +x /entrypoint.sh 0.0s
=> CACHED [21/21] WORKDIR /usr/local/airflow 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:1b61e0c58ccee72210fadcdb2aad5bbf8bc6d2148466be396004fcf324ddb7aa 0.0s
=> => naming to docker.io/amazon/mwaa-local:2_10_3 0.0s
View build details: docker-desktop://dashboard/build/desktop-linux/desktop-linux/z0dncnmtgi4bzx0q6j27jb8cx
What's next:
View a summary of image vulnerabilities and recommendations → docker scout quickview
docker scout quickview
i New version 1.16.1 available (installed version is 1.15.1) at https://github.com/docker/scout-cli
✓ Image stored for indexing
✓ Indexed 757 packages
i Base image was auto-detected. To get more accurate results, build images with max-mode provenance attestations.
Review docs.docker.com ↗ for more information.
Target │ local://amazon/mwaa-local:2_10_3 │ 1C 61H 63M 4L
digest │ 1b61e0c58cce │
Base image │ amazonlinux:2023 │ 0C 0H 0M 0L
What's next:
View vulnerabilities → docker scout cves local://amazon/mwaa-local:2_10_3
Include policy results in your quickview by supplying an organization → docker scout quickview local://amazon/mwaa-local:2_10_3 --org
docker scout cves local://amazon/mwaa-local:2_10_3
i New version 1.16.1 available (installed version is 1.15.1) at https://github.com/docker/scout-cli
✓ SBOM of image already cached, 757 packages indexed
✗ Detected 38 vulnerable packages with a total of 31 vulnerabilities
Overview
│ Analyzed Image
────────────────────┼─────────────────────────────────────
Target │ local://amazon/mwaa-local:2_10_3
digest │ 1b61e0c58cce
platform │ linux/arm64/v8
vulnerabilities │ 1C 61H 63M 4L
size │ 1.5 GB
packages │ 757
Packages and Vulnerabilities
1C 2H 0M 0L poetry 0.3.0
pkg:pypi/poetry@0.3.0
✗ CRITICAL CVE-2022-26184 [Untrusted Search Path]
https://scout.docker.com/v/CVE-2022-26184
Affected range : <1.1.9
Fixed version : 1.1.9
CVSS Score : 9.3
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
✗ HIGH CVE-2022-36070 [Untrusted Search Path]
https://scout.docker.com/v/CVE-2022-36070
Affected range : <1.1.9
Fixed version : 1.1.9
CVSS Score : 7.3
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
✗ HIGH CVE-2022-36069 [Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')]
https://scout.docker.com/v/CVE-2022-36069
Affected range : <1.1.9
Fixed version : 1.1.9
CVSS Score : 7.3
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
0C 2H 3M 3L cryptography 36.0.1
pkg:pypi/cryptography@36.0.1
✗ HIGH CVE-2023-50782 [Observable Discrepancy]
https://scout.docker.com/v/CVE-2023-50782
Affected range : <42.0.0
Fixed version : 42.0.0
CVSS Score : 8.7
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
✗ HIGH CVE-2023-0286 [Access of Resource Using Incompatible Type ('Type Confusion')]
https://scout.docker.com/v/CVE-2023-0286
Affected range : >=0.8.1
: <39.0.1
Fixed version : 39.0.1
CVSS Score : 7.4
CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
✗ MEDIUM CVE-2023-23931 [Improper Check for Unusual or Exceptional Conditions]
https://scout.docker.com/v/CVE-2023-23931
Affected range : >=1.8
: <39.0.1
Fixed version : 39.0.1
CVSS Score : 6.9
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
✗ MEDIUM CVE-2023-49083 [NULL Pointer Dereference]
https://scout.docker.com/v/CVE-2023-49083
Affected range : >=3.1
: <41.0.6
Fixed version : 41.0.6
CVSS Score : 5.9
CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
✗ MEDIUM CVE-2024-0727 [NULL Pointer Dereference]
https://scout.docker.com/v/CVE-2024-0727
Affected range : <42.0.2
Fixed version : 42.0.2
CVSS Score : 5.5
CVSS Vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
✗ LOW GHSA-v8gr-m533-ghj9
https://scout.docker.com/v/GHSA-v8gr-m533-ghj9
Affected range : >=2.5
: <41.0.4
Fixed version : 41.0.4
✗ LOW GHSA-jm77-qphf-c4w8
https://scout.docker.com/v/GHSA-jm77-qphf-c4w8
Affected range : >=0.8
: <41.0.3
Fixed version : 41.0.3
✗ LOW GHSA-5cpq-8wj7-hf2v
https://scout.docker.com/v/GHSA-5cpq-8wj7-hf2v
Affected range : >=0.5
: <=40.0.2
Fixed version : 41.0.0
0C 2H 2M 0L perl 0:2.27-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:2.27-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.05-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.05-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.47-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.47-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.30-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.30-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:0.60.800-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:0.60.800-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.94-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.94-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.80-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.80-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:2.03-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:2.03-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.02-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.02-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.13-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.13-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.12-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.12-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.21-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.21-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:0.02-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:0.02-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.31-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.31-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.03-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.03-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.37-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.37-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.09-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.09-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.43-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.43-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.23-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.23-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.100.600-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.100.600-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:2.85-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:2.85-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:0.66-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:0.66-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.08-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.08-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:1.15-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:1.15-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 2M 0L perl 0:2.34-477.amzn2023.0.6
pkg:rpm/amazonlinux/perl@0:2.34-477.amzn2023.0.6?os_name=amazonlinux&os_version=2023
✗ HIGH CVE-2023-31486
https://scout.docker.com/v/CVE-2023-31486
Affected range : <5.32.1-477.amzn2023.0.5
Fixed version : 5.32.1-477.amzn2023.0.5
✗ HIGH CVE-2023-31484
https://scout.docker.com/v/CVE-2023-31484
Affected range : <5.32.1-477.amzn2023.0.4
Fixed version : 5.32.1-477.amzn2023.0.4
✗ MEDIUM CVE-2023-47100
https://scout.docker.com/v/CVE-2023-47100
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
✗ MEDIUM CVE-2023-47038
https://scout.docker.com/v/CVE-2023-47038
Affected range : <5.32.1-477.amzn2023.0.6
Fixed version : 5.32.1-477.amzn2023.0.6
0C 2H 0M 0L setuptools 59.6.0
pkg:pypi/setuptools@59.6.0
✗ HIGH CVE-2022-40897 [Inefficient Regular Expression Complexity]
https://scout.docker.com/v/CVE-2022-40897
Affected range : <65.5.1
Fixed version : 65.5.1
CVSS Score : 8.7
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
✗ HIGH CVE-2024-6345 [Improper Control of Generation of Code ('Code Injection')]
https://scout.docker.com/v/CVE-2024-6345
Affected range : <70.0.0
Fixed version : 70.0.0
CVSS Score : 7.5
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
0C 2H 0M 0L setuptools 65.5.0
pkg:pypi/setuptools@65.5.0
✗ HIGH CVE-2022-40897 [Inefficient Regular Expression Complexity]
https://scout.docker.com/v/CVE-2022-40897
Affected range : <65.5.1
Fixed version : 65.5.1
CVSS Score : 8.7
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:L/SI:L/SA:N
✗ HIGH CVE-2024-6345 [Improper Control of Generation of Code ('Code Injection')]
https://scout.docker.com/v/CVE-2024-6345
Affected range : <70.0.0
Fixed version : 70.0.0
CVSS Score : 7.5
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
0C 1H 3M 0L werkzeug 2.2.3
pkg:pypi/werkzeug@2.2.3
✗ HIGH CVE-2024-34069 [Cross-Site Request Forgery (CSRF)]
https://scout.docker.com/v/CVE-2024-34069
Affected range : <3.0.3
Fixed version : 3.0.3
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
✗ MEDIUM CVE-2024-49767 [Uncontrolled Resource Consumption]
https://scout.docker.com/v/CVE-2024-49767
Affected range : <=3.0.5
Fixed version : 3.0.6
CVSS Score : 6.9
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
✗ MEDIUM CVE-2024-49766 [Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')]
https://scout.docker.com/v/CVE-2024-49766
Affected range : <=3.0.5
Fixed version : 3.0.6
CVSS Score : 6.3
CVSS Vector : CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
✗ MEDIUM CVE-2023-46136 [Uncontrolled Resource Consumption]
https://scout.docker.com/v/CVE-2023-46136
Affected range : <2.3.8
Fixed version : 2.3.8
CVSS Score : 5.7
CVSS Vector : CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0C 1H 0M 0L tornado 6.4.1
pkg:pypi/tornado@6.4.1
✗ HIGH CVE-2024-52804 [Uncontrolled Resource Consumption]
https://scout.docker.com/v/CVE-2024-52804
Affected range : <=6.4.1
Fixed version : 6.4.2
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 1H 0M 0L wheel 0.37.1
pkg:pypi/wheel@0.37.1
✗ HIGH CVE-2022-40898 [Inefficient Regular Expression Complexity]
https://scout.docker.com/v/CVE-2022-40898
Affected range : <0.38.1
Fixed version : 0.38.1
CVSS Score : 7.5
CVSS Vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 0H 2M 0L aiohttp 3.10.10
pkg:pypi/aiohttp@3.10.10
✗ MEDIUM CVE-2024-52303 [Missing Release of Resource after Effective Lifetime]
https://scout.docker.com/v/CVE-2024-52303
Affected range : >=3.10.6
: <3.10.11
Fixed version : 3.10.11
CVSS Score : 6.9
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
✗ MEDIUM CVE-2024-52304 [Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')]
https://scout.docker.com/v/CVE-2024-52304
Affected range : <=3.10.10
Fixed version : 3.10.11
CVSS Score : 6.3
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
0C 0H 2M 0L jinja2 3.1.4
pkg:pypi/jinja2@3.1.4
✗ MEDIUM CVE-2024-56326 [Protection Mechanism Failure]
https://scout.docker.com/v/CVE-2024-56326
Affected range : <=3.1.4
Fixed version : 3.1.5
CVSS Score : 5.4
CVSS Vector : CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
✗ MEDIUM CVE-2024-56201 [Improper Neutralization of Escape, Meta, or Control Sequences]
https://scout.docker.com/v/CVE-2024-56201
Affected range : >=3.0.0
: <=3.1.4
Fixed version : 3.1.5
CVSS Score : 5.4
CVSS Vector : CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
0C 0H 1M 0L cleo 0.6.8
pkg:pypi/cleo@0.6.8
✗ MEDIUM CVE-2022-42966 [Inefficient Regular Expression Complexity]
https://scout.docker.com/v/CVE-2022-42966
Affected range : <=1.0.0a5
Fixed version : 1.0.0
CVSS Score : 5.9
CVSS Vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
0C 0H 1M 0L pip 22.3.1
pkg:pypi/pip@22.3.1
✗ MEDIUM CVE-2023-5752 [Improper Neutralization of Special Elements used in a Command ('Command Injection')]
https://scout.docker.com/v/CVE-2023-5752
Affected range : <23.3
Fixed version : 23.3
CVSS Score : 6.8
CVSS Vector : CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
0C 0H 1M 0L cryptography 42.0.8
pkg:pypi/cryptography@42.0.8
✗ MEDIUM GHSA-h4gh-qq45-vh27 [Dependency on Vulnerable Third-Party Component]
https://scout.docker.com/v/GHSA-h4gh-qq45-vh27
Affected range : >=37.0.0
: <43.0.1
Fixed version : 43.0.1
0C 0H 0M 1L apache-airflow-providers-fab 1.5.0
pkg:pypi/apache-airflow-providers-fab@1.5.0
✗ LOW CVE-2024-45033 [Insufficient Session Expiration]
https://scout.docker.com/v/CVE-2024-45033
Affected range : <1.5.2
Fixed version : 1.5.2
CVSS Score : 2.1
CVSS Vector : CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
129 vulnerabilities found in 38 packages
CRITICAL 1
HIGH 61
MEDIUM 63
LOW 4
What's next:
View base image update recommendations → docker scout recommendations local://amazon/mwaa-local:2_10_3