@@ -316,7 +316,7 @@ Scanning local image tarball "./testdata/test-ubuntu.tar"
316316
317317Container Scanning Result (Ubuntu 22.04.5 LTS):
318318Total 19 packages affected by 37 known vulnerabilities (2 Critical, 11 High, 19 Medium, 4 Low, 1 Unknown) from 1 ecosystem.
319- 17 vulnerabilities can be fixed.
319+ 18 vulnerabilities can be fixed.
320320
321321
322322Ubuntu:22.04
@@ -326,7 +326,7 @@ Ubuntu:22.04
326326| SOURCE PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | BINARY PACKAGES (COUNT) | INTRODUCED LAYER | IN BASE IMAGE |
327327+----------------+------------------------------+-------------------------+------------+-------------------------+------------------+---------------+
328328| coreutils | 8.32-4.1ubuntu1.2 | No fix available | 2 | coreutils | # 4 Layer | ubuntu |
329- | dpkg | 1.21.1ubuntu2.3 | No fix available | 1 | dpkg | # 4 Layer | ubuntu |
329+ | dpkg | 1.21.1ubuntu2.3 | Fix Available | 1 | dpkg | # 4 Layer | ubuntu |
330330| gcc-12 | 12.3.0-1ubuntu1~22.04 | Partial fixes Available | 2 | gcc-12-base... (3) | # 4 Layer | ubuntu |
331331| glibc | 2.35-0ubuntu3.8 | Fix Available | 3 | libc-bin, libc6 | # 4 Layer | ubuntu |
332332| gnupg2 | 2.2.27-3ubuntu2.1 | Partial fixes Available | 3 | gpgv | # 4 Layer | ubuntu |
@@ -361,7 +361,7 @@ Scanning local image tarball "./testdata/test-ubuntu.tar"
361361
362362Container Scanning Result (Ubuntu 22.04.5 LTS):
363363Total 19 packages affected by 37 known vulnerabilities (2 Critical, 11 High, 19 Medium, 4 Low, 1 Unknown) from 1 ecosystem.
364- 17 vulnerabilities can be fixed.
364+ 18 vulnerabilities can be fixed.
365365
366366
367367Ubuntu:22.04
@@ -371,7 +371,7 @@ Ubuntu:22.04
371371| SOURCE PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | BINARY PACKAGES (COUNT) | INTRODUCED LAYER | IN BASE IMAGE |
372372+----------------+------------------------------+-------------------------+------------+-------------------------+------------------+---------------+
373373| coreutils | 8.32-4.1ubuntu1.2 | No fix available | 2 | coreutils | # 4 Layer | ubuntu |
374- | dpkg | 1.21.1ubuntu2.3 | No fix available | 1 | dpkg | # 4 Layer | ubuntu |
374+ | dpkg | 1.21.1ubuntu2.3 | Fix Available | 1 | dpkg | # 4 Layer | ubuntu |
375375| gcc-12 | 12.3.0-1ubuntu1~22.04 | Partial fixes Available | 2 | gcc-12-base... (3) | # 4 Layer | ubuntu |
376376| glibc | 2.35-0ubuntu3.8 | Fix Available | 3 | libc-bin, libc6 | # 4 Layer | ubuntu |
377377| gnupg2 | 2.2.27-3ubuntu2.1 | Partial fixes Available | 3 | gpgv | # 4 Layer | ubuntu |
@@ -476,8 +476,8 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
476476Scanning local image tarball "./testdata/test-python-empty.tar"
477477
478478Container Scanning Result (Debian GNU/Linux 10 (buster)):
479- Total 14 packages affected by 22 known vulnerabilities (0 Critical, 6 High, 2 Medium, 0 Low, 14 Unknown) from 2 ecosystems.
480- 22 vulnerabilities can be fixed.
479+ Total 14 packages affected by 24 known vulnerabilities (0 Critical, 6 High, 4 Medium, 0 Low, 14 Unknown) from 2 ecosystems.
480+ 24 vulnerabilities can be fixed.
481481
482482
483483PyPI
486486+---------+-------------------+---------------+------------+------------------+---------------+
487487| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE |
488488+---------+-------------------+---------------+------------+------------------+---------------+
489- | pip | 23.0.1 | Fix Available | 1 | # 7 Layer | python |
489+ | pip | 23.0.1 | Fix Available | 2 | # 7 Layer | python |
490490+---------+-------------------+---------------+------------+------------------+---------------+
491491+------------------------------------------------------------------------------------------------+
492492| Source:artifact:/usr/local/lib/python3.9/ensurepip/_bundled/setuptools-58.1.0-py3-none-any.whl |
500500+---------+-------------------+---------------+------------+------------------+---------------+
501501| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE |
502502+---------+-------------------+---------------+------------+------------------+---------------+
503- | pip | 23.0.1 | Fix Available | 1 | # 13 Layer | python |
503+ | pip | 23.0.1 | Fix Available | 2 | # 13 Layer | python |
504504+---------+-------------------+---------------+------------+------------------+---------------+
505505+------------------------------------------------------------------------------------------------+
506506| Source:artifact:/usr/local/lib/python3.9/site-packages/setuptools-58.1.0.dist-info/METADATA |
@@ -540,8 +540,8 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
540540Scanning local image tarball "./testdata/test-python-full.tar"
541541
542542Container Scanning Result (Debian GNU/Linux 10 (buster)):
543- Total 19 packages affected by 40 known vulnerabilities (0 Critical, 13 High, 12 Medium, 0 Low, 15 Unknown) from 2 ecosystems.
544- 40 vulnerabilities can be fixed.
543+ Total 19 packages affected by 42 known vulnerabilities (0 Critical, 13 High, 14 Medium, 0 Low, 15 Unknown) from 2 ecosystems.
544+ 42 vulnerabilities can be fixed.
545545
546546
547547PyPI
550550+---------+-------------------+---------------+------------+------------------+---------------+
551551| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE |
552552+---------+-------------------+---------------+------------+------------------+---------------+
553- | pip | 23.0.1 | Fix Available | 1 | # 7 Layer | python |
553+ | pip | 23.0.1 | Fix Available | 2 | # 7 Layer | python |
554554+---------+-------------------+---------------+------------+------------------+---------------+
555555+------------------------------------------------------------------------------------------------+
556556| Source:artifact:/usr/local/lib/python3.9/ensurepip/_bundled/setuptools-58.1.0-py3-none-any.whl |
585585+---------+-------------------+---------------+------------+------------------+---------------+
586586| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE |
587587+---------+-------------------+---------------+------------+------------------+---------------+
588- | pip | 23.0.1 | Fix Available | 1 | # 13 Layer | python |
588+ | pip | 23.0.1 | Fix Available | 2 | # 13 Layer | python |
589589+---------+-------------------+---------------+------------+------------------+---------------+
590590+----------------------------------------------------------------------------------------------+
591591| Source:artifact:/usr/local/lib/python3.9/site-packages/requests-2.20.0.dist-info/METADATA |
@@ -1000,9 +1000,10 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
10001000 },
10011001 " vulnerabilities"
10021002 " PYSEC-2023-228"
1003+ " GHSA-4xh5-x5gv-qwph"
10031004 " GHSA-mq26-g339-26xf"
10041005 ],
1005- " groups" 1
1006+ " groups" 2
10061007 }
10071008 ]
10081009 },
@@ -1126,9 +1127,10 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
11261127 },
11271128 " vulnerabilities"
11281129 " PYSEC-2023-228"
1130+ " GHSA-4xh5-x5gv-qwph"
11291131 " GHSA-mq26-g339-26xf"
11301132 ],
1131- " groups" 1
1133+ " groups" 2
11321134 }
11331135 ]
11341136 },
@@ -2573,6 +2575,7 @@ Scanning local image tarball "./testdata/test-node_modules-npm-full.tar"
25732575 }
25742576 },
25752577 " vulnerabilities"
2578+ " USN-7768-1"
25762579 " UBUNTU-CVE-2025-6297"
25772580 ],
25782581 " groups" 1
0 commit comments