Vulnerabilities in latest docker image #134
Description
# grype --only-fixed quay.io/observatorium/thanos-receive-controller:main-2023-11-06-c57219e
✔ Vulnerability DB [no update available]
✔ Pulled image
✔ Loaded image quay.io/observatorium/thanos-receive-controller:main-2023-11-06-c57219e
✔ Parsed image sha256:3788f75bd36ad57a71cc8f547ada4ccd9c3eed7d9f6185d2f0082521eb5aee5f
✔ Cataloged contents 63a03728a2f951929d49eee395b4914c8ddcd2bc31ed93be7bafc2f129656751
├── ✔ Packages [96 packages]
└── ✔ Executables [1 executables]
✔ Scanned for vulnerabilities [22 vulnerability matches]
├── by severity: 0 critical, 7 high, 9 medium, 0 low, 0 negligible (6 unknown)
└── by status: 7 fixed, 15 not-fixed, 0 ignored
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
golang.org/x/crypto v0.1.0 0.17.0 go-module GHSA-45x7-px36-x8w8 Medium
golang.org/x/net v0.7.0 0.17.0 go-module GHSA-4374-p667-p6c8 High
golang.org/x/net v0.7.0 0.17.0 go-module GHSA-qppj-fm5r-hxr3 Medium
golang.org/x/net v0.7.0 0.13.0 go-module GHSA-2wrh-6pvc-2jm9 Medium
google.golang.org/grpc v1.40.0 1.56.3 go-module GHSA-m425-mq94-257g High
google.golang.org/grpc v1.40.0 1.56.3 go-module GHSA-qppj-fm5r-hxr3 Medium
google.golang.org/protobuf v1.28.1 1.33.0 go-module GHSA-8r3f-844c-mc37 Medium