registry.gitlab.com/prod-manager/prod-manager:latest (alpine 3.19.1) - Trivy Report - 2024-05-15 06:02:28.937170583 +0000 UTC m=+2.868433976

registry.gitlab.com/prod-manager/prod-manager:latest (alpine 3.19.1) - Trivy Report - 2024-05-15 06:02:28.937205503 +0000 UTC m=+2.868468885

alpine
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2024-2511	LOW	3.1.4-r5	3.1.4-r6	http://www.openwall.com/lists/oss-security/2024/04/08/5 https://access.redhat.com/security/cve/CVE-2024-2511 https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08 https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640 https://nvd.nist.gov/vuln/detail/CVE-2024-2511 https://security.netapp.com/advisory/ntap-20240503-0013/ https://www.cve.org/CVERecord?id=CVE-2024-2511 https://www.openssl.org/news/secadv/20240408.txt https://www.openssl.org/news/vulnerabilities.html
libexpat	CVE-2024-28757	HIGH	2.6.0-r0	2.6.2-r0	http://www.openwall.com/lists/oss-security/2024/03/15/1 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2024-28757 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://errata.almalinux.org/9/ALSA-2024-1530.html https://github.com/libexpat/libexpat/issues/839 https://github.com/libexpat/libexpat/pull/842 https://linux.oracle.com/cve/CVE-2024-28757.html https://linux.oracle.com/errata/ELSA-2024-1530.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/ https://nvd.nist.gov/vuln/detail/CVE-2024-28757 https://security.netapp.com/advisory/ntap-20240322-0001/ https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2024-28757
libssl3	CVE-2024-2511	LOW	3.1.4-r5	3.1.4-r6	http://www.openwall.com/lists/oss-security/2024/04/08/5 https://access.redhat.com/security/cve/CVE-2024-2511 https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08 https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640 https://nvd.nist.gov/vuln/detail/CVE-2024-2511 https://security.netapp.com/advisory/ntap-20240503-0013/ https://www.cve.org/CVERecord?id=CVE-2024-2511 https://www.openssl.org/news/secadv/20240408.txt https://www.openssl.org/news/vulnerabilities.html
No Misconfigurations found
python-pkg
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
Jinja2	CVE-2024-34064	MEDIUM	3.1.3	3.1.4	https://access.redhat.com/security/cve/CVE-2024-34064 https://github.com/pallets/jinja https://github.com/pallets/jinja/commit/0668239dc6b44ef38e7a6c9f91f312fd4ca581cb https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj https://nvd.nist.gov/vuln/detail/CVE-2024-34064 https://www.cve.org/CVERecord?id=CVE-2024-34064
Werkzeug	CVE-2024-34069	HIGH	3.0.1	3.0.3	https://access.redhat.com/security/cve/CVE-2024-34069 https://github.com/pallets/werkzeug https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692 https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985 https://nvd.nist.gov/vuln/detail/CVE-2024-34069 https://www.cve.org/CVERecord?id=CVE-2024-34069
dnspython	CVE-2023-29483	MEDIUM	2.6.0	2.6.1	https://access.redhat.com/security/cve/CVE-2023-29483 https://github.com/eventlet/eventlet https://github.com/eventlet/eventlet/commit/51e3c4928d4938beb576eff34f3bf97e6e64e6b4 https://github.com/eventlet/eventlet/issues/913 https://github.com/eventlet/eventlet/releases/tag/v0.35.2 https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2 https://github.com/rthalley/dnspython/issues/1045 https://github.com/rthalley/dnspython/releases/tag/v2.6.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH/ https://nvd.nist.gov/vuln/detail/CVE-2023-29483 https://security.snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713 https://www.cve.org/CVERecord?id=CVE-2023-29483 https://www.dnspython.org https://www.dnspython.org/ https://www.dnspython.org/news/2.6.0rc1/
gunicorn	CVE-2024-1135	HIGH	21.2.0	22.0.0	https://access.redhat.com/security/cve/CVE-2024-1135 https://github.com/advisories/GHSA-w3h3-4rj7-4ph4 https://github.com/benoitc/gunicorn https://github.com/benoitc/gunicorn/commit/ac29c9b0a758d21f1e0fb3b3457239e523fa9f1d https://github.com/benoitc/gunicorn/releases/tag/22.0.0 https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1 https://nvd.nist.gov/vuln/detail/CVE-2024-1135 https://www.cve.org/CVERecord?id=CVE-2024-1135
idna	CVE-2024-3651	MEDIUM	3.6	3.7	https://access.redhat.com/security/cve/CVE-2024-3651 https://github.com/kjd/idna https://github.com/kjd/idna/security/advisories/GHSA-jjg7-2v4v-x38h https://nvd.nist.gov/vuln/detail/CVE-2024-3651 https://www.cve.org/CVERecord?id=CVE-2024-3651
No Misconfigurations found