Giters

matusnovak / prometheus-smartctl

HDD S.M.A.R.T exporter for Prometheus written in Python

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Update base Docker image

ngosang opened this issue · comments

commented

There is nothing wrong with the current base image but It's a good practice to keep thins up-to-date. I detected the current base image has some vulnerabilities although they are not exploitable.

grype matusnovak/prometheus-smartctl:v1.3.0
 ✔ Vulnerability DB        [updated]
New version of grype is available: 0.33.1
 ✔ Parsed image            
 ✔ Cataloged packages      [80 packages]
 ✔ Scanned image           [10 vulnerabilities]
NAME     INSTALLED  FIXED-IN   VULNERABILITY        SEVERITY 
expat    2.2.10-r0  2.2.10-r1  CVE-2022-23852       Critical  
expat    2.2.10-r0  2.2.10-r1  CVE-2022-23990       Critical  
expat    2.2.10-r0  2.2.10-r2  CVE-2022-25235       Critical  
expat    2.2.10-r0  2.2.10-r2  CVE-2022-25236       Critical  
expat    2.2.10-r0  2.2.10-r2  CVE-2022-25313       Medium    
expat    2.2.10-r0  2.2.10-r2  CVE-2022-25314       High      
expat    2.2.10-r0  2.2.10-r2  CVE-2022-25315       Critical  
pip      20.1.1     21.1       GHSA-5xp3-jfq3-5q8x  Medium    
urllib3  1.25.9     1.26.5     GHSA-q2q7-5pp4-w6pg  High      
urllib3  1.25.9                CVE-2021-33503       High