Created
October 11, 2022 11:45
-
-
Save ericsmalling/ce4701da51c24195a04bfc35205a9bfa to your computer and use it in GitHub Desktop.
Snyk container scan of the Chainguard nginx image with dependency tree and app-vulns flag enabled for deeper vulnerability scan
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| snyk container test cgr.dev/chainguard/nginx --print-deps --platform=amd64 --app-vulns | |
| docker-image|cgr.dev/chainguard/nginx @ latest | |
| ├─ alpine-baselayout/alpine-baselayout-data @ 3.3.0-r2 | |
| ├─ aom/aom-libs @ 3.5.0-r0 | |
| ├─ brotli/brotli-libs @ 1.0.9-r8 | |
| ├─ busybox/busybox @ 1.35.0-r27 | |
| ├─ busybox/busybox-binsh @ 1.35.0-r27 | |
| │ └─ busybox/busybox @ 1.35.0-r27 | |
| ├─ bzip2/libbz2 @ 1.0.8-r3 | |
| ├─ dav1d/libdav1d @ 1.0.0-r1 | |
| ├─ execline/execline @ 2.9.0.1-r0 | |
| │ └─ skalibs/skalibs @ 2.12.0.0-r0 | |
| ├─ expat/libexpat @ 2.4.9-r0 | |
| ├─ fontconfig/fontconfig @ 2.14.0-r0 | |
| │ ├─ busybox/busybox-binsh @ 1.35.0-r27 | |
| │ ├─ expat/libexpat @ 2.4.9-r0 | |
| │ └─ freetype/freetype @ 2.12.1-r0 | |
| ├─ freetype/freetype @ 2.12.1-r0 | |
| │ ├─ brotli/brotli-libs @ 1.0.9-r8 | |
| │ ├─ bzip2/libbz2 @ 1.0.8-r3 | |
| │ ├─ libpng/libpng @ 1.6.38-r0 | |
| │ └─ zlib/zlib @ 1.2.12-r3 | |
| ├─ gd/libgd @ 2.3.3-r2 | |
| │ ├─ fontconfig/fontconfig @ 2.14.0-r0 | |
| │ ├─ freetype/freetype @ 2.12.1-r0 | |
| │ ├─ libavif/libavif @ 0.10.1-r0 | |
| │ ├─ libjpeg-turbo/libjpeg-turbo @ 2.1.4-r0 | |
| │ ├─ libpng/libpng @ 1.6.38-r0 | |
| │ ├─ libwebp/libwebp @ 1.2.4-r1 | |
| │ ├─ libxpm/libxpm @ 3.5.13-r1 | |
| │ └─ tiff/tiff @ 4.4.0-r0 | |
| ├─ geoip/geoip @ 1.6.12-r2 | |
| ├─ libavif/libavif @ 0.10.1-r0 | |
| │ ├─ aom/aom-libs @ 3.5.0-r0 | |
| │ └─ dav1d/libdav1d @ 1.0.0-r1 | |
| ├─ libbsd/libbsd @ 0.11.7-r0 | |
| │ └─ libmd/libmd @ 1.0.4-r0 | |
| ├─ libgcrypt/libgcrypt @ 1.10.1-r0 | |
| │ └─ libgpg-error/libgpg-error @ 1.46-r0 | |
| ├─ libgpg-error/libgpg-error @ 1.46-r0 | |
| ├─ libice/libice @ 1.0.10-r1 | |
| ├─ libjpeg-turbo/libjpeg-turbo @ 2.1.4-r0 | |
| ├─ libmd/libmd @ 1.0.4-r0 | |
| ├─ libpng/libpng @ 1.6.38-r0 | |
| │ └─ zlib/zlib @ 1.2.12-r3 | |
| ├─ libsm/libsm @ 1.2.3-r1 | |
| │ ├─ libice/libice @ 1.0.10-r1 | |
| │ └─ util-linux/libuuid @ 2.38.1-r0 | |
| ├─ libwebp/libwebp @ 1.2.4-r1 | |
| ├─ libx11/libx11 @ 1.8.1-r1 | |
| │ └─ libxcb/libxcb @ 1.15-r0 | |
| ├─ libxau/libxau @ 1.0.10-r0 | |
| ├─ libxcb/libxcb @ 1.15-r0 | |
| │ ├─ libxau/libxau @ 1.0.10-r0 | |
| │ └─ libxdmcp/libxdmcp @ 1.1.3-r1 | |
| ├─ libxdmcp/libxdmcp @ 1.1.3-r1 | |
| │ └─ libbsd/libbsd @ 0.11.7-r0 | |
| ├─ libxext/libxext @ 1.3.4-r1 | |
| │ └─ libx11/libx11 @ 1.8.1-r1 | |
| ├─ libxml2/libxml2 @ 2.10.2-r1 | |
| │ ├─ xz/xz-libs @ 5.2.7-r0 | |
| │ └─ zlib/zlib @ 1.2.12-r3 | |
| ├─ libxpm/libxpm @ 3.5.13-r1 | |
| │ ├─ libx11/libx11 @ 1.8.1-r1 | |
| │ ├─ libxext/libxext @ 1.3.4-r1 | |
| │ └─ libxt/libxt @ 1.2.1-r0 | |
| ├─ libxslt/libxslt @ 1.1.36-r0 | |
| │ ├─ libgcrypt/libgcrypt @ 1.10.1-r0 | |
| │ └─ libxml2/libxml2 @ 2.10.2-r1 | |
| ├─ libxt/libxt @ 1.2.1-r0 | |
| │ ├─ libice/libice @ 1.0.10-r1 | |
| │ ├─ libsm/libsm @ 1.2.3-r1 | |
| │ └─ libx11/libx11 @ 1.8.1-r1 | |
| ├─ meta-common-packages @ meta | |
| │ └─ musl/musl @ 1.2.3-r1 | |
| ├─ nginx/nginx @ 1.22.0-r0 | |
| │ ├─ gd/libgd @ 2.3.3-r2 | |
| │ ├─ geoip/geoip @ 1.6.12-r2 | |
| │ ├─ libxml2/libxml2 @ 2.10.2-r1 | |
| │ ├─ libxslt/libxslt @ 1.1.36-r0 | |
| │ ├─ openssl1.1-compat/libcrypto1.1 @ 1.1.1q-r3 | |
| │ ├─ openssl1.1-compat/libssl1.1 @ 1.1.1q-r3 | |
| │ ├─ pcre/pcre @ 8.45-r2 | |
| │ └─ zlib/zlib @ 1.2.12-r3 | |
| ├─ openssl1.1-compat/libcrypto1.1 @ 1.1.1q-r3 | |
| ├─ openssl1.1-compat/libssl1.1 @ 1.1.1q-r3 | |
| │ └─ openssl1.1-compat/libcrypto1.1 @ 1.1.1q-r3 | |
| ├─ pcre/pcre @ 8.45-r2 | |
| ├─ s6/s6 @ 2.11.1.2-r0 | |
| │ ├─ busybox/busybox-binsh @ 1.35.0-r27 | |
| │ ├─ execline/execline @ 2.9.0.1-r0 | |
| │ ├─ s6/s6-ipcserver @ 2.11.1.2-r0 | |
| │ └─ skalibs/skalibs @ 2.12.0.0-r0 | |
| ├─ s6/s6-ipcserver @ 2.11.1.2-r0 | |
| │ └─ skalibs/skalibs @ 2.12.0.0-r0 | |
| ├─ skalibs/skalibs @ 2.12.0.0-r0 | |
| ├─ tiff/tiff @ 4.4.0-r0 | |
| │ ├─ libjpeg-turbo/libjpeg-turbo @ 2.1.4-r0 | |
| │ ├─ libwebp/libwebp @ 1.2.4-r1 | |
| │ ├─ xz/xz-libs @ 5.2.7-r0 | |
| │ ├─ zlib/zlib @ 1.2.12-r3 | |
| │ └─ zstd/zstd-libs @ 1.5.2-r9 | |
| ├─ util-linux/libuuid @ 2.38.1-r0 | |
| ├─ xz/xz-libs @ 5.2.7-r0 | |
| ├─ zlib/zlib @ 1.2.12-r3 | |
| └─ zstd/zstd-libs @ 1.5.2-r9 | |
| Testing cgr.dev/chainguard/nginx... | |
| Organization: *********** | |
| Package manager: apk | |
| Project name: docker-image|cgr.dev/chainguard/nginx | |
| Docker image: cgr.dev/chainguard/nginx | |
| Platform: linux/amd64 | |
| Licenses: enabled | |
| ✔ Tested 46 dependencies for known issues, no vulnerable paths found. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment