Latest postgres image tag postgres:17.2-alpine3.20 is having a lot of high CVEs #1295
Description
Any plan to fix these CVEs coming from gosu package?
$ docker scout cves postgres:17.2-alpine3.20
i New version 1.15.1 available (installed version is 1.5.0) at https://github.com/docker/scout-cli
✓ SBOM of image already cached, 66 packages indexed
✗ Detected 1 vulnerable package with 56 vulnerabilities
## Overview
│ Analyzed Image
────────────────────┼─────────────────────────────────────
Target │ postgres:17.2-alpine3.20
digest │ 03844845c1d8
platform │ linux/arm64/v8
vulnerabilities │ 3C 35H 16M 1L 1?
size │ 111 MB
packages │ 66
## Packages and Vulnerabilities
3C 35H 16M 1L 1? stdlib 1.18.2
pkg:golang/stdlib@1.18.2
✗ CRITICAL CVE-2024-24790
https://scout.docker.com/v/CVE-2024-24790
Affected range : <1.21.11
Fixed version : 1.21.11
✗ CRITICAL CVE-2023-24540
https://scout.docker.com/v/CVE-2023-24540
Affected range : <1.19.9
Fixed version : 1.19.9
✗ CRITICAL CVE-2023-24538
https://scout.docker.com/v/CVE-2023-24538
Affected range : <1.19.8
Fixed version : 1.19.8
✗ HIGH CVE-2023-29403
https://scout.docker.com/v/CVE-2023-29403
Affected range : <1.19.10
Fixed version : 1.19.10
✗ HIGH CVE-2022-30580
https://scout.docker.com/v/CVE-2022-30580
Affected range : >=1.18.0-0
: <1.18.3
Fixed version : 1.18.3
✗ HIGH CVE-2024-34158
https://scout.docker.com/v/CVE-2024-34158
Affected range : <1.22.7
Fixed version : 1.22.7
✗ HIGH CVE-2024-34156
https://scout.docker.com/v/CVE-2024-34156
Affected range : <1.22.7
Fixed version : 1.22.7
✗ HIGH CVE-2024-24791
https://scout.docker.com/v/CVE-2024-24791
Affected range : <1.21.12
Fixed version : 1.21.12
✗ HIGH CVE-2024-24784
https://scout.docker.com/v/CVE-2024-24784
Affected range : <1.21.8
Fixed version : 1.21.8
✗ HIGH CVE-2023-45288
https://scout.docker.com/v/CVE-2023-45288
Affected range : <1.21.9
Fixed version : 1.21.9
✗ HIGH CVE-2023-45287
https://scout.docker.com/v/CVE-2023-45287
Affected range : <1.20.0
Fixed version : 1.20.0
✗ HIGH CVE-2023-45283
https://scout.docker.com/v/CVE-2023-45283
Affected range : <1.20.11
Fixed version : 1.20.11
✗ HIGH CVE-2023-44487
https://scout.docker.com/v/CVE-2023-44487
Affected range : <1.20.10
Fixed version : 1.20.10
✗ HIGH CVE-2023-39325
https://scout.docker.com/v/CVE-2023-39325
Affected range : <1.20.10
Fixed version : 1.20.10
✗ HIGH CVE-2023-24537
https://scout.docker.com/v/CVE-2023-24537
Affected range : <1.19.8
Fixed version : 1.19.8
✗ HIGH CVE-2023-24536
https://scout.docker.com/v/CVE-2023-24536
Affected range : <1.19.8
Fixed version : 1.19.8
✗ HIGH CVE-2023-24534
https://scout.docker.com/v/CVE-2023-24534
Affected range : <1.19.8
Fixed version : 1.19.8
✗ HIGH CVE-2022-41725
https://scout.docker.com/v/CVE-2022-41725
Affected range : <1.19.6
Fixed version : 1.19.6
✗ HIGH CVE-2022-41724
https://scout.docker.com/v/CVE-2022-41724
Affected range : <1.19.6
Fixed version : 1.19.6
✗ HIGH CVE-2022-41723
https://scout.docker.com/v/CVE-2022-41723
Affected range : <1.19.6
Fixed version : 1.19.6
✗ HIGH CVE-2022-41722
https://scout.docker.com/v/CVE-2022-41722
Affected range : <1.19.6
Fixed version : 1.19.6
✗ HIGH CVE-2022-41720
https://scout.docker.com/v/CVE-2022-41720
Affected range : <1.18.9
Fixed version : 1.18.9
✗ HIGH CVE-2022-41716
https://scout.docker.com/v/CVE-2022-41716
Affected range : <1.18.8
Fixed version : 1.18.8
✗ HIGH CVE-2022-41715
https://scout.docker.com/v/CVE-2022-41715
Affected range : <1.18.7
Fixed version : 1.18.7
✗ HIGH CVE-2022-32189
https://scout.docker.com/v/CVE-2022-32189
Affected range : >=1.18.0-0
: <1.18.5
Fixed version : 1.18.5
✗ HIGH CVE-2022-30635
https://scout.docker.com/v/CVE-2022-30635
Affected range : >=1.18.0-0
: <1.18.4
Fixed version : 1.18.4
✗ HIGH CVE-2022-30634
https://scout.docker.com/v/CVE-2022-30634
Affected range : >=1.18.0-0
: <1.18.3
Fixed version : 1.18.3
✗ HIGH CVE-2022-30633
https://scout.docker.com/v/CVE-2022-30633
Affected range : >=1.18.0-0
: <1.18.4
Fixed version : 1.18.4
✗ HIGH CVE-2022-30632
https://scout.docker.com/v/CVE-2022-30632
Affected range : >=1.18.0-0
: <1.18.4
Fixed version : 1.18.4
✗ HIGH CVE-2022-30631
https://scout.docker.com/v/CVE-2022-30631
Affected range : >=1.18.0-0
: <1.18.4
Fixed version : 1.18.4
✗ HIGH CVE-2022-30630
https://scout.docker.com/v/CVE-2022-30630
Affected range : >=1.18.0-0
: <1.18.4
Fixed version : 1.18.4
✗ HIGH CVE-2022-29804
https://scout.docker.com/v/CVE-2022-29804
Affected range : >=1.18.0-0
: <1.18.3
Fixed version : 1.18.3
✗ HIGH CVE-2022-2880
https://scout.docker.com/v/CVE-2022-2880
Affected range : <1.18.7
Fixed version : 1.18.7
✗ HIGH CVE-2022-2879
https://scout.docker.com/v/CVE-2022-2879
Affected range : <1.18.7
Fixed version : 1.18.7
✗ HIGH CVE-2022-28131
https://scout.docker.com/v/CVE-2022-28131
Affected range : >=1.18.0-0
: <1.18.4
Fixed version : 1.18.4
✗ HIGH CVE-2022-27664
https://scout.docker.com/v/CVE-2022-27664
Affected range : <1.18.6
Fixed version : 1.18.6
✗ HIGH CVE-2023-29400
https://scout.docker.com/v/CVE-2023-29400
Affected range : <1.19.9
Fixed version : 1.19.9
✗ HIGH CVE-2023-24539
https://scout.docker.com/v/CVE-2023-24539
Affected range : <1.19.9
Fixed version : 1.19.9
✗ MEDIUM CVE-2023-45290
https://scout.docker.com/v/CVE-2023-45290
Affected range : <1.21.8
Fixed version : 1.21.8
✗ MEDIUM CVE-2023-29406
https://scout.docker.com/v/CVE-2023-29406
Affected range : <1.19.11
Fixed version : 1.19.11
✗ MEDIUM CVE-2022-32148
https://scout.docker.com/v/CVE-2022-32148
Affected range : >=1.18.0-0
: <1.18.4
Fixed version : 1.18.4
✗ MEDIUM CVE-2022-1705
https://scout.docker.com/v/CVE-2022-1705
Affected range : >=1.18.0-0
: <1.18.4
Fixed version : 1.18.4
✗ MEDIUM CVE-2023-39319
https://scout.docker.com/v/CVE-2023-39319
Affected range : <1.20.8
Fixed version : 1.20.8
✗ MEDIUM CVE-2023-39318
https://scout.docker.com/v/CVE-2023-39318
Affected range : <1.20.8
Fixed version : 1.20.8
✗ MEDIUM CVE-2024-24783
https://scout.docker.com/v/CVE-2024-24783
Affected range : <1.21.8
Fixed version : 1.21.8
✗ MEDIUM CVE-2024-24789
https://scout.docker.com/v/CVE-2024-24789
Affected range : <1.21.11
Fixed version : 1.21.11
✗ MEDIUM CVE-2022-1962
https://scout.docker.com/v/CVE-2022-1962
Affected range : >=1.18.0-0
: <1.18.4
Fixed version : 1.18.4
✗ MEDIUM CVE-2023-45284
https://scout.docker.com/v/CVE-2023-45284
Affected range : <1.20.11
Fixed version : 1.20.11
✗ MEDIUM CVE-2023-39326
https://scout.docker.com/v/CVE-2023-39326
Affected range : <1.20.12
Fixed version : 1.20.12
✗ MEDIUM CVE-2023-29409
https://scout.docker.com/v/CVE-2023-29409
Affected range : <1.19.12
Fixed version : 1.19.12
✗ MEDIUM CVE-2023-24532
https://scout.docker.com/v/CVE-2023-24532
Affected range : <1.19.7
Fixed version : 1.19.7
✗ MEDIUM CVE-2022-41717
https://scout.docker.com/v/CVE-2022-41717
Affected range : <1.18.9
Fixed version : 1.18.9
✗ MEDIUM CVE-2024-34155
https://scout.docker.com/v/CVE-2024-34155
Affected range : <1.22.7
Fixed version : 1.22.7
✗ MEDIUM CVE-2023-45289
https://scout.docker.com/v/CVE-2023-45289
Affected range : <1.21.8
Fixed version : 1.21.8
✗ LOW CVE-2022-30629
https://scout.docker.com/v/CVE-2022-30629
Affected range : >=1.18.0-0
: <1.18.3
Fixed version : 1.18.3
✗ UNSPECIFIED CVE-2024-24785
https://scout.docker.com/v/CVE-2024-24785
Affected range : <1.21.8
Fixed version : 1.21.8
56 vulnerabilities found in 1 package
UNSPECIFIED 1
LOW 1
MEDIUM 16
HIGH 35
CRITICAL 3
What's Next?
View base image update recommendations → docker scout recommendations postgres:17.2-alpine3.20