Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: use the latest version of Trivy for security scans #908

Merged
merged 4 commits into from
Sep 30, 2024
Merged

ci: use the latest version of Trivy for security scans #908

merged 4 commits into from
Sep 30, 2024

Conversation

sjinks
Copy link
Member

@sjinks sjinks commented Sep 30, 2024

0.48.3 started to fail with:

2024-09-30T08:53:00.206Z	FATAL	init error: DB error: failed to download vulnerability DB: database download error: OCI repository error: 1 error occurred:
	* GET https://ghcr.io/v2/aquasecurity/trivy-db/manifests/2: TOOMANYREQUESTS: retry-after: 337.839µs, allowed: 44000/minute

Let's see if the latest version helps.

@sjinks sjinks self-assigned this Sep 30, 2024
@sjinks sjinks requested a review from a team as a code owner September 30, 2024 12:03
@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/alpine:3.20.3 (alpine 3.20.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/photon:latest (alpine 3.20.3)

Package Vulnerability ID Severity Installed Version Fixed Version Links
php82 CVE-2024-8925 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8925
php82 CVE-2024-8926 UNKNOWN 8.2.22-r0 8.2.24-r0
php82 CVE-2024-8927 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8927
php82 CVE-2024-9026 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-9026
php82-common CVE-2024-8925 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8925
php82-common CVE-2024-8926 UNKNOWN 8.2.22-r0 8.2.24-r0
php82-common CVE-2024-8927 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8927
php82-common CVE-2024-9026 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-9026
php82-curl CVE-2024-8925 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8925
php82-curl CVE-2024-8926 UNKNOWN 8.2.22-r0 8.2.24-r0
php82-curl CVE-2024-8927 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8927
php82-curl CVE-2024-9026 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-9026
php82-fpm CVE-2024-8925 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8925
php82-fpm CVE-2024-8926 UNKNOWN 8.2.22-r0 8.2.24-r0
php82-fpm CVE-2024-8927 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8927
php82-fpm CVE-2024-9026 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-9026
php82-gd CVE-2024-8925 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8925
php82-gd CVE-2024-8926 UNKNOWN 8.2.22-r0 8.2.24-r0
php82-gd CVE-2024-8927 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8927
php82-gd CVE-2024-9026 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-9026
php82-opcache CVE-2024-8925 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8925
php82-opcache CVE-2024-8926 UNKNOWN 8.2.22-r0 8.2.24-r0
php82-opcache CVE-2024-8927 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8927
php82-opcache CVE-2024-9026 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-9026
php82-openssl CVE-2024-8925 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8925
php82-openssl CVE-2024-8926 UNKNOWN 8.2.22-r0 8.2.24-r0
php82-openssl CVE-2024-8927 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-8927
php82-openssl CVE-2024-9026 UNKNOWN 8.2.22-r0 8.2.24-r0 https://avd.aquasec.com/nvd/cve-2024-9026

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/skeleton:latest (alpine 3.20.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/dev-tools:0.9 (alpine 3.20.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/nginx:1.27.0 (alpine 3.19.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/traefik_openssl:2.11.2 (alpine 3.19.1)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.0 (alpine 3.20.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.1 (alpine 3.20.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.2 (alpine 3.20.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.3 (ubuntu 24.04)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.3 (alpine 3.20.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.5 (alpine 3.20.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.6 (alpine 3.20.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.1 (ubuntu 22.04)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.2 (ubuntu 22.04)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/mu-plugins:0.1 (alpine 3.20.3)

No vulnerabilities found.

@sjinks
Copy link
Member Author

sjinks commented Sep 30, 2024

Related: aquasecurity/trivy-action#389

@sjinks
Copy link
Member Author

sjinks commented Sep 30, 2024

Related: https://github.com/orgs/community/discussions/139074

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:trunk (alpine 3.20.3)

No vulnerabilities found.

@github-actions GitHub Actions
Copy link

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.4 (alpine 3.20.3)

No vulnerabilities found.

@sjinks sjinks merged commit 97b728c into master Sep 30, 2024
20 checks passed
@sjinks sjinks deleted the update/trivy branch September 30, 2024 14:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@sjinks sjinks

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@sjinks