New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update docker images to reduce security vulnerabilities #211

Draft

adthrasher wants to merge 15 commits into main from update_images

Draft

Update docker images to reduce security vulnerabilities #211

chore: add --verbose flag to tests

GitHub Advanced Security / Snyk Container failed Jan 31, 2025 in 1s

8 configurations not found

Warning: Code scanning may not have found all the alerts introduced by this pull request, because 8 configurations present on refs/heads/main were not found:

Actions workflow (`docker-build.yaml`)

❓ .github/workflows/docker-build.yaml:build-images/image:docker/bwa
❓ .github/workflows/docker-build.yaml:build-images/image:docker/estimate
❓ .github/workflows/docker-build.yaml:build-images/image:docker/minfi
❓ .github/workflows/docker-build.yaml:build-images/image:docker/pandas
❓ .github/workflows/docker-build.yaml:build-images/image:docker/python-plotting
❓ .github/workflows/docker-build.yaml:build-images/image:docker/star
❓ .github/workflows/docker-build.yaml:build-images/image:docker/umap
❓ .github/workflows/docker-build.yaml:build-images/image:docker/util

New alerts in code changed by this pull request

Security Alerts:

3 high
9 medium
1 low

Other Alerts:

7 warnings
5 notes

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - Allocation of Resources Without Limits or Throttling vulnerability in binutils Medium

This file introduces a vulnerable binutils package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - Improper Input Validation vulnerability in coreutils Medium

This file introduces a vulnerable coreutils package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - Integer Overflow or Wraparound vulnerability in freetype Medium

This file introduces a vulnerable freetype package with a medium severity vulnerability.

Check failure on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - Allocation of Resources Without Limits or Throttling vulnerability in glibc High

This file introduces a vulnerable glibc package with a low severity vulnerability.

Check notice on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - Out-of-bounds Write vulnerability in gnupg2 Low

This file introduces a vulnerable gnupg2 package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - Race Condition vulnerability in htslib Medium

This file introduces a vulnerable htslib package with a low severity vulnerability.

Check notice on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - CVE-2024-26458 vulnerability in krb5 Note

This file introduces a vulnerable krb5 package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - CVE-2024-26462 vulnerability in krb5 Warning

This file introduces a vulnerable krb5 package with a medium severity vulnerability.

Check notice on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - CVE-2024-26461 vulnerability in krb5 Note

This file introduces a vulnerable krb5 package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - CVE-2024-38949 vulnerability in libde265 Warning

This file introduces a vulnerable libde265 package with a medium severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - CVE-2024-38950 vulnerability in libde265 Warning

This file introduces a vulnerable libde265 package with a medium severity vulnerability.

Check notice on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - Information Exposure vulnerability in libgcrypt20 Note

This file introduces a vulnerable libgcrypt20 package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - NULL Pointer Dereference vulnerability in libpng1.6 Medium

This file introduces a vulnerable libpng1.6 package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - Allocation of Resources Without Limits or Throttling vulnerability in openjpeg2 Medium

This file introduces a vulnerable openjpeg2 package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - Resource Exhaustion vulnerability in openjpeg2 Warning

This file introduces a vulnerable openjpeg2 package with a medium severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - Resource Exhaustion vulnerability in openjpeg2 Warning

This file introduces a vulnerable openjpeg2 package with a medium severity vulnerability.

Check notice on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - CVE-2024-41996 vulnerability in openssl Note

This file introduces a vulnerable openssl package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - Insecure Storage of Sensitive Information vulnerability in pam Medium

This file introduces a vulnerable pam package with a medium severity vulnerability.

Check failure on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - Improper Authentication vulnerability in pam High

This file introduces a vulnerable pam package with a medium severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - Release of Invalid Pointer or Reference vulnerability in patch Medium

This file introduces a vulnerable patch package with a low severity vulnerability.

Check failure on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - Double Free vulnerability in patch High

This file introduces a vulnerable patch package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - CVE-2024-35195 vulnerability in python-pip Warning

This file introduces a vulnerable python-pip package with a medium severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - CVE-2024-56433 vulnerability in shadow Warning

This file introduces a vulnerable shadow package with a medium severity vulnerability.

Check notice on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Low severity - CVE-2024-6716 vulnerability in tiff Note

This file introduces a vulnerable tiff package with a low severity vulnerability.

Check warning on line 1 in docker/util/Dockerfile

Code scanning / Snyk Container

Medium severity - Open Redirect vulnerability in wget Medium

This file introduces a vulnerable wget package with a medium severity vulnerability.