# Docker Scan / Snyk Analysis Scan results of the `ethersphere/swarm` docker container latest version as of/on Jan 8 2021 Reference: https://snyk.io/learn/docker-security-scanning/ ## Container Version ``` > $ docker pull ethersphere/swarm ⬡ 15.3.0 [±fuzzing ●●] Using default tag: latest latest: Pulling from ethersphere/swarm Digest: sha256:ff90a6ab91f73a23180bedb27c18f32b49bc45073a82f2eadf6b70969ce809e7 Status: Image is up to date for ethersphere/swarm:latest docker.io/ethersphere/swarm:latest ``` ## Scanner Output ``` > $ docker scan ethersphere/swarm Testing ethersphere/swarm... ✗ Low severity vulnerability found in openssl/libcrypto1.1 Description: Inadequate Encryption Strength Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-1089236 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1j-r0 ✗ Low severity vulnerability found in openssl/libcrypto1.1 Description: Missing Encryption of Sensitive Data Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-505098 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1d-r0 ✗ Medium severity vulnerability found in openssl/libcrypto1.1 Description: NULL Pointer Dereference Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-1089231 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1k-r0 ✗ Medium severity vulnerability found in openssl/libcrypto1.1 Description: NULL Pointer Dereference Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-1089233 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1i-r0 ✗ Medium severity vulnerability found in openssl/libcrypto1.1 Description: Integer Overflow or Wraparound Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-1089234 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1j-r0 ✗ Medium severity vulnerability found in openssl/libcrypto1.1 Description: Missing Encryption of Sensitive Data Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-491992 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1d-r0 ✗ Medium severity vulnerability found in openssl/libcrypto1.1 Description: Use of Insufficiently Random Values Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-501158 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1d-r0 ✗ Medium severity vulnerability found in openssl/libcrypto1.1 Description: Information Exposure Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-588019 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1d-r2 ✗ Medium severity vulnerability found in musl/musl Description: Out-of-bounds Write Info: https://snyk.io/vuln/SNYK-ALPINE39-MUSL-1042761 Introduced through: musl/musl@1.1.20-r4, busybox/busybox@1.29.3-r10, alpine-baselayout/alpine-baselayout@3.1.0-r3, openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, zlib/zlib@1.2.11-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, busybox/ssl_client@1.29.3-r10, ca-certificates/ca-certificates@20190108-r0, musl/musl-utils@1.1.20-r4, pax-utils/scanelf@1.2.3-r0, libc-dev/libc-utils@0.7.1-r0 From: musl/musl@1.1.20-r4 From: busybox/busybox@1.29.3-r10 > musl/musl@1.1.20-r4 From: alpine-baselayout/alpine-baselayout@3.1.0-r3 > musl/musl@1.1.20-r4 and 11 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.20-r6 ✗ High severity vulnerability found in openssl/libcrypto1.1 Description: Improper Certificate Validation Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-1089232 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1k-r0 ✗ High severity vulnerability found in openssl/libcrypto1.1 Description: Integer Overflow or Wraparound Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-1089235 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1j-r0 ✗ High severity vulnerability found in openssl/libcrypto1.1 Description: NULL Pointer Dereference Info: https://snyk.io/vuln/SNYK-ALPINE39-OPENSSL-588029 Introduced through: openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, ca-certificates/ca-certificates@20190108-r0 From: openssl/libcrypto1.1@1.1.1b-r1 From: openssl/libssl1.1@1.1.1b-r1 > openssl/libcrypto1.1@1.1.1b-r1 From: apk-tools/apk-tools@2.10.3-r1 > openssl/libcrypto1.1@1.1.1b-r1 and 5 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.1g-r0 ✗ High severity vulnerability found in musl/musl Description: Out-of-bounds Write Info: https://snyk.io/vuln/SNYK-ALPINE39-MUSL-458529 Introduced through: musl/musl@1.1.20-r4, busybox/busybox@1.29.3-r10, alpine-baselayout/alpine-baselayout@3.1.0-r3, openssl/libcrypto1.1@1.1.1b-r1, openssl/libssl1.1@1.1.1b-r1, zlib/zlib@1.2.11-r1, apk-tools/apk-tools@2.10.3-r1, libtls-standalone/libtls-standalone@2.7.4-r6, busybox/ssl_client@1.29.3-r10, ca-certificates/ca-certificates@20190108-r0, musl/musl-utils@1.1.20-r4, pax-utils/scanelf@1.2.3-r0, libc-dev/libc-utils@0.7.1-r0 From: musl/musl@1.1.20-r4 From: busybox/busybox@1.29.3-r10 > musl/musl@1.1.20-r4 From: alpine-baselayout/alpine-baselayout@3.1.0-r3 > musl/musl@1.1.20-r4 and 11 more... Image layer: '/bin/sh -c apk --no-cache add ca-certificates && update-ca-certificates' Fixed in: 1.1.20-r5 Organization: dylanlott Package manager: apk Project name: docker-image|ethersphere/swarm Docker image: ethersphere/swarm Platform: linux/amd64 Licenses: enabled Tested 15 dependencies for known issues, found 13 issues. Alpine 3.9.4 is no longer supported by the Alpine maintainers. Vulnerability detection may be affected by a lack of security updates. ```