vulnk000 opened a new issue, #24344:
URL: https://github.com/apache/airflow/issues/24344
### Apache Airflow version
2.3.2 (latest released)
### What happened
Vulnerability scanner on apache/airflow images reports several
vulnerabilities.
### What you think should happen instead
No vulnerabilities should be reported or the reported ones, should be
evaluated to determine if they affect or not to this software.
### How to reproduce
Scan one of the images.
```
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v
${PWD}/cache:/root/.cache/ aquasec/trivy:latest
apache/airflow:slim-2.3.2-python3.8
```
You will see python vulnerable packages and base image images.
### Operating System
apache/airflow:slim-2.3.2-python3.8 (debian 11.3) But other images report
vulnerabilities as well.
### Versions of Apache Airflow Providers
_No response_
### Deployment
Other Docker-based deployment
### Deployment details
_No response_
### Anything else
If you need I can add the report here in cvs format.
### Are you willing to submit PR?
- [ ] Yes I am willing to submit a PR!
### Code of Conduct
- [X] I agree to follow this project's [Code of
Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
