Frontend image vulnerability

dbukharev · March 5, 2026, 8:46am

Hello, our anchore scanner in ci/cd shows vulnerabilities. Can you fix it? Or can you tell me how to fix it by myself.

dockerfile             instruction            Dockerfile directive 'HEALTHCHECK' not found, matching condition 'not_exists' check                                                                    warn          
vulnerabilities        stale_feed_data        The vulnerability feed for this image distro is older than MAXAGE (2) days                                                                             warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libgnutls30 (CVE-2011-3389 - https://security-tracker.debian.org/tracker/CVE-2011-3389)         warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21603 - https://security-tracker.debian.org/tracker/CVE-2020-21603)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21600 - https://security-tracker.debian.org/tracker/CVE-2020-21600)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2021-36410 - https://security-tracker.debian.org/tracker/CVE-2021-36410)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21596 - https://security-tracker.debian.org/tracker/CVE-2020-21596)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21594 - https://security-tracker.debian.org/tracker/CVE-2020-21594)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21599 - https://security-tracker.debian.org/tracker/CVE-2020-21599)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21606 - https://security-tracker.debian.org/tracker/CVE-2020-21606)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2021-36411 - https://security-tracker.debian.org/tracker/CVE-2021-36411)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libgd3 (CVE-2021-40812 - https://security-tracker.debian.org/tracker/CVE-2021-40812)            warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - nginx (CVE-2020-36309 - https://security-tracker.debian.org/tracker/CVE-2020-36309)             warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2021-36408 - https://security-tracker.debian.org/tracker/CVE-2021-36408)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2021-35452 - https://security-tracker.debian.org/tracker/CVE-2021-35452)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libgd3 (CVE-2021-38115 - https://security-tracker.debian.org/tracker/CVE-2021-38115)            warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21601 - https://security-tracker.debian.org/tracker/CVE-2020-21601)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21602 - https://security-tracker.debian.org/tracker/CVE-2020-21602)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libtiff6 (CVE-2022-1210 - https://security-tracker.debian.org/tracker/CVE-2022-1210)            warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21595 - https://security-tracker.debian.org/tracker/CVE-2020-21595)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21605 - https://security-tracker.debian.org/tracker/CVE-2020-21605)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21604 - https://security-tracker.debian.org/tracker/CVE-2020-21604)        warn          
vulnerabilities        package                MEDIUM Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21597 - https://security-tracker.debian.org/tracker/CVE-2020-21597)        warn          
vulnerabilities        package                HIGH Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2020-21598 - https://security-tracker.debian.org/tracker/CVE-2020-21598)          stop          
vulnerabilities        package                HIGH Vulnerability found in os package type (dpkg) - logsave (CVE-2022-1304 - https://security-tracker.debian.org/tracker/CVE-2022-1304)               stop          
vulnerabilities        package                HIGH Vulnerability found in os package type (dpkg) - e2fsprogs (CVE-2022-1304 - https://security-tracker.debian.org/tracker/CVE-2022-1304)             stop          
vulnerabilities        package                HIGH Vulnerability found in os package type (dpkg) - libss2 (CVE-2022-1304 - https://security-tracker.debian.org/tracker/CVE-2022-1304)                stop          
vulnerabilities        package                HIGH Vulnerability found in os package type (dpkg) - libcom-err2 (CVE-2022-1304 - https://security-tracker.debian.org/tracker/CVE-2022-1304)           stop          
vulnerabilities        package                HIGH Vulnerability found in os package type (dpkg) - libext2fs2 (CVE-2022-1304 - https://security-tracker.debian.org/tracker/CVE-2022-1304)            stop          
vulnerabilities        package                HIGH Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2021-36409 - https://security-tracker.debian.org/tracker/CVE-2021-36409)          stop          
vulnerabilities        package                HIGH Vulnerability found in os package type (dpkg) - libgd3 (CVE-2021-40145 - https://security-tracker.debian.org/tracker/CVE-2021-40145)              stop          
vulnerabilities        package                HIGH Vulnerability found in os package type (dpkg) - libheif1 (CVE-2020-23109 - https://security-tracker.debian.org/tracker/CVE-2020-23109)            stop          
vulnerabilities        package                CRITICAL Vulnerability found in os package type (dpkg) - libde265-0 (CVE-2022-1253 - https://security-tracker.debian.org/tracker/CVE-2022-1253)        stop          
vulnerabilities        package                HIGH Vulnerability found in os package type (dpkg) - perl-base (CVE-2020-16156 - https://security-tracker.debian.org/tracker/CVE-2020-16156)

dbukharev · March 5, 2026, 8:48am

backend image without vulnerabilities

bettina.mauz · March 5, 2026, 10:31am

Hi @dbukharev ,

thanks for sharing these results.
We will have a look at these issues and will let you know about any updates here.

Sincerly,

Your DataGerry-Team

Topic		Replies	Views
Cleanup Objects fails Report a Bug	3	87	April 3, 2025
Setup/permissions for ansible inventory Community Support	12	507	August 8, 2025
ETA for 3.1.0 release Development	5	83	February 19, 2026
DataGerry 3.1.0 using Docker Community Support	1	42	February 17, 2026
Issue in documentation Report a Bug	2	148	January 4, 2024

Frontend image vulnerability

Related topics