Default image includes perl? #161

mroach · 2023-10-02T18:15:00Z

mroach
Oct 2, 2023

I'm using nginx-unprivileged:1.25.2 as a base image for my application. When I pushed the image to my repository, I was surprised that the vulnerability scanner returned CVEs related to Perl since I am not using the -perl variant. Am I missing something about the tagging scheme.

$ docker run --pull always --rm -it nginxinc/nginx-unprivileged:1.25.2 perl --version

1.25.2: Pulling from nginxinc/nginx-unprivileged
Digest: sha256:ad9a0ffaf09f6631f0f6a11f20a981e72a4b2a0c79a9b5429af1ee5709b7d69e
Status: Image is up to date for nginxinc/nginx-unprivileged:1.25.2

This is perl 5, version 36, subversion 0 (v5.36.0) built for x86_64-linux-gnu-thread-multi
(with 52 registered patches, see perl -V for more detail)

mroach · 2023-10-02T18:35:13Z

mroach
Oct 2, 2023
Author

I realised now this is actually part of debian:bookworm-slim which is surprising. I'll close this :)

0 replies

alessfg · 2023-10-03T00:27:41Z

alessfg
Oct 3, 2023
Maintainer

No worries! Thanks for updating the discussion with your findings!

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Default image includes perl? #161

{{title}}

Replies: 2 comments

{{title}}

{{title}}

Select a reply

Default image includes perl? #161

mroach Oct 2, 2023

Replies: 2 comments

mroach Oct 2, 2023 Author

alessfg Oct 3, 2023 Maintainer

mroach
Oct 2, 2023

mroach
Oct 2, 2023
Author

alessfg
Oct 3, 2023
Maintainer