Skip to main content
Mecha Images
  1. Tools /
  2. 0.2.2 /
  3. amd64

Tools 0.2.2 (amd64)

Contents

Reports

Dockle Logo

Dockle

Information

Artifact Nameghcr.io/mecha-hq/checkmake:0.2.2-amd64
Artifact Typecontainer image

Details

CodeTitleLevelAlerts
DKL-LI-0001Avoid empty passwordSkip

failed to detect etc/shadow,etc/master.passwd

CIS-DI-0005Enable Content trust for DockerInfo

export DOCKER_CONTENT_TRUST=1 before docker pull/build

CIS-DI-0006Add HEALTHCHECK instruction to the container imageInfo

not found HEALTHCHECK statement

Grype Logo

Grype

Information

Artifact Nameghcr.io/mecha-hq/checkmake:0.2.2-amd64
Artifact Typeimage
OS Kindlinux
OS NameN/A
Architectureamd64

Vulnerabilities

IdSeverityStateDescription
CVE-2025-4673MediumFixedProxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
CVE-2025-0913MediumFixedos.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.
Dockle Logo

SPDX SBOM

Information

Spdx VersionSPDX-2.3
Data LicenseCC0-1.0
Document Namespacehttps://spdx.org/spdxdocs/apko/
Document Describes[SPDXRef-Package-sha256-70a93d4c84786a197e402978a179bd252c5ca2c7dc82b3d48e465d67bbc3d871]

Packages

NameDescriptionSupplierPurpose
sha256:70a93d4c84786a197e402978a179bd252c5ca2c7dc82b3d48e465d67bbc3d871apko container imageOrganization: apko-generated imageCONTAINER
sha256:b23e19178a724f70c15c764493a374b6762a4efaba69e04490b3a26f0342e2cfapko operating system layerOrganization: apko-generated image
checkmakeOrganization: Unknown

Relationships

Element IDTypeRelated Element
SPDXRef-Package-sha256-70a93d4c84786a197e402978a179bd252c5ca2c7dc82b3d48e465d67bbc3d871CONTAINSSPDXRef-Package-sha256-b23e19178a724f70c15c764493a374b6762a4efaba69e04490b3a26f0342e2cf

Files

sbom.spdx.json
dockle.json
grype.json