Skip to main content
Mecha Images
  1. Tools /
  2. 0.2.2 /
  3. arm64

Tools 0.2.2 (arm64)

Contents

Reports

Dockle Logo

Dockle

Information

Artifact Nameghcr.io/mecha-hq/checkmake:0.2.2-arm64
Artifact Typecontainer image

Details

CodeTitleLevelAlerts
DKL-LI-0001Avoid empty passwordSkip

failed to detect etc/shadow,etc/master.passwd

CIS-DI-0005Enable Content trust for DockerInfo

export DOCKER_CONTENT_TRUST=1 before docker pull/build

CIS-DI-0006Add HEALTHCHECK instruction to the container imageInfo

not found HEALTHCHECK statement

Grype Logo

Grype

Information

Artifact Nameghcr.io/mecha-hq/checkmake:0.2.2-arm64
Artifact Typeimage
OS Kindlinux
OS NameN/A
Architecturearm64

Vulnerabilities

IdSeverityStateDescription
CVE-2025-4673MediumFixedProxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
CVE-2025-0913MediumFixedos.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.
Dockle Logo

SPDX SBOM

Information

Spdx VersionSPDX-2.3
Data LicenseCC0-1.0
Document Namespacehttps://spdx.org/spdxdocs/apko/
Document Describes[SPDXRef-Package-sha256-8dcf7d490a234f4c2cda0afae1d5d919e3f694690a61a7b5dae3bcd5ca0da83f]

Packages

NameDescriptionSupplierPurpose
sha256:8dcf7d490a234f4c2cda0afae1d5d919e3f694690a61a7b5dae3bcd5ca0da83fapko container imageOrganization: apko-generated imageCONTAINER
sha256:9eebd3b8e6b6937136b34e7569d2a90ab09efee2d10dd26330e333a15f38c12fapko operating system layerOrganization: apko-generated image
checkmakeOrganization: Unknown

Relationships

Element IDTypeRelated Element
SPDXRef-Package-sha256-8dcf7d490a234f4c2cda0afae1d5d919e3f694690a61a7b5dae3bcd5ca0da83fCONTAINSSPDXRef-Package-sha256-9eebd3b8e6b6937136b34e7569d2a90ab09efee2d10dd26330e333a15f38c12f

Files

sbom.spdx.json
dockle.json
grype.json