Docker Scout Scan python package mpmath 1.3.0 as vulnerabilities (Dangeer CVE REDOS Regular Expression Denial Of service)

Hello Guys, Did you try Docker Scout eraly acces on your docker desktop?

i’ve been try that, and the result is make me confuse.

Can you explain this issue on link below from faster-whisper or from docker desktop

CVE-2021-29063 REDOS (Reg Exp Denial of Service)

Hi @marvinhris,

thanks for bringing this to our attention. The reason this CVE shows up is a missing fix version in advisory-database/PYSEC-2021-427.yaml at main · pypa/advisory-database · GitHub.

We fixed in our advisory DB and this won’t show up in your CVE report any longer.

Thanks again, cd

Hi @christiandupuis299 your welcome

CVE with High Level Security like REDOS is should get more attention.

And docker scout is great feature on docker to help people scan their images for the healthy and security.