You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Trivy scan of localstack/snowflake:latest (pulled 2026-05-19, debian forky/sid base) shows 7 HIGH-severity CVEs across bundled JARs and Node packages. The debian layer, Python, Go, and Rust binaries are clean.
There are also 11 MEDIUM and 2 LOW findings (jackson-core, additional netty codecs, kotlin-stdlib, brace-expansion, fast-xml-parser, ip-address, picomatch).
Ask: Bump Netty to 4.1.133+ and Jetty to 12.0.33+ in the next image build. The Node-side fixes (picomatch 4.0.4, brace-expansion 2.0.3) are also potential one-liners.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
LocalStack
Uh oh!
There was an error while loading. Please reload this page.
-
Trivy scan of
localstack/snowflake:latest(pulled 2026-05-19, debian forky/sid base) shows 7 HIGH-severity CVEs across bundled JARs and Node packages. The debian layer, Python, Go, and Rust binaries are clean.HIGH findings:
There are also 11 MEDIUM and 2 LOW findings (jackson-core, additional netty codecs, kotlin-stdlib, brace-expansion, fast-xml-parser, ip-address, picomatch).
Reproduction:
docker pull localstack/snowflake:latest trivy image --format template --template "@/path/to/html.tpl" localstack/snowflake:latestAsk: Bump Netty to 4.1.133+ and Jetty to 12.0.33+ in the next image build. The Node-side fixes (picomatch 4.0.4, brace-expansion 2.0.3) are also potential one-liners.
Full Trivy HTML report:
localstack.snowflake.latest.html
Beta Was this translation helpful? Give feedback.
All reactions