A scan of our docker image surfaced the following vulnerabilities: | Package | Version | Vulnerability | Severity | |---------|---------|----------------|----------| | imagemagick | 7.1.2.3-r0 | [CVE-2025-62171](https://nvd.nist.gov/vuln/detail/CVE-2025-62171) | HIGH | | imagemagick-c++ | 7.1.2.3-r0 | [CVE-2025-62171](https://nvd.nist.gov/vuln/detail/CVE-2025-62171) | HIGH | | imagemagick-dev | 7.1.2.3-r0 | [CVE-2025-62171](https://nvd.nist.gov/vuln/detail/CVE-2025-62171) | HIGH | | imagemagick-heic | 7.1.2.3-r0 | [CVE-2025-62171](https://nvd.nist.gov/vuln/detail/CVE-2025-62171) | HIGH | | imagemagick-jpeg | 7.1.2.3-r0 | [CVE-2025-62171](https://nvd.nist.gov/vuln/detail/CVE-2025-62171) | HIGH | | imagemagick-jxl | 7.1.2.3-r0 | [CVE-2025-62171](https://nvd.nist.gov/vuln/detail/CVE-2025-62171) | HIGH | | imagemagick-libs | 7.1.2.3-r0 | [CVE-2025-62171](https://nvd.nist.gov/vuln/detail/CVE-2025-62171) | HIGH | | imagemagick-openexr | 7.1.2.3-r0 | [CVE-2025-62171](https://nvd.nist.gov/vuln/detail/CVE-2025-62171) | HIGH | | imagemagick-webp | 7.1.2.3-r0 | [CVE-2025-62171](https://nvd.nist.gov/vuln/detail/CVE-2025-62171) | HIGH | | libecpg | 17.6-r0 | [CVE-2025-12818](https://nvd.nist.gov/vuln/detail/CVE-2025-12818) | HIGH | | libecpg-dev | 17.6-r0 | [CVE-2025-12818](https://nvd.nist.gov/vuln/detail/CVE-2025-12818) | HIGH | | libpng | 1.6.47-r0 | [CVE-2025-64720](https://nvd.nist.gov/vuln/detail/CVE-2025-64720) | HIGH | | libpng | 1.6.47-r0 | [CVE-2025-65018](https://nvd.nist.gov/vuln/detail/CVE-2025-65018) | HIGH | | libpng-dev | 1.6.47-r0 | [CVE-2025-64720](https://nvd.nist.gov/vuln/detail/CVE-2025-64720) | HIGH | | libpng-dev | 1.6.47-r0 | [CVE-2025-65018](https://nvd.nist.gov/vuln/detail/CVE-2025-65018) | HIGH | | libpq | 17.6-r0 | [CVE-2025-12818](https://nvd.nist.gov/vuln/detail/CVE-2025-12818) | HIGH | | libpq-dev | 17.6-r0 | [CVE-2025-12818](https://nvd.nist.gov/vuln/detail/CVE-2025-12818) | HIGH | | libxml2 | 2.13.8-r0 | [CVE-2025-49794](https://nvd.nist.gov/vuln/detail/CVE-2025-49794) | CRITICAL | | libxml2 | 2.13.8-r0 | [CVE-2025-49796](https://nvd.nist.gov/vuln/detail/CVE-2025-49796) | CRITICAL | | libxml2 | 2.13.8-r0 | [CVE-2025-49795](https://nvd.nist.gov/vuln/detail/CVE-2025-49795) | HIGH | | libxml2 | 2.13.8-r0 | [CVE-2025-6021](https://nvd.nist.gov/vuln/detail/CVE-2025-6021) | HIGH | | postgresql17-dev | 17.6-r0 | [CVE-2025-12818](https://nvd.nist.gov/vuln/detail/CVE-2025-12818) | HIGH | | github.com/containerd/containerd/v2 | v2.0.2 | [CVE-2024-25621](https://nvd.nist.gov/vuln/detail/CVE-2024-25621) | HIGH | | golang.org/x/crypto | v0.31.0 | [CVE-2025-22869](https://nvd.nist.gov/vuln/detail/CVE-2025-22869) | HIGH | | golang.org/x/oauth2 | v0.24.0 | [CVE-2025-22868](https://nvd.nist.gov/vuln/detail/CVE-2025-22868) | HIGH | | stdlib | 1.22.10 | [CVE-2025-47907](https://nvd.nist.gov/vuln/detail/CVE-2025-47907) | HIGH | | stdlib | 1.22.10 | [CVE-2025-58183](https://nvd.nist.gov/vuln/detail/CVE-2025-58183) | HIGH | | stdlib | 1.22.10 | [CVE-2025-58186](https://nvd.nist.gov/vuln/detail/CVE-2025-58186) | HIGH | | stdlib | 1.22.10 | [CVE-2025-58187](https://nvd.nist.gov/vuln/detail/CVE-2025-58187) | HIGH | | stdlib | 1.22.10 | [CVE-2025-61729](https://nvd.nist.gov/vuln/detail/CVE-2025-61729) | HIGH | We should update packages to address the vulnerabilities. _Originally posted by @github-actions[bot] in https://github.com/appwrite/appwrite/issues/10903#issuecomment-3614797631_
A scan of our docker image surfaced the following vulnerabilities:
We should update packages to address the vulnerabilities.
Originally posted by @github-actions[bot] in appwrite/appwrite#10903 (comment)