this post was submitted on 27 Jun 2026
20 points (100.0% liked)

Selfhosted

60177 readers
837 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
20
Vulnerabilities on Dockerhub (lemmy.ml)
submitted 22 hours ago by _Nemo_@lemmy.ml to c/selfhosted@lemmy.world
8 comments fedilink hide all child comments
 

Apologies if this is a rookie question, but I keep wondering what the vulnerabilities section on DockerHub is trying to tell me. Take nextcloud images for instance: The most current images seem to list 3 critical and 22 severe vulnerabilities. Does that mean those vulns are part of the image? If so, why would anyone want to run this?

you are viewing a single comment's thread
view the rest of the comments
[–] slazer2au@lemmy.world 5 points 22 hours ago

Generally the images will be built with dependencies that have known issues but not all cves are actual problems.

Just because Next cloud uses a package, it may not use the function that has the issue.