Vulnerability found in filebeat-oss:8.13.2

[Skyapip]

On scanning the filebeat-oss:8.13.2 docker image, found the below vulnerability in it.

Type	Severity	CVE	Package Name	Package Version	Fix Status	Description
Compliance	Moderate	CVE-2024-24557	github.com/docker/docker	v24.0.7	fixed in: 25.0.2, 24.0.9	Full description: moby: classic builder cache poisoning
Package	Medium	CVE-2024-28834	gnutls28	3.6.13-2ubuntu1.10	fixed in: 3.6.13-2ubuntu1.11	A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
Package	Medium	CVE-2024-28085	util-linux	2.34-0.1ubuntu9.4	fixed in: 2.34-0.1ubuntu9.5	wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.

[botelastic]

This issue doesn't have a Team:<team> label.