1. Images & Charts
  2. pulumi
pulumi

pulumi

Infra
Updated 11 hours ago

Risk Reduction

Understand the security benefits of the Minimus image by comparing its vulnerability profile and size to the public image.

Security Posture

Understand how Minimus vulnerability mitigations and compliance configurations secure this image.

Vulnerabilities Comparison

Unique CVE count. Some vulnerabilities may impact multiple packages.

Minimus Image

reg.mini.dev/pulumi:latest

vs.

Public Image

https://hub.docker.com/layers/pulumi/pulumi/latest

Detailed Vulnerability Comparison

Daily report prepared July 12, 2026 at 5:11 AM

CVE
severity
Affected Packages
GHSA-5c6j-r48x-rmvq
high
pulumi
pulumi-language-go
+2
CVE-2026-48712
high
pulumi
pulumi-language-go
+2
CVE-2026-33814
high
pulumi
pulumi-language-go
+2
CVE-2026-32283
high
pulumi
pulumi-language-go
+2

Size Comparison (MB)

Compressed image sizes for amd64.

Package Count & Risk Comparison

Minimus Image
25 total packages
25 combined OS and application packages
Public Image
4771 total packages
3926 packages in additional layers
845 packages in base layer
Color indicates highest severity impacting the package:
critical
high
medium
low
unknown
none
Scale: 1 square = 1 package

Detailed Package Comparison

Report prepared July 12, 2026 at 5:11 AM

Package
version
license
type
Total Vulnerabilities
libubsan114.2.0-19Artistic AND GFDL-1.2 AND GPL AND GPL-3 AND LGPLdeb0
libunbound81.22.0-2+deb13u3BSD-2-VUT AND BSD-3-ADG AND BSD-3-CZ.NIC AND BSD-3-Farsight AND BSD-3-NLnetLabs AND BSD-3-NLnetLabs-Mekking AND BSD-3-Regents-DEC AND BSD-3-Todd-Miller AND BSD-3-VUT AND BSD-3-Viagénie AND BSD-3-WIDE AND GPL-3 AND GPL-3+ AND ISC AND public-domaindeb0
libunistring51.3-2BSD-3-clause AND FreeSoftware AND GFDL-1.2+ AND GFDL-1.3+ AND GPL-2 AND GPL-2+ AND GPL-3 AND GPL-3+ AND ISC AND LGPL-2 AND LGPL-2+ AND LGPL-2.1 AND LGPL-2.1+ AND LGPL-3 AND LGPL-3+ AND Unicode-DFS-2016 AND X11 AND bsd-3-clause AND gfdl-1.2+ AND gfdl-1.3+ AND isc AND public-domain AND unicode-dfs-2016deb0
libvulkan11.4.309.0-1Apache-2.0 AND MITdeb0
libwagon-file-java3.5.3-2Apache-2.0deb0