[Bug]: Compose Module - Security Vulnerabilities that are Critical or High

[frankjkelly]

Testcontainers version

0.42.0

Using the latest Testcontainers version?

Yes

Host OS

N/A

Host arch

N/A

Go version

N/A

Docker version

N/A

Docker info

N/A

What happened?

Blackduck reporting a number of vulnerabilities in the Compose modules transitive dependencies

Relevant log output

1) Critical jackc/pgx:v5.7.5
https://nvd.nist.gov/vuln/detail/CVE-2026-33816

testcontainers-gomodules/compose/v0.42.0
github: testcontainers/testcontainers-go:modules/compose/v0.42.0
    sigstore/sigstore-gov1.1.4
    github: sigstore/sigstore-go:v1.1.4
        pgxv5.7.5
        github: jackc/pgx:v5.7.5


2) High libcap https://nvd.nist.gov/vuln/detail/CVE-2023-2603

testcontainers-gomodules/compose/v0.42.0
github: testcontainers/testcontainers-go:modules/compose/v0.42.0
    moby/buildkit0.29.0
    github: moby/buildkit:v0.29.0
        libcapv1.2.77
        long_tail: git.kernel.org/pub/scm/libs/libcap/libcap#v1.2.77

3) High containerd  https://nvd.nist.gov/vuln/detail/CVE-2024-40635
testcontainers-gomodules/compose/v0.42.0
github: testcontainers/testcontainers-go:modules/compose/v0.42.0

    containerd/containerd2.2.2
    github: containerd/containerd:v2.2.2

Additional information

No response