Skip to content

to be continuous

DOTNET_SBOM_IMAGE

to-be-continuous/doc

ghcr.io/cyclonedx/cdxgen:master (alma 10.1)¶

Trivy Image Scan

Image: ghcr.io/cyclonedx/cdxgen:master (alma 10.1)
Scan date: 2025-12-14

ghcr.io/cyclonedx/cdxgen:master (alma 10.1) (alma)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
kernel-headers	CVE-2025-38737	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.20.1.el10_1	https://access.redhat.com/errata/RHSA-2025:22854 https://access.redhat.com/security/cve/CVE-2025-38737 https://bugzilla.redhat.com/2393527 https://bugzilla.redhat.com/2400629 https://bugzilla.redhat.com/2404100 https://bugzilla.redhat.com/2404105 https://bugzilla.redhat.com/2404109 https://bugzilla.redhat.com/2404117 https://bugzilla.redhat.com/2406758 https://bugzilla.redhat.com/2406776 https://bugzilla.redhat.com/2414741 https://errata.almalinux.org/10/ALSA-2025-22854.html https://git.kernel.org/linus/453a6d2a68e54a483d67233c6e1e24c4095ee4be (6.17-rc3) https://git.kernel.org/stable/c/453a6d2a68e54a483d67233c6e1e24c4095ee4be https://git.kernel.org/stable/c/4931fe2dbe1cc0e7d350a4b51b0b330e43971d98 https://git.kernel.org/stable/c/6adaa9fae36f848afa7278945d725e197e33c496 https://linux.oracle.com/cve/CVE-2025-38737.html https://linux.oracle.com/errata/ELSA-2025-25754.html https://lore.kernel.org/linux-cve-announce/2025090544-CVE-2025-38737-4cde@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-38737 https://www.cve.org/CVERecord?id=CVE-2025-38737
kernel-headers	CVE-2025-39730	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.13.1.el10_1	https://access.redhat.com/errata/RHSA-2025:17398 https://access.redhat.com/security/cve/CVE-2025-39730 https://bugzilla.redhat.com/2388928 https://bugzilla.redhat.com/2393731 https://bugzilla.redhat.com/show_bug.cgi?id=2393731 https://bugzilla.redhat.com/show_bug.cgi?id=2402699 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39730 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39955 https://errata.almalinux.org/8/ALSA-2025-17398.html https://errata.rockylinux.org/RLSA-2025:21931 https://git.kernel.org/linus/ef93a685e01a281b5e2a25ce4e3428cf9371a205 (6.17-rc1) https://git.kernel.org/stable/c/12ad3def2e5e0b120e3d0cb6ce8b7b796819ad40 https://git.kernel.org/stable/c/2ad40b7992aa26bc631afc1a995b0e3ddc30de3f https://git.kernel.org/stable/c/3570ef5c31314c13274c935a20b91768ab5bf412 https://git.kernel.org/stable/c/763810bb883cb4de412a72f338d80947d97df67b https://git.kernel.org/stable/c/7dd36f7477d1e03a1fcf8d13531ca326c4fb599f https://git.kernel.org/stable/c/7f8eca87fef7519e9c41f3258f25ebc2752247ee https://git.kernel.org/stable/c/b7f7866932466332a2528fda099000b035303485 https://git.kernel.org/stable/c/cb09afa0948d96b1e385d609ed044bb1aa043536 https://git.kernel.org/stable/c/ef93a685e01a281b5e2a25ce4e3428cf9371a205 https://linux.oracle.com/cve/CVE-2025-39730.html https://linux.oracle.com/errata/ELSA-2025-25757.html https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html https://lore.kernel.org/linux-cve-announce/2025090730-CVE-2025-39730-72c9@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-39730 https://ubuntu.com/security/notices/USN-7879-1 https://ubuntu.com/security/notices/USN-7879-2 https://ubuntu.com/security/notices/USN-7879-3 https://ubuntu.com/security/notices/USN-7879-4 https://ubuntu.com/security/notices/USN-7880-1 https://ubuntu.com/security/notices/USN-7909-1 https://ubuntu.com/security/notices/USN-7909-2 https://ubuntu.com/security/notices/USN-7909-3 https://ubuntu.com/security/notices/USN-7909-4 https://ubuntu.com/security/notices/USN-7910-1 https://ubuntu.com/security/notices/USN-7910-2 https://www.cve.org/CVERecord?id=CVE-2025-39730
kernel-headers	CVE-2025-39925	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.20.1.el10_1	https://access.redhat.com/errata/RHSA-2025:22854 https://access.redhat.com/security/cve/CVE-2025-39925 https://bugzilla.redhat.com/2393527 https://bugzilla.redhat.com/2400629 https://bugzilla.redhat.com/2404100 https://bugzilla.redhat.com/2404105 https://bugzilla.redhat.com/2404109 https://bugzilla.redhat.com/2404117 https://bugzilla.redhat.com/2406758 https://bugzilla.redhat.com/2406776 https://bugzilla.redhat.com/2414741 https://bugzilla.redhat.com/show_bug.cgi?id=2400629 https://bugzilla.redhat.com/show_bug.cgi?id=2404109 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39925 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39979 https://errata.almalinux.org/10/ALSA-2025-22854.html https://errata.rockylinux.org/RLSA-2025:22865 https://git.kernel.org/linus/7fcbe5b2c6a4b5407bf2241fdb71e0a390f6ab9a (6.17-rc6) https://git.kernel.org/stable/c/7fcbe5b2c6a4b5407bf2241fdb71e0a390f6ab9a https://git.kernel.org/stable/c/da9e8f429139928570407e8f90559b5d46c20262 https://linux.oracle.com/cve/CVE-2025-39925.html https://linux.oracle.com/errata/ELSA-2025-22865.html https://lore.kernel.org/linux-cve-announce/2025100124-CVE-2025-39925-bcec@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-39925 https://www.cve.org/CVERecord?id=CVE-2025-39925
kernel-headers	CVE-2025-39955	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.13.1.el10_1	https://access.redhat.com/errata/RHSA-2025:22405 https://access.redhat.com/security/cve/CVE-2025-39955 https://bugzilla.redhat.com/2393172 https://bugzilla.redhat.com/2396934 https://bugzilla.redhat.com/2400598 https://bugzilla.redhat.com/2400628 https://bugzilla.redhat.com/2402699 https://bugzilla.redhat.com/2404105 https://bugzilla.redhat.com/2406776 https://bugzilla.redhat.com/2414741 https://bugzilla.redhat.com/show_bug.cgi?id=2393731 https://bugzilla.redhat.com/show_bug.cgi?id=2402699 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39730 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39955 https://errata.almalinux.org/9/ALSA-2025-22405.html https://errata.rockylinux.org/RLSA-2025:21931 https://git.kernel.org/stable/c/17d699727577814198d744d6afe54735c6b54c99 https://git.kernel.org/stable/c/33a4fdf0b4a25f8ce65380c3b0136b407ca57609 https://git.kernel.org/stable/c/45c8a6cc2bcd780e634a6ba8e46bffbdf1fc5c01 https://git.kernel.org/stable/c/7ec092a91ff351dcde89c23e795b73a328274db6 https://git.kernel.org/stable/c/a4378dedd6e07e62f2fccb17d78c9665718763d0 https://git.kernel.org/stable/c/ae313d14b45eca7a6bb29cb9bf396d977e7d28fb https://git.kernel.org/stable/c/dfd06131107e7b699ef1e2a24ed2f7d17c917753 https://git.kernel.org/stable/c/fa4749c065644af4db496b338452a69a3e5147d9 https://linux.oracle.com/cve/CVE-2025-39955.html https://linux.oracle.com/errata/ELSA-2025-28049.html https://lore.kernel.org/linux-cve-announce/2025100942-CVE-2025-39955-f36b@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-39955 https://www.cve.org/CVERecord?id=CVE-2025-39955
kernel-headers	CVE-2025-39979	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.20.1.el10_1	https://access.redhat.com/errata/RHSA-2025:22854 https://access.redhat.com/security/cve/CVE-2025-39979 https://bugzilla.redhat.com/2393527 https://bugzilla.redhat.com/2400629 https://bugzilla.redhat.com/2404100 https://bugzilla.redhat.com/2404105 https://bugzilla.redhat.com/2404109 https://bugzilla.redhat.com/2404117 https://bugzilla.redhat.com/2406758 https://bugzilla.redhat.com/2406776 https://bugzilla.redhat.com/2414741 https://bugzilla.redhat.com/show_bug.cgi?id=2400629 https://bugzilla.redhat.com/show_bug.cgi?id=2404109 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39925 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39979 https://errata.almalinux.org/10/ALSA-2025-22854.html https://errata.rockylinux.org/RLSA-2025:22865 https://git.kernel.org/linus/6043819e707cefb1c9e59d6e431dcfa735c4f975 (6.17) https://git.kernel.org/stable/c/3c77f6d244188c3fb11f6aec40bbfe884f1803b5 https://git.kernel.org/stable/c/6043819e707cefb1c9e59d6e431dcfa735c4f975 https://linux.oracle.com/cve/CVE-2025-39979.html https://linux.oracle.com/errata/ELSA-2025-22865.html https://lore.kernel.org/linux-cve-announce/2025101559-CVE-2025-39979-f1e9@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-39979 https://www.cve.org/CVERecord?id=CVE-2025-39979
kernel-headers	CVE-2025-39981	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.20.1.el10_1	https://access.redhat.com/errata/RHSA-2025:22405 https://access.redhat.com/security/cve/CVE-2025-39981 https://bugzilla.redhat.com/2393172 https://bugzilla.redhat.com/2396934 https://bugzilla.redhat.com/2400598 https://bugzilla.redhat.com/2400628 https://bugzilla.redhat.com/2402699 https://bugzilla.redhat.com/2404105 https://bugzilla.redhat.com/2406776 https://bugzilla.redhat.com/2414741 https://bugzilla.redhat.com/show_bug.cgi?id=2393172 https://bugzilla.redhat.com/show_bug.cgi?id=2396934 https://bugzilla.redhat.com/show_bug.cgi?id=2400598 https://bugzilla.redhat.com/show_bug.cgi?id=2400628 https://bugzilla.redhat.com/show_bug.cgi?id=2402699 https://bugzilla.redhat.com/show_bug.cgi?id=2404105 https://bugzilla.redhat.com/show_bug.cgi?id=2406776 https://bugzilla.redhat.com/show_bug.cgi?id=2414741 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39864 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39898 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39918 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39955 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39981 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40058 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40185 https://errata.almalinux.org/9/ALSA-2025-22405.html https://errata.rockylinux.org/RLSA-2025:22405 https://git.kernel.org/linus/302a1f674c00dd5581ab8e493ef44767c5101aab (6.17) https://git.kernel.org/stable/c/302a1f674c00dd5581ab8e493ef44767c5101aab https://git.kernel.org/stable/c/87a1f16f07c6c43771754075e08f45b41d237421 https://git.kernel.org/stable/c/d71b98f253b079cbadc83266383f26fe7e9e103b https://linux.oracle.com/cve/CVE-2025-39981.html https://linux.oracle.com/errata/ELSA-2025-22854.html https://lore.kernel.org/linux-cve-announce/2025101559-CVE-2025-39981-fe1d@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-39981 https://www.cve.org/CVERecord?id=CVE-2025-39981
kernel-headers	CVE-2025-39982	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.20.1.el10_1	https://access.redhat.com/errata/RHSA-2025:22854 https://access.redhat.com/security/cve/CVE-2025-39982 https://bugzilla.redhat.com/2393527 https://bugzilla.redhat.com/2400629 https://bugzilla.redhat.com/2404100 https://bugzilla.redhat.com/2404105 https://bugzilla.redhat.com/2404109 https://bugzilla.redhat.com/2404117 https://bugzilla.redhat.com/2406758 https://bugzilla.redhat.com/2406776 https://bugzilla.redhat.com/2414741 https://errata.almalinux.org/10/ALSA-2025-22854.html https://git.kernel.org/linus/9e622804d57e2d08f0271200606bd1270f75126f (6.17) https://git.kernel.org/stable/c/484c7d571a3d1b3fd298fa691b660438c4548a53 https://git.kernel.org/stable/c/6243bda271a628c48875e3e473206e7f584892ce https://git.kernel.org/stable/c/9e622804d57e2d08f0271200606bd1270f75126f https://git.kernel.org/stable/c/a78fd4fc5694ecb3b97deb2ad9eaebd67b4d2b08 https://git.kernel.org/stable/c/bcce99f613163a43de24674b717e7a6c135fc879 https://linux.oracle.com/cve/CVE-2025-39982.html https://linux.oracle.com/errata/ELSA-2025-22854.html https://lore.kernel.org/linux-cve-announce/2025101559-CVE-2025-39982-a36e@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-39982 https://www.cve.org/CVERecord?id=CVE-2025-39982
kernel-headers	CVE-2025-39983	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.20.1.el10_1	https://access.redhat.com/errata/RHSA-2025:22854 https://access.redhat.com/security/cve/CVE-2025-39983 https://bugzilla.redhat.com/2393527 https://bugzilla.redhat.com/2400629 https://bugzilla.redhat.com/2404100 https://bugzilla.redhat.com/2404105 https://bugzilla.redhat.com/2404109 https://bugzilla.redhat.com/2404117 https://bugzilla.redhat.com/2406758 https://bugzilla.redhat.com/2406776 https://bugzilla.redhat.com/2414741 https://errata.almalinux.org/10/ALSA-2025-22854.html https://git.kernel.org/stable/c/2e128683176a56459cef8705fc7c35f438f88abd https://git.kernel.org/stable/c/dde33124f17cf3bab4dc5e18d1b4dee128361061 https://linux.oracle.com/cve/CVE-2025-39983.html https://linux.oracle.com/errata/ELSA-2025-22854.html https://lore.kernel.org/linux-cve-announce/2025101500-CVE-2025-39983-eb8b@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-39983 https://www.cve.org/CVERecord?id=CVE-2025-39983
kernel-headers	CVE-2025-40047	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.20.1.el10_1	https://access.redhat.com/errata/RHSA-2025:22854 https://access.redhat.com/security/cve/CVE-2025-40047 https://bugzilla.redhat.com/2393527 https://bugzilla.redhat.com/2400629 https://bugzilla.redhat.com/2404100 https://bugzilla.redhat.com/2404105 https://bugzilla.redhat.com/2404109 https://bugzilla.redhat.com/2404117 https://bugzilla.redhat.com/2406758 https://bugzilla.redhat.com/2406776 https://bugzilla.redhat.com/2414741 https://errata.almalinux.org/10/ALSA-2025-22854.html https://git.kernel.org/linus/2f8229d53d984c6a05b71ac9e9583d4354e3b91f (6.18-rc1) https://git.kernel.org/stable/c/2f8229d53d984c6a05b71ac9e9583d4354e3b91f https://git.kernel.org/stable/c/3e2205db2f0608898d535da1964e1b376aacfdaa https://git.kernel.org/stable/c/696ba6032081e617564a8113a001b8d7943cb928 https://linux.oracle.com/cve/CVE-2025-40047.html https://linux.oracle.com/errata/ELSA-2025-28040.html https://lore.kernel.org/linux-cve-announce/2025102813-CVE-2025-40047-b952@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-40047 https://www.cve.org/CVERecord?id=CVE-2025-40047
kernel-headers	CVE-2025-40058	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.20.1.el10_1	https://access.redhat.com/errata/RHSA-2025:22405 https://access.redhat.com/security/cve/CVE-2025-40058 https://bugzilla.redhat.com/2393172 https://bugzilla.redhat.com/2396934 https://bugzilla.redhat.com/2400598 https://bugzilla.redhat.com/2400628 https://bugzilla.redhat.com/2402699 https://bugzilla.redhat.com/2404105 https://bugzilla.redhat.com/2406776 https://bugzilla.redhat.com/2414741 https://bugzilla.redhat.com/show_bug.cgi?id=2393172 https://bugzilla.redhat.com/show_bug.cgi?id=2396934 https://bugzilla.redhat.com/show_bug.cgi?id=2400598 https://bugzilla.redhat.com/show_bug.cgi?id=2400628 https://bugzilla.redhat.com/show_bug.cgi?id=2402699 https://bugzilla.redhat.com/show_bug.cgi?id=2404105 https://bugzilla.redhat.com/show_bug.cgi?id=2406776 https://bugzilla.redhat.com/show_bug.cgi?id=2414741 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39864 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39898 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39918 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39955 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39981 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40058 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40185 https://errata.almalinux.org/9/ALSA-2025-22405.html https://errata.rockylinux.org/RLSA-2025:22405 https://git.kernel.org/linus/57f55048e564dedd8a4546d018e29d6bbfff0a7e (6.18-rc1) https://git.kernel.org/stable/c/57f55048e564dedd8a4546d018e29d6bbfff0a7e https://git.kernel.org/stable/c/8d096ce0e87bdc361f0b25d7943543bc53aa0b9e https://git.kernel.org/stable/c/ebe16d245a00626bb87163862a1b07daf5475a3e https://linux.oracle.com/cve/CVE-2025-40058.html https://linux.oracle.com/errata/ELSA-2025-28040.html https://lore.kernel.org/linux-cve-announce/2025102815-CVE-2025-40058-0eba@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-40058 https://www.cve.org/CVERecord?id=CVE-2025-40058
kernel-headers	CVE-2025-40185	MEDIUM	6.12.0-124.8.1.el10_1	6.12.0-124.20.1.el10_1	https://access.redhat.com/errata/RHSA-2025:22405 https://access.redhat.com/security/cve/CVE-2025-40185 https://bugzilla.redhat.com/2393172 https://bugzilla.redhat.com/2396934 https://bugzilla.redhat.com/2400598 https://bugzilla.redhat.com/2400628 https://bugzilla.redhat.com/2402699 https://bugzilla.redhat.com/2404105 https://bugzilla.redhat.com/2406776 https://bugzilla.redhat.com/2414741 https://bugzilla.redhat.com/show_bug.cgi?id=2393172 https://bugzilla.redhat.com/show_bug.cgi?id=2396934 https://bugzilla.redhat.com/show_bug.cgi?id=2400598 https://bugzilla.redhat.com/show_bug.cgi?id=2400628 https://bugzilla.redhat.com/show_bug.cgi?id=2402699 https://bugzilla.redhat.com/show_bug.cgi?id=2404105 https://bugzilla.redhat.com/show_bug.cgi?id=2406776 https://bugzilla.redhat.com/show_bug.cgi?id=2414741 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39864 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39898 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39918 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39955 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39981 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40058 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40185 https://errata.almalinux.org/9/ALSA-2025-22405.html https://errata.rockylinux.org/RLSA-2025:22405 https://git.kernel.org/linus/2db687f3469dbc5c59bc53d55acafd75d530b497 (6.18-rc1) https://git.kernel.org/stable/c/2db687f3469dbc5c59bc53d55acafd75d530b497 https://git.kernel.org/stable/c/794abb265de3e792167fe3ea0440c064c722bb84 https://git.kernel.org/stable/c/7b9269de9815fc34d93dab90bd5169bacbe78e70 https://linux.oracle.com/cve/CVE-2025-40185.html https://linux.oracle.com/errata/ELSA-2025-22854.html https://lore.kernel.org/linux-cve-announce/2025111244-CVE-2025-40185-0689@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-40185 https://www.cve.org/CVERecord?id=CVE-2025-40185
No Misconfigurations found

Java (jar)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
commons-io:commons-io	CVE-2024-47554	HIGH	2.8.0	2.14.0	http://www.openwall.com/lists/oss-security/2024/10/03/2 https://access.redhat.com/security/cve/CVE-2024-47554 https://github.com/apache/commons-io https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1 https://nvd.nist.gov/vuln/detail/CVE-2024-47554 https://security.netapp.com/advisory/ntap-20250131-0010 https://security.netapp.com/advisory/ntap-20250131-0010/ https://www.cve.org/CVERecord?id=CVE-2024-47554
commons-lang:commons-lang	CVE-2025-48924	MEDIUM	2.6	no fix available	http://www.openwall.com/lists/oss-security/2025/07/11/1 https://access.redhat.com/security/cve/CVE-2025-48924 https://github.com/apache/commons-lang https://github.com/apache/commons-lang/commit/b424803abdb2bec818e4fbcb251ce031c22aca53 https://lists.apache.org/thread/bgv0lpswokgol11tloxnjfzdl7yrc1g1 https://lists.debian.org/debian-lts-announce/2025/08/msg00000.html https://lists.debian.org/debian-lts-announce/2025/08/msg00026.html https://lists.debian.org/debian-lts-announce/2025/09/msg00032.html https://lists.debian.org/debian-lts-announce/2025/09/msg00036.html https://nvd.nist.gov/vuln/detail/CVE-2025-48924 https://www.cve.org/CVERecord?id=CVE-2025-48924
commons-lang:commons-lang	CVE-2025-48924	MEDIUM	2.6	no fix available	http://www.openwall.com/lists/oss-security/2025/07/11/1 https://access.redhat.com/security/cve/CVE-2025-48924 https://github.com/apache/commons-lang https://github.com/apache/commons-lang/commit/b424803abdb2bec818e4fbcb251ce031c22aca53 https://lists.apache.org/thread/bgv0lpswokgol11tloxnjfzdl7yrc1g1 https://lists.debian.org/debian-lts-announce/2025/08/msg00000.html https://lists.debian.org/debian-lts-announce/2025/08/msg00026.html https://lists.debian.org/debian-lts-announce/2025/09/msg00032.html https://lists.debian.org/debian-lts-announce/2025/09/msg00036.html https://nvd.nist.gov/vuln/detail/CVE-2025-48924 https://www.cve.org/CVERecord?id=CVE-2025-48924
net.i2p.crypto:eddsa	CVE-2020-36843	MEDIUM	0.3.0	no fix available	https://eprint.iacr.org/2020/1244 https://github.com/i2p/i2p.i2p/commit/d7d1dcb5399c61cf2916ccc45aa25b0209c88712#diff-658f7b1aa34b58d27796fccdb8b756c72702d64ae44703374960f1cb89a5a5c3 https://github.com/str4d/ed25519-java https://github.com/str4d/ed25519-java/issues/82#issue-727629226 https://nvd.nist.gov/vuln/detail/CVE-2020-36843
org.apache.commons:commons-lang3	CVE-2025-48924	MEDIUM	3.12.0	3.18.0	http://www.openwall.com/lists/oss-security/2025/07/11/1 https://access.redhat.com/security/cve/CVE-2025-48924 https://github.com/apache/commons-lang https://github.com/apache/commons-lang/commit/b424803abdb2bec818e4fbcb251ce031c22aca53 https://lists.apache.org/thread/bgv0lpswokgol11tloxnjfzdl7yrc1g1 https://lists.debian.org/debian-lts-announce/2025/08/msg00000.html https://lists.debian.org/debian-lts-announce/2025/08/msg00026.html https://lists.debian.org/debian-lts-announce/2025/09/msg00032.html https://lists.debian.org/debian-lts-announce/2025/09/msg00036.html https://nvd.nist.gov/vuln/detail/CVE-2025-48924 https://www.cve.org/CVERecord?id=CVE-2025-48924
org.apache.commons:commons-lang3	CVE-2025-48924	MEDIUM	3.14.0	3.18.0	http://www.openwall.com/lists/oss-security/2025/07/11/1 https://access.redhat.com/security/cve/CVE-2025-48924 https://github.com/apache/commons-lang https://github.com/apache/commons-lang/commit/b424803abdb2bec818e4fbcb251ce031c22aca53 https://lists.apache.org/thread/bgv0lpswokgol11tloxnjfzdl7yrc1g1 https://lists.debian.org/debian-lts-announce/2025/08/msg00000.html https://lists.debian.org/debian-lts-announce/2025/08/msg00026.html https://lists.debian.org/debian-lts-announce/2025/09/msg00032.html https://lists.debian.org/debian-lts-announce/2025/09/msg00036.html https://nvd.nist.gov/vuln/detail/CVE-2025-48924 https://www.cve.org/CVERecord?id=CVE-2025-48924
org.eclipse.jetty:jetty-http	CVE-2024-6763	MEDIUM	9.4.58.v20250814	12.0.12	https://access.redhat.com/security/cve/CVE-2024-6763 https://github.com/jetty/jetty.project https://github.com/jetty/jetty.project/pull/12012 https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh https://gitlab.eclipse.org/security/cve-assignement/-/issues/25 https://nvd.nist.gov/vuln/detail/CVE-2024-6763 https://security.netapp.com/advisory/ntap-20250306-0005 https://security.netapp.com/advisory/ntap-20250306-0005/ https://www.cve.org/CVERecord?id=CVE-2024-6763
org.eclipse.jgit:org.eclipse.jgit	CVE-2025-4949	MEDIUM	5.13.3.202401111512-r	7.2.1.202505142326-r, 7.1.1.202505221757-r, 7.0.1.202505221510-r, 6.10.1.202505221210-r, 6.0.0.202111291000-r, 5.13.4.202507202350-r	https://access.redhat.com/security/cve/CVE-2025-4949 https://github.com/eclipse-jgit/jgit https://gitlab.eclipse.org/security/cve-assignement/-/issues/64 https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/281 https://nvd.nist.gov/vuln/detail/CVE-2025-4949 https://projects.eclipse.org/projects/technology.jgit/releases/5.13.4 https://projects.eclipse.org/projects/technology.jgit/releases/6.10.1 https://projects.eclipse.org/projects/technology.jgit/releases/7.0.1 https://projects.eclipse.org/projects/technology.jgit/releases/7.1.1 https://projects.eclipse.org/projects/technology.jgit/releases/7.2.1 https://www.cve.org/CVERecord?id=CVE-2025-4949
No Misconfigurations found

Node.js (node-pkg)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
glob	CVE-2025-64756	HIGH	10.4.5	11.1.0, 10.5.0	https://access.redhat.com/security/cve/CVE-2025-64756 https://github.com/isaacs/node-glob https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146 https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2 https://nvd.nist.gov/vuln/detail/CVE-2025-64756 https://www.cve.org/CVERecord?id=CVE-2025-64756
glob	CVE-2025-64756	HIGH	11.0.3	11.1.0, 10.5.0	https://access.redhat.com/security/cve/CVE-2025-64756 https://github.com/isaacs/node-glob https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146 https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2 https://nvd.nist.gov/vuln/detail/CVE-2025-64756 https://www.cve.org/CVERecord?id=CVE-2025-64756
jws	CVE-2025-65945	HIGH	3.2.2	3.2.3, 4.0.1	https://github.com/auth0/node-jws https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e https://github.com/auth0/node-jws/commit/4f6e73f24df42f07d632dec6431ade8eda8d11a6 https://github.com/auth0/node-jws/releases/tag/v3.2.3 https://github.com/auth0/node-jws/releases/tag/v4.0.1 https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x https://nvd.nist.gov/vuln/detail/CVE-2025-65945
jws	CVE-2025-65945	HIGH	4.0.0	3.2.3, 4.0.1	https://github.com/auth0/node-jws https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e https://github.com/auth0/node-jws/commit/4f6e73f24df42f07d632dec6431ade8eda8d11a6 https://github.com/auth0/node-jws/releases/tag/v3.2.3 https://github.com/auth0/node-jws/releases/tag/v4.0.1 https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x https://nvd.nist.gov/vuln/detail/CVE-2025-65945
jws	CVE-2025-65945	HIGH	4.0.0	3.2.3, 4.0.1	https://github.com/auth0/node-jws https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e https://github.com/auth0/node-jws/commit/4f6e73f24df42f07d632dec6431ade8eda8d11a6 https://github.com/auth0/node-jws/releases/tag/v3.2.3 https://github.com/auth0/node-jws/releases/tag/v4.0.1 https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x https://nvd.nist.gov/vuln/detail/CVE-2025-65945
tar	CVE-2025-64118	MEDIUM	7.5.1	7.5.2	https://github.com/isaacs/node-tar https://github.com/isaacs/node-tar/commit/5330eb04bc43014f216e5c271b40d5c00d45224d https://github.com/isaacs/node-tar/commit/5e1a8e638600d3c3a2969b4de6a6ec44fa8d74c9 https://github.com/isaacs/node-tar/issues/445 https://github.com/isaacs/node-tar/pull/446 https://github.com/isaacs/node-tar/security/advisories/GHSA-29xp-372q-xqph https://nvd.nist.gov/vuln/detail/CVE-2025-64118
No Misconfigurations found

Python (python-pkg)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
setuptools	CVE-2025-47273	HIGH	77.0.3	78.1.1	https://access.redhat.com/errata/RHSA-2025:13578 https://access.redhat.com/security/cve/CVE-2025-47273 https://bugzilla.redhat.com/2366982 https://bugzilla.redhat.com/show_bug.cgi?id=2366982 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47273 https://errata.almalinux.org/9/ALSA-2025-13578.html https://errata.rockylinux.org/RLSA-2025:9940 https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2025-49.yaml https://github.com/pypa/setuptools https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b https://github.com/pypa/setuptools/issues/4946 https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://linux.oracle.com/cve/CVE-2025-47273.html https://linux.oracle.com/errata/ELSA-2025-9940.html https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html https://nvd.nist.gov/vuln/detail/CVE-2025-47273 https://ubuntu.com/security/notices/USN-7544-1 https://www.cve.org/CVERecord?id=CVE-2025-47273
urllib3	CVE-2025-66418	HIGH	2.5.0	2.6.0	https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8 https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53 https://nvd.nist.gov/vuln/detail/CVE-2025-66418 https://ubuntu.com/security/notices/USN-7927-1 https://www.cve.org/CVERecord?id=CVE-2025-66418 https://www.openwall.com/lists/oss-security/2025/12/05/4
urllib3	CVE-2025-66471	HIGH	2.5.0	2.6.0	https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7 https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37 https://nvd.nist.gov/vuln/detail/CVE-2025-66471 https://ubuntu.com/security/notices/USN-7927-1 https://www.cve.org/CVERecord?id=CVE-2025-66471 https://www.openwall.com/lists/oss-security/2025/12/05/4
No Misconfigurations found

Ruby (gemspec)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
rexml	CVE-2025-58767	MEDIUM	3.4.0	>= 3.4.2	https://access.redhat.com/security/cve/CVE-2025-58767 https://github.com/advisories/GHSA-c2f4-jgmc-q2r5 https://github.com/ruby/rexml https://github.com/ruby/rexml/commit/5859bdeac792687eaf93d8e8f0b7e3c1e2ed5c23 https://github.com/ruby/rexml/security/advisories/GHSA-c2f4-jgmc-q2r5 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rexml/CVE-2025-58767.yml https://linux.oracle.com/cve/CVE-2025-58767.html https://linux.oracle.com/errata/ELSA-2025-23141.html https://nvd.nist.gov/vuln/detail/CVE-2025-58767 https://www.cve.org/CVERecord?id=CVE-2025-58767 https://www.ruby-lang.org/en/news/2025/09/18/dos-rexml-cve-2025-58767 https://www.ruby-lang.org/en/news/2025/09/18/dos-rexml-cve-2025-58767/
uri	CVE-2025-61594	MEDIUM	1.0.3	~> 0.12.5, ~> 0.13.3, >= 1.0.4	https://github.com/ruby/uri https://linux.oracle.com/cve/CVE-2025-61594.html https://linux.oracle.com/errata/ELSA-2025-23141.html https://rubygems.org/gems/uri/versions/0.12.5 https://rubygems.org/gems/uri/versions/0.13.3 https://rubygems.org/gems/uri/versions/1.0.4 https://www.ruby-lang.org/en/news/2025/10/07/uri-cve-2025-61594
No Misconfigurations found

opt/cdxgen/node_modules/.pnpm/@appthreat+atom-parsetools@1.0.12/node_modules/@appthreat/atom-parsetools/plugins/composer/installed.json (composer-vendor)¶

No Vulnerabilities found
No Misconfigurations found

usr/local/bin/bazel (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-22874	HIGH	v1.24.0	1.24.4	https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib	CVE-2025-47907	HIGH	v1.24.0	1.23.12, 1.24.6	http://www.openwall.com/lists/oss-security/2025/08/06/1 https://access.redhat.com/errata/RHSA-2025:20909 https://access.redhat.com/security/cve/CVE-2025-47907 https://bugzilla.redhat.com/2387083 https://bugzilla.redhat.com/2393152 https://errata.almalinux.org/9/ALSA-2025-20909.html https://go.dev/cl/693735 https://go.dev/issue/74831 https://groups.google.com/g/golang-announce/c/x5MKroML2yM https://linux.oracle.com/cve/CVE-2025-47907.html https://linux.oracle.com/errata/ELSA-2025-20983.html https://nvd.nist.gov/vuln/detail/CVE-2025-47907 https://pkg.go.dev/vuln/GO-2025-3849 https://www.cve.org/CVERecord?id=CVE-2025-47907
stdlib	CVE-2025-58183	HIGH	v1.24.0	1.24.8, 1.25.2	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/errata/RHSA-2025:22011 https://access.redhat.com/security/cve/CVE-2025-58183 https://bugzilla.redhat.com/2404715 https://bugzilla.redhat.com/2407258 https://bugzilla.redhat.com/show_bug.cgi?id=2407258 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58183 https://errata.almalinux.org/9/ALSA-2025-22011.html https://errata.rockylinux.org/RLSA-2025:23088 https://go.dev/cl/709861 https://go.dev/issue/75677 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://linux.oracle.com/cve/CVE-2025-58183.html https://linux.oracle.com/errata/ELSA-2025-23088.html https://nvd.nist.gov/vuln/detail/CVE-2025-58183 https://pkg.go.dev/vuln/GO-2025-4014 https://www.cve.org/CVERecord?id=CVE-2025-58183
stdlib	CVE-2025-58186	HIGH	v1.24.0	1.24.8, 1.25.2	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://go.dev/cl/709855 https://go.dev/issue/75672 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58186 https://pkg.go.dev/vuln/GO-2025-4012
stdlib	CVE-2025-58187	HIGH	v1.24.0	1.24.9, 1.25.3	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://go.dev/cl/709854 https://go.dev/issue/75681 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58187 https://pkg.go.dev/vuln/GO-2025-4007
stdlib	CVE-2025-61729	HIGH	v1.24.0	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-0913	MEDIUM	v1.24.0	1.23.10, 1.24.4	https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib	CVE-2025-22871	MEDIUM	v1.24.0	1.23.8, 1.24.2	http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/errata/RHSA-2025:9635 https://access.redhat.com/security/cve/CVE-2025-22871 https://bugzilla.redhat.com/2358493 https://bugzilla.redhat.com/show_bug.cgi?id=2358493 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22871 https://errata.almalinux.org/9/ALSA-2025-9635.html https://errata.rockylinux.org/RLSA-2025:9317 https://github.com/roadrunner-server/roadrunner https://github.com/roadrunner-server/roadrunner/commit/f269279ee87d0b88127741cad1042389af7605fa https://github.com/roadrunner-server/roadrunner/issues/2166 https://github.com/roadrunner-server/roadrunner/releases/tag/v2025.1.0 https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://linux.oracle.com/cve/CVE-2025-22871.html https://linux.oracle.com/errata/ELSA-2025-9845.html https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
stdlib	CVE-2025-4673	MEDIUM	v1.24.0	1.23.10, 1.24.4	https://access.redhat.com/errata/RHSA-2025:15887 https://access.redhat.com/security/cve/CVE-2025-4673 https://bugzilla.redhat.com/2373305 https://bugzilla.redhat.com/show_bug.cgi?id=2373305 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4673 https://errata.almalinux.org/9/ALSA-2025-15887.html https://errata.rockylinux.org/RLSA-2025:16432 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://linux.oracle.com/cve/CVE-2025-4673.html https://linux.oracle.com/errata/ELSA-2025-10677.html https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
stdlib	CVE-2025-47906	MEDIUM	v1.24.0	1.23.12, 1.24.6	http://www.openwall.com/lists/oss-security/2025/08/06/1 https://access.redhat.com/errata/RHSA-2025:22005 https://access.redhat.com/security/cve/CVE-2025-47906 https://bugzilla.redhat.com/2396546 https://bugzilla.redhat.com/show_bug.cgi?id=2396546 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47906 https://errata.almalinux.org/9/ALSA-2025-22005.html https://errata.rockylinux.org/RLSA-2025:22005 https://go.dev/cl/691775 https://go.dev/issue/74466 https://groups.google.com/g/golang-announce/c/x5MKroML2yM https://linux.oracle.com/cve/CVE-2025-47906.html https://linux.oracle.com/errata/ELSA-2025-22668.html https://nvd.nist.gov/vuln/detail/CVE-2025-47906 https://pkg.go.dev/vuln/GO-2025-3956 https://www.cve.org/CVERecord?id=CVE-2025-47906
stdlib	CVE-2025-47912	MEDIUM	v1.24.0	1.24.8, 1.25.2	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-47912 https://go.dev/cl/709857 https://go.dev/issue/75678 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-47912 https://pkg.go.dev/vuln/GO-2025-4010 https://www.cve.org/CVERecord?id=CVE-2025-47912
stdlib	CVE-2025-58185	MEDIUM	v1.24.0	1.24.8, 1.25.2	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-58185 https://github.com/golang/go/commit/8709a41d5ef7321f486a1857f189c3fee20e8edd https://go.dev/cl/709856 https://go.dev/issue/75671 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58185 https://pkg.go.dev/vuln/GO-2025-4011 https://www.cve.org/CVERecord?id=CVE-2025-58185
stdlib	CVE-2025-58188	MEDIUM	v1.24.0	1.24.8, 1.25.2	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-58188 https://github.com/golang/go/commit/6e4007e8cffbb870e6b606307ab7308236ecefb9 https://go.dev/cl/709853 https://go.dev/issue/75675 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58188 https://pkg.go.dev/vuln/GO-2025-4013 https://www.cve.org/CVERecord?id=CVE-2025-58188
stdlib	CVE-2025-58189	MEDIUM	v1.24.0	1.24.8, 1.25.2	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-58189 https://go.dev/cl/707776 https://go.dev/issue/75652 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58189 https://pkg.go.dev/vuln/GO-2025-4008 https://www.cve.org/CVERecord?id=CVE-2025-58189
stdlib	CVE-2025-61723	MEDIUM	v1.24.0	1.24.8, 1.25.2	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-61723 https://github.com/golang/go/commit/5ce8cd16f3859ec5ac4106ad8ec15d6236f4501b https://go.dev/cl/709858 https://go.dev/issue/75676 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-61723 https://pkg.go.dev/vuln/GO-2025-4009 https://www.cve.org/CVERecord?id=CVE-2025-61723
stdlib	CVE-2025-61724	MEDIUM	v1.24.0	1.24.8, 1.25.2	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-61724 https://go.dev/cl/709859 https://go.dev/issue/75716 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-61724 https://pkg.go.dev/vuln/GO-2025-4015 https://www.cve.org/CVERecord?id=CVE-2025-61724
stdlib	CVE-2025-61725	MEDIUM	v1.24.0	1.24.8, 1.25.2	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-61725 https://go.dev/cl/709860 https://go.dev/issue/75680 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-61725 https://pkg.go.dev/vuln/GO-2025-4006 https://www.cve.org/CVERecord?id=CVE-2025-61725
stdlib	CVE-2025-61727	MEDIUM	v1.24.0	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found

usr/local/go/bin/go (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-61729	HIGH	v1.25.4	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-61727	MEDIUM	v1.25.4	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found

usr/local/go/bin/gofmt (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-61729	HIGH	v1.25.4	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-61727	MEDIUM	v1.25.4	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/asm (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-61729	HIGH	v1.25.4	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-61727	MEDIUM	v1.25.4	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/cgo (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-61729	HIGH	v1.25.4	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-61727	MEDIUM	v1.25.4	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/compile (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-61729	HIGH	v1.25.4	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-61727	MEDIUM	v1.25.4	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/cover (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-61729	HIGH	v1.25.4	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-61727	MEDIUM	v1.25.4	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/link (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-61729	HIGH	v1.25.4	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-61727	MEDIUM	v1.25.4	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/preprofile (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-61729	HIGH	v1.25.4	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-61727	MEDIUM	v1.25.4	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/vet (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-61729	HIGH	v1.25.4	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-61727	MEDIUM	v1.25.4	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found