Skip to content

registry.hub.docker.com/bridgecrew/checkov (debian 12.11)

Trivy Image Scan

  • Image: registry.hub.docker.com/bridgecrew/checkov (debian 12.11)
  • Scan date: 2025-05-24

registry.hub.docker.com/bridgecrew/checkov (debian 12.11) (debian)

Package Vulnerability ID Severity Installed Version Fixed Version Links
apt CVE-2011-3374 LOW 2.6.1 no fix available https://access.redhat.com/security/cve/cve-2011-3374 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480 https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html https://seclists.org/fulldisclosure/2011/Sep/221 https://security-tracker.debian.org/tracker/CVE-2011-3374 https://snyk.io/vuln/SNYK-LINUX-APT-116518 https://ubuntu.com/security/CVE-2011-3374
bash TEMP-0841856-B18BAF LOW 5.2.15-2+b8 no fix available
bsdutils CVE-2022-0563 LOW 1:2.38.1-5+deb12u3 no fix available https://access.redhat.com/security/cve/CVE-2022-0563 https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/ https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.gentoo.org/glsa/202401-08 https://security.netapp.com/advisory/ntap-20220331-0002/ https://www.cve.org/CVERecord?id=CVE-2022-0563
coreutils CVE-2016-2781 LOW 9.1-1 no fix available http://seclists.org/oss-sec/2016/q1/452 http://www.openwall.com/lists/oss-security/2016/02/28/2 http://www.openwall.com/lists/oss-security/2016/02/28/3 https://access.redhat.com/security/cve/CVE-2016-2781 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://lore.kernel.org/patchwork/patch/793178/ https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.28/v2.28-ReleaseNotes https://nvd.nist.gov/vuln/detail/CVE-2016-2781 https://www.cve.org/CVERecord?id=CVE-2016-2781
coreutils CVE-2017-18018 LOW 9.1-1 no fix available http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html https://access.redhat.com/security/cve/CVE-2017-18018 https://nvd.nist.gov/vuln/detail/CVE-2017-18018 https://www.cve.org/CVERecord?id=CVE-2017-18018
gcc-12-base CVE-2022-27943 LOW 12.2.0-14+deb12u1 no fix available https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
git CVE-2018-1000021 LOW 1:2.39.5-0+deb12u2 no fix available http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html https://access.redhat.com/security/cve/CVE-2018-1000021 https://nvd.nist.gov/vuln/detail/CVE-2018-1000021 https://www.cve.org/CVERecord?id=CVE-2018-1000021
git CVE-2022-24975 LOW 1:2.39.5-0+deb12u2 no fix available https://access.redhat.com/security/cve/CVE-2022-24975 https://github.com/git/git/blob/2dc94da3744bfbbf145eca587a0f5ff480cc5867/Documentation/git-clone.txt#L185-L191 https://lore.kernel.org/git/xmqq4k14qe9g.fsf%40gitster.g/ https://nvd.nist.gov/vuln/detail/CVE-2022-24975 https://www.aquasec.com/blog/undetected-hard-code-secrets-expose-corporations/ https://www.cve.org/CVERecord?id=CVE-2022-24975 https://wwws.nightwatchcybersecurity.com/2022/02/11/gitbleed/
git CVE-2024-52005 LOW 1:2.39.5-0+deb12u2 no fix available https://access.redhat.com/errata/RHSA-2025:7409 https://access.redhat.com/security/cve/CVE-2024-52005 https://bugzilla.redhat.com/2338289 https://errata.almalinux.org/9/ALSA-2025-7409.html https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329 https://linux.oracle.com/cve/CVE-2024-52005.html https://linux.oracle.com/errata/ELSA-2025-7409.html https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net https://lore.kernel.org/git/8570a129-d66a-465a-905e-0a077c69c409@gmail.com/T/#t https://nvd.nist.gov/vuln/detail/CVE-2024-52005 https://www.cve.org/CVERecord?id=CVE-2024-52005
git-man CVE-2018-1000021 LOW 1:2.39.5-0+deb12u2 no fix available http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html https://access.redhat.com/security/cve/CVE-2018-1000021 https://nvd.nist.gov/vuln/detail/CVE-2018-1000021 https://www.cve.org/CVERecord?id=CVE-2018-1000021
git-man CVE-2022-24975 LOW 1:2.39.5-0+deb12u2 no fix available https://access.redhat.com/security/cve/CVE-2022-24975 https://github.com/git/git/blob/2dc94da3744bfbbf145eca587a0f5ff480cc5867/Documentation/git-clone.txt#L185-L191 https://lore.kernel.org/git/xmqq4k14qe9g.fsf%40gitster.g/ https://nvd.nist.gov/vuln/detail/CVE-2022-24975 https://www.aquasec.com/blog/undetected-hard-code-secrets-expose-corporations/ https://www.cve.org/CVERecord?id=CVE-2022-24975 https://wwws.nightwatchcybersecurity.com/2022/02/11/gitbleed/
git-man CVE-2024-52005 LOW 1:2.39.5-0+deb12u2 no fix available https://access.redhat.com/errata/RHSA-2025:7409 https://access.redhat.com/security/cve/CVE-2024-52005 https://bugzilla.redhat.com/2338289 https://errata.almalinux.org/9/ALSA-2025-7409.html https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329 https://linux.oracle.com/cve/CVE-2024-52005.html https://linux.oracle.com/errata/ELSA-2025-7409.html https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net https://lore.kernel.org/git/8570a129-d66a-465a-905e-0a077c69c409@gmail.com/T/#t https://nvd.nist.gov/vuln/detail/CVE-2024-52005 https://www.cve.org/CVERecord?id=CVE-2024-52005
gpgv CVE-2022-3219 LOW 2.2.40-1.1 no fix available https://access.redhat.com/security/cve/CVE-2022-3219 https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://marc.info/?l=oss-security&m=165696590211434&w=4 https://nvd.nist.gov/vuln/detail/CVE-2022-3219 https://security.netapp.com/advisory/ntap-20230324-0001/ https://www.cve.org/CVERecord?id=CVE-2022-3219
gpgv CVE-2025-30258 LOW 2.2.40-1.1 no fix available https://access.redhat.com/security/cve/CVE-2025-30258 https://dev.gnupg.org/T7527 https://dev.gnupg.org/rG48978ccb4e20866472ef18436a32744350a65158 https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html https://nvd.nist.gov/vuln/detail/CVE-2025-30258 https://ubuntu.com/security/notices/USN-7412-1 https://www.cve.org/CVERecord?id=CVE-2025-30258
libapt-pkg6.0 CVE-2011-3374 LOW 2.6.1 no fix available https://access.redhat.com/security/cve/cve-2011-3374 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480 https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html https://seclists.org/fulldisclosure/2011/Sep/221 https://security-tracker.debian.org/tracker/CVE-2011-3374 https://snyk.io/vuln/SNYK-LINUX-APT-116518 https://ubuntu.com/security/CVE-2011-3374
libblkid1 CVE-2022-0563 LOW 2.38.1-5+deb12u3 no fix available https://access.redhat.com/security/cve/CVE-2022-0563 https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/ https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u https://nvd.nist.gov/vuln/detail/CVE-2022-0563 https://security.gentoo.org/glsa/202401-08 https://security.netapp.com/advisory/ntap-20220331-0002/ https://www.cve.org/CVERecord?id=CVE-2022-0563
libc-bin CVE-2025-4802 HIGH 2.36-9+deb12u10 no fix available http://www.openwall.com/lists/oss-security/2025/05/16/7 http://www.openwall.com/lists/oss-security/2025/05/17/2 https://access.redhat.com/security/cve/CVE-2025-4802 https://nvd.nist.gov/vuln/detail/CVE-2025-4802 https://sourceware.org/bugzilla/show_bug.cgi?id=32976 https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e https://www.cve.org/CVERecord?id=CVE-2025-4802 https://www.openwall.com/lists/oss-security/2025/05/16/7 https://www.openwall.com/lists/oss-security/2025/05/17/2
libc-bin CVE-2010-4756 LOW 2.36-9+deb12u10 no fix available http://cxib.net/stuff/glob-0day.c http://securityreason.com/achievement_securityalert/89 http://securityreason.com/exploitalert/9223 https://access.redhat.com/security/cve/CVE-2010-4756 https://bugzilla.redhat.com/show_bug.cgi?id=681681 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756 https://nvd.nist.gov/vuln/detail/CVE-2010-4756 https://www.cve.org/CVERecord?id=CVE-2010-4756
libc-bin CVE-2018-20796 LOW 2.36-9+deb12u10 no fix available http://www.securityfocus.com/bid/107160 https://access.redhat.com/security/cve/CVE-2018-20796 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html https://nvd.nist.gov/vuln/detail/CVE-2018-20796 https://security.netapp.com/advisory/ntap-20190315-0002/ https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS https://www.cve.org/CVERecord?id=CVE-2018-20796
libc-bin CVE-2019-1010022 LOW 2.36-9+deb12u10 no fix available https://access.redhat.com/security/cve/CVE-2019-1010022 https://nvd.nist.gov/vuln/detail/CVE-2019-1010022 https://security-tracker.debian.org/tracker/CVE-2019-1010022 https://sourceware.org/bugzilla/show_bug.cgi?id=22850 https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3 https://ubuntu.com/security/CVE-2019-1010022 https://www.cve.org/CVERecord?id=CVE-2019-1010022
libc-bin CVE-2019-1010023 LOW 2.36-9+deb12u10 no fix available http://www.securityfocus.com/bid/109167 https://access.redhat.com/security/cve/CVE-2019-1010023 https://nvd.nist.gov/vuln/detail/CVE-2019-1010023 https://security-tracker.debian.org/tracker/CVE-2019-1010023 https://sourceware.org/bugzilla/show_bug.cgi?id=22851 https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010023 https://www.cve.org/CVERecord?id=CVE-2019-1010023
libc-bin CVE-2019-1010024 LOW 2.36-9+deb12u10 no fix available http://www.securityfocus.com/bid/109162 https://access.redhat.com/security/cve/CVE-2019-1010024 https://nvd.nist.gov/vuln/detail/CVE-2019-1010024 https://security-tracker.debian.org/tracker/CVE-2019-1010024 https://sourceware.org/bugzilla/show_bug.cgi?id=22852 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010024 https://www.cve.org/CVERecord?id=CVE-2019-1010024
libc-bin CVE-2019-1010025 LOW 2.36-9+deb12u10 no fix available https://access.redhat.com/security/cve/CVE-2019-1010025 https://nvd.nist.gov/vuln/detail/CVE-2019-1010025 https://security-tracker.debian.org/tracker/CVE-2019-1010025 https://sourceware.org/bugzilla/show_bug.cgi?id=22853 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010025 https://www.cve.org/CVERecord?id=CVE-2019-1010025
libc-bin CVE-2019-9192 LOW 2.36-9+deb12u10 no fix available https://access.redhat.com/security/cve/CVE-2019-9192 https://nvd.nist.gov/vuln/detail/CVE-2019-9192 https://sourceware.org/bugzilla/show_bug.cgi?id=24269 https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS https://www.cve.org/CVERecord?id=CVE-2019-9192
libc6 CVE-2025-4802 HIGH 2.36-9+deb12u10 no fix available http://www.openwall.com/lists/oss-security/2025/05/16/7 http://www.openwall.com/lists/oss-security/2025/05/17/2 https://access.redhat.com/security/cve/CVE-2025-4802 https://nvd.nist.gov/vuln/detail/CVE-2025-4802 https://sourceware.org/bugzilla/show_bug.cgi?id=32976 https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e https://www.cve.org/CVERecord?id=CVE-2025-4802 https://www.openwall.com/lists/oss-security/2025/05/16/7 https://www.openwall.com/lists/oss-security/2025/05/17/2
libc6 CVE-2010-4756 LOW 2.36-9+deb12u10 no fix available http://cxib.net/stuff/glob-0day.c http://securityreason.com/achievement_securityalert/89 http://securityreason.com/exploitalert/9223 https://access.redhat.com/security/cve/CVE-2010-4756 https://bugzilla.redhat.com/show_bug.cgi?id=681681 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756 https://nvd.nist.gov/vuln/detail/CVE-2010-4756 https://www.cve.org/CVERecord?id=CVE-2010-4756
libc6 CVE-2018-20796 LOW 2.36-9+deb12u10 no fix available http://www.securityfocus.com/bid/107160 https://access.redhat.com/security/cve/CVE-2018-20796 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html https://nvd.nist.gov/vuln/detail/CVE-2018-20796 https://security.netapp.com/advisory/ntap-20190315-0002/ https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS https://www.cve.org/CVERecord?id=CVE-2018-20796
libc6 CVE-2019-1010022 LOW 2.36-9+deb12u10 no fix available https://access.redhat.com/security/cve/CVE-2019-1010022 https://nvd.nist.gov/vuln/detail/CVE-2019-1010022 https://security-tracker.debian.org/tracker/CVE-2019-1010022 https://sourceware.org/bugzilla/show_bug.cgi?id=22850 https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3 https://ubuntu.com/security/CVE-2019-1010022 https://www.cve.org/CVERecord?id=CVE-2019-1010022
libc6 CVE-2019-1010023 LOW 2.36-9+deb12u10 no fix available http://www.securityfocus.com/bid/109167 https://access.redhat.com/security/cve/CVE-2019-1010023 https://nvd.nist.gov/vuln/detail/CVE-2019-1010023 https://security-tracker.debian.org/tracker/CVE-2019-1010023 https://sourceware.org/bugzilla/show_bug.cgi?id=22851 https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010023 https://www.cve.org/CVERecord?id=CVE-2019-1010023
libc6 CVE-2019-1010024 LOW 2.36-9+deb12u10 no fix available http://www.securityfocus.com/bid/109162 https://access.redhat.com/security/cve/CVE-2019-1010024 https://nvd.nist.gov/vuln/detail/CVE-2019-1010024 https://security-tracker.debian.org/tracker/CVE-2019-1010024 https://sourceware.org/bugzilla/show_bug.cgi?id=22852 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010024 https://www.cve.org/CVERecord?id=CVE-2019-1010024
libc6 CVE-2019-1010025 LOW 2.36-9+deb12u10 no fix available https://access.redhat.com/security/cve/CVE-2019-1010025 https://nvd.nist.gov/vuln/detail/CVE-2019-1010025 https://security-tracker.debian.org/tracker/CVE-2019-1010025 https://sourceware.org/bugzilla/show_bug.cgi?id=22853 https://support.f5.com/csp/article/K06046097 https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS https://ubuntu.com/security/CVE-2019-1010025 https://www.cve.org/CVERecord?id=CVE-2019-1010025
libc6 CVE-2019-9192 LOW 2.36-9+deb12u10 no fix available https://access.redhat.com/security/cve/CVE-2019-9192 https://nvd.nist.gov/vuln/detail/CVE-2019-9192 https://sourceware.org/bugzilla/show_bug.cgi?id=24269 https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS https://www.cve.org/CVERecord?id=CVE-2019-9192
libcurl3-gnutls CVE-2024-2379 LOW 7.88.1-10+deb12u12 no fix available http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19 http://seclists.org/fulldisclosure/2024/Jul/20 http://www.openwall.com/lists/oss-security/2024/03/27/2 https://access.redhat.com/security/cve/CVE-2024-2379 https://curl.se/docs/CVE-2024-2379.html https://curl.se/docs/CVE-2024-2379.json https://hackerone.com/reports/2410774 https://nvd.nist.gov/vuln/detail/CVE-2024-2379 https://security.netapp.com/advisory/ntap-20240531-0001/ https://support.apple.com/kb/HT214118 https://support.apple.com/kb/HT214119 https://support.apple.com/kb/HT214120 https://www.cve.org/CVERecord?id=CVE-2024-2379
libcurl3-gnutls CVE-2025-0725 LOW 7.88.1-10+deb12u12 no fix available http://www.openwall.com/lists/oss-security/2025/02/05/3 http://www.openwall.com/lists/oss-security/2025/02/06/2 http://www.openwall.com/lists/oss-security/2025/02/06/4 https://access.redhat.com/security/cve/CVE-2025-0725 https://curl.se/docs/CVE-2025-0725.html https://curl.se/docs/CVE-2025-0725.json https://hackerone.com/reports/2956023 https://nvd.nist.gov/vuln/detail/CVE-2025-0725 https://security.netapp.com/advisory/ntap-20250306-0009/ https://www.cve.org/CVERecord?id=CVE-2025-0725
libexpat1 CVE-2023-52425 HIGH 2.5.0-1+deb12u1 no fix available http://www.openwall.com/lists/oss-security/2024/03/20/5 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2023-52425 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://bugzilla.redhat.com/show_bug.cgi?id=2262877 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52425 https://errata.almalinux.org/9/ALSA-2024-1530.html https://errata.rockylinux.org/RLSA-2024:1615 https://github.com/libexpat/libexpat/pull/789 https://linux.oracle.com/cve/CVE-2023-52425.html https://linux.oracle.com/errata/ELSA-2024-4259.html https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ https://nvd.nist.gov/vuln/detail/CVE-2023-52425 https://security.netapp.com/advisory/ntap-20240614-0003/ https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2023-52425
libexpat1 CVE-2024-8176 HIGH 2.5.0-1+deb12u1 no fix available http://www.openwall.com/lists/oss-security/2025/03/15/1 https://access.redhat.com/errata/RHSA-2025:3531 https://access.redhat.com/errata/RHSA-2025:3734 https://access.redhat.com/errata/RHSA-2025:3913 https://access.redhat.com/errata/RHSA-2025:4048 https://access.redhat.com/errata/RHSA-2025:4446 https://access.redhat.com/errata/RHSA-2025:4447 https://access.redhat.com/errata/RHSA-2025:4448 https://access.redhat.com/errata/RHSA-2025:4449 https://access.redhat.com/errata/RHSA-2025:7444 https://access.redhat.com/errata/RHSA-2025:7512 https://access.redhat.com/security/cve/CVE-2024-8176 https://blog.hartwork.org/posts/expat-2-7-0-released/ https://bugzilla.redhat.com/2310137 https://bugzilla.redhat.com/show_bug.cgi?id=2310137 https://bugzilla.suse.com/show_bug.cgi?id=1239618 https://errata.almalinux.org/9/ALSA-2025-7444.html https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52 https://github.com/libexpat/libexpat/issues/893 https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53 https://linux.oracle.com/cve/CVE-2024-8176.html https://linux.oracle.com/errata/ELSA-2025-7444.html https://nvd.nist.gov/vuln/detail/CVE-2024-8176 https://security-tracker.debian.org/tracker/CVE-2024-8176 https://security.netapp.com/advisory/ntap-20250328-0009/ https://ubuntu.com/security/CVE-2024-8176 https://ubuntu.com/security/notices/USN-7424-1 https://www.cve.org/CVERecord?id=CVE-2024-8176 https://www.kb.cert.org/vuls/id/760160
libexpat1 CVE-2024-50602 MEDIUM 2.5.0-1+deb12u1 no fix available https://access.redhat.com/errata/RHSA-2024:9541 https://access.redhat.com/security/cve/CVE-2024-50602 https://bugzilla.redhat.com/2321987 https://bugzilla.redhat.com/show_bug.cgi?id=2321987 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50602 https://errata.almalinux.org/9/ALSA-2024-9541.html https://errata.rockylinux.org/RLSA-2024:9502 https://github.com/libexpat/libexpat/pull/915 https://linux.oracle.com/cve/CVE-2024-50602.html https://linux.oracle.com/errata/ELSA-2024-9541.html https://lists.debian.org/debian-lts-announce/2025/04/msg00040.html https://nvd.nist.gov/vuln/detail/CVE-2024-50602 https://security.netapp.com/advisory/ntap-20250404-0008/ https://www.cve.org/CVERecord?id=CVE-2024-50602
libexpat1 CVE-2023-52426 LOW 2.5.0-1+deb12u1 no fix available https://access.redhat.com/security/cve/CVE-2023-52426 https://cwe.mitre.org/data/definitions/776.html https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404 https://github.com/libexpat/libexpat/pull/777 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ https://nvd.nist.gov/vuln/detail/CVE-2023-52426 https://security.netapp.com/advisory/ntap-20240307-0005/ https://www.cve.org/CVERecord?id=CVE-2023-52426
libexpat1 CVE-2024-28757 LOW 2.5.0-1+deb12u1 no fix available http://www.openwall.com/lists/oss-security/2024/03/15/1 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2024-28757 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://errata.almalinux.org/9/ALSA-2024-1530.html https://github.com/libexpat/libexpat/issues/839 https://github.com/libexpat/libexpat/pull/842 https://linux.oracle.com/cve/CVE-2024-28757.html https://linux.oracle.com/errata/ELSA-2024-1530.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/ https://nvd.nist.gov/vuln/detail/CVE-2024-28757 https://security.netapp.com/advisory/ntap-20240322-0001/ https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2024-28757
libgcc-s1 CVE-2022-27943 LOW 12.2.0-14+deb12u1 no fix available https://access.redhat.com/security/cve/CVE-2022-27943 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a770b01ef415e114164b6151d1e55acdee09371 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=9234cdca6ee88badfc00297e72f13dac4e540c79 https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=fc968115a742d9e4674d9725ce9c2106b91b6ead https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H424YXGW7OKXS2NCAP35OP6Y4P4AW6VG/ https://nvd.nist.gov/vuln/detail/CVE-2022-27943 https://sourceware.org/bugzilla/show_bug.cgi?id=28995 https://www.cve.org/CVERecord?id=CVE-2022-27943
libgcrypt20 CVE-2018-6829 LOW 1.10.1-3 no fix available https://access.redhat.com/security/cve/CVE-2018-6829 https://github.com/weikengchen/attack-on-libgcrypt-elgamal https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html https://nvd.nist.gov/vuln/detail/CVE-2018-6829 https://www.cve.org/CVERecord?id=CVE-2018-6829 https://www.oracle.com/security-alerts/cpujan2020.html
libgcrypt20 CVE-2024-2236 LOW 1.10.1-3 no fix available https://access.redhat.com/errata/RHSA-2024:9404 https://access.redhat.com/errata/RHSA-2025:3530 https://access.redhat.com/errata/RHSA-2025:3534 https://access.redhat.com/security/cve/CVE-2024-2236 https://bugzilla.redhat.com/2245218 https://bugzilla.redhat.com/show_bug.cgi?id=2245218 https://bugzilla.redhat.com/show_bug.cgi?id=2268268 https://dev.gnupg.org/T7136 https://errata.almalinux.org/9/ALSA-2024-9404.html https://github.com/tomato42/marvin-toolkit/tree/master/example/libgcrypt https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/17 https://linux.oracle.com/cve/CVE-2024-2236.html https://linux.oracle.com/errata/ELSA-2024-9404.html https://lists.gnupg.org/pipermail/gcrypt-devel/2024-March/005607.html https://nvd.nist.gov/vuln/detail/CVE-2024-2236 https://www.cve.org/CVERecord?id=CVE-2024-2236
libgnutls30 CVE-2011-3389 LOW 3.7.9-2+deb12u4 no fix available http://arcticdog.wordpress.com/2012/08/29/beast-openssl-and-apache/ http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/ http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx http://curl.haxx.se/docs/adv_20120124B.html http://downloads.asterisk.org/pub/security/AST-2016-001.html http://ekoparty.org/2011/juliano-rizzo.php http://eprint.iacr.org/2004/111 http://eprint.iacr.org/2006/136 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html http://isc.sans.edu/diary/SSL+TLS+part+3+/11635 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://marc.info/?l=bugtraq&m=132750579901589&w=2 http://marc.info/?l=bugtraq&m=132872385320240&w=2 http://marc.info/?l=bugtraq&m=133365109612558&w=2 http://marc.info/?l=bugtraq&m=133728004526190&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue http://osvdb.org/74829 http://rhn.redhat.com/errata/RHSA-2012-0508.html http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/45791 http://secunia.com/advisories/47998 http://secunia.com/advisories/48256 http://secunia.com/advisories/48692 http://secunia.com/advisories/48915 http://secunia.com/advisories/48948 http://secunia.com/advisories/49198 http://secunia.com/advisories/55322 http://secunia.com/advisories/55350 http://secunia.com/advisories/55351 http://security.gentoo.org/glsa/glsa-201203-02.xml http://security.gentoo.org/glsa/glsa-201406-32.xml http://support.apple.com/kb/HT4999 http://support.apple.com/kb/HT5001 http://support.apple.com/kb/HT5130 http://support.apple.com/kb/HT5281 http://support.apple.com/kb/HT5501 http://support.apple.com/kb/HT6150 http://technet.microsoft.com/security/advisory/2588513 http://vnhacker.blogspot.com/2011/09/beast.html http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf http://www.debian.org/security/2012/dsa-2398 http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html http://www.ibm.com/developerworks/java/jdk/alerts/ http://www.imperialviolet.org/2011/09/23/chromeandbeast.html http://www.insecure.cl/Beast-SSL.rar http://www.kb.cert.org/vuls/id/864643 http://www.mandriva.com/security/advisories?name=MDVSA-2012:058 http://www.opera.com/docs/changelogs/mac/1151/ http://www.opera.com/docs/changelogs/mac/1160/ http://www.opera.com/docs/changelogs/unix/1151/ http://www.opera.com/docs/changelogs/unix/1160/ http://www.opera.com/docs/changelogs/windows/1151/ http://www.opera.com/docs/changelogs/windows/1160/ http://www.opera.com/support/kb/view/1004/ http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://www.redhat.com/support/errata/RHSA-2011-1384.html http://www.redhat.com/support/errata/RHSA-2012-0006.html http://www.securityfocus.com/bid/49388 http://www.securityfocus.com/bid/49778 http://www.securitytracker.com/id/1029190 http://www.securitytracker.com/id?1025997 http://www.securitytracker.com/id?1026103 http://www.securitytracker.com/id?1026704 http://www.ubuntu.com/usn/USN-1263-1 http://www.us-cert.gov/cas/techalerts/TA12-010A.html https://access.redhat.com/security/cve/CVE-2011-3389 https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail https://bugzilla.novell.com/show_bug.cgi?id=719047 https://bugzilla.redhat.com/show_bug.cgi?id=737506 https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 https://hermes.opensuse.org/messages/13154861 https://hermes.opensuse.org/messages/13155432 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 https://linux.oracle.com/cve/CVE-2011-3389.html https://linux.oracle.com/errata/ELSA-2011-1380.html https://nvd.nist.gov/vuln/detail/CVE-2011-3389 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752 https://ubuntu.com/security/notices/USN-1263-1 https://www.cve.org/CVERecord?id=CVE-2011-3389
libgssapi-krb5-2 CVE-2025-3576 MEDIUM 1.20.1-2+deb12u3 no fix available https://access.redhat.com/security/cve/CVE-2025-3576 https://bugzilla.redhat.com/show_bug.cgi?id=2359465 https://nvd.nist.gov/vuln/detail/CVE-2025-3576 https://www.cve.org/CVERecord?id=CVE-2025-3576
libgssapi-krb5-2 CVE-2018-5709 LOW 1.20.1-2+deb12u3 no fix available https://access.redhat.com/security/cve/CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2018-5709 https://www.cve.org/CVERecord?id=CVE-2018-5709
libgssapi-krb5-2 CVE-2024-26458 LOW 1.20.1-2+deb12u3 no fix available https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26458 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md https://linux.oracle.com/cve/CVE-2024-26458.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26458 https://security.netapp.com/advisory/ntap-20240415-0010/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26458
libgssapi-krb5-2 CVE-2024-26461 LOW 1.20.1-2+deb12u3 no fix available https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26461 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md https://linux.oracle.com/cve/CVE-2024-26461.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26461 https://security.netapp.com/advisory/ntap-20240415-0011/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26461
libk5crypto3 CVE-2025-3576 MEDIUM 1.20.1-2+deb12u3 no fix available https://access.redhat.com/security/cve/CVE-2025-3576 https://bugzilla.redhat.com/show_bug.cgi?id=2359465 https://nvd.nist.gov/vuln/detail/CVE-2025-3576 https://www.cve.org/CVERecord?id=CVE-2025-3576
libk5crypto3 CVE-2018-5709 LOW 1.20.1-2+deb12u3 no fix available https://access.redhat.com/security/cve/CVE-2018-5709 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2018-5709 https://www.cve.org/CVERecord?id=CVE-2018-5709
libk5crypto3 CVE-2024-26458 LOW 1.20.1-2+deb12u3 no fix available https://access.redhat.com/errata/RHSA-2024:9331 https://access.redhat.com/security/cve/CVE-2024-26458 https://bugzilla.redhat.com/2266731 https://bugzilla.redhat.com/2266740 https://bugzilla.redhat.com/2266742 https://bugzilla.redhat.com/show_bug.cgi?id=2266731 https://bugzilla.redhat.com/show_bug.cgi?id=2266740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26461 https://errata.almalinux.org/9/ALSA-2024-9331.html https://errata.rockylinux.org/RLSA-2024:3268 https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md https://linux.oracle.com/cve/CVE-2024-26458.html https://linux.oracle.com/errata/ELSA-2024-9331.html https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html https://nvd.nist.gov/vuln/detail/CVE-2024-26458 https://security.netapp.com/advisory/ntap-20240415-0010/ https://ubuntu.com/security/notices/USN-7314-1 https://www.cve.org/CVERecord?id=CVE-2024-26458
74 other vulnerabilities found...
No Misconfigurations found

Python (python-pkg)

Package Vulnerability ID Severity Installed Version Fixed Version Links
asteval CVE-2025-24359 HIGH 1.0.5 1.0.6 https://github.com/lmfit/asteval https://github.com/lmfit/asteval/blob/cfb57f0beebe0dc0520a1fbabc35e66060c7ea71/asteval/asteval.py#L507 https://github.com/lmfit/asteval/commit/45bb47533f7abb5479618ae7f6a809215700dcb2 https://github.com/lmfit/asteval/security/advisories/GHSA-3wwr-3g9f-9gc7 https://lucumr.pocoo.org/2016/12/29/careful-with-str-format https://nvd.nist.gov/vuln/detail/CVE-2025-24359
asteval GHSA-vp47-9734-prjw HIGH 1.0.5 1.0.6 https://github.com/lmfit/asteval https://github.com/lmfit/asteval/commit/45bb47533f7abb5479618ae7f6a809215700dcb2 https://github.com/lmfit/asteval/security/advisories/GHSA-vp47-9734-prjw
setuptools CVE-2025-47273 HIGH 70.0.0 78.1.1 https://access.redhat.com/security/cve/CVE-2025-47273 https://github.com/pypa/setuptools https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b https://github.com/pypa/setuptools/issues/4946 https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://nvd.nist.gov/vuln/detail/CVE-2025-47273 https://www.cve.org/CVERecord?id=CVE-2025-47273
No Misconfigurations found

usr/bin/kustomize (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2024-45336 MEDIUM v1.22.7 1.22.11, 1.23.5, 1.24.0-rc.2 https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45336 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643100 https://go.dev/issue/70530 https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45336.html https://linux.oracle.com/errata/ELSA-2025-3772.html https://nvd.nist.gov/vuln/detail/CVE-2024-45336 https://pkg.go.dev/vuln/GO-2025-3420 https://security.netapp.com/advisory/ntap-20250221-0003/ https://www.cve.org/CVERecord?id=CVE-2024-45336
stdlib CVE-2024-45341 MEDIUM v1.22.7 1.22.11, 1.23.5, 1.24.0-rc.2 https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45341 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643099 https://go.dev/issue/71156 https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45341.html https://linux.oracle.com/errata/ELSA-2025-3772.html https://nvd.nist.gov/vuln/detail/CVE-2024-45341 https://pkg.go.dev/vuln/GO-2025-3373 https://security.netapp.com/advisory/ntap-20250221-0004/ https://www.cve.org/CVERecord?id=CVE-2024-45341
stdlib CVE-2025-22866 MEDIUM v1.22.7 1.22.12, 1.23.6, 1.24.0-rc.3 https://access.redhat.com/security/cve/CVE-2025-22866 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://security.netapp.com/advisory/ntap-20250221-0002/ https://www.cve.org/CVERecord?id=CVE-2025-22866
stdlib CVE-2025-22871 MEDIUM v1.22.7 1.23.8, 1.24.2 http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/security/cve/CVE-2025-22871 https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
No Misconfigurations found

usr/local/bin/helm (gobinary)

No Vulnerabilities found
No Misconfigurations found