Skip to content

to be continuous

TF_TRIVY_IMAGE

to-be-continuous/doc

docker.io/aquasec/trivy (alpine 3.22.1)¶

Trivy Image Scan

Image: docker.io/aquasec/trivy (alpine 3.22.1)
Scan date: 2025-12-14

docker.io/aquasec/trivy (alpine 3.22.1) (alpine)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
busybox	CVE-2024-58251	MEDIUM	1.37.0-r18	1.37.0-r20	http://www.openwall.com/lists/oss-security/2025/04/23/6 https://bugs.busybox.net/show_bug.cgi?id=15922 https://www.busybox.net https://www.busybox.net/downloads/ https://www.cve.org/CVERecord?id=CVE-2024-58251
busybox	CVE-2025-46394	LOW	1.37.0-r18	1.37.0-r20	http://www.openwall.com/lists/oss-security/2025/04/23/5 http://www.openwall.com/lists/oss-security/2025/04/24/3 https://bugs.busybox.net/show_bug.cgi?id=16018 https://lists.busybox.net/pipermail/busybox/2024-July/090806.html https://lists.busybox.net/pipermail/busybox/2024-July/090814.html https://www.busybox.net https://www.busybox.net/downloads/ https://www.cve.org/CVERecord?id=CVE-2025-46394 https://www.openwall.com/lists/oss-security/2025/04/23/1
busybox-binsh	CVE-2024-58251	MEDIUM	1.37.0-r18	1.37.0-r20	http://www.openwall.com/lists/oss-security/2025/04/23/6 https://bugs.busybox.net/show_bug.cgi?id=15922 https://www.busybox.net https://www.busybox.net/downloads/ https://www.cve.org/CVERecord?id=CVE-2024-58251
busybox-binsh	CVE-2025-46394	LOW	1.37.0-r18	1.37.0-r20	http://www.openwall.com/lists/oss-security/2025/04/23/5 http://www.openwall.com/lists/oss-security/2025/04/24/3 https://bugs.busybox.net/show_bug.cgi?id=16018 https://lists.busybox.net/pipermail/busybox/2024-July/090806.html https://lists.busybox.net/pipermail/busybox/2024-July/090814.html https://www.busybox.net https://www.busybox.net/downloads/ https://www.cve.org/CVERecord?id=CVE-2025-46394 https://www.openwall.com/lists/oss-security/2025/04/23/1
c-ares	CVE-2025-62408	MEDIUM	1.34.5-r0	1.34.6-r0	https://access.redhat.com/security/cve/CVE-2025-62408 https://github.com/c-ares/c-ares/commit/714bf5675c541bd1e668a8db8e67ce012651e618 https://github.com/c-ares/c-ares/security/advisories/GHSA-jq53-42q6-pqr5 https://nvd.nist.gov/vuln/detail/CVE-2025-62408 https://ubuntu.com/security/notices/USN-7925-1 https://www.cve.org/CVERecord?id=CVE-2025-62408
libcrypto3	CVE-2025-9230	MEDIUM	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/errata/RHSA-2025:21255 https://access.redhat.com/security/cve/CVE-2025-9230 https://bugzilla.redhat.com/2396054 https://bugzilla.redhat.com/show_bug.cgi?id=2396054 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230 https://errata.almalinux.org/9/ALSA-2025-21255.html https://errata.rockylinux.org/RLSA-2025:21248 https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45 https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280 https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482 https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3 https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba https://linux.oracle.com/cve/CVE-2025-9230.html https://linux.oracle.com/errata/ELSA-2025-28041.html https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9230
libcrypto3	CVE-2025-9231	MEDIUM	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9231 https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698 https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4 https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2 https://nvd.nist.gov/vuln/detail/CVE-2025-9231 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9231
libcrypto3	CVE-2025-9232	LOW	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9232 https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35 https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3 https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://ubuntu.com/security/notices/USN-7894-1 https://www.cve.org/CVERecord?id=CVE-2025-9232
libssl3	CVE-2025-9230	MEDIUM	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/errata/RHSA-2025:21255 https://access.redhat.com/security/cve/CVE-2025-9230 https://bugzilla.redhat.com/2396054 https://bugzilla.redhat.com/show_bug.cgi?id=2396054 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230 https://errata.almalinux.org/9/ALSA-2025-21255.html https://errata.rockylinux.org/RLSA-2025:21248 https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45 https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280 https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482 https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3 https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba https://linux.oracle.com/cve/CVE-2025-9230.html https://linux.oracle.com/errata/ELSA-2025-28041.html https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9230
libssl3	CVE-2025-9231	MEDIUM	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9231 https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698 https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4 https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2 https://nvd.nist.gov/vuln/detail/CVE-2025-9231 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9231
libssl3	CVE-2025-9232	LOW	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9232 https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35 https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3 https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://ubuntu.com/security/notices/USN-7894-1 https://www.cve.org/CVERecord?id=CVE-2025-9232
ssl_client	CVE-2024-58251	MEDIUM	1.37.0-r18	1.37.0-r20	http://www.openwall.com/lists/oss-security/2025/04/23/6 https://bugs.busybox.net/show_bug.cgi?id=15922 https://www.busybox.net https://www.busybox.net/downloads/ https://www.cve.org/CVERecord?id=CVE-2024-58251
ssl_client	CVE-2025-46394	LOW	1.37.0-r18	1.37.0-r20	http://www.openwall.com/lists/oss-security/2025/04/23/5 http://www.openwall.com/lists/oss-security/2025/04/24/3 https://bugs.busybox.net/show_bug.cgi?id=16018 https://lists.busybox.net/pipermail/busybox/2024-July/090806.html https://lists.busybox.net/pipermail/busybox/2024-July/090814.html https://www.busybox.net https://www.busybox.net/downloads/ https://www.cve.org/CVERecord?id=CVE-2025-46394 https://www.openwall.com/lists/oss-security/2025/04/23/1
No Misconfigurations found

usr/local/bin/trivy (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/sigstore/timestamp-authority	CVE-2025-66564	HIGH	v1.2.2	2.0.3	https://access.redhat.com/security/cve/CVE-2025-66564 https://github.com/sigstore/timestamp-authority https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421 https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh https://nvd.nist.gov/vuln/detail/CVE-2025-66564 https://www.cve.org/CVERecord?id=CVE-2025-66564
stdlib	CVE-2025-61729	HIGH	v1.25.4	1.24.11, 1.25.5	https://access.redhat.com/security/cve/CVE-2025-61729 https://go.dev/cl/725920 https://go.dev/issue/76445 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61729 https://pkg.go.dev/vuln/GO-2025-4155 https://www.cve.org/CVERecord?id=CVE-2025-61729
stdlib	CVE-2025-61727	MEDIUM	v1.25.4	1.24.11, 1.25.5	https://go.dev/cl/723900 https://go.dev/issue/76442 https://groups.google.com/g/golang-announce/c/8FJoBkPddm4 https://nvd.nist.gov/vuln/detail/CVE-2025-61727 https://pkg.go.dev/vuln/GO-2025-4175
No Misconfigurations found