Vulnerability Reportowasp/dependency-check:12.1.5

owasp/dependency-check:12.1.5
DIGESTsha256:7413f32c641ec3941bc925a9000d39e76e8d9ea90bd9718e4b6937a95e3622d2

Executive Summary

Threat Score
50/100CAUTION
Reputation
RELIABLE

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. The image contains 80 known vulnerabilities, including 11 moderate-severity ones (max 6.38) such as CVE-2026-28390 and CVE-2026-34183 in OpenSSL, which could allow a remote attacker to cause a denial of service by sending specially crafted CMS or QUIC packets. While the primary use of this image is as a CLI tool and may not be network-facing, the presence of these vulnerabilities increases the attack surface if the container processes untrusted data. Updating the affected packages (libcrypto3, libssl3, bcpg) is recommended to remediate these issues.

Vulnerabilities

Vulnerability Log

180 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-28390MEDIUM6.38
libcrypto3
3.5.2-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34183MEDIUM6.38
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
libssl3
3.5.2-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34183MEDIUM6.38
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-3505MEDIUM6.38
org.bouncycastle:bcpg-jdk18on
1.78
fixed in 1.84
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-5598MEDIUM6.38
org.bouncycastle:bcprov-jdk18on
1.78
fixed in 1.84
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42198MEDIUM6.38
org.postgresql:postgresql
42.7.5
fixed in 42.7.11
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9231MEDIUM5.9
libcrypto3
3.5.2-r0
fixed in 3.5.4-r0
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-9231MEDIUM5.9
libssl3
3.5.2-r0
fixed in 3.5.4-r0
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libcrypto3
3.5.2-r0
fixed in 3.5.4-r0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libssl3
3.5.2-r0
fixed in 3.5.4-r0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2026-2673MEDIUM5.52
libcrypto3
3.5.2-r0
fixed in 3.5.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
libssl3
3.5.2-r0
fixed in 3.5.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0636MEDIUM5.52
org.bouncycastle:bcprov-jdk18on
1.78
fixed in 1.84
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-11226MEDIUM5.44
ch.qos.logback:logback-core
1.2.13
fixed in 1.5.19, 1.3.16
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-25210MEDIUM5.3
libexpat
2.7.1-r0
fixed in 2.7.4-r0
0.2%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2025-59375MEDIUM5.3
libexpat
2.7.1-r0
fixed in 2.7.2-r0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-11187MEDIUM5.18
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-11187MEDIUM5.18
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM5.1
libcrypto3
3.5.2-r0
fixed in 3.5.6-r0
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28388MEDIUM5.1
libssl3
3.5.2-r0
fixed in 3.5.6-r0
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-27135MEDIUM5.1
nghttp2-libs
1.65.0-r0
fixed in 1.68.1
0.6%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2025-62408MEDIUM5.02
c-ares
1.34.5-r0
fixed in 1.34.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libcrypto3
3.5.2-r0
fixed in 3.5.6-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.5.2-r0
fixed in 3.5.6-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49146MEDIUM5.02
org.postgresql:postgresql
42.7.5
fixed in 42.7.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-15469MEDIUM4.67
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-32776MEDIUM4.67
libexpat
2.7.1-r0
fixed in 2.7.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-32777MEDIUM4.67
libexpat
2.7.1-r0
fixed in 2.7.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-32778MEDIUM4.67
libexpat
2.7.1-r0
fixed in 2.7.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-15469MEDIUM4.67
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r10
fixed in 1.2.5-r11
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-12798MEDIUM4.67
ch.qos.logback:logback-core
1.2.13
fixed in 1.5.13, 1.3.15
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-1225MEDIUM4.25
ch.qos.logback:logback-core
1.2.13
fixed in 1.5.25
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
48.7%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
libssl3
3.5.2-r0
fixed in 3.5.5-r0
48.7%
High Exploitation Risk
Post-Exploit
CVE-2025-68160MEDIUM4
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40200LOW3.98
musl-utils
1.2.5-r10
fixed in 1.2.5-r12
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69262LOW3.98
pnpm
10.17.0
fixed in 10.27.0
0.9%
Theoretical Threat
Post-Exploit
CVE-2025-55131LOW3.62
nodejs
22.16.0-r2
fixed in 22.22.0-r0
1.0%
Theoretical Threat
Post-Exploit
CVE-2026-26960LOW3.62
tar
7.4.3
fixed in 7.5.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-69418LOW3.4
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-23888LOW3.31
pnpm
10.17.0
fixed in 10.28.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-23889LOW3.31
pnpm
10.17.0
fixed in 10.28.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-23890LOW3.31
pnpm
10.17.0
fixed in 10.28.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-24056LOW3.31
pnpm
10.17.0
fixed in 10.28.2
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-29786LOW3.21
tar
7.4.3
fixed in 7.5.10
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-9086LOW3.18
libcurl
8.14.1-r1
fixed in 8.14.1-r2
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2026-45446LOW3.15
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-23745LOW3.11
tar
7.4.3
fixed in 7.5.3
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-21710LOW3.1
nodejs
22.16.0-r2
fixed in 22.22.2-r0
13.1%
High Exploitation Risk
Post-Exploit
CVE-2025-9232LOW3.1
libcrypto3
3.5.2-r0
fixed in 3.5.4-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-9232LOW3.1
libssl3
3.5.2-r0
fixed in 3.5.4-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-21713LOW3.01
nodejs
22.16.0-r2
fixed in 22.22.2-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-21717LOW3.01
nodejs
22.16.0-r2
fixed in 22.22.2-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-23950LOW3.01
tar
7.4.3
fixed in 7.5.4
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
libcrypto3
3.5.2-r0
fixed in 3.5.6-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
libssl3
3.5.2-r0
fixed in 3.5.6-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69264LOW3
pnpm
10.17.0
fixed in 10.26.0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-45447LOW2.92
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
libssl3
3.5.2-r0
fixed in 3.5.7-r0
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2025-55248LOW2.91
Microsoft.NETCore.App.Runtime.linux-musl-x64
8.0.20
fixed in 9.0.10, 8.0.21
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-6042LOW2.8
musl-utils
1.2.5-r10
fixed in 1.2.5-r11
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-24131LOW2.8
pnpm
10.17.0
fixed in 10.28.2
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31802LOW2.8
tar
7.4.3
fixed in 7.5.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2024-12801LOW2.8
ch.qos.logback:logback-core
1.2.13
fixed in 1.5.13, 1.3.15
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45445LOW2.78
libcrypto3
3.5.2-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libssl3
3.5.2-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-55130LOW2.78
nodejs
22.16.0-r2
fixed in 22.22.0-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-58050LOW2.78
pcre2
10.43-r1
fixed in 10.46-r0
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-21637LOW2.7
nodejs
22.16.0-r2
fixed in 22.22.0-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-64756LOW2.7
npm
11.3.0-r1
fixed in 11.6.4-r0
3.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-32178LOW2.7
Microsoft.NETCore.App.Runtime.linux-musl-x64
8.0.20
fixed in 10.0.6, 9.0.15, 8.0.26
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-55132LOW2.7
nodejs
22.16.0-r2
fixed in 22.22.0-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-21714LOW2.7
nodejs
22.16.0-r2
fixed in 22.22.2-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-69263LOW2.69
pnpm
10.17.0
fixed in 10.26.0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-24842LOW2.51
tar
7.4.3
fixed in 7.5.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libcrypto3
3.5.2-r0
fixed in 3.5.6-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libssl3
3.5.2-r0
fixed in 3.5.6-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-10148LOW2.45
libcurl
8.14.1-r1
fixed in 8.14.1-r2
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-40200LOW2.39
musl
1.2.5-r10
fixed in 1.2.5-r12
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-22184LOW2.39
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libcrypto3
3.5.2-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libcrypto3
3.5.2-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libssl3
3.5.2-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libssl3
3.5.2-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-59465LOW2.29
nodejs
22.16.0-r2
fixed in 22.22.0-r0
0.9%
Theoretical Threat
Post-Exploit
CVE-2025-59466LOW2.29
nodejs
22.16.0-r2
fixed in 22.22.0-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-24515LOW2.12
libexpat
2.7.1-r0
fixed in 2.7.4-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-21716LOW1.94
nodejs
22.16.0-r2
fixed in 22.22.2-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox
1.37.0-r18
fixed in 1.37.0-r20
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox-binsh
1.37.0-r18
fixed in 1.37.0-r20
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-21715LOW1.68
nodejs
22.16.0-r2
fixed in 22.22.2-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
ssl_client
1.37.0-r18
fixed in 1.37.0-r20
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-5889LOW1.58
npm
11.3.0-r1
fixed in 11.4.2-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-68121NONE0
stdlib
v1.25.1
fixed in 1.24.13, 1.25.7, 1.26.0-rc.3
0.8%
Theoretical Threat
Not Applicable
CVE-2026-33750NONE0
brace-expansion
2.0.2
fixed in 5.0.5, 3.0.2, 2.0.3, 1.1.13
0.4%
Theoretical Threat
Not Applicable
CVE-2025-64756NONE0
glob
10.4.5
fixed in 11.1.0, 10.5.0
3.0%
Low-Moderate Risk
Not Applicable
CVE-2026-26996NONE0
minimatch
9.0.5
fixed in 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3
0.5%
Theoretical Threat
Not Applicable
CVE-2025-61726NONE0
stdlib
v1.25.1
fixed in 1.24.12, 1.25.6
0.8%
Theoretical Threat
Not Applicable
CVE-2025-61729NONE0
stdlib
v1.25.1
fixed in 1.24.11, 1.25.5
0.5%
Theoretical Threat
Not Applicable
CVE-2026-25679NONE0
stdlib
v1.25.1
fixed in 1.25.8, 1.26.1
0.5%
Theoretical Threat
Not Applicable
CVE-2026-32280NONE0
stdlib
v1.25.1
fixed in 1.25.9, 1.26.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-32281NONE0
stdlib
v1.25.1
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32283NONE0
stdlib
v1.25.1
fixed in 1.25.9, 1.26.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-33811NONE0
stdlib
v1.25.1
fixed in 1.25.10, 1.26.3
0.5%
Theoretical Threat
Not Applicable
CVE-2026-33814NONE0
stdlib
v1.25.1
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2026-39820NONE0
stdlib
v1.25.1
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2026-39836NONE0
stdlib
v1.25.1
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2025-58183NONE0
stdlib
v1.25.1
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-61728NONE0
stdlib
v1.25.1
fixed in 1.24.12, 1.25.6
0.6%
Theoretical Threat
Not Applicable
CVE-2026-27904NONE0
minimatch
9.0.5
fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4
0.5%
Theoretical Threat
Not Applicable
CVE-2025-61727NONE0
stdlib
v1.25.1
fixed in 1.24.11, 1.25.5
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32282NONE0
stdlib
v1.25.1
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-42338NONE0
ip-address
10.0.1
fixed in 10.1.1
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32289NONE0
stdlib
v1.25.1
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-27903NONE0
minimatch
9.0.5
fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3
0.5%
Theoretical Threat
Not Applicable
CVE-2026-32288NONE0
stdlib
v1.25.1
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-27142NONE0
stdlib
v1.25.1
fixed in 1.25.8, 1.26.1
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39826NONE0
stdlib
v1.25.1
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2025-47912NONE0
stdlib
v1.25.1
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58185NONE0
stdlib
v1.25.1
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2025-58187NONE0
stdlib
v1.25.1
fixed in 1.24.9, 1.25.3
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58188NONE0
stdlib
v1.25.1
fixed in 1.24.8, 1.25.2
0.3%
Theoretical Threat
Not Applicable
CVE-2025-58189NONE0
stdlib
v1.25.1
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-61723NONE0
stdlib
v1.25.1
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61724NONE0
stdlib
v1.25.1
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2025-61725NONE0
stdlib
v1.25.1
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61730NONE0
stdlib
v1.25.1
fixed in 1.24.12, 1.25.6
0.3%
Theoretical Threat
Not Applicable
CVE-2025-58186NONE0
stdlib
v1.25.1
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2026-27139NONE0
stdlib
v1.25.1
fixed in 1.25.8, 1.26.1
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox
1.37.0-r18
fixed in 1.37.0-r20
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox-binsh
1.37.0-r18
fixed in 1.37.0-r20
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
ssl_client
1.37.0-r18
fixed in 1.37.0-r20
0.2%
Theoretical Threat
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.20.0
fixed in 2.21.1, 2.18.6
Not Applicable
CVE-2026-53655NONE0
tar
7.4.3
fixed in 7.5.16
Not Applicable
CVE-2026-39823NONE0
stdlib
v1.25.1
fixed in 1.25.10, 1.26.3
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39825NONE0
stdlib
v1.25.1
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42499NONE0
stdlib
v1.25.1
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2026-42504NONE0
stdlib
v1.25.1
fixed in 1.25.11, 1.26.4
0.4%
Theoretical Threat
Not Applicable
CVE-2026-27145NONE0
stdlib
v1.25.1
fixed in 1.25.11, 1.26.4
0.3%
Theoretical Threat
Not Applicable
CVE-2026-42507NONE0
stdlib
v1.25.1
fixed in 1.25.11, 1.26.4
0.3%
Theoretical Threat
Not Applicable