Vulnerability Reportowasp/dependency-check:12.1.8

owasp/dependency-check:12.1.8
DIGESTsha256:65ff56e632e1e1d034509c7fe57ed9bf690e505cf983dac2d62cada0396e43dd

Executive Summary

Threat Score
50/100CAUTION
Reputation
RELIABLE

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. The image contains 92 exposed vulnerabilities, all in OpenSSL and limited to Denial of Service (e.g., CVE-2025-69421, CVE-2026-28388). An attacker could cause service disruption by sending crafted PKCS#12 or CRL data, though this requires the tool to process such inputs. The dependency-check tool's primary function of scanning may involve parsing untrusted files, making these DoS attacks plausible. However, no remote code execution or data exposure vulnerabilities exist. Updating the OpenSSL packages would fully remediate these issues, and restricting network access to the container minimizes attack surface.

Vulnerabilities

Vulnerability Log

163 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2025-69421MEDIUM6.38
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
libcrypto3
3.5.4-r0
fixed in 3.5.6-r0
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
libcrypto3
3.5.4-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
libcrypto3
3.5.4-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34183MEDIUM6.38
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-69421MEDIUM6.38
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
libssl3
3.5.4-r0
fixed in 3.5.6-r0
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
libssl3
3.5.4-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
libssl3
3.5.4-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34183MEDIUM6.38
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27135MEDIUM6.38
nghttp2-libs
1.65.0-r0
fixed in 1.68.1
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-59466MEDIUM6.38
nodejs
22.16.0-r2
fixed in 22.22.0-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-3505MEDIUM6.38
org.bouncycastle:bcpg-jdk18on
1.78
fixed in 1.84
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-5598MEDIUM6.38
org.bouncycastle:bcprov-jdk18on
1.78
fixed in 1.84
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42198MEDIUM6.38
org.postgresql:postgresql
42.7.5
fixed in 42.7.11
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33750MEDIUM6.38
brace-expansion
2.0.2
fixed in 5.0.5, 3.0.2, 2.0.3, 1.1.13
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-26996MEDIUM6.38
minimatch
9.0.5
fixed in 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-58050MEDIUM6.18
pcre2
10.43-r1
fixed in 10.46-r0
0.7%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2025-55131MEDIUM6.03
nodejs
22.16.0-r2
fixed in 22.22.0-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
libcrypto3
3.5.4-r0
fixed in 3.5.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
libssl3
3.5.4-r0
fixed in 3.5.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0636MEDIUM5.52
org.bouncycastle:bcprov-jdk18on
1.78
fixed in 1.84
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27904MEDIUM5.52
minimatch
9.0.5
fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-11226MEDIUM5.44
ch.qos.logback:logback-core
1.2.13
fixed in 1.5.19, 1.3.16
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-25210MEDIUM5.3
libexpat
2.7.3-r0
fixed in 2.7.4-r0
0.2%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2025-11187MEDIUM5.18
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-11187MEDIUM5.18
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42338MEDIUM5.18
ip-address
10.0.1
fixed in 10.1.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-62408MEDIUM5.02
c-ares
1.34.5-r0
fixed in 1.34.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libcrypto3
3.5.4-r0
fixed in 3.5.6-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.5.4-r0
fixed in 3.5.6-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-21713MEDIUM5.02
nodejs
22.16.0-r2
fixed in 22.22.2-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-21717MEDIUM5.02
nodejs
22.16.0-r2
fixed in 22.22.2-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49146MEDIUM5.02
org.postgresql:postgresql
42.7.5
fixed in 42.7.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27903MEDIUM5.02
minimatch
9.0.5
fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-55248MEDIUM4.84
Microsoft.NETCore.App.Runtime.linux-musl-x64
8.0.20
fixed in 9.0.10, 8.0.21
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15469MEDIUM4.67
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-32776MEDIUM4.67
libexpat
2.7.3-r0
fixed in 2.7.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-32777MEDIUM4.67
libexpat
2.7.3-r0
fixed in 2.7.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-32778MEDIUM4.67
libexpat
2.7.3-r0
fixed in 2.7.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-15469MEDIUM4.67
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r10
fixed in 1.2.5-r11
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-12798MEDIUM4.67
ch.qos.logback:logback-core
1.2.13
fixed in 1.5.13, 1.3.15
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-55132MEDIUM4.5
nodejs
22.16.0-r2
fixed in 22.22.0-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-21714MEDIUM4.5
nodejs
22.16.0-r2
fixed in 22.22.2-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-1225MEDIUM4.25
ch.qos.logback:logback-core
1.2.13
fixed in 1.5.25
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
48.7%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
libssl3
3.5.4-r0
fixed in 3.5.5-r0
48.7%
High Exploitation Risk
Post-Exploit
CVE-2025-68160MEDIUM4
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40200LOW3.98
musl-utils
1.2.5-r10
fixed in 1.2.5-r12
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69262LOW3.98
pnpm
10.18.2
fixed in 10.27.0
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-26960LOW3.62
tar
7.5.1
fixed in 7.5.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-69418LOW3.4
libcrypto3
3.5.4-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3
3.5.4-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-21716LOW3.23
nodejs
22.16.0-r2
fixed in 22.22.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-29786LOW3.21
tar
7.5.1
fixed in 7.5.10
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45446LOW3.15
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-23745LOW3.11
tar
7.5.1
fixed in 7.5.3
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-21710LOW3.1
nodejs
22.16.0-r2
fixed in 22.22.2-r0
13.1%
High Exploitation Risk
Post-Exploit
CVE-2026-31789LOW3
libcrypto3
3.5.4-r0
fixed in 3.5.6-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
libssl3
3.5.4-r0
fixed in 3.5.6-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69264LOW3
pnpm
10.18.2
fixed in 10.26.0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-45447LOW2.92
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
libssl3
3.5.4-r0
fixed in 3.5.7-r0
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-6042LOW2.8
musl-utils
1.2.5-r10
fixed in 1.2.5-r11
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-24131LOW2.8
pnpm
10.18.2
fixed in 10.28.2
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31802LOW2.8
tar
7.5.1
fixed in 7.5.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-21715LOW2.8
nodejs
22.16.0-r2
fixed in 22.22.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-12801LOW2.8
ch.qos.logback:logback-core
1.2.13
fixed in 1.5.13, 1.3.15
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45445LOW2.78
libcrypto3
3.5.4-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libssl3
3.5.4-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-55130LOW2.78
nodejs
22.16.0-r2
fixed in 22.22.0-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-21637LOW2.7
nodejs
22.16.0-r2
fixed in 22.22.0-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-64756LOW2.7
npm
11.3.0-r1
fixed in 11.6.4-r0
3.0%
Low-Moderate Risk
Post-Exploit
CVE-2025-64756LOW2.7
glob
10.4.5
fixed in 11.1.0, 10.5.0
3.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-32178LOW2.7
Microsoft.NETCore.App.Runtime.linux-musl-x64
8.0.20
fixed in 10.0.6, 9.0.15, 8.0.26
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-69263LOW2.69
pnpm
10.18.2
fixed in 10.26.0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-24842LOW2.51
tar
7.5.1
fixed in 7.5.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libcrypto3
3.5.4-r0
fixed in 3.5.6-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libssl3
3.5.4-r0
fixed in 3.5.6-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-64118LOW2.4
tar
7.5.1
fixed in 7.5.2
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-40200LOW2.39
musl
1.2.5-r10
fixed in 1.2.5-r12
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-22184LOW2.39
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-59465LOW2.29
nodejs
22.16.0-r2
fixed in 22.22.0-r0
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-24515LOW2.12
libexpat
2.7.3-r0
fixed in 2.7.4-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-23888LOW1.99
pnpm
10.18.2
fixed in 10.28.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-23889LOW1.99
pnpm
10.18.2
fixed in 10.28.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-23890LOW1.99
pnpm
10.18.2
fixed in 10.28.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-24056LOW1.99
pnpm
10.18.2
fixed in 10.28.2
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-23950LOW1.81
tar
7.5.1
fixed in 7.5.4
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox
1.37.0-r19
fixed in 1.37.0-r20
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox-binsh
1.37.0-r19
fixed in 1.37.0-r20
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
ssl_client
1.37.0-r19
fixed in 1.37.0-r20
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-5889LOW1.58
npm
11.3.0-r1
fixed in 11.4.2-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-68121NONE0
stdlib
v1.25.2
fixed in 1.24.13, 1.25.7, 1.26.0-rc.3
0.8%
Theoretical Threat
Not Applicable
CVE-2025-61726NONE0
stdlib
v1.25.2
fixed in 1.24.12, 1.25.6
0.8%
Theoretical Threat
Not Applicable
CVE-2025-61729NONE0
stdlib
v1.25.2
fixed in 1.24.11, 1.25.5
0.5%
Theoretical Threat
Not Applicable
CVE-2026-25679NONE0
stdlib
v1.25.2
fixed in 1.25.8, 1.26.1
0.5%
Theoretical Threat
Not Applicable
CVE-2026-32280NONE0
stdlib
v1.25.2
fixed in 1.25.9, 1.26.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-32281NONE0
stdlib
v1.25.2
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32283NONE0
stdlib
v1.25.2
fixed in 1.25.9, 1.26.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-33811NONE0
stdlib
v1.25.2
fixed in 1.25.10, 1.26.3
0.5%
Theoretical Threat
Not Applicable
CVE-2026-33814NONE0
stdlib
v1.25.2
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2026-39820NONE0
stdlib
v1.25.2
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2026-39836NONE0
stdlib
v1.25.2
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61728NONE0
stdlib
v1.25.2
fixed in 1.24.12, 1.25.6
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61727NONE0
stdlib
v1.25.2
fixed in 1.24.11, 1.25.5
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32282NONE0
stdlib
v1.25.2
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32289NONE0
stdlib
v1.25.2
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32288NONE0
stdlib
v1.25.2
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-27142NONE0
stdlib
v1.25.2
fixed in 1.25.8, 1.26.1
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39826NONE0
stdlib
v1.25.2
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58187NONE0
stdlib
v1.25.2
fixed in 1.24.9, 1.25.3
0.4%
Theoretical Threat
Not Applicable
CVE-2025-61730NONE0
stdlib
v1.25.2
fixed in 1.24.12, 1.25.6
0.3%
Theoretical Threat
Not Applicable
CVE-2026-27139NONE0
stdlib
v1.25.2
fixed in 1.25.8, 1.26.1
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox
1.37.0-r19
fixed in 1.37.0-r20
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox-binsh
1.37.0-r19
fixed in 1.37.0-r20
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
ssl_client
1.37.0-r19
fixed in 1.37.0-r20
0.2%
Theoretical Threat
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.20.0
fixed in 2.21.1, 2.18.6
Not Applicable
CVE-2026-53655NONE0
tar
7.5.1
fixed in 7.5.16
Not Applicable
CVE-2026-39823NONE0
stdlib
v1.25.2
fixed in 1.25.10, 1.26.3
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39825NONE0
stdlib
v1.25.2
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42499NONE0
stdlib
v1.25.2
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2026-42504NONE0
stdlib
v1.25.2
fixed in 1.25.11, 1.26.4
0.4%
Theoretical Threat
Not Applicable
CVE-2026-27145NONE0
stdlib
v1.25.2
fixed in 1.25.11, 1.26.4
0.3%
Theoretical Threat
Not Applicable
CVE-2026-42507NONE0
stdlib
v1.25.2
fixed in 1.25.11, 1.26.4
0.3%
Theoretical Threat
Not Applicable