Vulnerability Reportwazuh/wazuh-manager:4.14.3

wazuh/wazuh-manager:4.14.3
DIGESTsha256:f09282d281f63eb5651e19a8dfbed10e0faf4208da3df9d0abc30bc69d769173

Executive Summary

Threat Score
100/100DANGEROUS
Reputation
RELIABLE

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could achieve remote code execution through template injection (CVE-2023-24538), cause denial of service via HTTP/2 Rapid Reset (CVE-2023-44487), and bypass authorization in gRPC endpoints (CVE-2026-33186), potentially leading to full system compromise or data exfiltration. Note that CVE-2026-24486 only applies if the non-default UPLOAD_DIR and UPLOAD_KEEP_FILENAME=True configuration is used. All other critical vulnerabilities are exploitable with default settings, making this image unsuitable for any production workload without complete remediation.

Vulnerabilities

Vulnerability Log

272 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2023-24538CRITICAL9.8
stdlib
v1.14.12
fixed in 1.19.8, 1.20.3
2.3%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2023-24540CRITICAL9.8
stdlib
v1.14.12
fixed in 1.19.9, 1.20.4
1.6%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2023-44487CRITICAL9.75
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.17.0
100.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2023-45288CRITICAL9.75
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.23.0
92.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2023-45288CRITICAL9.75
stdlib
v1.14.12
fixed in 1.21.9, 1.22.2
92.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2026-33186HIGH7.73
google.golang.org/grpc
v1.29.1
fixed in 1.79.3
0.5%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-48863HIGH7.5
libsolv
0.7.22-1.amzn2023.0.2
fixed in 0.7.22-1.amzn2023.0.4
Directly Exposed
CVE-2026-24486HIGH7.5
python-multipart
0.0.20
fixed in 0.0.22
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-27191HIGH7.5
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.0.0-20220314234659-1baeb1ce4c0b
3.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-27664HIGH7.5
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.0.0-20220906165146-f3363e06e74c
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-41723HIGH7.5
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.7.0
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-39325HIGH7.5
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.17.0
3.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-32149HIGH7.5
golang.org/x/text
v0.3.2
fixed in 0.3.8
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-39293HIGH7.5
stdlib
v1.14.12
fixed in 1.16.8, 1.17.1
6.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-41771HIGH7.5
stdlib
v1.14.12
fixed in 1.16.10, 1.17.3
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-41772HIGH7.5
stdlib
v1.14.12
fixed in 1.16.10, 1.17.3
3.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-44716HIGH7.5
stdlib
v1.14.12
fixed in 1.16.12, 1.17.5
4.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-23772HIGH7.5
stdlib
v1.14.12
fixed in 1.16.14, 1.17.7
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-24675HIGH7.5
stdlib
v1.14.12
fixed in 1.17.9, 1.18.1
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-24921HIGH7.5
stdlib
v1.14.12
fixed in 1.16.15, 1.17.8
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-27664HIGH7.5
stdlib
v1.14.12
fixed in 1.18.6, 1.19.1
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-28131HIGH7.5
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-28327HIGH7.5
stdlib
v1.14.12
fixed in 1.17.9, 1.18.1
3.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-2879HIGH7.5
stdlib
v1.14.12
fixed in 1.18.7, 1.19.2
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-2880HIGH7.5
stdlib
v1.14.12
fixed in 1.18.7, 1.19.2
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-29804HIGH7.5
stdlib
v1.14.12
fixed in 1.17.11, 1.18.3
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-30630HIGH7.5
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-30631HIGH7.5
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-30632HIGH7.5
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-30633HIGH7.5
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-30634HIGH7.5
stdlib
v1.14.12
fixed in 1.17.11, 1.18.3
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-30635HIGH7.5
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-32189HIGH7.5
stdlib
v1.14.12
fixed in 1.17.13, 1.18.5
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-41715HIGH7.5
stdlib
v1.14.12
fixed in 1.18.7, 1.19.2
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-41720HIGH7.5
stdlib
v1.14.12
fixed in 1.18.9, 1.19.4
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-41722HIGH7.5
stdlib
v1.14.12
fixed in 1.19.6, 1.20.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-41723HIGH7.5
stdlib
v1.14.12
fixed in 1.19.6, 1.20.1
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-41724HIGH7.5
stdlib
v1.14.12
fixed in 1.19.6, 1.20.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-41725HIGH7.5
stdlib
v1.14.12
fixed in 1.19.6, 1.20.1
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-24534HIGH7.5
stdlib
v1.14.12
fixed in 1.19.8, 1.20.3
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2023-24536HIGH7.5
stdlib
v1.14.12
fixed in 1.19.8, 1.20.3
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-24537HIGH7.5
stdlib
v1.14.12
fixed in 1.19.8, 1.20.3
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-39325HIGH7.5
stdlib
v1.14.12
fixed in 1.20.10, 1.21.3
3.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-45283HIGH7.5
stdlib
v1.14.12
fixed in 1.20.11, 1.21.4, 1.20.12, 1.21.5
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-45287HIGH7.5
stdlib
v1.14.12
fixed in 1.20.0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-34156HIGH7.5
stdlib
v1.14.12
fixed in 1.22.7, 1.23.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-23949HIGH7.31
jaraco.context
5.3.0
fixed in 6.1.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2021-33195HIGH7.3
stdlib
v1.14.12
fixed in 1.15.13, 1.16.5
3.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-24539HIGH7.3
stdlib
v1.14.12
fixed in 1.19.9, 1.20.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-29400HIGH7.3
stdlib
v1.14.12
fixed in 1.19.9, 1.20.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-23806HIGH7.28
stdlib
v1.14.12
fixed in 1.16.14, 1.17.7
3.0%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2021-3121MEDIUM6.88
github.com/gogo/protobuf
v1.3.1
fixed in 1.3.2
3.5%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-28387MEDIUM6.88
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-28387MEDIUM6.88
openssl-libs
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-6100MEDIUM6.88
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-6100MEDIUM6.88
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-68121MEDIUM6.8
stdlib
v1.14.12
fixed in 1.24.13, 1.25.7, 1.26.0-rc.3
0.8%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2020-8559MEDIUM6.8
k8s.io/apimachinery
v0.18.3
fixed in 0.16.13, 0.17.9, 0.18.7
6.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-48864MEDIUM6.63
libsolv
0.7.22-1.amzn2023.0.2
fixed in 0.7.22-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-25621MEDIUM6.63
github.com/containerd/containerd
v1.3.3
fixed in 1.7.29
0.1%
Theoretical Threat
Directly Exposed
CVE-2021-41103MEDIUM6.63
github.com/containerd/containerd
v1.3.3
fixed in 1.4.11, 1.5.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-25173MEDIUM6.63
github.com/containerd/containerd
v1.3.3
fixed in 1.5.18, 1.6.18
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-40635MEDIUM6.63
github.com/containerd/containerd
v1.3.3
fixed in 1.7.27, 1.6.38
0.3%
Theoretical Threat
Directly Exposed
CVE-2022-30580MEDIUM6.63
stdlib
v1.14.12
fixed in 1.17.11, 1.18.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-29403MEDIUM6.63
stdlib
v1.14.12
fixed in 1.19.10, 1.20.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-45337MEDIUM6.56
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.31.0
3.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2022-23471MEDIUM6.5
github.com/containerd/containerd
v1.3.3
fixed in 1.5.16, 1.6.12
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-3114MEDIUM6.5
stdlib
v1.14.12
fixed in 1.14.14, 1.15.7
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2021-34558MEDIUM6.5
stdlib
v1.14.12
fixed in 1.15.14, 1.16.6
7.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-1705MEDIUM6.5
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-32148MEDIUM6.5
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-29406MEDIUM6.5
stdlib
v1.14.12
fixed in 1.19.11, 1.20.6
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-33811MEDIUM6.38
libcap
2.73-1.amzn2023.0.6
fixed in 2.73-1.amzn2023.0.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-33814MEDIUM6.38
libcap
2.73-1.amzn2023.0.6
fixed in 2.73-1.amzn2023.0.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-39820MEDIUM6.38
libcap
2.73-1.amzn2023.0.6
fixed in 2.73-1.amzn2023.0.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-41989MEDIUM6.38
libgcrypt
1.10.2-1.amzn2023.0.2
fixed in 1.10.2-1.amzn2023.0.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27135MEDIUM6.38
libnghttp2
1.59.0-3.amzn2023.0.1
fixed in 1.59.0-3.amzn2023.0.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
openssl-libs
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
openssl-libs
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
openssl-libs
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-3644MEDIUM6.38
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4224MEDIUM6.38
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-3644MEDIUM6.38
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4224MEDIUM6.38
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-32597MEDIUM6.38
PyJWT
2.10.1
fixed in 2.12.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-0994MEDIUM6.38
protobuf
5.29.5
fixed in 6.33.5, 5.29.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-30922MEDIUM6.38
pyasn1
0.4.8
fixed in 0.6.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-44432MEDIUM6.38
urllib3
2.6.3
fixed in 2.7.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-65637MEDIUM6.38
github.com/sirupsen/logrus
v1.4.2
fixed in 1.8.3, 1.9.1, 1.9.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2021-43565MEDIUM6.38
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.0.0-20211202192323-5770296d904e
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-22869MEDIUM6.38
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.35.0
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-22868MEDIUM6.38
golang.org/x/oauth2
v0.0.0-20200107190931-bf48bf16ab8d
fixed in 0.27.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2022-41716MEDIUM6.38
stdlib
v1.14.12
fixed in 1.18.8, 1.19.3
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-61726MEDIUM6.38
stdlib
v1.14.12
fixed in 1.24.12, 1.25.6
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-61729MEDIUM6.38
stdlib
v1.14.12
fixed in 1.24.11, 1.25.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-25679MEDIUM6.38
stdlib
v1.14.12
fixed in 1.25.8, 1.26.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-32280MEDIUM6.38
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-32281MEDIUM6.38
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-32283MEDIUM6.38
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33811MEDIUM6.38
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-33814MEDIUM6.38
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-39820MEDIUM6.38
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-39836MEDIUM6.38
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-58183MEDIUM6.38
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-61728MEDIUM6.38
stdlib
v1.14.12
fixed in 1.24.12, 1.25.6
0.6%
Theoretical Threat
Directly Exposed
CVE-2021-21334MEDIUM6.3
github.com/containerd/containerd
v1.3.3
fixed in 1.4.4, 1.3.10
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-32760MEDIUM6.3
github.com/containerd/containerd
v1.3.3
fixed in 1.4.8, 1.5.4
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2026-48526MEDIUM6.29
PyJWT
2.10.1
fixed in 2.13.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2023-48795MEDIUM6.14
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.17.0, 0.0.0-20231218163308-9d2ee975ef9f
93.3%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2026-1299MEDIUM6.03
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4786MEDIUM6.03
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-1299MEDIUM6.03
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4786MEDIUM6.03
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2020-29652MEDIUM6
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.0.0-20201216223049-8b5274cf687f
3.2%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2021-38561MEDIUM6
golang.org/x/text
v0.3.2
fixed in 0.3.7
1.4%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-14040MEDIUM6
golang.org/x/text
v0.3.2
fixed in 0.3.3
1.9%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2025-47907MEDIUM5.95
stdlib
v1.14.12
fixed in 1.23.12, 1.24.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2019-19794MEDIUM5.9
github.com/miekg/dns
v1.1.15
fixed in 1.1.25
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-31525MEDIUM5.9
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.0.0-20210428140749-89ef3d95e781
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-24786MEDIUM5.9
google.golang.org/protobuf
v1.23.0
fixed in 1.33.0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-31525MEDIUM5.9
stdlib
v1.14.12
fixed in 1.15.12, 1.16.4
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-36221MEDIUM5.9
stdlib
v1.14.12
fixed in 1.15.15, 1.16.7
3.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-24791MEDIUM5.9
stdlib
v1.14.12
fixed in 1.21.12, 1.22.5
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-34158MEDIUM5.9
stdlib
v1.14.12
fixed in 1.22.7, 1.23.1
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-24790MEDIUM5.88
stdlib
v1.14.12
fixed in 1.21.11, 1.22.4
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-4673MEDIUM5.78
stdlib
v1.14.12
fixed in 1.23.10, 1.24.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-9149MEDIUM5.52
libsolv
0.7.22-1.amzn2023.0.2
fixed in 0.7.22-1.amzn2023.0.4
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9150MEDIUM5.52
libsolv
0.7.22-1.amzn2023.0.2
fixed in 0.7.22-1.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
openssl-libs
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-26007MEDIUM5.52
cryptography
44.0.1
fixed in 46.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-48710MEDIUM5.52
starlette
0.49.1
fixed in 1.0.1
0.9%
Theoretical Threat
Directly Exposed
CVE-2023-2253MEDIUM5.52
github.com/docker/distribution
v2.7.1+incompatible
fixed in 2.8.2-beta.1
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-22872MEDIUM5.52
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.38.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-24785MEDIUM5.52
stdlib
v1.14.12
fixed in 1.21.8, 1.22.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-47906MEDIUM5.52
stdlib
v1.14.12
fixed in 1.23.12, 1.24.6
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-61727MEDIUM5.52
stdlib
v1.14.12
fixed in 1.24.11, 1.25.5
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-32282MEDIUM5.44
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-24784MEDIUM5.4
stdlib
v1.14.12
fixed in 1.21.8, 1.22.1
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-41717MEDIUM5.3
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.4.0
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-29526MEDIUM5.3
golang.org/x/sys
v0.0.0-20200625212154-ddb9806d33ae
fixed in 0.0.0-20220412211240-33da011f77ad
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-33197MEDIUM5.3
stdlib
v1.14.12
fixed in 1.15.13, 1.16.5
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-29526MEDIUM5.3
stdlib
v1.14.12
fixed in 1.17.10, 1.18.2
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-41717MEDIUM5.3
stdlib
v1.14.12
fixed in 1.18.9, 1.19.4
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-29409MEDIUM5.3
stdlib
v1.14.12
fixed in 1.19.12, 1.20.7, 1.21.0-rc.4
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-39326MEDIUM5.3
stdlib
v1.14.12
fixed in 1.20.12, 1.21.5
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-45289MEDIUM5.3
stdlib
v1.14.12
fixed in 1.21.8, 1.22.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-45290MEDIUM5.3
stdlib
v1.14.12
fixed in 1.21.8, 1.22.1
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-15257MEDIUM5.2
github.com/containerd/containerd
v1.3.3
fixed in 1.3.9, 1.4.3
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-6019MEDIUM5.18
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-6019MEDIUM5.18
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-3978MEDIUM5.18
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.13.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-39318MEDIUM5.18
stdlib
v1.14.12
fixed in 1.20.8, 1.21.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-39319MEDIUM5.18
stdlib
v1.14.12
fixed in 1.20.8, 1.21.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-32289MEDIUM5.18
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-40355MEDIUM5.02
krb5-libs
1.21.3-6.amzn2023.0.1
fixed in 1.21.3-7.amzn2023.0.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40356MEDIUM5.02
krb5-libs
1.21.3-6.amzn2023.0.1
fixed in 1.21.3-7.amzn2023.0.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-libs
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-48524MEDIUM5.02
PyJWT
2.10.1
fixed in 2.13.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40347MEDIUM5.02
python-multipart
0.0.20
fixed in 0.0.26
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-24783MEDIUM5.02
stdlib
v1.14.12
fixed in 1.21.8, 1.22.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-34155MEDIUM5.02
stdlib
v1.14.12
fixed in 1.22.7, 1.23.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-45336MEDIUM5.02
stdlib
v1.14.12
fixed in 1.22.11, 1.23.5, 1.24.0-rc.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-6357MEDIUM4.93
python3-pip-wheel
21.3.1-2.amzn2023.0.16
fixed in 21.3.1-2.amzn2023.0.19
0.1%
Theoretical Threat
Directly Exposed
CVE-2021-44717MEDIUM4.8
stdlib
v1.14.12
fixed in 1.16.12, 1.17.5
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2026-25645MEDIUM4.67
requests
2.32.4
fixed in 2.33.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2022-31030MEDIUM4.67
github.com/containerd/containerd
v1.3.3
fixed in 1.5.13, 1.6.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-25153MEDIUM4.67
github.com/containerd/containerd
v1.3.3
fixed in 1.5.18, 1.6.18
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-64329MEDIUM4.67
github.com/containerd/containerd
v1.3.3
fixed in 1.7.29
0.1%
Theoretical Threat
Directly Exposed
CVE-2020-8565MEDIUM4.67
k8s.io/client-go
v0.18.3
fixed in 0.19.6, 0.20.0-alpha.2, 0.18.14, 0.17.16
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-1962MEDIUM4.67
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-24789MEDIUM4.67
stdlib
v1.14.12
fixed in 1.21.11, 1.22.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-32288MEDIUM4.67
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-27142MEDIUM4.59
libcap
2.73-1.amzn2023.0.6
fixed in 2.73-1.amzn2023.0.7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-48523MEDIUM4.59
PyJWT
2.10.1
fixed in 2.13.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-22871MEDIUM4.59
stdlib
v1.14.12
fixed in 1.23.8, 1.24.2
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-27142MEDIUM4.59
stdlib
v1.14.12
fixed in 1.25.8, 1.26.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-39826MEDIUM4.59
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2021-33194MEDIUM4.5
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.0.0-20210520170846-37e1c6afe023
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2021-27918MEDIUM4.5
stdlib
v1.14.12
fixed in 1.15.9, 1.16.1
2.5%
Low-Moderate Risk
Directly Exposed
CVE-2021-33196MEDIUM4.5
stdlib
v1.14.12
fixed in 1.15.13, 1.16.5
3.5%
Low-Moderate Risk
Directly Exposed
CVE-2021-33198MEDIUM4.5
stdlib
v1.14.12
fixed in 1.15.13, 1.16.5
3.4%
Low-Moderate Risk
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc
2.34-231.amzn2023.0.3
fixed in 2.34-231.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc-common
2.34-231.amzn2023.0.3
fixed in 2.34-231.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc-minimal-langpack
2.34-231.amzn2023.0.3
fixed in 2.34-231.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-48525MEDIUM4.5
PyJWT
2.10.1
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-21860MEDIUM4.5
Werkzeug
3.1.4
fixed in 3.1.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-27199MEDIUM4.5
Werkzeug
3.1.4
fixed in 3.1.6
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-34073MEDIUM4.5
cryptography
44.0.1
fixed in 46.0.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45409MEDIUM4.5
idna
3.7
fixed in 3.15
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-44431MEDIUM4.5
urllib3
2.6.3
fixed in 2.7.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-10543MEDIUM4.5
github.com/eclipse/paho.mqtt.golang
v1.2.1-0.20200121105743-0d940dd29fd2
fixed in 1.5.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-47914MEDIUM4.5
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.45.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-58181MEDIUM4.5
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.45.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-24532MEDIUM4.5
stdlib
v1.14.12
fixed in 1.19.7, 1.20.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-45284MEDIUM4.5
stdlib
v1.14.12
fixed in 1.20.11, 1.21.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-22866MEDIUM4.5
stdlib
v1.14.12
fixed in 1.22.12, 1.23.6, 1.24.0-rc.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-22873MEDIUM4.5
stdlib
v1.14.12
fixed in 1.23.9, 1.24.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-47912MEDIUM4.5
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58185MEDIUM4.5
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-58187MEDIUM4.5
stdlib
v1.14.12
fixed in 1.24.9, 1.25.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58188MEDIUM4.5
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-58189MEDIUM4.5
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-61723MEDIUM4.5
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-61724MEDIUM4.5
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-61725MEDIUM4.5
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-61730MEDIUM4.5
stdlib
v1.14.12
fixed in 1.24.12, 1.25.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-58186MEDIUM4.5
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM4.42
openssl
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.3
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2025-15282MEDIUM4.08
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-0672MEDIUM4.08
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-15282MEDIUM4.08
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-0672MEDIUM4.08
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-11468LOW3.82
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-0865LOW3.82
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-11468LOW3.82
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-0865LOW3.82
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-22870LOW3.74
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.36.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-22870LOW3.74
stdlib
v1.14.12
fixed in 1.23.7, 1.24.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-48522LOW3.57
PyJWT
2.10.1
fixed in 2.13.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2024-45341LOW3.57
stdlib
v1.14.12
fixed in 1.22.11, 1.23.5, 1.24.0-rc.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-1703LOW3.31
python3-pip-wheel
21.3.1-2.amzn2023.0.16
fixed in 21.3.1-2.amzn2023.0.17
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-23648LOW3.1
github.com/containerd/containerd
v1.3.3
fixed in 1.4.13, 1.5.10, 1.6.1
27.4%
High Exploitation Risk
Post-Exploit
CVE-2026-6357LOW2.96
pip
23.3.2
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-4519LOW2.8
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-2297LOW2.8
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4519LOW2.8
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-2297LOW2.8
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-8869LOW2.7
pip
23.3.2
fixed in 25.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2022-30629LOW2.63
stdlib
v1.14.12
fixed in 1.17.11, 1.18.3
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-3219LOW2.55
pip
23.3.2
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
openssl
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW2.29
openssl
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
openssl
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
openssl
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-27139LOW2.12
stdlib
v1.14.12
fixed in 1.25.8, 1.26.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2021-22133LOW2.04
go.elastic.co/apm
v1.8.1-0.20200909061013-2aef45b9cf4b
fixed in 1.11.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-1703LOW1.99
pip
23.3.2
fixed in 26.0
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3805LOW1.93
curl-minimal
8.17.0-1.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.3
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-3805LOW1.93
libcurl-minimal
8.17.0-1.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.3
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-31790LOW1.81
openssl
1:3.2.2-1.amzn2023.0.5
fixed in 1:3.5.5-1.amzn2023.0.4
1.0%
Theoretical Threat
Post-Exploit
CVE-2026-24049NONE0
wheel
0.45.1
fixed in 0.46.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39823NONE0
libcap
2.73-1.amzn2023.0.6
fixed in 2.73-1.amzn2023.0.7
0.3%
Theoretical Threat
Not Applicable
CVE-2026-42499NONE0
libcap
2.73-1.amzn2023.0.6
fixed in 2.73-1.amzn2023.0.7
0.6%
Theoretical Threat
Not Applicable
CVE-2026-21226NONE0
azure-core
1.30.2
fixed in 1.38.0
0.8%
Theoretical Threat
Not Applicable
GHSA-537c-gmf6-5ccfNONE0
cryptography
44.0.1
fixed in 48.0.1
Not Applicable
CVE-2026-42561NONE0
python-multipart
0.0.20
fixed in 0.0.27
0.3%
Theoretical Threat
Not Applicable
CVE-2026-53539NONE0
python-multipart
0.0.20
fixed in 0.0.30
Not Applicable
CVE-2026-53537NONE0
python-multipart
0.0.20
fixed in 0.0.30
Not Applicable
CVE-2026-53538NONE0
python-multipart
0.0.20
fixed in 0.0.30
Not Applicable
CVE-2026-53540NONE0
python-multipart
0.0.20
fixed in 0.0.31
Not Applicable
CVE-2026-48818NONE0
starlette
0.49.1
fixed in 1.1.0
Not Applicable
CVE-2026-54283NONE0
starlette
0.49.1
fixed in 1.3.1
Not Applicable
CVE-2026-48817NONE0
starlette
0.49.1
fixed in 1.1.0
Not Applicable
CVE-2026-54282NONE0
starlette
0.49.1
fixed in 1.3.0
Not Applicable
GHSA-7ww5-4wqc-m92cNONE0
github.com/containerd/containerd
v1.3.3
fixed in 1.6.26, 1.7.11
Not Applicable
GHSA-5j5w-g665-5m35NONE0
github.com/containerd/containerd
v1.3.3
fixed in 1.4.12, 1.5.8
Not Applicable
GHSA-c9cp-9c75-9v8cNONE0
github.com/containerd/containerd
v1.3.3
fixed in 1.5.11, 1.6.2
Not Applicable
GHSA-qq97-vm5h-rrhgNONE0
github.com/docker/distribution
v2.7.1+incompatible
fixed in 2.8.0
Not Applicable
GHSA-77vh-xpmg-72qhNONE0
github.com/opencontainers/image-spec
v1.0.2-0.20190823105129-775207bd45b6
fixed in 1.0.2
Not Applicable
GHSA-m425-mq94-257gNONE0
google.golang.org/grpc
v1.29.1
fixed in 1.56.3, 1.57.1, 1.58.3
Not Applicable
CVE-2026-39823NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39825NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42499NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2026-42504NONE0
stdlib
v1.14.12
fixed in 1.25.11, 1.26.4
0.4%
Theoretical Threat
Not Applicable
CVE-2025-0913NONE0
stdlib
v1.14.12
fixed in 1.23.10, 1.24.4
0.2%
Theoretical Threat
Not Applicable
CVE-2026-27145NONE0
stdlib
v1.14.12
fixed in 1.25.11, 1.26.4
0.3%
Theoretical Threat
Not Applicable
CVE-2026-42507NONE0
stdlib
v1.14.12
fixed in 1.25.11, 1.26.4
0.3%
Theoretical Threat
Not Applicable