Skip to content

to be continuous

AZURE_CLI_IMAGE

to-be-continuous/doc

mcr.microsoft.com/azure-cli:latest (azurelinux 3.0)¶

Trivy Image Scan

Image: mcr.microsoft.com/azure-cli:latest (azurelinux 3.0)
Scan date: 2026-04-01

mcr.microsoft.com/azure-cli:latest (azurelinux 3.0) (azurelinux)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libarchive	CVE-2026-4111	HIGH	3.7.7-4.azl3	3.7.7-5.azl3	https://access.redhat.com/errata/RHSA-2026:5063 https://access.redhat.com/errata/RHSA-2026:5080 https://access.redhat.com/security/cve/CVE-2026-4111 https://bugzilla.redhat.com/2446453 https://bugzilla.redhat.com/show_bug.cgi?id=2446453 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4111 https://errata.almalinux.org/9/ALSA-2026-5080.html https://errata.rockylinux.org/RLSA-2026:5080 https://github.com/libarchive/libarchive/pull/2877 https://linux.oracle.com/cve/CVE-2026-4111.html https://linux.oracle.com/errata/ELSA-2026-5080.html https://nvd.nist.gov/vuln/detail/CVE-2026-4111 https://www.cve.org/CVERecord?id=CVE-2026-4111
nghttp2	CVE-2026-27135	HIGH	1.61.0-2.azl3	1.61.0-3.azl3	http://www.openwall.com/lists/oss-security/2026/03/20/3 https://access.redhat.com/security/cve/CVE-2026-27135 https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1 https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 https://nvd.nist.gov/vuln/detail/CVE-2026-27135 https://www.cve.org/CVERecord?id=CVE-2026-27135
python3	CVE-2026-4519	HIGH	3.12.9-8.azl3	3.12.9-10.azl3	http://www.openwall.com/lists/oss-security/2026/03/20/1 https://access.redhat.com/security/cve/CVE-2026-4519 https://github.com/python/cpython/commit/43fe06b96f6a6cf5cfd5bdab20b8649374956866 https://github.com/python/cpython/commit/82a24a4442312bdcfc4c799885e8b3e00990f02b https://github.com/python/cpython/commit/9669a912a0e329c094e992204d6bdb8787024d76 https://github.com/python/cpython/commit/ad4d5ba32af4d80b0dfa2ba9d8203bfb219e60a5 https://github.com/python/cpython/commit/cbba6119391112aba9c5aebf7b94aea447922c48 https://github.com/python/cpython/commit/ceac1efc66516ac387eef2c9a0ce671895b44f03 https://github.com/python/cpython/issues/143930 https://github.com/python/cpython/pull/143931 https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/ https://nvd.nist.gov/vuln/detail/CVE-2026-4519 https://www.cve.org/CVERecord?id=CVE-2026-4519
python3	CVE-2026-1299	MEDIUM	3.12.9-8.azl3	3.12.9-9.azl3	https://access.redhat.com/errata/RHSA-2026:4216 https://access.redhat.com/security/cve/CVE-2026-1299 https://bugzilla.redhat.com/2431368 https://bugzilla.redhat.com/2431373 https://bugzilla.redhat.com/2432437 https://bugzilla.redhat.com/show_bug.cgi?id=2431367 https://bugzilla.redhat.com/show_bug.cgi?id=2431368 https://bugzilla.redhat.com/show_bug.cgi?id=2431373 https://bugzilla.redhat.com/show_bug.cgi?id=2432437 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299 https://cve.org/CVERecord?id=CVE-2024-6923 https://errata.almalinux.org/9/ALSA-2026-4216.html https://errata.rockylinux.org/RLSA-2026:4168 https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413 https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8 https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9 https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4 https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36 https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a https://github.com/python/cpython/issues/144125 https://github.com/python/cpython/pull/144126 https://linux.oracle.com/cve/CVE-2026-1299.html https://linux.oracle.com/errata/ELSA-2026-4713.html https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/ https://nvd.nist.gov/vuln/detail/CVE-2026-1299 https://www.cve.org/CVERecord?id=CVE-2026-1299
python3-libs	CVE-2026-4519	HIGH	3.12.9-8.azl3	3.12.9-10.azl3	http://www.openwall.com/lists/oss-security/2026/03/20/1 https://access.redhat.com/security/cve/CVE-2026-4519 https://github.com/python/cpython/commit/43fe06b96f6a6cf5cfd5bdab20b8649374956866 https://github.com/python/cpython/commit/82a24a4442312bdcfc4c799885e8b3e00990f02b https://github.com/python/cpython/commit/9669a912a0e329c094e992204d6bdb8787024d76 https://github.com/python/cpython/commit/ad4d5ba32af4d80b0dfa2ba9d8203bfb219e60a5 https://github.com/python/cpython/commit/cbba6119391112aba9c5aebf7b94aea447922c48 https://github.com/python/cpython/commit/ceac1efc66516ac387eef2c9a0ce671895b44f03 https://github.com/python/cpython/issues/143930 https://github.com/python/cpython/pull/143931 https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/ https://nvd.nist.gov/vuln/detail/CVE-2026-4519 https://www.cve.org/CVERecord?id=CVE-2026-4519
python3-libs	CVE-2026-1299	MEDIUM	3.12.9-8.azl3	3.12.9-9.azl3	https://access.redhat.com/errata/RHSA-2026:4216 https://access.redhat.com/security/cve/CVE-2026-1299 https://bugzilla.redhat.com/2431368 https://bugzilla.redhat.com/2431373 https://bugzilla.redhat.com/2432437 https://bugzilla.redhat.com/show_bug.cgi?id=2431367 https://bugzilla.redhat.com/show_bug.cgi?id=2431368 https://bugzilla.redhat.com/show_bug.cgi?id=2431373 https://bugzilla.redhat.com/show_bug.cgi?id=2432437 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15366 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15367 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0865 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1299 https://cve.org/CVERecord?id=CVE-2024-6923 https://errata.almalinux.org/9/ALSA-2026-4216.html https://errata.rockylinux.org/RLSA-2026:4168 https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413 https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8 https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9 https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4 https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36 https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a https://github.com/python/cpython/issues/144125 https://github.com/python/cpython/pull/144126 https://linux.oracle.com/cve/CVE-2026-1299.html https://linux.oracle.com/errata/ELSA-2026-4713.html https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/ https://nvd.nist.gov/vuln/detail/CVE-2026-1299 https://www.cve.org/CVERecord?id=CVE-2026-1299
zlib	CVE-2026-27171	LOW	1.3.1-1.azl3	1.3.2-1.azl3	https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://access.redhat.com/security/cve/CVE-2026-27171 https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://ostif.org/zlib-audit-complete/ https://www.cve.org/CVERecord?id=CVE-2026-27171
No Misconfigurations found

Python (python-pkg)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
PyJWT	CVE-2026-32597	HIGH	2.10.1	2.12.0	https://access.redhat.com/security/cve/CVE-2026-32597 https://github.com/jpadilla/pyjwt https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f https://nvd.nist.gov/vuln/detail/CVE-2026-32597 https://ubuntu.com/security/notices/USN-8133-1 https://www.cve.org/CVERecord?id=CVE-2026-32597
Pygments	CVE-2026-4539	LOW	2.19.2	2.20.0	https://access.redhat.com/security/cve/CVE-2026-4539 https://github.com/pygments/pygments https://github.com/pygments/pygments/ https://github.com/pygments/pygments/commit/24b8aa76c6cd6d70f39c6dd605cce319c98e2ccc https://github.com/pygments/pygments/issues/3058 https://github.com/pygments/pygments/pull/3064 https://github.com/pygments/pygments/releases/tag/2.20.0 https://nvd.nist.gov/vuln/detail/CVE-2026-4539 https://vuldb.com/?ctiid.352327 https://vuldb.com/?id.352327 https://vuldb.com/?submit.774685 https://www.cve.org/CVERecord?id=CVE-2026-4539
cryptography	CVE-2026-26007	HIGH	44.0.1	46.0.5	http://www.openwall.com/lists/oss-security/2026/02/10/4 https://access.redhat.com/security/cve/CVE-2026-26007 https://github.com/pyca/cryptography https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c https://github.com/pyca/cryptography/releases/tag/46.0.5 https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2 https://nvd.nist.gov/vuln/detail/CVE-2026-26007 https://ubuntu.com/security/notices/USN-8087-1 https://www.cve.org/CVERecord?id=CVE-2026-26007
cryptography	CVE-2026-34073	LOW	44.0.1	46.0.6	https://github.com/pyca/cryptography https://github.com/pyca/cryptography/security/advisories/GHSA-m959-cc7f-wv43 https://nvd.nist.gov/vuln/detail/CVE-2026-34073
pyOpenSSL	CVE-2026-27459	HIGH	25.0.0	26.0.0	https://access.redhat.com/security/cve/CVE-2026-27459 https://github.com/pyca/pyopenssl https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408 https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4 https://nvd.nist.gov/vuln/detail/CVE-2026-27459 https://ubuntu.com/security/notices/USN-8115-1 https://www.cve.org/CVERecord?id=CVE-2026-27459
pyOpenSSL	CVE-2026-27448	LOW	25.0.0	26.0.0	https://access.redhat.com/security/cve/CVE-2026-27448 https://github.com/pyca/pyopenssl https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst#L27 https://github.com/pyca/pyopenssl/commit/d41a814759a9fb49584ca8ab3f7295de49a85aa0 https://github.com/pyca/pyopenssl/security/advisories/GHSA-vp96-hxj8-p424 https://nvd.nist.gov/vuln/detail/CVE-2026-27448 https://ubuntu.com/security/notices/USN-8115-1 https://www.cve.org/CVERecord?id=CVE-2026-27448
requests	CVE-2026-25645	MEDIUM	2.32.4	2.33.0	https://access.redhat.com/security/cve/CVE-2026-25645 https://github.com/psf/requests https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7 https://github.com/psf/requests/releases/tag/v2.33.0 https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2 https://nvd.nist.gov/vuln/detail/CVE-2026-25645 https://www.cve.org/CVERecord?id=CVE-2026-25645
No Misconfigurations found