Skip to content

to be continuous

DEPTRACK_SBOM_SCANNER_IMAGE

to-be-continuous/doc

registry.gitlab.com/to-be-continuous/tools/dt-sbom-scanner:latest (alpine 3.23.3)¶

Trivy Image Scan

Image: registry.gitlab.com/to-be-continuous/tools/dt-sbom-scanner:latest (alpine 3.23.3)
Scan date: 2026-04-01

registry.gitlab.com/to-be-continuous/tools/dt-sbom-scanner:latest (alpine 3.23.3) (alpine)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libexpat	CVE-2026-25210	HIGH	2.7.3-r0	2.7.4-r0	https://access.redhat.com/security/cve/CVE-2026-25210 https://github.com/libexpat/libexpat/pull/1075 https://github.com/libexpat/libexpat/pull/1075/commits/9c2d990389e6abe2e44527eeaa8b39f16fe859c7 https://nvd.nist.gov/vuln/detail/CVE-2026-25210 https://ubuntu.com/security/notices/USN-8022-1 https://ubuntu.com/security/notices/USN-8022-2 https://ubuntu.com/security/notices/USN-8023-1 https://www.cve.org/CVERecord?id=CVE-2026-25210
libexpat	CVE-2026-32776	MEDIUM	2.7.3-r0	2.7.5-r0	https://access.redhat.com/security/cve/CVE-2026-32776 https://github.com/libexpat/libexpat/pull/1158 https://github.com/libexpat/libexpat/pull/1159 https://nvd.nist.gov/vuln/detail/CVE-2026-32776 https://www.cve.org/CVERecord?id=CVE-2026-32776
libexpat	CVE-2026-32777	MEDIUM	2.7.3-r0	2.7.5-r0	https://access.redhat.com/security/cve/CVE-2026-32777 https://github.com/libexpat/libexpat/issues/1161 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1162 https://issues.oss-fuzz.com/issues/486993411 https://nvd.nist.gov/vuln/detail/CVE-2026-32777 https://www.cve.org/CVERecord?id=CVE-2026-32777
libexpat	CVE-2026-32778	MEDIUM	2.7.3-r0	2.7.5-r0	https://access.redhat.com/security/cve/CVE-2026-32778 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1163 https://nvd.nist.gov/vuln/detail/CVE-2026-32778 https://www.cve.org/CVERecord?id=CVE-2026-32778
libexpat	CVE-2026-24515	LOW	2.7.3-r0	2.7.4-r0	https://access.redhat.com/security/cve/CVE-2026-24515 https://github.com/libexpat/libexpat/pull/1131 https://nvd.nist.gov/vuln/detail/CVE-2026-24515 https://ubuntu.com/security/notices/USN-8022-1 https://ubuntu.com/security/notices/USN-8022-2 https://ubuntu.com/security/notices/USN-8023-1 https://www.cve.org/CVERecord?id=CVE-2026-24515
zlib	CVE-2026-22184	HIGH	1.3.1-r2	1.3.2-r0	https://access.redhat.com/security/cve/CVE-2026-22184 https://github.com/madler/zlib https://github.com/madler/zlib/issues/1142 https://nvd.nist.gov/vuln/detail/CVE-2026-22184 https://seclists.org/fulldisclosure/2026/Jan/3 https://www.cve.org/CVERecord?id=CVE-2026-22184 https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname https://zlib.net/
zlib	CVE-2026-27171	MEDIUM	1.3.1-r2	1.3.2-r0	https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://access.redhat.com/security/cve/CVE-2026-27171 https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://ostif.org/zlib-audit-complete/ https://www.cve.org/CVERecord?id=CVE-2026-27171
No Misconfigurations found

Python (python-pkg)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
pip	CVE-2026-1703	LOW	25.3	26.0	https://access.redhat.com/security/cve/CVE-2026-1703 https://github.com/pypa/pip https://github.com/pypa/pip/commit/8e227a9be4faa9594e05d02ca05a413a2a4e7735 https://github.com/pypa/pip/pull/13777 https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ/ https://nvd.nist.gov/vuln/detail/CVE-2026-1703 https://www.cve.org/CVERecord?id=CVE-2026-1703
requests	CVE-2026-25645	MEDIUM	2.32.5	2.33.0	https://access.redhat.com/security/cve/CVE-2026-25645 https://github.com/psf/requests https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7 https://github.com/psf/requests/releases/tag/v2.33.0 https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2 https://nvd.nist.gov/vuln/detail/CVE-2026-25645 https://www.cve.org/CVERecord?id=CVE-2026-25645
No Misconfigurations found