Skip to content

ghcr.io/cyclonedx/cdxgen:master (alma 10.1)

Trivy Image Scan

  • Image: ghcr.io/cyclonedx/cdxgen:master (alma 10.1)
  • Scan date: 2026-06-21

ghcr.io/cyclonedx/cdxgen:master (alma 10.1) (alma)

Package Vulnerability ID Severity Installed Version Fixed Version Links
aspnetcore-runtime-10.0 CVE-2026-42899 HIGH 10.0.4-1.el10_1 10.0.8-1.el10_2
aspnetcore-runtime-10.0 CVE-2026-45491 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
aspnetcore-runtime-10.0 CVE-2026-45591 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
aspnetcore-targeting-pack-10.0 CVE-2026-42899 HIGH 10.0.4-1.el10_1 10.0.8-1.el10_2
aspnetcore-targeting-pack-10.0 CVE-2026-45491 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
aspnetcore-targeting-pack-10.0 CVE-2026-45591 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-apphost-pack-10.0 CVE-2026-42899 HIGH 10.0.4-1.el10_1 10.0.8-1.el10_2
dotnet-apphost-pack-10.0 CVE-2026-45491 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-apphost-pack-10.0 CVE-2026-45591 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-host CVE-2026-42899 HIGH 10.0.4-1.el10_1 10.0.8-1.el10_2
dotnet-host CVE-2026-45491 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-host CVE-2026-45591 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-hostfxr-10.0 CVE-2026-42899 HIGH 10.0.4-1.el10_1 10.0.8-1.el10_2
dotnet-hostfxr-10.0 CVE-2026-45491 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-hostfxr-10.0 CVE-2026-45591 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-runtime-10.0 CVE-2026-42899 HIGH 10.0.4-1.el10_1 10.0.8-1.el10_2
dotnet-runtime-10.0 CVE-2026-45491 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-runtime-10.0 CVE-2026-45591 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-sdk-10.0 CVE-2026-42899 HIGH 10.0.104-1.el10_1 10.0.108-1.el10_2
dotnet-sdk-10.0 CVE-2026-45491 HIGH 10.0.104-1.el10_1 10.0.109-1.el10_2
dotnet-sdk-10.0 CVE-2026-45591 HIGH 10.0.104-1.el10_1 10.0.109-1.el10_2
dotnet-targeting-pack-10.0 CVE-2026-42899 HIGH 10.0.4-1.el10_1 10.0.8-1.el10_2
dotnet-targeting-pack-10.0 CVE-2026-45491 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-targeting-pack-10.0 CVE-2026-45591 HIGH 10.0.4-1.el10_1 10.0.9-1.el10_2
dotnet-templates-10.0 CVE-2026-42899 HIGH 10.0.104-1.el10_1 10.0.108-1.el10_2
dotnet-templates-10.0 CVE-2026-45491 HIGH 10.0.104-1.el10_1 10.0.109-1.el10_2
dotnet-templates-10.0 CVE-2026-45591 HIGH 10.0.104-1.el10_1 10.0.109-1.el10_2
expat CVE-2026-45186 HIGH 2.7.1-1.el10_1.3 2.7.3-1.el10_2.1
glib2 CVE-2025-14087 MEDIUM 2.80.4-10.el10_1.12 2.80.4-12.el10_2.13
glib2 CVE-2025-14512 MEDIUM 2.80.4-10.el10_1.12 2.80.4-12.el10_2.13
glibc CVE-2026-4046 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-124.el10_2.alma.1
glibc CVE-2026-4437 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-121.el10_2.alma.1
glibc CVE-2026-4438 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-121.el10_2.alma.1
glibc-all-langpacks CVE-2026-4046 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-124.el10_2.alma.1
glibc-all-langpacks CVE-2026-4437 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-121.el10_2.alma.1
glibc-all-langpacks CVE-2026-4438 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-121.el10_2.alma.1
glibc-common CVE-2026-4046 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-124.el10_2.alma.1
glibc-common CVE-2026-4437 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-121.el10_2.alma.1
glibc-common CVE-2026-4438 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-121.el10_2.alma.1
glibc-devel CVE-2026-4046 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-124.el10_2.alma.1
glibc-devel CVE-2026-4437 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-121.el10_2.alma.1
glibc-devel CVE-2026-4438 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-121.el10_2.alma.1
glibc-minimal-langpack CVE-2026-4046 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-124.el10_2.alma.1
glibc-minimal-langpack CVE-2026-4437 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-121.el10_2.alma.1
glibc-minimal-langpack CVE-2026-4438 MEDIUM 2.39-58.el10_1.7.alma.1 2.39-121.el10_2.alma.1
httpd CVE-2026-28780 HIGH 2.4.63-4.el10_1.3 2.4.63-13.el10_2.1
httpd CVE-2026-33007 HIGH 2.4.63-4.el10_1.3 2.4.63-13.el10_2.1
httpd CVE-2026-33857 HIGH 2.4.63-4.el10_1.3 2.4.63-13.el10_2.1
httpd CVE-2026-34032 HIGH 2.4.63-4.el10_1.3 2.4.63-13.el10_2.1
httpd CVE-2026-34059 HIGH 2.4.63-4.el10_1.3 2.4.63-13.el10_2.1
265 other vulnerabilities found...
No Misconfigurations found

Java (jar)

Package Vulnerability ID Severity Installed Version Fixed Version Links
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq MEDIUM 2.15.1 2.21.1, 2.18.6
commons-io:commons-io CVE-2024-47554 HIGH 2.8.0 2.14.0
commons-lang:commons-lang CVE-2025-48924 MEDIUM 2.6 no fix available
org.apache.commons:commons-lang3 CVE-2025-48924 MEDIUM 3.12.0 3.18.0
org.bouncycastle:bcpg-jdk18on CVE-2026-3505 HIGH 1.81 1.84
org.bouncycastle:bcprov-jdk18on CVE-2026-0636 MEDIUM 1.81 1.84
org.codehaus.plexus:plexus-utils CVE-2025-67030 HIGH 3.3.1 4.0.3, 3.6.1
org.codehaus.plexus:plexus-utils CVE-2025-67030 HIGH 3.4.1 4.0.3, 3.6.1
org.codehaus.plexus:plexus-utils CVE-2025-67030 HIGH 3.5.1 4.0.3, 3.6.1
org.codehaus.plexus:plexus-utils CVE-2025-67030 HIGH 3.6.0 4.0.3, 3.6.1
org.eclipse.jetty:jetty-http CVE-2026-2332 HIGH 9.4.58.v20250814 12.1.7, 12.0.33
org.eclipse.jetty:jetty-http CVE-2024-6763 MEDIUM 9.4.58.v20250814 12.0.12
org.msgpack:msgpack-core CVE-2026-21452 HIGH 0.9.10 0.9.11
No Misconfigurations found

Node.js (node-pkg)

Package Vulnerability ID Severity Installed Version Fixed Version Links
@cyclonedx/cdxgen GHSA-qhh4-458h-xwh2 MEDIUM 12.1.5 12.3.3
brace-expansion CVE-2026-33750 MEDIUM 5.0.3 5.0.5, 3.0.2, 2.0.3, 1.1.13
brace-expansion CVE-2026-45149 MEDIUM 5.0.3 5.0.6
brace-expansion CVE-2026-45149 MEDIUM 5.0.5 5.0.6
brace-expansion CVE-2026-45149 MEDIUM 5.0.5 5.0.6
brace-expansion CVE-2026-45149 MEDIUM 5.0.5 5.0.6
fast-uri CVE-2026-6321 HIGH 3.1.0 3.1.1
fast-uri CVE-2026-6321 HIGH 3.1.0 3.1.1
fast-uri CVE-2026-6322 HIGH 3.1.0 3.1.2
fast-uri CVE-2026-6322 HIGH 3.1.0 3.1.2
fast-xml-builder CVE-2026-44665 HIGH 1.1.4 1.1.7
fast-xml-parser CVE-2026-41650 MEDIUM 5.5.11 5.7.0
ip-address CVE-2026-42338 MEDIUM 10.1.0 10.1.1
ip-address CVE-2026-42338 MEDIUM 10.1.0 10.1.1
ip-address CVE-2026-42338 MEDIUM 10.1.0 10.1.1
js-yaml CVE-2026-53550 MEDIUM 4.1.1 4.2.0
lodash CVE-2026-4800 HIGH 4.17.23 4.18.0
lodash CVE-2026-2950 MEDIUM 4.17.23 4.18.0
minimatch CVE-2026-27903 HIGH 10.2.2 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3
minimatch CVE-2026-27904 HIGH 10.2.2 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4
picomatch CVE-2026-33671 HIGH 4.0.3 4.0.4, 3.0.2, 2.3.2
picomatch CVE-2026-33672 MEDIUM 4.0.3 4.0.4, 3.0.2, 2.3.2
qs CVE-2026-8723 MEDIUM 6.15.0 6.15.2
tar CVE-2026-53655 MEDIUM 7.5.13 7.5.16
tar CVE-2026-53655 MEDIUM 7.5.13 7.5.16
tar CVE-2026-53655 MEDIUM 7.5.13 7.5.16
tar CVE-2026-29786 HIGH 7.5.9 7.5.10
tar CVE-2026-31802 HIGH 7.5.9 7.5.11
tar CVE-2026-53655 MEDIUM 7.5.9 7.5.16
undici CVE-2026-12151 HIGH 7.24.7 6.27.0, 7.28.0, 8.5.0
undici CVE-2026-6734 HIGH 7.24.7 7.28.0, 8.2.0
undici CVE-2026-9697 HIGH 7.24.7 7.28.0, 8.5.0
undici CVE-2026-9678 MEDIUM 7.24.7 7.28.0, 8.5.0
undici CVE-2026-9679 MEDIUM 7.24.7 6.27.0, 7.28.0, 8.5.0
undici CVE-2026-11525 LOW 7.24.7 6.27.0, 7.28.0, 8.5.0
undici CVE-2026-6733 LOW 7.24.7 6.27.0, 7.28.0, 8.5.0
uuid CVE-2026-41907 MEDIUM 13.0.0 11.1.1, 12.0.1, 13.0.1
uuid CVE-2026-41907 MEDIUM 8.3.2 11.1.1, 12.0.1, 13.0.1
yaml CVE-2026-33532 MEDIUM 2.4.1 2.8.3, 1.10.3
No Misconfigurations found

Python (python-pkg)

Package Vulnerability ID Severity Installed Version Fixed Version Links
cryptography GHSA-537c-gmf6-5ccf HIGH 46.0.7 48.0.1
dulwich CVE-2026-42305 HIGH 1.1.0 1.2.5
dulwich CVE-2026-42563 HIGH 1.1.0 1.2.5
dulwich CVE-2026-47734 MEDIUM 1.1.0 1.2.5
dulwich CVE-2026-47712 LOW 1.1.0 1.2.5
idna CVE-2026-45409 MEDIUM 3.11 3.15
msgpack GHSA-6v7p-g79w-8964 HIGH 1.1.2 1.2.1
pip CVE-2026-3219 MEDIUM 26.0.1 26.1
pip CVE-2026-6357 MEDIUM 26.0.1 26.1
poetry CVE-2026-41140 LOW 2.3.3 2.3.4
urllib3 CVE-2026-44431 HIGH 2.6.3 2.7.0
urllib3 CVE-2026-44432 HIGH 2.6.3 2.7.0
uv GHSA-4gg8-gxpx-9rph MEDIUM 0.11.5 0.11.15
uv GHSA-pjjw-68hj-v9mw LOW 0.11.5 0.11.6
No Misconfigurations found

Ruby (gemspec)

Package Vulnerability ID Severity Installed Version Fixed Version Links
concurrent-ruby CVE-2026-54904 HIGH 1.3.6 1.3.7
concurrent-ruby CVE-2026-54905 LOW 1.3.6 1.3.7
concurrent-ruby CVE-2026-54906 LOW 1.3.6 1.3.7
erb CVE-2026-41316 HIGH 6.0.1 ~> 4.0.3.1, ~> 4.0.4.1, ~> 6.0.1.1, >= 6.0.4
json CVE-2026-33210 CRITICAL 2.18.0 ~> 2.15.2.1, ~> 2.17.1.2, >= 2.19.2
net-imap CVE-2026-42257 CRITICAL 0.6.2 ~> 0.4.24, ~> 0.5.14, >= 0.6.4
net-imap CVE-2026-42258 CRITICAL 0.6.2 ~> 0.4.24, ~> 0.5.14, >= 0.6.4
net-imap CVE-2026-42245 HIGH 0.6.2 ~> 0.4.24, ~> 0.5.14, >= 0.6.4
net-imap CVE-2026-42246 HIGH 0.6.2 ~> 0.3.10, ~> 0.4.24, ~> 0.5.14, >= 0.6.4
net-imap CVE-2026-42256 MEDIUM 0.6.2 ~> 0.4.24, ~> 0.5.14, >= 0.6.4
net-imap CVE-2026-47240 MEDIUM 0.6.2 ~> 0.5.15, >= 0.6.4.1
net-imap CVE-2026-47242 MEDIUM 0.6.2 ~> 0.5.15, >= 0.6.4.1
net-imap CVE-2026-47241 LOW 0.6.2 ~> 0.5.15, >= 0.6.4.1
zlib CVE-2026-27820 CRITICAL 3.2.2 ~> 3.0.1, ~> 3.1.2, >= 3.2.3
No Misconfigurations found

opt/cdxgen/node_modules/.pnpm/@appthreat+atom-parsetools@1.1.3/node_modules/@appthreat/atom-parsetools/plugins/composer/installed.json (composer-vendor)

No Vulnerabilities found
No Misconfigurations found

opt/cdxgen/node_modules/.pnpm/@cdxgen+cdxgen-plugins-bin-linux-amd64@2.0.3/node_modules/@cdxgen/cdxgen-plugins-bin-linux-amd64/plugins/sourcekitten/sbom-trivy-postbuild.cdx.json (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream GHSA-xmrv-pmrh-hhx2 MEDIUM v1.7.3 1.7.8
github.com/aws/aws-sdk-go-v2/service/s3 GHSA-xmrv-pmrh-hhx2 MEDIUM v1.92.0 1.97.3
github.com/cloudflare/circl CVE-2026-1229 LOW v1.6.1 1.6.3
github.com/containerd/containerd CVE-2026-46680 HIGH v1.7.29 1.7.32
github.com/containerd/containerd CVE-2026-53488 HIGH v1.7.29 1.7.33
github.com/containerd/containerd CVE-2026-47262 MEDIUM v1.7.29 1.7.33
github.com/containerd/containerd/v2 CVE-2026-46680 HIGH v2.2.0 2.0.9, 2.2.4, 2.3.1
github.com/containerd/containerd/v2 CVE-2026-53488 HIGH v2.2.0 2.0.10, 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-53489 HIGH v2.2.0 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-53492 HIGH v2.2.0 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-47262 MEDIUM v2.2.0 2.0.10, 2.1.9, 2.2.5, 2.3.2
github.com/containerd/containerd/v2 CVE-2026-50195 MEDIUM v2.2.0 2.1.9, 2.2.5, 2.3.2
github.com/docker/cli CVE-2025-15558 HIGH v29.0.3+incompatible 29.2.0
github.com/docker/docker CVE-2026-34040 HIGH v28.5.2+incompatible 29.3.1
github.com/docker/docker CVE-2026-41567 HIGH v28.5.2+incompatible no fix available
github.com/docker/docker CVE-2026-42306 HIGH v28.5.2+incompatible no fix available
github.com/docker/docker CVE-2026-33997 MEDIUM v28.5.2+incompatible 29.3.1
github.com/docker/docker CVE-2026-41568 MEDIUM v28.5.2+incompatible no fix available
github.com/go-chi/chi/v5 CVE-2025-69725 MEDIUM v5.2.3 5.2.4
github.com/go-git/go-billy/v5 CVE-2026-44973 HIGH v5.6.2 5.9.0
github.com/go-git/go-billy/v5 CVE-2026-44740 MEDIUM v5.6.2 5.9.0
github.com/go-git/go-git/v5 CVE-2026-45022 HIGH v5.16.3 5.19.0
github.com/go-git/go-git/v5 CVE-2026-25934 MEDIUM v5.16.3 5.16.5
github.com/go-git/go-git/v5 CVE-2026-34165 MEDIUM v5.16.3 5.17.1
github.com/go-git/go-git/v5 CVE-2026-41506 MEDIUM v5.16.3 5.18.0
github.com/go-git/go-git/v5 CVE-2026-45571 MEDIUM v5.16.3 5.19.1
github.com/go-git/go-git/v5 GHSA-w5pp-99ch-qj29 MEDIUM v5.16.3 5.19.1
github.com/go-git/go-git/v5 CVE-2026-33762 LOW v5.16.3 5.17.1
github.com/go-git/go-git/v5 CVE-2026-45570 LOW v5.16.3 5.19.1
github.com/go-jose/go-jose/v4 CVE-2026-34986 HIGH v4.1.2 4.1.4
github.com/hashicorp/go-getter CVE-2026-4660 HIGH v1.8.3 1.8.6
github.com/in-toto/in-toto-golang GHSA-pmwq-pjrm-6p5r MEDIUM v0.9.0 0.11.0
github.com/moby/buildkit CVE-2026-33747 HIGH v0.26.2 0.28.1
github.com/moby/buildkit CVE-2026-33748 HIGH v0.26.2 0.28.1
github.com/moby/spdystream CVE-2026-35469 HIGH v0.5.0 0.5.1
github.com/sigstore/cosign/v2 CVE-2026-22703 MEDIUM v2.2.4 2.6.2
github.com/sigstore/rekor CVE-2026-23831 MEDIUM v1.4.3 1.5.0
github.com/sigstore/rekor CVE-2026-24117 MEDIUM v1.4.3 1.5.0
github.com/sigstore/sigstore CVE-2026-24137 MEDIUM v1.9.5 1.10.4
github.com/sigstore/timestamp-authority CVE-2025-66564 HIGH v1.2.2 2.0.3
go.mongodb.org/mongo-driver CVE-2026-2303 MEDIUM v1.17.6 1.17.7
go.opentelemetry.io/otel CVE-2026-29181 HIGH v1.38.0 1.41.0
go.opentelemetry.io/otel/sdk CVE-2026-24051 HIGH v1.38.0 1.40.0
go.opentelemetry.io/otel/sdk CVE-2026-39883 HIGH v1.38.0 1.43.0
google.golang.org/grpc CVE-2026-33186 CRITICAL v1.76.0 1.79.3
helm.sh/helm/v3 CVE-2026-35206 MEDIUM v3.19.2 3.20.2
No Misconfigurations found

opt/pypi/bin/uv (rustbinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
astral-tokio-tar GHSA-3cv2-h65g-fgmm MEDIUM 0.6.0 0.6.2
astral-tokio-tar GHSA-fp55-jw48-c537 MEDIUM 0.6.0 0.6.1
astral-tokio-tar GHSA-xx64-wwv2-hcqq LOW 0.6.0 0.6.1
rand GHSA-cq8v-f236-94qc LOW 0.8.5 0.9.3, 0.10.1, 0.8.6
rand GHSA-cq8v-f236-94qc LOW 0.9.2 0.9.3, 0.10.1, 0.8.6
rkyv GHSA-vfvv-c25p-m7mm MEDIUM 0.8.15 0.8.16
rustls-webpki GHSA-82j2-j2ch-gfr8 HIGH 0.103.10 0.103.13, 0.104.0-alpha.7
rustls-webpki GHSA-965h-392x-2mh5 LOW 0.103.10 0.103.12, 0.104.0-alpha.6
rustls-webpki GHSA-xgp8-3hg3-c2mh LOW 0.103.10 0.103.12, 0.104.0-alpha.6
tar GHSA-3pv8-6f4r-ffg2 MEDIUM 0.4.45 0.4.46
uv GHSA-4gg8-gxpx-9rph MEDIUM 0.11.5 0.11.15
No Misconfigurations found

opt/pypi/bin/uvx (rustbinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
astral-tokio-tar GHSA-3cv2-h65g-fgmm MEDIUM 0.6.0 0.6.2
astral-tokio-tar GHSA-fp55-jw48-c537 MEDIUM 0.6.0 0.6.1
astral-tokio-tar GHSA-xx64-wwv2-hcqq LOW 0.6.0 0.6.1
rand GHSA-cq8v-f236-94qc LOW 0.8.5 0.9.3, 0.10.1, 0.8.6
rand GHSA-cq8v-f236-94qc LOW 0.9.2 0.9.3, 0.10.1, 0.8.6
rkyv GHSA-vfvv-c25p-m7mm MEDIUM 0.8.15 0.8.16
rustls-webpki GHSA-82j2-j2ch-gfr8 HIGH 0.103.10 0.103.13, 0.104.0-alpha.7
rustls-webpki GHSA-965h-392x-2mh5 LOW 0.103.10 0.103.12, 0.104.0-alpha.6
rustls-webpki GHSA-xgp8-3hg3-c2mh LOW 0.103.10 0.103.12, 0.104.0-alpha.6
tar GHSA-3pv8-6f4r-ffg2 MEDIUM 0.4.45 0.4.46
uv GHSA-4gg8-gxpx-9rph MEDIUM 0.11.5 0.11.15
No Misconfigurations found

usr/local/bin/bazel (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2025-68121 CRITICAL v1.24.0 1.24.13, 1.25.7, 1.26.0-rc.3
stdlib CVE-2025-22874 HIGH v1.24.0 1.24.4
stdlib CVE-2025-61726 HIGH v1.24.0 1.24.12, 1.25.6
stdlib CVE-2025-61729 HIGH v1.24.0 1.24.11, 1.25.5
stdlib CVE-2026-25679 HIGH v1.24.0 1.25.8, 1.26.1
stdlib CVE-2026-32280 HIGH v1.24.0 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.24.0 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.24.0 1.25.9, 1.26.2
stdlib CVE-2026-33811 HIGH v1.24.0 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.24.0 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.24.0 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.24.0 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.24.0 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.24.0 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.24.0 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.24.0 1.25.11, 1.26.4
stdlib CVE-2025-0913 MEDIUM v1.24.0 1.23.10, 1.24.4
stdlib CVE-2025-22870 MEDIUM v1.24.0 1.23.7, 1.24.1
stdlib CVE-2025-22871 MEDIUM v1.24.0 1.23.8, 1.24.2
stdlib CVE-2025-22873 MEDIUM v1.24.0 1.23.9, 1.24.3
stdlib CVE-2025-4673 MEDIUM v1.24.0 1.23.10, 1.24.4
stdlib CVE-2025-47906 MEDIUM v1.24.0 1.23.12, 1.24.6
stdlib CVE-2025-47907 MEDIUM v1.24.0 1.23.12, 1.24.6
stdlib CVE-2025-47912 MEDIUM v1.24.0 1.24.8, 1.25.2
stdlib CVE-2025-58183 MEDIUM v1.24.0 1.24.8, 1.25.2
stdlib CVE-2025-58185 MEDIUM v1.24.0 1.24.8, 1.25.2
stdlib CVE-2025-58187 MEDIUM v1.24.0 1.24.9, 1.25.3
stdlib CVE-2025-58188 MEDIUM v1.24.0 1.24.8, 1.25.2
stdlib CVE-2025-58189 MEDIUM v1.24.0 1.24.8, 1.25.2
stdlib CVE-2025-61723 MEDIUM v1.24.0 1.24.8, 1.25.2
stdlib CVE-2025-61724 MEDIUM v1.24.0 1.24.8, 1.25.2
stdlib CVE-2025-61725 MEDIUM v1.24.0 1.24.8, 1.25.2
stdlib CVE-2025-61727 MEDIUM v1.24.0 1.24.11, 1.25.5
stdlib CVE-2025-61728 MEDIUM v1.24.0 1.24.12, 1.25.6
stdlib CVE-2025-61730 MEDIUM v1.24.0 1.24.12, 1.25.6
stdlib CVE-2026-27142 MEDIUM v1.24.0 1.25.8, 1.26.1
stdlib CVE-2026-27145 MEDIUM v1.24.0 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.24.0 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.24.0 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.24.0 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.24.0 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.24.0 1.25.11, 1.26.4
stdlib CVE-2025-58186 LOW v1.24.0 1.24.8, 1.25.2
stdlib CVE-2026-27139 LOW v1.24.0 1.25.8, 1.26.1
No Misconfigurations found

usr/local/go/bin/go (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found

usr/local/go/bin/gofmt (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/asm (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/cgo (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/compile (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/cover (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/fix (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found
Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/preprofile (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found

usr/local/go/pkg/tool/linux_amd64/vet (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2
stdlib CVE-2026-33811 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-33814 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39820 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39823 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39825 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-39836 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42499 HIGH v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42504 HIGH v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-27145 MEDIUM v1.26.1 1.25.11, 1.26.4
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2
stdlib CVE-2026-39826 MEDIUM v1.26.1 1.25.10, 1.26.3
stdlib CVE-2026-42507 MEDIUM v1.26.1 1.25.11, 1.26.4
No Misconfigurations found