Skip to content

docker.io/zricethezav/gitleaks:latest (alpine 3.22.3)

Trivy Image Scan

  • Image: docker.io/zricethezav/gitleaks:latest (alpine 3.22.3)
  • Scan date: 2026-04-24

docker.io/zricethezav/gitleaks:latest (alpine 3.22.3) (alpine)

Package Vulnerability ID Severity Installed Version Fixed Version Links
libcrypto3 CVE-2026-31789 CRITICAL 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-31789 https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49 https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9 https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-28387 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28387 https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3 https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7 https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177 https://nvd.nist.gov/vuln/detail/CVE-2026-28387 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28387 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-28388 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28388 https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139 https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3 https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8 https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-28389 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28389 https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5 https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616 https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-28390 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28390 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-31790 MEDIUM 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-31790 https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482 https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406 https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790 https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-2673 LOW 3.5.5-r0 3.5.6-r0 http://www.openwall.com/lists/oss-security/2026/03/13/3 https://access.redhat.com/security/cve/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://openssl-library.org/news/secadv/20260313.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-2673
libssl3 CVE-2026-31789 CRITICAL 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-31789 https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49 https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9 https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-28387 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28387 https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3 https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7 https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177 https://nvd.nist.gov/vuln/detail/CVE-2026-28387 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28387 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-28388 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28388 https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139 https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3 https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8 https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-28389 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28389 https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5 https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616 https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-28390 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28390 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-31790 MEDIUM 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-31790 https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482 https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406 https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790 https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-2673 LOW 3.5.5-r0 3.5.6-r0 http://www.openwall.com/lists/oss-security/2026/03/13/3 https://access.redhat.com/security/cve/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://openssl-library.org/news/secadv/20260313.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-2673
musl CVE-2026-40200 HIGH 1.2.5-r10 1.2.5-r12 http://www.openwall.com/lists/oss-security/2026/04/10/13 https://access.redhat.com/security/cve/CVE-2026-40200 https://musl.libc.org/releases.html https://nvd.nist.gov/vuln/detail/CVE-2026-40200 https://www.cve.org/CVERecord?id=CVE-2026-40200 https://www.openwall.com/lists/oss-security/2026/04/10/13
musl CVE-2026-6042 MEDIUM 1.2.5-r10 1.2.5-r11 http://www.openwall.com/lists/oss-security/2026/04/09/19 https://access.redhat.com/security/cve/CVE-2026-6042 https://nvd.nist.gov/vuln/detail/CVE-2026-6042 https://vuldb.com/submit/796352 https://vuldb.com/vuln/356620 https://vuldb.com/vuln/356620/cti https://www.cve.org/CVERecord?id=CVE-2026-6042 https://www.openwall.com/lists/oss-security/2026/04/02/10 https://www.openwall.com/lists/oss-security/2026/04/03/2
musl-utils CVE-2026-40200 HIGH 1.2.5-r10 1.2.5-r12 http://www.openwall.com/lists/oss-security/2026/04/10/13 https://access.redhat.com/security/cve/CVE-2026-40200 https://musl.libc.org/releases.html https://nvd.nist.gov/vuln/detail/CVE-2026-40200 https://www.cve.org/CVERecord?id=CVE-2026-40200 https://www.openwall.com/lists/oss-security/2026/04/10/13
musl-utils CVE-2026-6042 MEDIUM 1.2.5-r10 1.2.5-r11 http://www.openwall.com/lists/oss-security/2026/04/09/19 https://access.redhat.com/security/cve/CVE-2026-6042 https://nvd.nist.gov/vuln/detail/CVE-2026-6042 https://vuldb.com/submit/796352 https://vuldb.com/vuln/356620 https://vuldb.com/vuln/356620/cti https://www.cve.org/CVERecord?id=CVE-2026-6042 https://www.openwall.com/lists/oss-security/2026/04/02/10 https://www.openwall.com/lists/oss-security/2026/04/03/2
zlib CVE-2026-22184 HIGH 1.3.1-r2 1.3.2-r0 https://access.redhat.com/security/cve/CVE-2026-22184 https://github.com/madler/zlib https://github.com/madler/zlib/issues/1142 https://nvd.nist.gov/vuln/detail/CVE-2026-22184 https://seclists.org/fulldisclosure/2026/Jan/3 https://www.cve.org/CVERecord?id=CVE-2026-22184 https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname https://zlib.net/
zlib CVE-2026-27171 MEDIUM 1.3.1-r2 1.3.2-r0 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://access.redhat.com/security/cve/CVE-2026-27171 https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://ostif.org/zlib-audit-complete/ https://www.cve.org/CVERecord?id=CVE-2026-27171
No Misconfigurations found

usr/bin/gitleaks (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/nwaples/rardecode/v2 CVE-2025-11579 MEDIUM v2.1.0 2.2.0 https://access.redhat.com/security/cve/CVE-2025-11579 https://github.com/nwaples/rardecode https://github.com/nwaples/rardecode/commit/52fb4e825c936636f251f7e7deded39ab11df9a9 https://nvd.nist.gov/vuln/detail/CVE-2025-11579 https://pkg.go.dev/vuln/GO-2025-4020 https://www.cve.org/CVERecord?id=CVE-2025-11579
github.com/ulikunitz/xz CVE-2025-58058 MEDIUM v0.5.12 0.5.15 https://access.redhat.com/security/cve/CVE-2025-58058 https://github.com/ulikunitz/xz https://github.com/ulikunitz/xz/commit/88ddf1d0d98d688db65de034f48960b2760d2ae2 https://github.com/ulikunitz/xz/security/advisories/GHSA-jc7w-c686-c4v9 https://nvd.nist.gov/vuln/detail/CVE-2025-58058 https://www.cve.org/CVERecord?id=CVE-2025-58058
golang.org/x/crypto CVE-2025-47914 MEDIUM v0.35.0 0.45.0 https://access.redhat.com/security/cve/CVE-2025-47914 https://go.dev/cl/721960 https://go.dev/issue/76364 https://go.googlesource.com/crypto https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA https://nvd.nist.gov/vuln/detail/CVE-2025-47914 https://pkg.go.dev/vuln/GO-2025-4135 https://www.cve.org/CVERecord?id=CVE-2025-47914
golang.org/x/crypto CVE-2025-58181 MEDIUM v0.35.0 0.45.0 https://access.redhat.com/security/cve/CVE-2025-58181 https://github.com/golang/crypto/commit/e79546e28b85ea53dd37afe1c4102746ef553b9c https://github.com/golang/go/issues/76363 https://go.dev/cl/721961 https://go.dev/issue/76363 https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA?pli=1 https://nvd.nist.gov/vuln/detail/CVE-2025-58181 https://pkg.go.dev/vuln/GO-2025-4134 https://ubuntu.com/security/notices/USN-7956-1 https://www.cve.org/CVERecord?id=CVE-2025-58181
stdlib CVE-2026-25679 HIGH v1.24.13 1.25.8, 1.26.1 https://access.redhat.com/errata/RHSA-2026:9044 https://access.redhat.com/security/cve/CVE-2026-25679 https://bugzilla.redhat.com/2445356 https://bugzilla.redhat.com/show_bug.cgi?id=2445356 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679 https://errata.almalinux.org/9/ALSA-2026-9044.html https://errata.rockylinux.org/RLSA-2026:7259 https://go.dev/cl/752180 https://go.dev/issue/77578 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://linux.oracle.com/cve/CVE-2026-25679.html https://linux.oracle.com/errata/ELSA-2026-9044.html https://nvd.nist.gov/vuln/detail/CVE-2026-25679 https://pkg.go.dev/vuln/GO-2026-4601 https://www.cve.org/CVERecord?id=CVE-2026-25679
stdlib CVE-2026-32280 HIGH v1.24.13 1.25.9, 1.26.2 https://access.redhat.com/security/cve/CVE-2026-32280 https://go.dev/cl/758320 https://go.dev/issue/78282 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32280 https://pkg.go.dev/vuln/GO-2026-4947 https://www.cve.org/CVERecord?id=CVE-2026-32280
stdlib CVE-2026-32281 HIGH v1.24.13 1.25.9, 1.26.2 https://access.redhat.com/security/cve/CVE-2026-32281 https://go.dev/cl/758061 https://go.dev/issue/78281 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32281 https://pkg.go.dev/vuln/GO-2026-4946 https://www.cve.org/CVERecord?id=CVE-2026-32281
stdlib CVE-2026-32283 HIGH v1.24.13 1.25.9, 1.26.2 https://go.dev/cl/763767 https://go.dev/issue/78334 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32283 https://pkg.go.dev/vuln/GO-2026-4870
stdlib CVE-2026-27142 MEDIUM v1.24.13 1.25.8, 1.26.1 https://access.redhat.com/security/cve/CVE-2026-27142 https://go.dev/cl/752081 https://go.dev/issue/77954 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27142 https://pkg.go.dev/vuln/GO-2026-4603 https://www.cve.org/CVERecord?id=CVE-2026-27142
stdlib CVE-2026-32282 MEDIUM v1.24.13 1.25.9, 1.26.2 https://access.redhat.com/security/cve/CVE-2026-32282 https://go.dev/cl/763761 https://go.dev/issue/78293 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32282 https://pkg.go.dev/vuln/GO-2026-4864 https://www.cve.org/CVERecord?id=CVE-2026-32282
stdlib CVE-2026-32288 MEDIUM v1.24.13 1.25.9, 1.26.2 https://access.redhat.com/security/cve/CVE-2026-32288 https://go.dev/cl/763766 https://go.dev/issue/78301 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32288 https://pkg.go.dev/vuln/GO-2026-4869 https://www.cve.org/CVERecord?id=CVE-2026-32288
stdlib CVE-2026-32289 MEDIUM v1.24.13 1.25.9, 1.26.2 https://access.redhat.com/security/cve/CVE-2026-32289 https://go.dev/cl/763762 https://go.dev/issue/78331 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32289 https://pkg.go.dev/vuln/GO-2026-4865 https://www.cve.org/CVERecord?id=CVE-2026-32289
stdlib CVE-2026-27139 LOW v1.24.13 1.25.8, 1.26.1 https://access.redhat.com/security/cve/CVE-2026-27139 https://go.dev/cl/749480 https://go.dev/issue/77827 https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk https://nvd.nist.gov/vuln/detail/CVE-2026-27139 https://pkg.go.dev/vuln/GO-2026-4602 https://www.cve.org/CVERecord?id=CVE-2026-27139
No Misconfigurations found