Skip to content

ghcr.io/helmfile/helmfile:latest (alpine 3.19.7)¶

Trivy Image Scan

Image: ghcr.io/helmfile/helmfile:latest (alpine 3.19.7)
Scan date: 2025-06-30

ghcr.io/helmfile/helmfile:latest (alpine 3.19.7) (alpine)¶

No Vulnerabilities found
No Misconfigurations found

Node.js (node-pkg)¶

No Vulnerabilities found
No Misconfigurations found

helm/.local/share/helm/plugins/helm-diff/bin/diff (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-22874	HIGH	v1.24.2	1.24.4	https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib	CVE-2025-0913	MEDIUM	v1.24.2	1.23.10, 1.24.4	https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib	CVE-2025-4673	MEDIUM	v1.24.2	1.23.10, 1.24.4	https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

helm/.local/share/helm/plugins/helm-s3.git/bin/helm-s3 (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/containerd/containerd	CVE-2024-40635	MEDIUM	v1.7.13	1.7.27, 1.6.38	https://access.redhat.com/security/cve/CVE-2024-40635 https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/05044ec0a9a75232cad458027ca83437aae3f4da https://github.com/containerd/containerd/commit/11504c3fc5f45634f2d93d57743a998194430b82 (v1.7.27) https://github.com/containerd/containerd/commit/1a43cb6a1035441f9aca8f5666a9b3ef9e70ab20 https://github.com/containerd/containerd/commit/9639b9625554183d0c4d8d072dccb84fedd2320f (v1.6.38) https://github.com/containerd/containerd/commit/cf158e884cfe4812a6c371b59e4ea9bc4c46e51a https://github.com/containerd/containerd/security/advisories/GHSA-265r-hfxg-fhmg https://lists.debian.org/debian-lts-announce/2025/05/msg00005.html https://nvd.nist.gov/vuln/detail/CVE-2024-40635 https://ubuntu.com/security/notices/USN-7374-1 https://www.cve.org/CVERecord?id=CVE-2024-40635
golang.org/x/crypto	CVE-2025-22869	HIGH	v0.31.0	0.35.0	https://access.redhat.com/errata/RHSA-2025:3833 https://access.redhat.com/security/cve/CVE-2025-22869 https://bugzilla.redhat.com/2348367 https://errata.almalinux.org/9/ALSA-2025-3833.html https://github.com/golang/crypto https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22 https://go-review.googlesource.com/c/crypto/+/652135 https://go.dev/cl/652135 https://go.dev/issue/71931 https://linux.oracle.com/cve/CVE-2025-22869.html https://linux.oracle.com/errata/ELSA-2025-7416.html https://nvd.nist.gov/vuln/detail/CVE-2025-22869 https://pkg.go.dev/vuln/GO-2025-3487 https://security.netapp.com/advisory/ntap-20250411-0010 https://security.netapp.com/advisory/ntap-20250411-0010/ https://www.cve.org/CVERecord?id=CVE-2025-22869
golang.org/x/net	CVE-2025-22870	MEDIUM	v0.33.0	0.36.0	http://www.openwall.com/lists/oss-security/2025/03/07/2 https://access.redhat.com/security/cve/CVE-2025-22870 https://github.com/golang/go/issues/71984 https://go-review.googlesource.com/q/project:net https://go.dev/cl/654697 https://go.dev/issue/71984 https://groups.google.com/g/golang-announce/c/4t3lzH3I0eI/m/b42ImqrBAQAJ https://nvd.nist.gov/vuln/detail/CVE-2025-22870 https://pkg.go.dev/vuln/GO-2025-3503 https://security.netapp.com/advisory/ntap-20250509-0007 https://security.netapp.com/advisory/ntap-20250509-0007/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-22870
golang.org/x/net	CVE-2025-22872	MEDIUM	v0.33.0	0.38.0	https://access.redhat.com/security/cve/CVE-2025-22872 https://github.com/advisories/GHSA-vvgc-356p-c3xw https://go.dev/cl/662715 https://go.dev/issue/73070 https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA https://nvd.nist.gov/vuln/detail/CVE-2025-22872 https://pkg.go.dev/vuln/GO-2025-3595 https://security.netapp.com/advisory/ntap-20250516-0007 https://security.netapp.com/advisory/ntap-20250516-0007/ https://www.cve.org/CVERecord?id=CVE-2025-22872
helm.sh/helm/v3	CVE-2025-32386	MEDIUM	v3.15.2	3.17.3	https://access.redhat.com/security/cve/CVE-2025-32386 https://github.com/helm/helm https://github.com/helm/helm/commit/d8ca55fc669645c10c0681d49723f4bb8c0b1ce7 https://github.com/helm/helm/security/advisories/GHSA-4hfp-h4cw-hj8p https://nvd.nist.gov/vuln/detail/CVE-2025-32386 https://www.cve.org/CVERecord?id=CVE-2025-32386
helm.sh/helm/v3	CVE-2025-32387	MEDIUM	v3.15.2	3.17.3	https://access.redhat.com/security/cve/CVE-2025-32387 https://github.com/helm/helm https://github.com/helm/helm/commit/d8ca55fc669645c10c0681d49723f4bb8c0b1ce7 https://github.com/helm/helm/security/advisories/GHSA-5xqw-8hwv-wg92 https://nvd.nist.gov/vuln/detail/CVE-2025-32387 https://www.cve.org/CVERecord?id=CVE-2025-32387
stdlib	CVE-2025-0913	MEDIUM	v1.22.11	1.23.10, 1.24.4	https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib	CVE-2025-22866	MEDIUM	v1.22.11	1.22.12, 1.23.6, 1.24.0-rc.3	https://access.redhat.com/security/cve/CVE-2025-22866 https://github.com/golang/go/commit/0cc45e7ca668b103c1055ae84402ad3f3425dd56 (go1.22.12) https://github.com/golang/go/commit/6644ed63b1e6ccc129647ef6b0d4647fdbe14056 (go1.23.6) https://github.com/golang/go/commit/6fc23a3cff5e38ff72923fee50f51254dcdc6e93 (go1.24rc3) https://github.com/golang/go/issues/71383 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://linux.oracle.com/cve/CVE-2025-22866.html https://linux.oracle.com/errata/ELSA-2025-7466.html https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://security.netapp.com/advisory/ntap-20250221-0002/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-22866
stdlib	CVE-2025-22871	MEDIUM	v1.22.11	1.23.8, 1.24.2	http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/errata/RHSA-2025:9150 https://access.redhat.com/security/cve/CVE-2025-22871 https://bugzilla.redhat.com/2358493 https://errata.almalinux.org/9/ALSA-2025-9150.html https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://linux.oracle.com/cve/CVE-2025-22871.html https://linux.oracle.com/errata/ELSA-2025-9845.html https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
stdlib	CVE-2025-4673	MEDIUM	v1.22.11	1.23.10, 1.24.4	https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

usr/local/bin/age (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/crypto	CVE-2024-45337	CRITICAL	v0.24.0	0.31.0	http://www.openwall.com/lists/oss-security/2024/12/11/2 https://access.redhat.com/security/cve/CVE-2024-45337 https://github.com/golang/crypto https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909 https://go.dev/cl/635315 https://go.dev/issue/70779 https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ https://nvd.nist.gov/vuln/detail/CVE-2024-45337 https://pkg.go.dev/vuln/GO-2024-3321 https://security.netapp.com/advisory/ntap-20250131-0007 https://security.netapp.com/advisory/ntap-20250131-0007/ https://www.cve.org/CVERecord?id=CVE-2024-45337
golang.org/x/crypto	CVE-2025-22869	HIGH	v0.24.0	0.35.0	https://access.redhat.com/errata/RHSA-2025:3833 https://access.redhat.com/security/cve/CVE-2025-22869 https://bugzilla.redhat.com/2348367 https://errata.almalinux.org/9/ALSA-2025-3833.html https://github.com/golang/crypto https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22 https://go-review.googlesource.com/c/crypto/+/652135 https://go.dev/cl/652135 https://go.dev/issue/71931 https://linux.oracle.com/cve/CVE-2025-22869.html https://linux.oracle.com/errata/ELSA-2025-7416.html https://nvd.nist.gov/vuln/detail/CVE-2025-22869 https://pkg.go.dev/vuln/GO-2025-3487 https://security.netapp.com/advisory/ntap-20250411-0010 https://security.netapp.com/advisory/ntap-20250411-0010/ https://www.cve.org/CVERecord?id=CVE-2025-22869
stdlib	CVE-2024-45336	MEDIUM	v1.23.4	1.22.11, 1.23.5, 1.24.0-rc.2	https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45336 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643100 https://go.dev/issue/70530 https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45336.html https://linux.oracle.com/errata/ELSA-2025-7592.html https://nvd.nist.gov/vuln/detail/CVE-2024-45336 https://pkg.go.dev/vuln/GO-2025-3420 https://security.netapp.com/advisory/ntap-20250221-0003/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2024-45336
stdlib	CVE-2024-45341	MEDIUM	v1.23.4	1.22.11, 1.23.5, 1.24.0-rc.2	https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45341 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643099 https://go.dev/issue/71156 https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45341.html https://linux.oracle.com/errata/ELSA-2025-7466.html https://nvd.nist.gov/vuln/detail/CVE-2024-45341 https://pkg.go.dev/vuln/GO-2025-3373 https://security.netapp.com/advisory/ntap-20250221-0004/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2024-45341
stdlib	CVE-2025-0913	MEDIUM	v1.23.4	1.23.10, 1.24.4	https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib	CVE-2025-22866	MEDIUM	v1.23.4	1.22.12, 1.23.6, 1.24.0-rc.3	https://access.redhat.com/security/cve/CVE-2025-22866 https://github.com/golang/go/commit/0cc45e7ca668b103c1055ae84402ad3f3425dd56 (go1.22.12) https://github.com/golang/go/commit/6644ed63b1e6ccc129647ef6b0d4647fdbe14056 (go1.23.6) https://github.com/golang/go/commit/6fc23a3cff5e38ff72923fee50f51254dcdc6e93 (go1.24rc3) https://github.com/golang/go/issues/71383 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://linux.oracle.com/cve/CVE-2025-22866.html https://linux.oracle.com/errata/ELSA-2025-7466.html https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://security.netapp.com/advisory/ntap-20250221-0002/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-22866
stdlib	CVE-2025-22871	MEDIUM	v1.23.4	1.23.8, 1.24.2	http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/errata/RHSA-2025:9150 https://access.redhat.com/security/cve/CVE-2025-22871 https://bugzilla.redhat.com/2358493 https://errata.almalinux.org/9/ALSA-2025-9150.html https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://linux.oracle.com/cve/CVE-2025-22871.html https://linux.oracle.com/errata/ELSA-2025-9845.html https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
stdlib	CVE-2025-4673	MEDIUM	v1.23.4	1.23.10, 1.24.4	https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

usr/local/bin/age-keygen (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/crypto	CVE-2024-45337	CRITICAL	v0.24.0	0.31.0	http://www.openwall.com/lists/oss-security/2024/12/11/2 https://access.redhat.com/security/cve/CVE-2024-45337 https://github.com/golang/crypto https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909 https://go.dev/cl/635315 https://go.dev/issue/70779 https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ https://nvd.nist.gov/vuln/detail/CVE-2024-45337 https://pkg.go.dev/vuln/GO-2024-3321 https://security.netapp.com/advisory/ntap-20250131-0007 https://security.netapp.com/advisory/ntap-20250131-0007/ https://www.cve.org/CVERecord?id=CVE-2024-45337
golang.org/x/crypto	CVE-2025-22869	HIGH	v0.24.0	0.35.0	https://access.redhat.com/errata/RHSA-2025:3833 https://access.redhat.com/security/cve/CVE-2025-22869 https://bugzilla.redhat.com/2348367 https://errata.almalinux.org/9/ALSA-2025-3833.html https://github.com/golang/crypto https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22 https://go-review.googlesource.com/c/crypto/+/652135 https://go.dev/cl/652135 https://go.dev/issue/71931 https://linux.oracle.com/cve/CVE-2025-22869.html https://linux.oracle.com/errata/ELSA-2025-7416.html https://nvd.nist.gov/vuln/detail/CVE-2025-22869 https://pkg.go.dev/vuln/GO-2025-3487 https://security.netapp.com/advisory/ntap-20250411-0010 https://security.netapp.com/advisory/ntap-20250411-0010/ https://www.cve.org/CVERecord?id=CVE-2025-22869
stdlib	CVE-2024-45336	MEDIUM	v1.23.4	1.22.11, 1.23.5, 1.24.0-rc.2	https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45336 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643100 https://go.dev/issue/70530 https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45336.html https://linux.oracle.com/errata/ELSA-2025-7592.html https://nvd.nist.gov/vuln/detail/CVE-2024-45336 https://pkg.go.dev/vuln/GO-2025-3420 https://security.netapp.com/advisory/ntap-20250221-0003/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2024-45336
stdlib	CVE-2024-45341	MEDIUM	v1.23.4	1.22.11, 1.23.5, 1.24.0-rc.2	https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45341 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643099 https://go.dev/issue/71156 https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45341.html https://linux.oracle.com/errata/ELSA-2025-7466.html https://nvd.nist.gov/vuln/detail/CVE-2024-45341 https://pkg.go.dev/vuln/GO-2025-3373 https://security.netapp.com/advisory/ntap-20250221-0004/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2024-45341
stdlib	CVE-2025-0913	MEDIUM	v1.23.4	1.23.10, 1.24.4	https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib	CVE-2025-22866	MEDIUM	v1.23.4	1.22.12, 1.23.6, 1.24.0-rc.3	https://access.redhat.com/security/cve/CVE-2025-22866 https://github.com/golang/go/commit/0cc45e7ca668b103c1055ae84402ad3f3425dd56 (go1.22.12) https://github.com/golang/go/commit/6644ed63b1e6ccc129647ef6b0d4647fdbe14056 (go1.23.6) https://github.com/golang/go/commit/6fc23a3cff5e38ff72923fee50f51254dcdc6e93 (go1.24rc3) https://github.com/golang/go/issues/71383 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://linux.oracle.com/cve/CVE-2025-22866.html https://linux.oracle.com/errata/ELSA-2025-7466.html https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://security.netapp.com/advisory/ntap-20250221-0002/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-22866
stdlib	CVE-2025-22871	MEDIUM	v1.23.4	1.23.8, 1.24.2	http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/errata/RHSA-2025:9150 https://access.redhat.com/security/cve/CVE-2025-22871 https://bugzilla.redhat.com/2358493 https://errata.almalinux.org/9/ALSA-2025-9150.html https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://linux.oracle.com/cve/CVE-2025-22871.html https://linux.oracle.com/errata/ELSA-2025-9845.html https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
stdlib	CVE-2025-4673	MEDIUM	v1.23.4	1.23.10, 1.24.4	https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

usr/local/bin/helm (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2025-22874	HIGH	v1.24.3	1.24.4	https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib	CVE-2025-0913	MEDIUM	v1.24.3	1.23.10, 1.24.4	https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib	CVE-2025-4673	MEDIUM	v1.24.3	1.23.10, 1.24.4	https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

usr/local/bin/helmfile (gobinary)¶

No Vulnerabilities found
No Misconfigurations found

usr/local/bin/kubectl (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2025-22870	MEDIUM	v0.30.0	0.36.0	http://www.openwall.com/lists/oss-security/2025/03/07/2 https://access.redhat.com/security/cve/CVE-2025-22870 https://github.com/golang/go/issues/71984 https://go-review.googlesource.com/q/project:net https://go.dev/cl/654697 https://go.dev/issue/71984 https://groups.google.com/g/golang-announce/c/4t3lzH3I0eI/m/b42ImqrBAQAJ https://nvd.nist.gov/vuln/detail/CVE-2025-22870 https://pkg.go.dev/vuln/GO-2025-3503 https://security.netapp.com/advisory/ntap-20250509-0007 https://security.netapp.com/advisory/ntap-20250509-0007/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-22870
golang.org/x/net	CVE-2025-22872	MEDIUM	v0.30.0	0.38.0	https://access.redhat.com/security/cve/CVE-2025-22872 https://github.com/advisories/GHSA-vvgc-356p-c3xw https://go.dev/cl/662715 https://go.dev/issue/73070 https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA https://nvd.nist.gov/vuln/detail/CVE-2025-22872 https://pkg.go.dev/vuln/GO-2025-3595 https://security.netapp.com/advisory/ntap-20250516-0007 https://security.netapp.com/advisory/ntap-20250516-0007/ https://www.cve.org/CVERecord?id=CVE-2025-22872
stdlib	CVE-2024-45336	MEDIUM	v1.23.4	1.22.11, 1.23.5, 1.24.0-rc.2	https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45336 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643100 https://go.dev/issue/70530 https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45336.html https://linux.oracle.com/errata/ELSA-2025-7592.html https://nvd.nist.gov/vuln/detail/CVE-2024-45336 https://pkg.go.dev/vuln/GO-2025-3420 https://security.netapp.com/advisory/ntap-20250221-0003/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2024-45336
stdlib	CVE-2024-45341	MEDIUM	v1.23.4	1.22.11, 1.23.5, 1.24.0-rc.2	https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45341 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643099 https://go.dev/issue/71156 https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45341.html https://linux.oracle.com/errata/ELSA-2025-7466.html https://nvd.nist.gov/vuln/detail/CVE-2024-45341 https://pkg.go.dev/vuln/GO-2025-3373 https://security.netapp.com/advisory/ntap-20250221-0004/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2024-45341
stdlib	CVE-2025-0913	MEDIUM	v1.23.4	1.23.10, 1.24.4	https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib	CVE-2025-22866	MEDIUM	v1.23.4	1.22.12, 1.23.6, 1.24.0-rc.3	https://access.redhat.com/security/cve/CVE-2025-22866 https://github.com/golang/go/commit/0cc45e7ca668b103c1055ae84402ad3f3425dd56 (go1.22.12) https://github.com/golang/go/commit/6644ed63b1e6ccc129647ef6b0d4647fdbe14056 (go1.23.6) https://github.com/golang/go/commit/6fc23a3cff5e38ff72923fee50f51254dcdc6e93 (go1.24rc3) https://github.com/golang/go/issues/71383 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://linux.oracle.com/cve/CVE-2025-22866.html https://linux.oracle.com/errata/ELSA-2025-7466.html https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://security.netapp.com/advisory/ntap-20250221-0002/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-22866
stdlib	CVE-2025-22871	MEDIUM	v1.23.4	1.23.8, 1.24.2	http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/errata/RHSA-2025:9150 https://access.redhat.com/security/cve/CVE-2025-22871 https://bugzilla.redhat.com/2358493 https://errata.almalinux.org/9/ALSA-2025-9150.html https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://linux.oracle.com/cve/CVE-2025-22871.html https://linux.oracle.com/errata/ELSA-2025-9845.html https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
stdlib	CVE-2025-4673	MEDIUM	v1.23.4	1.23.10, 1.24.4	https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

usr/local/bin/kustomize (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-34156	HIGH	v1.21.12	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2025:3773 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2025-3773.html https://errata.rockylinux.org/RLSA-2024:7262 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2025-3773.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://security.netapp.com/advisory/ntap-20240926-0004/ https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2024-34155	MEDIUM	v1.21.12	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://bugzilla.redhat.com/show_bug.cgi?id=2315691 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9341 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:8039 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://security.netapp.com/advisory/ntap-20240926-0005/ https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.21.12	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://bugzilla.redhat.com/show_bug.cgi?id=2315691 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9341 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:8039 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2025-7118.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://security.netapp.com/advisory/ntap-20241004-0003/ https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
stdlib	CVE-2024-45336	MEDIUM	v1.21.12	1.22.11, 1.23.5, 1.24.0-rc.2	https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45336 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643100 https://go.dev/issue/70530 https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45336.html https://linux.oracle.com/errata/ELSA-2025-7592.html https://nvd.nist.gov/vuln/detail/CVE-2024-45336 https://pkg.go.dev/vuln/GO-2025-3420 https://security.netapp.com/advisory/ntap-20250221-0003/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2024-45336
stdlib	CVE-2024-45341	MEDIUM	v1.21.12	1.22.11, 1.23.5, 1.24.0-rc.2	https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45341 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643099 https://go.dev/issue/71156 https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45341.html https://linux.oracle.com/errata/ELSA-2025-7466.html https://nvd.nist.gov/vuln/detail/CVE-2024-45341 https://pkg.go.dev/vuln/GO-2025-3373 https://security.netapp.com/advisory/ntap-20250221-0004/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2024-45341
stdlib	CVE-2025-0913	MEDIUM	v1.21.12	1.23.10, 1.24.4	https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib	CVE-2025-22866	MEDIUM	v1.21.12	1.22.12, 1.23.6, 1.24.0-rc.3	https://access.redhat.com/security/cve/CVE-2025-22866 https://github.com/golang/go/commit/0cc45e7ca668b103c1055ae84402ad3f3425dd56 (go1.22.12) https://github.com/golang/go/commit/6644ed63b1e6ccc129647ef6b0d4647fdbe14056 (go1.23.6) https://github.com/golang/go/commit/6fc23a3cff5e38ff72923fee50f51254dcdc6e93 (go1.24rc3) https://github.com/golang/go/issues/71383 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://linux.oracle.com/cve/CVE-2025-22866.html https://linux.oracle.com/errata/ELSA-2025-7466.html https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://security.netapp.com/advisory/ntap-20250221-0002/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-22866
stdlib	CVE-2025-22871	MEDIUM	v1.21.12	1.23.8, 1.24.2	http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/errata/RHSA-2025:9150 https://access.redhat.com/security/cve/CVE-2025-22871 https://bugzilla.redhat.com/2358493 https://errata.almalinux.org/9/ALSA-2025-9150.html https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://linux.oracle.com/cve/CVE-2025-22871.html https://linux.oracle.com/errata/ELSA-2025-9845.html https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
stdlib	CVE-2025-4673	MEDIUM	v1.21.12	1.23.10, 1.24.4	https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found

usr/local/bin/sops (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/cloudflare/circl	GHSA-2x5j-vhc8-9cwm	LOW	v1.6.0	1.6.1	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm https://github.com/cloudflare/circl/tree/v1.6.1
stdlib	CVE-2025-22874	HIGH	v1.24.2	1.24.4	https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib	CVE-2025-0913	MEDIUM	v1.24.2	1.23.10, 1.24.4	https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib	CVE-2025-4673	MEDIUM	v1.24.2	1.23.10, 1.24.4	https://access.redhat.com/security/cve/CVE-2025-4673 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found