docker.io/squidfunk/mkdocs-material:latest (alpine 3.21.6)¶ Trivy Image Scan Image: docker.io/squidfunk/mkdocs-material:latest (alpine 3.21.6) Scan date: 2026-06-21 docker.io/squidfunk/mkdocs-material:latest (alpine 3.21.6) (alpine)¶ Package Vulnerability ID Severity Installed Version Fixed Version Links lcms2 CVE-2026-41254 HIGH 2.16-r0 2.19-r0 https://abhinavagarwal07.github.io/posts/lcms2-cubesize-overflow/ https://access.redhat.com/security/cve/CVE-2026-41254 https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0 https://github.com/mm2/Little-CMS/commit/e0641b1828d0a1af5ecb1b11fe22f24fceefd4bc https://github.com/mm2/Little-CMS/security/advisories/GHSA-4xp6-rcgg-m9qq https://lists.debian.org/debian-lts-announce/2026/05/msg00014.html https://nvd.nist.gov/vuln/detail/CVE-2026-41254 https://ubuntu.com/security/notices/USN-8209-1 https://ubuntu.com/security/notices/USN-8209-2 https://www.cve.org/CVERecord?id=CVE-2026-41254 https://www.openwall.com/lists/oss-security/2026/04/17/16 libcrypto3 CVE-2026-31789 CRITICAL 3.3.6-r0 3.3.7-r0 https://access.redhat.com/security/cve/CVE-2026-31789 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://github.com/advisories/GHSA-j79m-9jxq-788r https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49 https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9 https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://www.openwall.com/lists/oss-security/2026/04/07/11 libcrypto3 CVE-2026-28387 HIGH 3.3.6-r0 3.3.7-r0 https://access.redhat.com/security/cve/CVE-2026-28387 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cert-portal.siemens.com/productcert/html/ssa-265688.html https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3 https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7 https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177 https://nvd.nist.gov/vuln/detail/CVE-2026-28387 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28387 https://www.openwall.com/lists/oss-security/2026/04/07/11 libcrypto3 CVE-2026-28388 HIGH 3.3.6-r0 3.3.7-r0 https://access.redhat.com/security/cve/CVE-2026-28388 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cert-portal.siemens.com/productcert/html/ssa-265688.html https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139 https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3 https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8 https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://www.openwall.com/lists/oss-security/2026/04/07/11 libcrypto3 CVE-2026-28389 HIGH 3.3.6-r0 3.3.7-r0 https://access.redhat.com/security/cve/CVE-2026-28389 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cert-portal.siemens.com/productcert/html/ssa-265688.html https://github.com/advisories/GHSA-7x88-9hgc-69gf https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5 https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616 https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://www.openwall.com/lists/oss-security/2026/04/07/11 libcrypto3 CVE-2026-28390 HIGH 3.3.6-r0 3.3.7-r0 https://access.redhat.com/errata/RHSA-2026:22313 https://access.redhat.com/security/cve/CVE-2026-28390 https://bugzilla.redhat.com/2456314 https://bugzilla.redhat.com/show_bug.cgi?id=2456314 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cert-portal.siemens.com/productcert/html/ssa-265688.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28390 https://errata.almalinux.org/9/ALSA-2026-22313.html https://errata.rockylinux.org/RLSA-2026:22312 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://linux.oracle.com/cve/CVE-2026-28390.html https://linux.oracle.com/errata/ELSA-2026-22315.html https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://www.openwall.com/lists/oss-security/2026/04/07/11 libcrypto3 CVE-2026-31790 MEDIUM 3.3.6-r0 3.3.7-r0 https://access.redhat.com/errata/RHSA-2026:19218 https://access.redhat.com/security/cve/CVE-2026-31790 https://bugzilla.redhat.com/2451094 https://bugzilla.redhat.com/show_bug.cgi?id=2451094 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790 https://errata.almalinux.org/9/ALSA-2026-19218.html https://errata.rockylinux.org/RLSA-2026:19218 https://github.com/advisories/GHSA-vgxx-5xj5-q97x https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482 https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406 https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790 https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://www.openwall.com/lists/oss-security/2026/04/07/11 libexpat CVE-2026-45186 HIGH 2.7.5-r0 2.8.1-r0 http://www.openwall.com/lists/oss-security/2026/05/11/16 https://access.redhat.com/errata/RHSA-2026:23230 https://access.redhat.com/security/cve/CVE-2026-45186 https://bugzilla.redhat.com/2468575 https://bugzilla.redhat.com/show_bug.cgi?id=2468575 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-45186 https://errata.almalinux.org/9/ALSA-2026-23230.html https://errata.rockylinux.org/RLSA-2026:23230 https://github.com/libexpat/libexpat/pull/1216 https://linux.oracle.com/cve/CVE-2026-45186.html https://linux.oracle.com/errata/ELSA-2026-22721.html https://nvd.nist.gov/vuln/detail/CVE-2026-45186 https://www.cve.org/CVERecord?id=CVE-2026-45186 libexpat CVE-2026-41080 LOW 2.7.5-r0 2.8.1-r0 http://www.openwall.com/lists/oss-security/2026/04/26/1 https://access.redhat.com/security/cve/CVE-2026-41080 https://blog.hartwork.org/posts/expat-2-8-0-released/ https://github.com/libexpat/libexpat/issues/47 https://github.com/libexpat/libexpat/pull/1183 https://nvd.nist.gov/vuln/detail/CVE-2026-41080 https://www.cve.org/CVERecord?id=CVE-2026-41080 https://www.openwall.com/lists/oss-security/2026/04/26/1 libpng CVE-2026-33416 MEDIUM 1.6.55-r0 1.6.56-r0 https://access.redhat.com/errata/RHSA-2026:9693 https://access.redhat.com/security/cve/CVE-2026-33416 https://bugzilla.redhat.com/show_bug.cgi?id=2451805 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33416 https://errata.almalinux.org/9/ALSA-2026-9693.html https://errata.rockylinux.org/RLSA-2026:18028 https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667 https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25 https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1 https://github.com/pnggroup/libpng/pull/824 https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j https://linux.oracle.com/cve/CVE-2026-33416.html https://linux.oracle.com/errata/ELSA-2026-9693.html https://nvd.nist.gov/vuln/detail/CVE-2026-33416 https://ubuntu.com/security/notices/USN-8251-1 https://www.cve.org/CVERecord?id=CVE-2026-33416 libpng CVE-2026-33636 MEDIUM 1.6.55-r0 1.6.56-r0 https://access.redhat.com/errata/RHSA-2026:9693 https://access.redhat.com/security/cve/CVE-2026-33636 https://bugzilla.redhat.com/show_bug.cgi?id=2451819 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33636 https://errata.almalinux.org/9/ALSA-2026-9693.html https://errata.rockylinux.org/RLSA-2026:14791 https://github.com/pnggroup/libpng/commit/7734cda20cf1236aef60f3bbd2267c97bbb40869 https://github.com/pnggroup/libpng/commit/aba9f18eba870d14fb52c5ba5d73451349e339c3 https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2 https://linux.oracle.com/cve/CVE-2026-33636.html https://linux.oracle.com/errata/ELSA-2026-9693.html https://nvd.nist.gov/vuln/detail/CVE-2026-33636 https://ubuntu.com/security/notices/USN-8251-1 https://www.cve.org/CVERecord?id=CVE-2026-33636 libpng CVE-2026-34757 MEDIUM 1.6.55-r0 1.6.57-r0 https://access.redhat.com/security/cve/CVE-2026-34757 https://github.com/pnggroup/libpng/commit/398cbe3df03f4e11bb031e07f416dfdde3684e8a https://github.com/pnggroup/libpng/commit/55d20aaa322c9274491cda82c5cd4f99b48c6bcc https://github.com/pnggroup/libpng/issues/836 https://github.com/pnggroup/libpng/issues/837 https://github.com/pnggroup/libpng/security/advisories/GHSA-6fr7-g8h7-v645 https://lists.debian.org/debian-lts-announce/2026/05/msg00017.html https://nvd.nist.gov/vuln/detail/CVE-2026-34757 https://ubuntu.com/security/notices/USN-8251-1 https://www.cve.org/CVERecord?id=CVE-2026-34757 libpng-dev CVE-2026-33416 MEDIUM 1.6.55-r0 1.6.56-r0 https://access.redhat.com/errata/RHSA-2026:9693 https://access.redhat.com/security/cve/CVE-2026-33416 https://bugzilla.redhat.com/show_bug.cgi?id=2451805 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33416 https://errata.almalinux.org/9/ALSA-2026-9693.html https://errata.rockylinux.org/RLSA-2026:18028 https://github.com/pnggroup/libpng/commit/23019269764e35ed8458e517f1897bd3c54820eb https://github.com/pnggroup/libpng/commit/7ea9eea884a2328cc7fdcb3c0c00246a50d90667 https://github.com/pnggroup/libpng/commit/a3a21443ed12bfa1ef46fa0d4fb2b74a0fa34a25 https://github.com/pnggroup/libpng/commit/c1b0318b393c90679e6fa5bc1d329fd5d5012ec1 https://github.com/pnggroup/libpng/pull/824 https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j https://linux.oracle.com/cve/CVE-2026-33416.html https://linux.oracle.com/errata/ELSA-2026-9693.html https://nvd.nist.gov/vuln/detail/CVE-2026-33416 https://ubuntu.com/security/notices/USN-8251-1 https://www.cve.org/CVERecord?id=CVE-2026-33416 libpng-dev CVE-2026-33636 MEDIUM 1.6.55-r0 1.6.56-r0 https://access.redhat.com/errata/RHSA-2026:9693 https://access.redhat.com/security/cve/CVE-2026-33636 https://bugzilla.redhat.com/show_bug.cgi?id=2451819 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33636 https://errata.almalinux.org/9/ALSA-2026-9693.html https://errata.rockylinux.org/RLSA-2026:14791 https://github.com/pnggroup/libpng/commit/7734cda20cf1236aef60f3bbd2267c97bbb40869 https://github.com/pnggroup/libpng/commit/aba9f18eba870d14fb52c5ba5d73451349e339c3 https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2 https://linux.oracle.com/cve/CVE-2026-33636.html https://linux.oracle.com/errata/ELSA-2026-9693.html https://nvd.nist.gov/vuln/detail/CVE-2026-33636 https://ubuntu.com/security/notices/USN-8251-1 https://www.cve.org/CVERecord?id=CVE-2026-33636 libpng-dev CVE-2026-34757 MEDIUM 1.6.55-r0 1.6.57-r0 https://access.redhat.com/security/cve/CVE-2026-34757 https://github.com/pnggroup/libpng/commit/398cbe3df03f4e11bb031e07f416dfdde3684e8a https://github.com/pnggroup/libpng/commit/55d20aaa322c9274491cda82c5cd4f99b48c6bcc https://github.com/pnggroup/libpng/issues/836 https://github.com/pnggroup/libpng/issues/837 https://github.com/pnggroup/libpng/security/advisories/GHSA-6fr7-g8h7-v645 https://lists.debian.org/debian-lts-announce/2026/05/msg00017.html https://nvd.nist.gov/vuln/detail/CVE-2026-34757 https://ubuntu.com/security/notices/USN-8251-1 https://www.cve.org/CVERecord?id=CVE-2026-34757 libssl3 CVE-2026-31789 CRITICAL 3.3.6-r0 3.3.7-r0 https://access.redhat.com/security/cve/CVE-2026-31789 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://github.com/advisories/GHSA-j79m-9jxq-788r https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49 https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9 https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://www.openwall.com/lists/oss-security/2026/04/07/11 libssl3 CVE-2026-28387 HIGH 3.3.6-r0 3.3.7-r0 https://access.redhat.com/security/cve/CVE-2026-28387 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cert-portal.siemens.com/productcert/html/ssa-265688.html https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3 https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7 https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177 https://nvd.nist.gov/vuln/detail/CVE-2026-28387 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28387 https://www.openwall.com/lists/oss-security/2026/04/07/11 libssl3 CVE-2026-28388 HIGH 3.3.6-r0 3.3.7-r0 https://access.redhat.com/security/cve/CVE-2026-28388 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cert-portal.siemens.com/productcert/html/ssa-265688.html https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139 https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3 https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8 https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://www.openwall.com/lists/oss-security/2026/04/07/11 libssl3 CVE-2026-28389 HIGH 3.3.6-r0 3.3.7-r0 https://access.redhat.com/security/cve/CVE-2026-28389 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cert-portal.siemens.com/productcert/html/ssa-265688.html https://github.com/advisories/GHSA-7x88-9hgc-69gf https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5 https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616 https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://www.openwall.com/lists/oss-security/2026/04/07/11 libssl3 CVE-2026-28390 HIGH 3.3.6-r0 3.3.7-r0 https://access.redhat.com/errata/RHSA-2026:22313 https://access.redhat.com/security/cve/CVE-2026-28390 https://bugzilla.redhat.com/2456314 https://bugzilla.redhat.com/show_bug.cgi?id=2456314 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cert-portal.siemens.com/productcert/html/ssa-265688.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28390 https://errata.almalinux.org/9/ALSA-2026-22313.html https://errata.rockylinux.org/RLSA-2026:22312 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://linux.oracle.com/cve/CVE-2026-28390.html https://linux.oracle.com/errata/ELSA-2026-22315.html https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://www.openwall.com/lists/oss-security/2026/04/07/11 libssl3 CVE-2026-31790 MEDIUM 3.3.6-r0 3.3.7-r0 https://access.redhat.com/errata/RHSA-2026:19218 https://access.redhat.com/security/cve/CVE-2026-31790 https://bugzilla.redhat.com/2451094 https://bugzilla.redhat.com/show_bug.cgi?id=2451094 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31790 https://errata.almalinux.org/9/ALSA-2026-19218.html https://errata.rockylinux.org/RLSA-2026:19218 https://github.com/advisories/GHSA-vgxx-5xj5-q97x https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482 https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406 https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790 https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://www.openwall.com/lists/oss-security/2026/04/07/11 musl CVE-2026-40200 HIGH 1.2.5-r9 1.2.5-r11 http://www.openwall.com/lists/oss-security/2026/04/10/13 https://access.redhat.com/security/cve/CVE-2026-40200 https://musl.libc.org/releases.html https://nvd.nist.gov/vuln/detail/CVE-2026-40200 https://www.cve.org/CVERecord?id=CVE-2026-40200 https://www.openwall.com/lists/oss-security/2026/04/10/13 musl CVE-2026-6042 MEDIUM 1.2.5-r9 1.2.5-r10 http://www.openwall.com/lists/oss-security/2026/04/09/19 https://access.redhat.com/security/cve/CVE-2026-6042 https://nvd.nist.gov/vuln/detail/CVE-2026-6042 https://vuldb.com/submit/796352 https://vuldb.com/vuln/356620 https://vuldb.com/vuln/356620/cti https://www.cve.org/CVERecord?id=CVE-2026-6042 https://www.openwall.com/lists/oss-security/2026/04/02/10 https://www.openwall.com/lists/oss-security/2026/04/03/2 musl-utils CVE-2026-40200 HIGH 1.2.5-r9 1.2.5-r11 http://www.openwall.com/lists/oss-security/2026/04/10/13 https://access.redhat.com/security/cve/CVE-2026-40200 https://musl.libc.org/releases.html https://nvd.nist.gov/vuln/detail/CVE-2026-40200 https://www.cve.org/CVERecord?id=CVE-2026-40200 https://www.openwall.com/lists/oss-security/2026/04/10/13 musl-utils CVE-2026-6042 MEDIUM 1.2.5-r9 1.2.5-r10 http://www.openwall.com/lists/oss-security/2026/04/09/19 https://access.redhat.com/security/cve/CVE-2026-6042 https://nvd.nist.gov/vuln/detail/CVE-2026-6042 https://vuldb.com/submit/796352 https://vuldb.com/vuln/356620 https://vuldb.com/vuln/356620/cti https://www.cve.org/CVERecord?id=CVE-2026-6042 https://www.openwall.com/lists/oss-security/2026/04/02/10 https://www.openwall.com/lists/oss-security/2026/04/03/2 nghttp2-libs CVE-2026-27135 HIGH 1.64.0-r0 1.68.1 http://www.openwall.com/lists/oss-security/2026/03/20/3 https://access.redhat.com/errata/RHSA-2026:7896 https://access.redhat.com/security/cve/CVE-2026-27135 https://bugzilla.redhat.com/2441268 https://bugzilla.redhat.com/2442922 https://bugzilla.redhat.com/2448754 https://bugzilla.redhat.com/2453151 https://bugzilla.redhat.com/show_bug.cgi?id=2448754 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27135 https://errata.almalinux.org/9/ALSA-2026-7896.html https://errata.rockylinux.org/RLSA-2026:7668 https://github.com/nghttp2/nghttp2/commit/5c7df8fa815ac1004d9ecb9d1f7595c4d37f46e1 https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 https://linux.oracle.com/cve/CVE-2026-27135.html https://linux.oracle.com/errata/ELSA-2026-8339.html https://lists.debian.org/debian-lts-announce/2026/05/msg00025.html https://nvd.nist.gov/vuln/detail/CVE-2026-27135 https://ubuntu.com/security/notices/USN-8233-1 https://ubuntu.com/security/notices/USN-8233-2 https://www.cve.org/CVERecord?id=CVE-2026-27135 xz-libs CVE-2026-34743 MEDIUM 5.6.3-r1 5.8.3-r0 http://www.openwall.com/lists/oss-security/2026/03/31/13 https://access.redhat.com/security/cve/CVE-2026-34743 https://github.com/tukaani-project/xz/commit/c8c22869e780ff57c96b46939c3d79ff99395f87 https://github.com/tukaani-project/xz/releases/tag/v5.8.3 https://github.com/tukaani-project/xz/security/advisories/GHSA-x872-m794-cxhv https://nvd.nist.gov/vuln/detail/CVE-2026-34743 https://tukaani.org/xz/index-append-overflow.html https://ubuntu.com/security/notices/USN-8362-1 https://www.cve.org/CVERecord?id=CVE-2026-34743 zlib CVE-2026-22184 HIGH 1.3.1-r2 1.3.2-r0 https://access.redhat.com/security/cve/CVE-2026-22184 https://github.com/madler/zlib https://github.com/madler/zlib/issues/1142 https://nvd.nist.gov/vuln/detail/CVE-2026-22184 https://seclists.org/fulldisclosure/2026/Jan/3 https://www.cve.org/CVERecord?id=CVE-2026-22184 https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname https://zlib.net/ zlib CVE-2026-27171 MEDIUM 1.3.1-r2 1.3.2-r0 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://access.redhat.com/security/cve/CVE-2026-27171 https://github.com/advisories/GHSA-h858-mf2m-8jf4 https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://ostif.org/zlib-audit-complete https://ostif.org/zlib-audit-complete/ https://www.cve.org/CVERecord?id=CVE-2026-27171 zlib-dev CVE-2026-22184 HIGH 1.3.1-r2 1.3.2-r0 https://access.redhat.com/security/cve/CVE-2026-22184 https://github.com/madler/zlib https://github.com/madler/zlib/issues/1142 https://nvd.nist.gov/vuln/detail/CVE-2026-22184 https://seclists.org/fulldisclosure/2026/Jan/3 https://www.cve.org/CVERecord?id=CVE-2026-22184 https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname https://zlib.net/ zlib-dev CVE-2026-27171 MEDIUM 1.3.1-r2 1.3.2-r0 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://access.redhat.com/security/cve/CVE-2026-27171 https://github.com/advisories/GHSA-h858-mf2m-8jf4 https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://ostif.org/zlib-audit-complete https://ostif.org/zlib-audit-complete/ https://www.cve.org/CVERecord?id=CVE-2026-27171 No Misconfigurations found Python (python-pkg)¶ Package Vulnerability ID Severity Installed Version Fixed Version Links GitPython CVE-2026-42215 HIGH 3.1.46 3.1.47 https://github.com/gitpython-developers/GitPython https://github.com/gitpython-developers/GitPython/releases/tag/3.1.47 https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-rpm5-65cw-6hj4 https://nvd.nist.gov/vuln/detail/CVE-2026-42215 https://ubuntu.com/security/notices/USN-8303-1 https://www.cve.org/CVERecord?id=CVE-2026-42215 GitPython CVE-2026-42284 HIGH 3.1.46 3.1.47 https://github.com/gitpython-developers/GitPython https://github.com/gitpython-developers/GitPython/releases/tag/3.1.47 https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-x2qx-6953-8485 https://nvd.nist.gov/vuln/detail/CVE-2026-42284 https://ubuntu.com/security/notices/USN-8303-1 https://www.cve.org/CVERecord?id=CVE-2026-42284 https://www.tenable.com/cve/CVE-2026-32686 GitPython CVE-2026-44243 HIGH 3.1.46 3.1.48 https://access.redhat.com/security/cve/CVE-2026-44243 https://github.com/gitpython-developers/GitPython https://github.com/gitpython-developers/GitPython/releases/tag/3.1.48 https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-7545-fcxq-7j24 https://nvd.nist.gov/vuln/detail/CVE-2026-44243 https://ubuntu.com/security/notices/USN-8303-1 https://www.cve.org/CVERecord?id=CVE-2026-44243 GitPython CVE-2026-44244 HIGH 3.1.46 3.1.49 https://github.com/gitpython-developers/GitPython https://github.com/gitpython-developers/GitPython/releases/tag/3.1.49 https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-v87r-6q3f-2j67 https://nvd.nist.gov/vuln/detail/CVE-2026-44244 https://ubuntu.com/security/notices/USN-8303-1 https://www.cve.org/CVERecord?id=CVE-2026-44244 GitPython GHSA-mv93-w799-cj2w HIGH 3.1.46 3.1.50 https://github.com/advisories/GHSA-rpm5-65cw-6hj4 https://github.com/gitpython-developers/GitPython https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-mv93-w799-cj2w Pygments CVE-2026-4539 LOW 2.19.2 2.20.0 https://access.redhat.com/security/cve/CVE-2026-4539 https://github.com/pygments/pygments https://github.com/pygments/pygments/ https://github.com/pygments/pygments/commit/24b8aa76c6cd6d70f39c6dd605cce319c98e2ccc https://github.com/pygments/pygments/issues/3058 https://github.com/pygments/pygments/pull/3064 https://github.com/pygments/pygments/releases/tag/2.20.0 https://nvd.nist.gov/vuln/detail/CVE-2026-4539 https://vuldb.com/?ctiid.352327 https://vuldb.com/?id.352327 https://vuldb.com/?submit.774685 https://www.cve.org/CVERecord?id=CVE-2026-4539 idna CVE-2026-45409 MEDIUM 3.11 3.15 https://github.com/kjd/idna https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx https://nvd.nist.gov/vuln/detail/CVE-2026-45409 jaraco.context CVE-2026-23949 HIGH 5.3.0 6.1.0 https://access.redhat.com/security/cve/CVE-2026-23949 https://github.com/jaraco/jaraco.context https://github.com/jaraco/jaraco.context/blob/main/jaraco/context/__init__.py#L74-L91 https://github.com/jaraco/jaraco.context/commit/7b26a42b525735e4085d2e994e13802ea339d5f9 https://github.com/jaraco/jaraco.context/security/advisories/GHSA-58pv-8j8x-9vj2 https://github.com/pypa/setuptools/blob/main/setuptools/_vendor/jaraco/context.py#L55-L76 https://nvd.nist.gov/vuln/detail/CVE-2026-23949 https://ubuntu.com/security/notices/USN-7979-1 https://www.cve.org/CVERecord?id=CVE-2026-23949 msgpack GHSA-6v7p-g79w-8964 HIGH 1.1.2 1.2.1 https://github.com/msgpack/msgpack-python https://github.com/msgpack/msgpack-python/commit/2c56ddb5d0025ed481d962c0f5d62d19dec7476d https://github.com/msgpack/msgpack-python/releases/tag/v1.2.1 https://github.com/msgpack/msgpack-python/security/advisories/GHSA-6v7p-g79w-8964 pillow CVE-2026-40192 HIGH 12.1.1 12.2.0 https://access.redhat.com/security/cve/CVE-2026-40192 https://github.com/python-pillow/Pillow https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628 https://github.com/python-pillow/Pillow/pull/9521 https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j https://nvd.nist.gov/vuln/detail/CVE-2026-40192 https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb https://ubuntu.com/security/notices/USN-8211-1 https://www.cve.org/CVERecord?id=CVE-2026-40192 pillow CVE-2026-42311 HIGH 12.1.1 12.2.0 https://github.com/python-pillow/Pillow https://github.com/python-pillow/Pillow/commit/58f9a1d166dcb0c274807d4423522d205b0c35ea https://github.com/python-pillow/Pillow/pull/9520 https://github.com/python-pillow/Pillow/releases/tag/12.2.0 https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc https://github.com/python-pillow/Pillow/security/advisories/GHSA-pwv6-vv43-88gr https://nvd.nist.gov/vuln/detail/CVE-2026-42311 https://ubuntu.com/security/notices/USN-8399-1 https://www.cve.org/CVERecord?id=CVE-2026-42311 pillow CVE-2026-42308 MEDIUM 12.1.1 12.2.0 https://access.redhat.com/security/cve/CVE-2026-42308 https://github.com/pypa/advisory-database/tree/main/vulns/pillow/PYSEC-2026-165.yaml https://github.com/python-pillow/Pillow https://github.com/python-pillow/Pillow/pull/9518/changes (suspected fix) https://github.com/python-pillow/Pillow/releases/tag/12.2.0 https://github.com/python-pillow/Pillow/security/advisories/GHSA-wjx4-4jcj-g98j https://nvd.nist.gov/vuln/detail/CVE-2026-42308 https://ubuntu.com/security/notices/USN-8399-1 https://www.cve.org/CVERecord?id=CVE-2026-42308 pillow CVE-2026-42309 MEDIUM 12.1.1 12.2.0 https://access.redhat.com/security/cve/CVE-2026-42309 https://github.com/python-pillow/Pillow https://github.com/python-pillow/Pillow/releases/tag/12.2.0 https://github.com/python-pillow/Pillow/security/advisories/GHSA-5xmw-vc9v-4wf2 https://nvd.nist.gov/vuln/detail/CVE-2026-42309 https://ubuntu.com/security/notices/USN-8399-1 https://www.cve.org/CVERecord?id=CVE-2026-42309 pillow CVE-2026-42310 MEDIUM 12.1.1 12.2.0 https://access.redhat.com/security/cve/CVE-2026-42310 https://github.com/python-pillow/Pillow https://github.com/python-pillow/Pillow/commit/3bf614e4b8615d0ce1d5039efaf6db447fe7c468 https://github.com/python-pillow/Pillow/pull/9519 https://github.com/python-pillow/Pillow/releases/tag/12.2.0 https://github.com/python-pillow/Pillow/security/advisories/GHSA-r73j-pqj5-w3x7 https://nvd.nist.gov/vuln/detail/CVE-2026-42310 https://ubuntu.com/security/notices/USN-8399-1 https://www.cve.org/CVERecord?id=CVE-2026-42310 pip CVE-2026-3219 MEDIUM 26.0.1 26.1 http://www.openwall.com/lists/oss-security/2026/04/20/8 https://access.redhat.com/security/cve/CVE-2026-3219 https://github.com/pypa/pip https://github.com/pypa/pip/issues/13867 https://github.com/pypa/pip/pull/13870 https://mail.python.org/archives/list/security-announce@python.org/thread/QAJ5JIVWWCAJ4EZL2FP5MOOW35JS7LRJ https://mail.python.org/archives/list/security-announce@python.org/thread/QAJ5JIVWWCAJ4EZL2FP5MOOW35JS7LRJ/ https://nvd.nist.gov/vuln/detail/CVE-2026-3219 https://www.cve.org/CVERecord?id=CVE-2026-3219 pip CVE-2026-6357 MEDIUM 26.0.1 26.1 http://www.openwall.com/lists/oss-security/2026/04/27/7 https://access.redhat.com/security/cve/CVE-2026-6357 https://github.com/pypa/pip https://github.com/pypa/pip/commit/b369bfc96cc524e00c267e1693290e6599c36bad https://github.com/pypa/pip/pull/13923 https://ichard26.github.io/blog/2026/04/whats-new-in-pip-26.1/#security-fixes https://nvd.nist.gov/vuln/detail/CVE-2026-6357 https://www.cve.org/CVERecord?id=CVE-2026-6357 pymdown-extensions CVE-2026-46338 MEDIUM 10.21 10.21.3 https://github.com/facelessuser/pymdown-extensions https://github.com/facelessuser/pymdown-extensions/pull/2039 https://github.com/facelessuser/pymdown-extensions/security/advisories/GHSA-62q4-447f-wv8h requests CVE-2026-25645 MEDIUM 2.32.5 2.33.0 https://access.redhat.com/security/cve/CVE-2026-25645 https://github.com/psf/requests https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7 https://github.com/psf/requests/releases/tag/v2.33.0 https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2 https://nvd.nist.gov/vuln/detail/CVE-2026-25645 https://www.cve.org/CVERecord?id=CVE-2026-25645 urllib3 CVE-2026-44431 HIGH 2.6.3 2.7.0 https://access.redhat.com/security/cve/CVE-2026-44431 https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc https://nvd.nist.gov/vuln/detail/CVE-2026-44431 https://ubuntu.com/security/notices/USN-8379-1 https://www.cve.org/CVERecord?id=CVE-2026-44431 urllib3 CVE-2026-44432 HIGH 2.6.3 2.7.0 https://access.redhat.com/security/cve/CVE-2026-44432 https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2026-142.yaml https://github.com/urllib3/urllib3 https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j https://nvd.nist.gov/vuln/detail/CVE-2026-44432 https://ubuntu.com/security/notices/USN-8379-1 https://www.cve.org/CVERecord?id=CVE-2026-44432 wheel CVE-2026-24049 HIGH 0.45.1 0.46.2 https://access.redhat.com/errata/RHSA-2026:1939 https://access.redhat.com/security/cve/CVE-2026-24049 https://bugzilla.redhat.com/2431959 https://bugzilla.redhat.com/show_bug.cgi?id=2431959 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24049 https://errata.almalinux.org/9/ALSA-2026-1939.html https://errata.rockylinux.org/RLSA-2026:1939 https://github.com/pypa/wheel https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef https://github.com/pypa/wheel/commit/934fe177ff912c8e03d5ae951d3805e1fd90ba5e https://github.com/pypa/wheel/releases/tag/0.46.2 https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx https://linux.oracle.com/cve/CVE-2026-24049.html https://linux.oracle.com/errata/ELSA-2026-2090.html https://nvd.nist.gov/vuln/detail/CVE-2026-24049 https://ubuntu.com/security/notices/USN-8221-1 https://www.cve.org/CVERecord?id=CVE-2026-24049 wheel CVE-2026-24049 HIGH 0.45.1 0.46.2 https://access.redhat.com/errata/RHSA-2026:1939 https://access.redhat.com/security/cve/CVE-2026-24049 https://bugzilla.redhat.com/2431959 https://bugzilla.redhat.com/show_bug.cgi?id=2431959 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24049 https://errata.almalinux.org/9/ALSA-2026-1939.html https://errata.rockylinux.org/RLSA-2026:1939 https://github.com/pypa/wheel https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef https://github.com/pypa/wheel/commit/934fe177ff912c8e03d5ae951d3805e1fd90ba5e https://github.com/pypa/wheel/releases/tag/0.46.2 https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx https://linux.oracle.com/cve/CVE-2026-24049.html https://linux.oracle.com/errata/ELSA-2026-2090.html https://nvd.nist.gov/vuln/detail/CVE-2026-24049 https://ubuntu.com/security/notices/USN-8221-1 https://www.cve.org/CVERecord?id=CVE-2026-24049 No Misconfigurations found