Skip to content

docker.io/semgrep/semgrep:latest (alpine 3.23.3)

Trivy Image Scan

  • Image: docker.io/semgrep/semgrep:latest (alpine 3.23.3)
  • Scan date: 2026-04-01

docker.io/semgrep/semgrep:latest (alpine 3.23.3) (alpine)

Package Vulnerability ID Severity Installed Version Fixed Version Links
libexpat CVE-2026-32776 MEDIUM 2.7.4-r0 2.7.5-r0 https://access.redhat.com/security/cve/CVE-2026-32776 https://github.com/libexpat/libexpat/pull/1158 https://github.com/libexpat/libexpat/pull/1159 https://nvd.nist.gov/vuln/detail/CVE-2026-32776 https://www.cve.org/CVERecord?id=CVE-2026-32776
libexpat CVE-2026-32777 MEDIUM 2.7.4-r0 2.7.5-r0 https://access.redhat.com/security/cve/CVE-2026-32777 https://github.com/libexpat/libexpat/issues/1161 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1162 https://issues.oss-fuzz.com/issues/486993411 https://nvd.nist.gov/vuln/detail/CVE-2026-32777 https://www.cve.org/CVERecord?id=CVE-2026-32777
libexpat CVE-2026-32778 MEDIUM 2.7.4-r0 2.7.5-r0 https://access.redhat.com/security/cve/CVE-2026-32778 https://github.com/libexpat/libexpat/pull/1159 https://github.com/libexpat/libexpat/pull/1163 https://nvd.nist.gov/vuln/detail/CVE-2026-32778 https://www.cve.org/CVERecord?id=CVE-2026-32778
No Misconfigurations found

Python (python-pkg)

Package Vulnerability ID Severity Installed Version Fixed Version Links
Pygments CVE-2026-4539 LOW 2.19.2 2.20.0 https://access.redhat.com/security/cve/CVE-2026-4539 https://github.com/pygments/pygments https://github.com/pygments/pygments/ https://github.com/pygments/pygments/commit/24b8aa76c6cd6d70f39c6dd605cce319c98e2ccc https://github.com/pygments/pygments/issues/3058 https://github.com/pygments/pygments/pull/3064 https://github.com/pygments/pygments/releases/tag/2.20.0 https://nvd.nist.gov/vuln/detail/CVE-2026-4539 https://vuldb.com/?ctiid.352327 https://vuldb.com/?id.352327 https://vuldb.com/?submit.774685 https://www.cve.org/CVERecord?id=CVE-2026-4539
check-jsonschema CVE-2024-53848 MEDIUM 0.28.4 0.30.0 https://access.redhat.com/security/cve/CVE-2024-53848 https://github.com/python-jsonschema/check-jsonschema https://github.com/python-jsonschema/check-jsonschema/commit/c52714b85e6725b1b24516fbdedacb333b939152 https://github.com/python-jsonschema/check-jsonschema/security/advisories/GHSA-q6mv-284r-mp36 https://nvd.nist.gov/vuln/detail/CVE-2024-53848 https://www.cve.org/CVERecord?id=CVE-2024-53848
cryptography CVE-2026-34073 LOW 46.0.5 46.0.6 https://github.com/pyca/cryptography https://github.com/pyca/cryptography/security/advisories/GHSA-m959-cc7f-wv43 https://nvd.nist.gov/vuln/detail/CVE-2026-34073
jaraco.context CVE-2026-23949 HIGH 5.3.0 6.1.0 https://access.redhat.com/security/cve/CVE-2026-23949 https://github.com/jaraco/jaraco.context https://github.com/jaraco/jaraco.context/blob/main/jaraco/context/__init__.py#L74-L91 https://github.com/jaraco/jaraco.context/commit/7b26a42b525735e4085d2e994e13802ea339d5f9 https://github.com/jaraco/jaraco.context/security/advisories/GHSA-58pv-8j8x-9vj2 https://github.com/pypa/setuptools/blob/main/setuptools/_vendor/jaraco/context.py#L55-L76 https://nvd.nist.gov/vuln/detail/CVE-2026-23949 https://ubuntu.com/security/notices/USN-7979-1 https://www.cve.org/CVERecord?id=CVE-2026-23949
pip CVE-2025-8869 MEDIUM 25.1.1 25.3 https://access.redhat.com/security/cve/CVE-2025-8869 https://github.com/pypa/pip https://github.com/pypa/pip/commit/f2b92314da012b9fffa36b3f3e67748a37ef464a https://github.com/pypa/pip/pull/13550 https://lists.debian.org/debian-lts-announce/2025/10/msg00028.html https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN https://mail.python.org/archives/list/security-announce@python.org/thread/IF5A3GCJY3VH7BVHJKOWOJFKTW7VFQEN/ https://nvd.nist.gov/vuln/detail/CVE-2025-8869 https://pip.pypa.io/en/stable/news/#v25-2 https://www.cve.org/CVERecord?id=CVE-2025-8869
pip CVE-2026-1703 LOW 25.1.1 26.0 https://access.redhat.com/security/cve/CVE-2026-1703 https://github.com/pypa/pip https://github.com/pypa/pip/commit/8e227a9be4faa9594e05d02ca05a413a2a4e7735 https://github.com/pypa/pip/pull/13777 https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ https://mail.python.org/archives/list/security-announce@python.org/thread/WIEA34D4TABF2UNQJAOMXKCICSPBE2DJ/ https://nvd.nist.gov/vuln/detail/CVE-2026-1703 https://www.cve.org/CVERecord?id=CVE-2026-1703
requests CVE-2026-25645 MEDIUM 2.32.5 2.33.0 https://access.redhat.com/security/cve/CVE-2026-25645 https://github.com/psf/requests https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7 https://github.com/psf/requests/releases/tag/v2.33.0 https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2 https://nvd.nist.gov/vuln/detail/CVE-2026-25645 https://www.cve.org/CVERecord?id=CVE-2026-25645
wheel CVE-2026-24049 HIGH 0.45.1 0.46.2 https://access.redhat.com/errata/RHSA-2026:1939 https://access.redhat.com/security/cve/CVE-2026-24049 https://bugzilla.redhat.com/2431959 https://bugzilla.redhat.com/show_bug.cgi?id=2431959 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24049 https://errata.almalinux.org/9/ALSA-2026-1939.html https://errata.rockylinux.org/RLSA-2026:1939 https://github.com/pypa/wheel https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef https://github.com/pypa/wheel/commit/934fe177ff912c8e03d5ae951d3805e1fd90ba5e https://github.com/pypa/wheel/releases/tag/0.46.2 https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx https://linux.oracle.com/cve/CVE-2026-24049.html https://linux.oracle.com/errata/ELSA-2026-2090.html https://nvd.nist.gov/vuln/detail/CVE-2026-24049 https://www.cve.org/CVERecord?id=CVE-2026-24049
No Misconfigurations found