Skip to content

to be continuous

SONAR_SCANNER_IMAGE

to-be-continuous/doc

docker.io/sonarsource/sonar-scanner-cli:latest (amazon 2023.9.20250929 (Amazon Linux))¶

Trivy Image Scan

Image: docker.io/sonarsource/sonar-scanner-cli:latest (amazon 2023.9.20250929 (Amazon Linux))
Scan date: 2025-11-19

docker.io/sonarsource/sonar-scanner-cli:latest (amazon 2023.9.20250929 (Amazon Linux)) (amazon)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
java-17-amazon-corretto	CVE-2025-53057	MEDIUM	1:17.0.16+8-1.amzn2023.1	1:17.0.17+10-1.amzn2023.1	https://access.redhat.com/errata/RHSA-2025:18824 https://access.redhat.com/security/cve/CVE-2025-53057 https://errata.almalinux.org/9/ALSA-2025-18824.html https://linux.oracle.com/cve/CVE-2025-53057.html https://linux.oracle.com/errata/ELSA-2025-18824.html https://lists.debian.org/debian-lts-announce/2025/10/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2025-53057 https://openjdk.org/groups/vulnerability/advisories/2025-10-21 https://www.cve.org/CVERecord?id=CVE-2025-53057 https://www.oracle.com/security-alerts/cpuoct2025.html
java-17-amazon-corretto	CVE-2025-53066	MEDIUM	1:17.0.16+8-1.amzn2023.1	1:17.0.17+10-1.amzn2023.1	https://access.redhat.com/errata/RHSA-2025:18824 https://access.redhat.com/security/cve/CVE-2025-53066 https://errata.almalinux.org/9/ALSA-2025-18824.html https://linux.oracle.com/cve/CVE-2025-53066.html https://linux.oracle.com/errata/ELSA-2025-18824.html https://lists.debian.org/debian-lts-announce/2025/10/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2025-53066 https://openjdk.org/groups/vulnerability/advisories/2025-10-21 https://www.cve.org/CVERecord?id=CVE-2025-53066 https://www.oracle.com/security-alerts/cpuoct2025.html
java-17-amazon-corretto-devel	CVE-2025-53057	MEDIUM	1:17.0.16+8-1.amzn2023.1	1:17.0.17+10-1.amzn2023.1	https://access.redhat.com/errata/RHSA-2025:18824 https://access.redhat.com/security/cve/CVE-2025-53057 https://errata.almalinux.org/9/ALSA-2025-18824.html https://linux.oracle.com/cve/CVE-2025-53057.html https://linux.oracle.com/errata/ELSA-2025-18824.html https://lists.debian.org/debian-lts-announce/2025/10/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2025-53057 https://openjdk.org/groups/vulnerability/advisories/2025-10-21 https://www.cve.org/CVERecord?id=CVE-2025-53057 https://www.oracle.com/security-alerts/cpuoct2025.html
java-17-amazon-corretto-devel	CVE-2025-53066	MEDIUM	1:17.0.16+8-1.amzn2023.1	1:17.0.17+10-1.amzn2023.1	https://access.redhat.com/errata/RHSA-2025:18824 https://access.redhat.com/security/cve/CVE-2025-53066 https://errata.almalinux.org/9/ALSA-2025-18824.html https://linux.oracle.com/cve/CVE-2025-53066.html https://linux.oracle.com/errata/ELSA-2025-18824.html https://lists.debian.org/debian-lts-announce/2025/10/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2025-53066 https://openjdk.org/groups/vulnerability/advisories/2025-10-21 https://www.cve.org/CVERecord?id=CVE-2025-53066 https://www.oracle.com/security-alerts/cpuoct2025.html
java-17-amazon-corretto-headless	CVE-2025-53057	MEDIUM	1:17.0.16+8-1.amzn2023.1	1:17.0.17+10-1.amzn2023.1	https://access.redhat.com/errata/RHSA-2025:18824 https://access.redhat.com/security/cve/CVE-2025-53057 https://errata.almalinux.org/9/ALSA-2025-18824.html https://linux.oracle.com/cve/CVE-2025-53057.html https://linux.oracle.com/errata/ELSA-2025-18824.html https://lists.debian.org/debian-lts-announce/2025/10/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2025-53057 https://openjdk.org/groups/vulnerability/advisories/2025-10-21 https://www.cve.org/CVERecord?id=CVE-2025-53057 https://www.oracle.com/security-alerts/cpuoct2025.html
java-17-amazon-corretto-headless	CVE-2025-53066	MEDIUM	1:17.0.16+8-1.amzn2023.1	1:17.0.17+10-1.amzn2023.1	https://access.redhat.com/errata/RHSA-2025:18824 https://access.redhat.com/security/cve/CVE-2025-53066 https://errata.almalinux.org/9/ALSA-2025-18824.html https://linux.oracle.com/cve/CVE-2025-53066.html https://linux.oracle.com/errata/ELSA-2025-18824.html https://lists.debian.org/debian-lts-announce/2025/10/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2025-53066 https://openjdk.org/groups/vulnerability/advisories/2025-10-21 https://www.cve.org/CVERecord?id=CVE-2025-53066 https://www.oracle.com/security-alerts/cpuoct2025.html
java-17-amazon-corretto-jmods	CVE-2025-53057	MEDIUM	1:17.0.16+8-1.amzn2023.1	1:17.0.17+10-1.amzn2023.1	https://access.redhat.com/errata/RHSA-2025:18824 https://access.redhat.com/security/cve/CVE-2025-53057 https://errata.almalinux.org/9/ALSA-2025-18824.html https://linux.oracle.com/cve/CVE-2025-53057.html https://linux.oracle.com/errata/ELSA-2025-18824.html https://lists.debian.org/debian-lts-announce/2025/10/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2025-53057 https://openjdk.org/groups/vulnerability/advisories/2025-10-21 https://www.cve.org/CVERecord?id=CVE-2025-53057 https://www.oracle.com/security-alerts/cpuoct2025.html
java-17-amazon-corretto-jmods	CVE-2025-53066	MEDIUM	1:17.0.16+8-1.amzn2023.1	1:17.0.17+10-1.amzn2023.1	https://access.redhat.com/errata/RHSA-2025:18824 https://access.redhat.com/security/cve/CVE-2025-53066 https://errata.almalinux.org/9/ALSA-2025-18824.html https://linux.oracle.com/cve/CVE-2025-53066.html https://linux.oracle.com/errata/ELSA-2025-18824.html https://lists.debian.org/debian-lts-announce/2025/10/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2025-53066 https://openjdk.org/groups/vulnerability/advisories/2025-10-21 https://www.cve.org/CVERecord?id=CVE-2025-53066 https://www.oracle.com/security-alerts/cpuoct2025.html
libcap	CVE-2025-58183	HIGH	2.73-1.amzn2023.0.3	2.73-1.amzn2023.0.4	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-58183 https://go.dev/cl/709861 https://go.dev/issue/75677 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58183 https://pkg.go.dev/vuln/GO-2025-4014 https://www.cve.org/CVERecord?id=CVE-2025-58183
libcap	CVE-2025-58185	HIGH	2.73-1.amzn2023.0.3	2.73-1.amzn2023.0.4	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-58185 https://github.com/golang/go/commit/8709a41d5ef7321f486a1857f189c3fee20e8edd https://go.dev/cl/709856 https://go.dev/issue/75671 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58185 https://pkg.go.dev/vuln/GO-2025-4011 https://www.cve.org/CVERecord?id=CVE-2025-58185
libcap	CVE-2025-58186	HIGH	2.73-1.amzn2023.0.3	2.73-1.amzn2023.0.4	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://go.dev/cl/709855 https://go.dev/issue/75672 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58186 https://pkg.go.dev/vuln/GO-2025-4012
libcap	CVE-2025-58188	HIGH	2.73-1.amzn2023.0.3	2.73-1.amzn2023.0.4	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://go.dev/cl/709853 https://go.dev/issue/75675 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58188 https://pkg.go.dev/vuln/GO-2025-4013
libcap	CVE-2025-61723	HIGH	2.73-1.amzn2023.0.3	2.73-1.amzn2023.0.4	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-61723 https://github.com/golang/go/commit/5ce8cd16f3859ec5ac4106ad8ec15d6236f4501b https://go.dev/cl/709858 https://go.dev/issue/75676 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-61723 https://pkg.go.dev/vuln/GO-2025-4009 https://www.cve.org/CVERecord?id=CVE-2025-61723
libcap	CVE-2025-61725	HIGH	2.73-1.amzn2023.0.3	2.73-1.amzn2023.0.4	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-61725 https://go.dev/cl/709860 https://go.dev/issue/75680 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-61725 https://pkg.go.dev/vuln/GO-2025-4006 https://www.cve.org/CVERecord?id=CVE-2025-61725
pam	CVE-2025-8941	MEDIUM	1.5.1-8.amzn2023.0.6	1.5.1-8.amzn2023.0.7	https://access.redhat.com/errata/RHSA-2025:14557 https://access.redhat.com/errata/RHSA-2025:15099 https://access.redhat.com/errata/RHSA-2025:15100 https://access.redhat.com/errata/RHSA-2025:15101 https://access.redhat.com/errata/RHSA-2025:15102 https://access.redhat.com/errata/RHSA-2025:15103 https://access.redhat.com/errata/RHSA-2025:15104 https://access.redhat.com/errata/RHSA-2025:15105 https://access.redhat.com/errata/RHSA-2025:15106 https://access.redhat.com/errata/RHSA-2025:15107 https://access.redhat.com/errata/RHSA-2025:15709 https://access.redhat.com/errata/RHSA-2025:15827 https://access.redhat.com/errata/RHSA-2025:15828 https://access.redhat.com/errata/RHSA-2025:16524 https://access.redhat.com/errata/RHSA-2025:17181 https://access.redhat.com/errata/RHSA-2025:18219 https://access.redhat.com/security/cve/CVE-2025-8941 https://bugzilla.redhat.com/2372512 https://bugzilla.redhat.com/2388220 https://bugzilla.redhat.com/show_bug.cgi?id=2372512 https://bugzilla.redhat.com/show_bug.cgi?id=2388220 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8941 https://errata.almalinux.org/9/ALSA-2025-15099.html https://errata.rockylinux.org/RLSA-2025:14557 https://linux.oracle.com/cve/CVE-2025-8941.html https://linux.oracle.com/errata/ELSA-2025-15099.html https://nvd.nist.gov/vuln/detail/CVE-2025-8941 https://www.cve.org/CVERecord?id=CVE-2025-8941
python3	CVE-2025-8291	MEDIUM	3.9.23-1.amzn2023.0.3	3.9.24-1.amzn2023.0.3	https://access.redhat.com/security/cve/CVE-2025-8291 https://github.com/google/security-research/security/advisories/GHSA-hhv7-p4pg-wm6p https://github.com/psf/advisory-database/blob/main/advisories/python/PSF-2025-12.json https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267 https://github.com/python/cpython/commit/1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46 https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6 https://github.com/python/cpython/commit/76437ac248ad8ca44e9bf697b02b1e2241df2196 https://github.com/python/cpython/commit/8392b2f0d35678407d9ce7d95655a5b77de161b4 https://github.com/python/cpython/commit/bca11ae7d575d87ed93f5dd6a313be6246e3e388 https://github.com/python/cpython/commit/d11e69d6203080e3ec450446bfed0516727b85c3 https://github.com/python/cpython/issues/139700 https://github.com/python/cpython/pull/139702 https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/ https://nvd.nist.gov/vuln/detail/CVE-2025-8291 https://www.cve.org/CVERecord?id=CVE-2025-8291
python3-libs	CVE-2025-8291	MEDIUM	3.9.23-1.amzn2023.0.3	3.9.24-1.amzn2023.0.3	https://access.redhat.com/security/cve/CVE-2025-8291 https://github.com/google/security-research/security/advisories/GHSA-hhv7-p4pg-wm6p https://github.com/psf/advisory-database/blob/main/advisories/python/PSF-2025-12.json https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267 https://github.com/python/cpython/commit/1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46 https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6 https://github.com/python/cpython/commit/76437ac248ad8ca44e9bf697b02b1e2241df2196 https://github.com/python/cpython/commit/8392b2f0d35678407d9ce7d95655a5b77de161b4 https://github.com/python/cpython/commit/bca11ae7d575d87ed93f5dd6a313be6246e3e388 https://github.com/python/cpython/commit/d11e69d6203080e3ec450446bfed0516727b85c3 https://github.com/python/cpython/issues/139700 https://github.com/python/cpython/pull/139702 https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/ https://nvd.nist.gov/vuln/detail/CVE-2025-8291 https://www.cve.org/CVERecord?id=CVE-2025-8291
No Misconfigurations found

Java (jar)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
ch.qos.logback:logback-core	CVE-2025-11226	MEDIUM	1.5.18	1.5.19, 1.3.16	https://access.redhat.com/security/cve/CVE-2025-11226 https://github.com/qos-ch/logback https://github.com/qos-ch/logback/commit/61f6a2544f36b3016e0efd434ee21f19269f1df7 https://github.com/qos-ch/logback/issues/974 https://github.com/qos-ch/logback/releases/tag/v_1.5.19 https://logback.qos.ch/news.html#1.3.16 https://logback.qos.ch/news.html#1.5.19 https://nvd.nist.gov/vuln/detail/CVE-2025-11226 https://www.cve.org/CVERecord?id=CVE-2025-11226
No Misconfigurations found