Skip to content

docker.io/aquasec/tfsec-ci (alpine 3.21.3)

Trivy Image Scan

  • Image: docker.io/aquasec/tfsec-ci (alpine 3.21.3)
  • Scan date: 2025-09-13

docker.io/aquasec/tfsec-ci (alpine 3.21.3) (alpine)

Package Vulnerability ID Severity Installed Version Fixed Version Links
git CVE-2025-46334 HIGH 2.47.2-r0 2.47.3-r0 https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a1ccd2512072cf52835050f4c97a4fba9f0ec8f9 https://github.com/j6t/git-gui/security/advisories/GHSA-7px4-9hg2-fvhx
git CVE-2025-48384 HIGH 2.47.2-r0 2.47.3-r0 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-48384 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://dgl.cx/2025/07/git-clone-submodule-cve-2025-48384 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/git/git/commit/05e9cd64ee23bbadcea6bcffd6660ed02b8eab89 https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9 https://linux.oracle.com/cve/CVE-2025-48384.html https://linux.oracle.com/errata/ELSA-2025-11688.html https://nvd.nist.gov/vuln/detail/CVE-2025-48384 https://ubuntu.com/security/notices/USN-7626-1 https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cve.org/CVERecord?id=CVE-2025-48384 https://www.openwall.com/lists/oss-security/2025/07/08/4
git CVE-2025-48385 HIGH 2.47.2-r0 2.47.3-r0 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-48385 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655 https://linux.oracle.com/cve/CVE-2025-48385.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://nvd.nist.gov/vuln/detail/CVE-2025-48385 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-48385 https://www.openwall.com/lists/oss-security/2025/07/08/4
git CVE-2025-27613 MEDIUM 2.47.2-r0 2.47.3-r0 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-27613 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5 https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652 https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v https://linux.oracle.com/cve/CVE-2025-27613.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/ https://nvd.nist.gov/vuln/detail/CVE-2025-27613 https://ubuntu.com/security/notices/USN-7626-1 https://ubuntu.com/security/notices/USN-7626-2 https://ubuntu.com/security/notices/USN-7626-3 https://www.cve.org/CVERecord?id=CVE-2025-27613 https://www.openwall.com/lists/oss-security/2025/07/08/4
git CVE-2025-27614 MEDIUM 2.47.2-r0 2.47.3-r0 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-27614 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129 https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc https://linux.oracle.com/cve/CVE-2025-27614.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/ https://nvd.nist.gov/vuln/detail/CVE-2025-27614 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-27614 https://www.openwall.com/lists/oss-security/2025/07/08/4
git CVE-2025-48386 MEDIUM 2.47.2-r0 2.47.3-r0 https://access.redhat.com/security/cve/CVE-2025-48386 https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr https://nvd.nist.gov/vuln/detail/CVE-2025-48386 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-48386 https://www.openwall.com/lists/oss-security/2025/07/08/4
git CVE-2025-46835 LOW 2.47.2-r0 2.47.3-r0 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-46835 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg https://linux.oracle.com/cve/CVE-2025-46835.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://nvd.nist.gov/vuln/detail/CVE-2025-46835 https://ubuntu.com/security/notices/USN-7626-1 https://ubuntu.com/security/notices/USN-7626-2 https://ubuntu.com/security/notices/USN-7626-3 https://www.cve.org/CVERecord?id=CVE-2025-46835 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-46334 HIGH 2.47.2-r0 2.47.3-r0 https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a1ccd2512072cf52835050f4c97a4fba9f0ec8f9 https://github.com/j6t/git-gui/security/advisories/GHSA-7px4-9hg2-fvhx
git-init-template CVE-2025-48384 HIGH 2.47.2-r0 2.47.3-r0 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-48384 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://dgl.cx/2025/07/git-clone-submodule-cve-2025-48384 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/git/git/commit/05e9cd64ee23bbadcea6bcffd6660ed02b8eab89 https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9 https://linux.oracle.com/cve/CVE-2025-48384.html https://linux.oracle.com/errata/ELSA-2025-11688.html https://nvd.nist.gov/vuln/detail/CVE-2025-48384 https://ubuntu.com/security/notices/USN-7626-1 https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cve.org/CVERecord?id=CVE-2025-48384 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-48385 HIGH 2.47.2-r0 2.47.3-r0 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-48385 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655 https://linux.oracle.com/cve/CVE-2025-48385.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://nvd.nist.gov/vuln/detail/CVE-2025-48385 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-48385 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-27613 MEDIUM 2.47.2-r0 2.47.3-r0 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-27613 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5 https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652 https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v https://linux.oracle.com/cve/CVE-2025-27613.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/ https://nvd.nist.gov/vuln/detail/CVE-2025-27613 https://ubuntu.com/security/notices/USN-7626-1 https://ubuntu.com/security/notices/USN-7626-2 https://ubuntu.com/security/notices/USN-7626-3 https://www.cve.org/CVERecord?id=CVE-2025-27613 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-27614 MEDIUM 2.47.2-r0 2.47.3-r0 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-27614 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129 https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc https://linux.oracle.com/cve/CVE-2025-27614.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/ https://nvd.nist.gov/vuln/detail/CVE-2025-27614 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-27614 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-48386 MEDIUM 2.47.2-r0 2.47.3-r0 https://access.redhat.com/security/cve/CVE-2025-48386 https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr https://nvd.nist.gov/vuln/detail/CVE-2025-48386 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-48386 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-46835 LOW 2.47.2-r0 2.47.3-r0 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-46835 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg https://linux.oracle.com/cve/CVE-2025-46835.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://nvd.nist.gov/vuln/detail/CVE-2025-46835 https://ubuntu.com/security/notices/USN-7626-1 https://ubuntu.com/security/notices/USN-7626-2 https://ubuntu.com/security/notices/USN-7626-3 https://www.cve.org/CVERecord?id=CVE-2025-46835 https://www.openwall.com/lists/oss-security/2025/07/08/4
No Misconfigurations found

usr/bin/tfsec (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/cloudflare/circl CVE-2025-8556 LOW v1.3.7 1.6.1 https://access.redhat.com/security/cve/CVE-2025-8556 https://bugzilla.redhat.com/show_bug.cgi?id=2371624 https://github.com/cloudflare/circl https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm https://github.com/cloudflare/circl/tree/v1.6.1 https://nvd.nist.gov/vuln/detail/CVE-2025-8556 https://www.cve.org/CVERecord?id=CVE-2025-8556
github.com/hashicorp/go-getter CVE-2025-8959 HIGH v1.7.5 1.7.9 https://access.redhat.com/security/cve/CVE-2025-8959 https://discuss.hashicorp.com/t/hcsec-2025-23-hashicorp-go-getter-vulnerable-to-arbitrary-read-through-symlink-attack/76242 https://github.com/hashicorp/go-getter https://github.com/hashicorp/go-getter/commit/87541b2501c00df5eaedea6acc61a2a4a4efa5b7 https://github.com/hashicorp/go-getter/pull/540 https://nvd.nist.gov/vuln/detail/CVE-2025-8959 https://pkg.go.dev/vuln/GO-2025-3892 https://www.cve.org/CVERecord?id=CVE-2025-8959
github.com/open-policy-agent/opa CVE-2025-46569 HIGH v0.68.0 1.4.0 https://access.redhat.com/security/cve/CVE-2025-46569 https://github.com/open-policy-agent/opa https://github.com/open-policy-agent/opa/commit/ad2063247a14711882f18c387a511fc8094aa79c https://github.com/open-policy-agent/opa/security/advisories/GHSA-6m8w-jc87-6cr7 https://nvd.nist.gov/vuln/detail/CVE-2025-46569 https://pkg.go.dev/vuln/GO-2025-3660 https://www.cve.org/CVERecord?id=CVE-2025-46569
github.com/ulikunitz/xz CVE-2025-58058 MEDIUM v0.5.10 0.5.15 https://access.redhat.com/security/cve/CVE-2025-58058 https://github.com/ulikunitz/xz https://github.com/ulikunitz/xz/commit/88ddf1d0d98d688db65de034f48960b2760d2ae2 https://github.com/ulikunitz/xz/security/advisories/GHSA-jc7w-c686-c4v9 https://nvd.nist.gov/vuln/detail/CVE-2025-58058 https://www.cve.org/CVERecord?id=CVE-2025-58058
golang.org/x/oauth2 CVE-2025-22868 HIGH v0.21.0 0.27.0 https://access.redhat.com/security/cve/CVE-2025-22868 https://go.dev/cl/652155 https://go.dev/issue/71490 https://nvd.nist.gov/vuln/detail/CVE-2025-22868 https://pkg.go.dev/vuln/GO-2025-3488 https://www.cve.org/CVERecord?id=CVE-2025-22868
stdlib CVE-2025-22874 HIGH v1.24.1 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-47907 HIGH v1.24.1 1.23.12, 1.24.6 https://access.redhat.com/security/cve/CVE-2025-47907 https://go.dev/cl/693735 https://go.dev/issue/74831 https://groups.google.com/g/golang-announce/c/x5MKroML2yM https://nvd.nist.gov/vuln/detail/CVE-2025-47907 https://pkg.go.dev/vuln/GO-2025-3849 https://www.cve.org/CVERecord?id=CVE-2025-47907
stdlib CVE-2025-0913 MEDIUM v1.24.1 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-22871 MEDIUM v1.24.1 1.23.8, 1.24.2 http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/errata/RHSA-2025:9635 https://access.redhat.com/security/cve/CVE-2025-22871 https://bugzilla.redhat.com/2358493 https://bugzilla.redhat.com/show_bug.cgi?id=2358493 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22871 https://errata.almalinux.org/9/ALSA-2025-9635.html https://errata.rockylinux.org/RLSA-2025:9845 https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://linux.oracle.com/cve/CVE-2025-22871.html https://linux.oracle.com/errata/ELSA-2025-9845.html https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
stdlib CVE-2025-4673 MEDIUM v1.24.1 1.23.10, 1.24.4 https://access.redhat.com/errata/RHSA-2025:10676 https://access.redhat.com/security/cve/CVE-2025-4673 https://bugzilla.redhat.com/2373305 https://errata.almalinux.org/9/ALSA-2025-10676.html https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://linux.oracle.com/cve/CVE-2025-4673.html https://linux.oracle.com/errata/ELSA-2025-10677.html https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
No Misconfigurations found