Skip to content

docker.io/aquasec/tfsec-ci (alpine 3.21.3)

Trivy Image Scan

  • Image: docker.io/aquasec/tfsec-ci (alpine 3.21.3)
  • Scan date: 2025-11-19

docker.io/aquasec/tfsec-ci (alpine 3.21.3) (alpine)

Package Vulnerability ID Severity Installed Version Fixed Version Links
git CVE-2025-46334 HIGH 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a1ccd2512072cf52835050f4c97a4fba9f0ec8f9 https://github.com/j6t/git-gui/security/advisories/GHSA-7px4-9hg2-fvhx
git CVE-2025-48384 HIGH 2.47.2-r0 2.47.3-r0 http://seclists.org/fulldisclosure/2025/Sep/60 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-48384 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://dgl.cx/2025/07/git-clone-submodule-cve-2025-48384 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/git/git/commit/05e9cd64ee23bbadcea6bcffd6660ed02b8eab89 https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9 https://linux.oracle.com/cve/CVE-2025-48384.html https://linux.oracle.com/errata/ELSA-2025-11688.html https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html https://nvd.nist.gov/vuln/detail/CVE-2025-48384 https://ubuntu.com/security/notices/USN-7626-1 https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-48384 https://www.cve.org/CVERecord?id=CVE-2025-48384 https://www.openwall.com/lists/oss-security/2025/07/08/4
git CVE-2025-48385 HIGH 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-48385 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655 https://linux.oracle.com/cve/CVE-2025-48385.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://nvd.nist.gov/vuln/detail/CVE-2025-48385 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-48385 https://www.openwall.com/lists/oss-security/2025/07/08/4
git CVE-2025-27613 MEDIUM 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-27613 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5 https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652 https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v https://linux.oracle.com/cve/CVE-2025-27613.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/ https://nvd.nist.gov/vuln/detail/CVE-2025-27613 https://ubuntu.com/security/notices/USN-7626-1 https://ubuntu.com/security/notices/USN-7626-2 https://ubuntu.com/security/notices/USN-7626-3 https://www.cve.org/CVERecord?id=CVE-2025-27613 https://www.openwall.com/lists/oss-security/2025/07/08/4
git CVE-2025-27614 MEDIUM 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-27614 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129 https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc https://linux.oracle.com/cve/CVE-2025-27614.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/ https://nvd.nist.gov/vuln/detail/CVE-2025-27614 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-27614 https://www.openwall.com/lists/oss-security/2025/07/08/4
git CVE-2025-48386 MEDIUM 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/security/cve/CVE-2025-48386 https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr https://nvd.nist.gov/vuln/detail/CVE-2025-48386 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-48386 https://www.openwall.com/lists/oss-security/2025/07/08/4
git CVE-2025-46835 LOW 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-46835 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg https://linux.oracle.com/cve/CVE-2025-46835.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html https://nvd.nist.gov/vuln/detail/CVE-2025-46835 https://ubuntu.com/security/notices/USN-7626-1 https://ubuntu.com/security/notices/USN-7626-2 https://ubuntu.com/security/notices/USN-7626-3 https://www.cve.org/CVERecord?id=CVE-2025-46835 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-46334 HIGH 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a1ccd2512072cf52835050f4c97a4fba9f0ec8f9 https://github.com/j6t/git-gui/security/advisories/GHSA-7px4-9hg2-fvhx
git-init-template CVE-2025-48384 HIGH 2.47.2-r0 2.47.3-r0 http://seclists.org/fulldisclosure/2025/Sep/60 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-48384 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://dgl.cx/2025/07/git-clone-submodule-cve-2025-48384 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/git/git/commit/05e9cd64ee23bbadcea6bcffd6660ed02b8eab89 https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9 https://linux.oracle.com/cve/CVE-2025-48384.html https://linux.oracle.com/errata/ELSA-2025-11688.html https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html https://nvd.nist.gov/vuln/detail/CVE-2025-48384 https://ubuntu.com/security/notices/USN-7626-1 https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-48384 https://www.cve.org/CVERecord?id=CVE-2025-48384 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-48385 HIGH 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-48385 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655 https://linux.oracle.com/cve/CVE-2025-48385.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://nvd.nist.gov/vuln/detail/CVE-2025-48385 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-48385 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-27613 MEDIUM 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-27613 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5 https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652 https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v https://linux.oracle.com/cve/CVE-2025-27613.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/ https://nvd.nist.gov/vuln/detail/CVE-2025-27613 https://ubuntu.com/security/notices/USN-7626-1 https://ubuntu.com/security/notices/USN-7626-2 https://ubuntu.com/security/notices/USN-7626-3 https://www.cve.org/CVERecord?id=CVE-2025-27613 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-27614 MEDIUM 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-27614 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129 https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc https://linux.oracle.com/cve/CVE-2025-27614.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://lore.kernel.org/git/xmqq5xg2wrd1.fsf@gitster.g/ https://nvd.nist.gov/vuln/detail/CVE-2025-27614 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-27614 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-48386 MEDIUM 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/security/cve/CVE-2025-48386 https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr https://nvd.nist.gov/vuln/detail/CVE-2025-48386 https://ubuntu.com/security/notices/USN-7626-1 https://www.cve.org/CVERecord?id=CVE-2025-48386 https://www.openwall.com/lists/oss-security/2025/07/08/4
git-init-template CVE-2025-46835 LOW 2.47.2-r0 2.47.3-r0 http://www.openwall.com/lists/oss-security/2025/07/08/4 https://access.redhat.com/errata/RHSA-2025:11462 https://access.redhat.com/security/cve/CVE-2025-46835 https://bugzilla.redhat.com/2337824 https://bugzilla.redhat.com/2337956 https://bugzilla.redhat.com/2378806 https://bugzilla.redhat.com/2378808 https://bugzilla.redhat.com/2379124 https://bugzilla.redhat.com/2379125 https://bugzilla.redhat.com/2379326 https://bugzilla.redhat.com/show_bug.cgi?id=2337824 https://bugzilla.redhat.com/show_bug.cgi?id=2337956 https://bugzilla.redhat.com/show_bug.cgi?id=2378806 https://bugzilla.redhat.com/show_bug.cgi?id=2378808 https://bugzilla.redhat.com/show_bug.cgi?id=2379124 https://bugzilla.redhat.com/show_bug.cgi?id=2379125 https://bugzilla.redhat.com/show_bug.cgi?id=2379326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48385 https://errata.almalinux.org/9/ALSA-2025-11462.html https://errata.rockylinux.org/RLSA-2025:11534 https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg https://linux.oracle.com/cve/CVE-2025-46835.html https://linux.oracle.com/errata/ELSA-2025-11534.html https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html https://nvd.nist.gov/vuln/detail/CVE-2025-46835 https://ubuntu.com/security/notices/USN-7626-1 https://ubuntu.com/security/notices/USN-7626-2 https://ubuntu.com/security/notices/USN-7626-3 https://www.cve.org/CVERecord?id=CVE-2025-46835 https://www.openwall.com/lists/oss-security/2025/07/08/4
libcrypto3 CVE-2025-9230 MEDIUM 3.3.3-r0 3.3.5-r0 http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9230 https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45 https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280 https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482 https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3 https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9230
libcrypto3 CVE-2025-9231 MEDIUM 3.3.3-r0 3.3.5-r0 http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9231 https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698 https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4 https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2 https://nvd.nist.gov/vuln/detail/CVE-2025-9231 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9231
libcrypto3 CVE-2025-9232 LOW 3.3.3-r0 3.3.5-r0 http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9232 https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35 https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3 https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9232
libcurl CVE-2025-10148 MEDIUM 8.12.1-r1 8.14.1-r2 http://www.openwall.com/lists/oss-security/2025/09/10/2 http://www.openwall.com/lists/oss-security/2025/09/10/3 http://www.openwall.com/lists/oss-security/2025/09/10/4 https://access.redhat.com/security/cve/CVE-2025-10148 https://curl.se/docs/CVE-2025-10148.html https://curl.se/docs/CVE-2025-10148.json https://hackerone.com/reports/3330839 https://nvd.nist.gov/vuln/detail/CVE-2025-10148 https://www.cve.org/CVERecord?id=CVE-2025-10148
libcurl CVE-2025-4947 MEDIUM 8.12.1-r1 8.14.0-r0 http://www.openwall.com/lists/oss-security/2025/05/28/4 https://access.redhat.com/security/cve/CVE-2025-4947 https://curl.se/docs/CVE-2025-4947.html https://curl.se/docs/CVE-2025-4947.json https://hackerone.com/reports/3150884 https://nvd.nist.gov/vuln/detail/CVE-2025-4947 https://www.cve.org/CVERecord?id=CVE-2025-4947
libcurl CVE-2025-5025 MEDIUM 8.12.1-r1 8.14.0-r0 http://www.openwall.com/lists/oss-security/2025/05/28/5 https://access.redhat.com/security/cve/CVE-2025-5025 https://curl.se/docs/CVE-2025-5025.html https://curl.se/docs/CVE-2025-5025.json https://hackerone.com/reports/3153497 https://nvd.nist.gov/vuln/detail/CVE-2025-5025 https://www.cve.org/CVERecord?id=CVE-2025-5025
libcurl CVE-2025-5399 MEDIUM 8.12.1-r1 8.14.1-r0 http://www.openwall.com/lists/oss-security/2025/06/04/2 https://access.redhat.com/errata/RHSA-2025:16046 https://access.redhat.com/security/cve/CVE-2025-5399 https://bugzilla.redhat.com/2359885 https://bugzilla.redhat.com/2359888 https://bugzilla.redhat.com/2359892 https://bugzilla.redhat.com/2359894 https://bugzilla.redhat.com/2359895 https://bugzilla.redhat.com/2359899 https://bugzilla.redhat.com/2359900 https://bugzilla.redhat.com/2359902 https://bugzilla.redhat.com/2359903 https://bugzilla.redhat.com/2359911 https://bugzilla.redhat.com/2359918 https://bugzilla.redhat.com/2359920 https://bugzilla.redhat.com/2359924 https://bugzilla.redhat.com/2359928 https://bugzilla.redhat.com/2359930 https://bugzilla.redhat.com/2359932 https://bugzilla.redhat.com/2359934 https://bugzilla.redhat.com/2359938 https://bugzilla.redhat.com/2359940 https://bugzilla.redhat.com/2359943 https://bugzilla.redhat.com/2359944 https://bugzilla.redhat.com/2359945 https://bugzilla.redhat.com/2359947 https://bugzilla.redhat.com/2359950 https://bugzilla.redhat.com/2359963 https://bugzilla.redhat.com/2359964 https://bugzilla.redhat.com/2359972 https://bugzilla.redhat.com/2370920 https://bugzilla.redhat.com/2380264 https://bugzilla.redhat.com/2380273 https://bugzilla.redhat.com/2380274 https://bugzilla.redhat.com/2380278 https://bugzilla.redhat.com/2380280 https://bugzilla.redhat.com/2380283 https://bugzilla.redhat.com/2380284 https://bugzilla.redhat.com/2380290 https://bugzilla.redhat.com/2380291 https://bugzilla.redhat.com/2380295 https://bugzilla.redhat.com/2380298 https://bugzilla.redhat.com/2380306 https://bugzilla.redhat.com/2380308 https://bugzilla.redhat.com/2380309 https://bugzilla.redhat.com/2380310 https://bugzilla.redhat.com/2380312 https://bugzilla.redhat.com/2380313 https://bugzilla.redhat.com/2380320 https://bugzilla.redhat.com/2380321 https://bugzilla.redhat.com/2380322 https://bugzilla.redhat.com/2380326 https://bugzilla.redhat.com/2380327 https://bugzilla.redhat.com/2380334 https://bugzilla.redhat.com/2380335 https://bugzilla.redhat.com/show_bug.cgi?id=2338999 https://bugzilla.redhat.com/show_bug.cgi?id=2359885 https://bugzilla.redhat.com/show_bug.cgi?id=2359888 https://bugzilla.redhat.com/show_bug.cgi?id=2359892 https://bugzilla.redhat.com/show_bug.cgi?id=2359894 https://bugzilla.redhat.com/show_bug.cgi?id=2359895 https://bugzilla.redhat.com/show_bug.cgi?id=2359899 https://bugzilla.redhat.com/show_bug.cgi?id=2359900 https://bugzilla.redhat.com/show_bug.cgi?id=2359902 https://bugzilla.redhat.com/show_bug.cgi?id=2359903 https://bugzilla.redhat.com/show_bug.cgi?id=2359911 https://bugzilla.redhat.com/show_bug.cgi?id=2359918 https://bugzilla.redhat.com/show_bug.cgi?id=2359920 https://bugzilla.redhat.com/show_bug.cgi?id=2359924 https://bugzilla.redhat.com/show_bug.cgi?id=2359928 https://bugzilla.redhat.com/show_bug.cgi?id=2359930 https://bugzilla.redhat.com/show_bug.cgi?id=2359932 https://bugzilla.redhat.com/show_bug.cgi?id=2359934 https://bugzilla.redhat.com/show_bug.cgi?id=2359938 https://bugzilla.redhat.com/show_bug.cgi?id=2359940 https://bugzilla.redhat.com/show_bug.cgi?id=2359943 https://bugzilla.redhat.com/show_bug.cgi?id=2359944 https://bugzilla.redhat.com/show_bug.cgi?id=2359945 https://bugzilla.redhat.com/show_bug.cgi?id=2359947 https://bugzilla.redhat.com/show_bug.cgi?id=2359950 https://bugzilla.redhat.com/show_bug.cgi?id=2359963 https://bugzilla.redhat.com/show_bug.cgi?id=2359964 https://bugzilla.redhat.com/show_bug.cgi?id=2359972 https://bugzilla.redhat.com/show_bug.cgi?id=2370920 https://bugzilla.redhat.com/show_bug.cgi?id=2380264 https://bugzilla.redhat.com/show_bug.cgi?id=2380273 https://bugzilla.redhat.com/show_bug.cgi?id=2380274 https://bugzilla.redhat.com/show_bug.cgi?id=2380278 https://bugzilla.redhat.com/show_bug.cgi?id=2380280 https://bugzilla.redhat.com/show_bug.cgi?id=2380283 https://bugzilla.redhat.com/show_bug.cgi?id=2380284 https://bugzilla.redhat.com/show_bug.cgi?id=2380290 https://bugzilla.redhat.com/show_bug.cgi?id=2380291 https://bugzilla.redhat.com/show_bug.cgi?id=2380295 https://bugzilla.redhat.com/show_bug.cgi?id=2380298 https://bugzilla.redhat.com/show_bug.cgi?id=2380306 https://bugzilla.redhat.com/show_bug.cgi?id=2380308 https://bugzilla.redhat.com/show_bug.cgi?id=2380309 https://bugzilla.redhat.com/show_bug.cgi?id=2380310 https://bugzilla.redhat.com/show_bug.cgi?id=2380312 https://bugzilla.redhat.com/show_bug.cgi?id=2380313 https://bugzilla.redhat.com/show_bug.cgi?id=2380320 https://bugzilla.redhat.com/show_bug.cgi?id=2380321 https://bugzilla.redhat.com/show_bug.cgi?id=2380322 https://bugzilla.redhat.com/show_bug.cgi?id=2380326 https://bugzilla.redhat.com/show_bug.cgi?id=2380327 https://bugzilla.redhat.com/show_bug.cgi?id=2380334 https://bugzilla.redhat.com/show_bug.cgi?id=2380335 https://curl.se/docs/CVE-2025-5399.html https://curl.se/docs/CVE-2025-5399.json https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21574 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21575 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21577 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21579 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21580 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21581 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21584 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21585 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21588 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30681 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30682 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30683 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30684 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30685 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30687 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30688 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30689 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30693 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30695 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30696 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30699 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30704 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30715 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30721 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30722 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50083 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50085 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50088 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50091 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50092 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50093 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50094 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50096 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50097 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50098 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50099 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50100 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50101 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50102 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50104 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5399 https://errata.almalinux.org/9/ALSA-2025-16046.html https://errata.rockylinux.org/RLSA-2025:15699 https://hackerone.com/reports/3168039 https://linux.oracle.com/cve/CVE-2025-5399.html https://linux.oracle.com/errata/ELSA-2025-16046.html https://nvd.nist.gov/vuln/detail/CVE-2025-5399 https://www.cve.org/CVERecord?id=CVE-2025-5399 https://www.oracle.com/security-alerts/cpujul2025.html#AppendixMSQL
libcurl CVE-2025-9086 MEDIUM 8.12.1-r1 8.14.1-r2 http://www.openwall.com/lists/oss-security/2025/09/10/1 https://access.redhat.com/security/cve/CVE-2025-9086 https://curl.se/docs/CVE-2025-9086.html https://curl.se/docs/CVE-2025-9086.json https://github.com/curl/curl/commit/c6ae07c6a541e0e96d0040afb6 https://hackerone.com/reports/3294999 https://nvd.nist.gov/vuln/detail/CVE-2025-9086 https://www.cve.org/CVERecord?id=CVE-2025-9086
libexpat CVE-2025-59375 MEDIUM 2.7.0-r0 2.7.2-r0 http://www.openwall.com/lists/oss-security/2025/09/16/2 https://access.redhat.com/errata/RHSA-2025:19403 https://access.redhat.com/security/cve/CVE-2025-59375 https://bugzilla.redhat.com/2395108 https://errata.almalinux.org/10/ALSA-2025-19403.html https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74 https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes https://github.com/libexpat/libexpat/issues/1018 https://github.com/libexpat/libexpat/pull/1034 https://issues.oss-fuzz.com/issues/439133977 https://linux.oracle.com/cve/CVE-2025-59375.html https://linux.oracle.com/errata/ELSA-2025-19403.html https://nvd.nist.gov/vuln/detail/CVE-2025-59375 https://www.cve.org/CVERecord?id=CVE-2025-59375
libssl3 CVE-2025-9230 MEDIUM 3.3.3-r0 3.3.5-r0 http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9230 https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45 https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280 https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482 https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3 https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9230
libssl3 CVE-2025-9231 MEDIUM 3.3.3-r0 3.3.5-r0 http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9231 https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698 https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4 https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2 https://nvd.nist.gov/vuln/detail/CVE-2025-9231 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9231
libssl3 CVE-2025-9232 LOW 3.3.3-r0 3.3.5-r0 http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9232 https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35 https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3 https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9232
No Misconfigurations found

usr/bin/tfsec (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/cloudflare/circl CVE-2025-8556 LOW v1.3.7 1.6.1 https://access.redhat.com/security/cve/CVE-2025-8556 https://bugzilla.redhat.com/show_bug.cgi?id=2371624 https://github.com/cloudflare/circl https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm https://github.com/cloudflare/circl/tree/v1.6.1 https://news.ycombinator.com/item?id=45669593 https://nvd.nist.gov/vuln/detail/CVE-2025-8556 https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation https://www.cve.org/CVERecord?id=CVE-2025-8556
github.com/hashicorp/go-getter CVE-2025-8959 HIGH v1.7.5 1.7.9 https://access.redhat.com/security/cve/CVE-2025-8959 https://discuss.hashicorp.com/t/hcsec-2025-23-hashicorp-go-getter-vulnerable-to-arbitrary-read-through-symlink-attack/76242 https://github.com/hashicorp/go-getter https://github.com/hashicorp/go-getter/commit/87541b2501c00df5eaedea6acc61a2a4a4efa5b7 https://github.com/hashicorp/go-getter/pull/540 https://nvd.nist.gov/vuln/detail/CVE-2025-8959 https://pkg.go.dev/vuln/GO-2025-3892 https://www.cve.org/CVERecord?id=CVE-2025-8959
github.com/open-policy-agent/opa CVE-2025-46569 HIGH v0.68.0 1.4.0 https://access.redhat.com/security/cve/CVE-2025-46569 https://github.com/open-policy-agent/opa https://github.com/open-policy-agent/opa/commit/ad2063247a14711882f18c387a511fc8094aa79c https://github.com/open-policy-agent/opa/security/advisories/GHSA-6m8w-jc87-6cr7 https://nvd.nist.gov/vuln/detail/CVE-2025-46569 https://pkg.go.dev/vuln/GO-2025-3660 https://www.cve.org/CVERecord?id=CVE-2025-46569
github.com/ulikunitz/xz CVE-2025-58058 MEDIUM v0.5.10 0.5.15 https://access.redhat.com/security/cve/CVE-2025-58058 https://github.com/ulikunitz/xz https://github.com/ulikunitz/xz/commit/88ddf1d0d98d688db65de034f48960b2760d2ae2 https://github.com/ulikunitz/xz/security/advisories/GHSA-jc7w-c686-c4v9 https://nvd.nist.gov/vuln/detail/CVE-2025-58058 https://www.cve.org/CVERecord?id=CVE-2025-58058
golang.org/x/oauth2 CVE-2025-22868 HIGH v0.21.0 0.27.0 https://access.redhat.com/security/cve/CVE-2025-22868 https://bugzilla.redhat.com/show_bug.cgi?id=2347423 https://bugzilla.redhat.com/show_bug.cgi?id=2348366 https://bugzilla.redhat.com/show_bug.cgi?id=2352914 https://bugzilla.redhat.com/show_bug.cgi?id=2354195 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22868 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27144 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29786 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30204 https://errata.rockylinux.org/RLSA-2025:7479 https://go.dev/cl/652155 https://go.dev/issue/71490 https://nvd.nist.gov/vuln/detail/CVE-2025-22868 https://pkg.go.dev/vuln/GO-2025-3488 https://www.cve.org/CVERecord?id=CVE-2025-22868
stdlib CVE-2025-22874 HIGH v1.24.1 1.24.4 https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib CVE-2025-47907 HIGH v1.24.1 1.23.12, 1.24.6 http://www.openwall.com/lists/oss-security/2025/08/06/1 https://access.redhat.com/security/cve/CVE-2025-47907 https://go.dev/cl/693735 https://go.dev/issue/74831 https://groups.google.com/g/golang-announce/c/x5MKroML2yM https://nvd.nist.gov/vuln/detail/CVE-2025-47907 https://pkg.go.dev/vuln/GO-2025-3849 https://www.cve.org/CVERecord?id=CVE-2025-47907
stdlib CVE-2025-58183 HIGH v1.24.1 1.24.8, 1.25.2 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-58183 https://go.dev/cl/709861 https://go.dev/issue/75677 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58183 https://pkg.go.dev/vuln/GO-2025-4014 https://www.cve.org/CVERecord?id=CVE-2025-58183
stdlib CVE-2025-58186 HIGH v1.24.1 1.24.8, 1.25.2 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://go.dev/cl/709855 https://go.dev/issue/75672 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58186 https://pkg.go.dev/vuln/GO-2025-4012
stdlib CVE-2025-58187 HIGH v1.24.1 1.24.9, 1.25.3 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://go.dev/cl/709854 https://go.dev/issue/75681 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58187 https://pkg.go.dev/vuln/GO-2025-4007
stdlib CVE-2025-58188 HIGH v1.24.1 1.24.8, 1.25.2 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://go.dev/cl/709853 https://go.dev/issue/75675 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58188 https://pkg.go.dev/vuln/GO-2025-4013
stdlib CVE-2025-0913 MEDIUM v1.24.1 1.23.10, 1.24.4 https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib CVE-2025-22871 MEDIUM v1.24.1 1.23.8, 1.24.2 http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/errata/RHSA-2025:9635 https://access.redhat.com/security/cve/CVE-2025-22871 https://bugzilla.redhat.com/2358493 https://bugzilla.redhat.com/show_bug.cgi?id=2358493 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22871 https://errata.almalinux.org/9/ALSA-2025-9635.html https://errata.rockylinux.org/RLSA-2025:9845 https://github.com/roadrunner-server/roadrunner https://github.com/roadrunner-server/roadrunner/commit/f269279ee87d0b88127741cad1042389af7605fa https://github.com/roadrunner-server/roadrunner/issues/2166 https://github.com/roadrunner-server/roadrunner/releases/tag/v2025.1.0 https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://linux.oracle.com/cve/CVE-2025-22871.html https://linux.oracle.com/errata/ELSA-2025-9845.html https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
stdlib CVE-2025-4673 MEDIUM v1.24.1 1.23.10, 1.24.4 https://access.redhat.com/errata/RHSA-2025:15887 https://access.redhat.com/security/cve/CVE-2025-4673 https://bugzilla.redhat.com/2373305 https://bugzilla.redhat.com/show_bug.cgi?id=2373305 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4673 https://errata.almalinux.org/9/ALSA-2025-15887.html https://errata.rockylinux.org/RLSA-2025:16432 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://linux.oracle.com/cve/CVE-2025-4673.html https://linux.oracle.com/errata/ELSA-2025-10677.html https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
stdlib CVE-2025-47906 MEDIUM v1.24.1 1.23.12, 1.24.6 http://www.openwall.com/lists/oss-security/2025/08/06/1 https://access.redhat.com/security/cve/CVE-2025-47906 https://go.dev/cl/691775 https://go.dev/issue/74466 https://groups.google.com/g/golang-announce/c/x5MKroML2yM https://nvd.nist.gov/vuln/detail/CVE-2025-47906 https://pkg.go.dev/vuln/GO-2025-3956 https://www.cve.org/CVERecord?id=CVE-2025-47906
stdlib CVE-2025-47912 MEDIUM v1.24.1 1.24.8, 1.25.2 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-47912 https://go.dev/cl/709857 https://go.dev/issue/75678 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-47912 https://pkg.go.dev/vuln/GO-2025-4010 https://www.cve.org/CVERecord?id=CVE-2025-47912
stdlib CVE-2025-58185 MEDIUM v1.24.1 1.24.8, 1.25.2 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-58185 https://github.com/golang/go/commit/8709a41d5ef7321f486a1857f189c3fee20e8edd https://go.dev/cl/709856 https://go.dev/issue/75671 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58185 https://pkg.go.dev/vuln/GO-2025-4011 https://www.cve.org/CVERecord?id=CVE-2025-58185
stdlib CVE-2025-58189 MEDIUM v1.24.1 1.24.8, 1.25.2 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-58189 https://go.dev/cl/707776 https://go.dev/issue/75652 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58189 https://pkg.go.dev/vuln/GO-2025-4008 https://www.cve.org/CVERecord?id=CVE-2025-58189
stdlib CVE-2025-61723 MEDIUM v1.24.1 1.24.8, 1.25.2 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-61723 https://github.com/golang/go/commit/5ce8cd16f3859ec5ac4106ad8ec15d6236f4501b https://go.dev/cl/709858 https://go.dev/issue/75676 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-61723 https://pkg.go.dev/vuln/GO-2025-4009 https://www.cve.org/CVERecord?id=CVE-2025-61723
stdlib CVE-2025-61724 MEDIUM v1.24.1 1.24.8, 1.25.2 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-61724 https://go.dev/cl/709859 https://go.dev/issue/75716 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-61724 https://pkg.go.dev/vuln/GO-2025-4015 https://www.cve.org/CVERecord?id=CVE-2025-61724
stdlib CVE-2025-61725 MEDIUM v1.24.1 1.24.8, 1.25.2 http://www.openwall.com/lists/oss-security/2025/10/08/1 https://access.redhat.com/security/cve/CVE-2025-61725 https://go.dev/cl/709860 https://go.dev/issue/75680 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-61725 https://pkg.go.dev/vuln/GO-2025-4006 https://www.cve.org/CVERecord?id=CVE-2025-61725
No Misconfigurations found