Skip to content

to be continuous

TF_TRIVY_IMAGE

to-be-continuous/doc

docker.io/aquasec/trivy (alpine 3.22.1)¶

Trivy Image Scan

Image: docker.io/aquasec/trivy (alpine 3.22.1)
Scan date: 2025-11-19

docker.io/aquasec/trivy (alpine 3.22.1) (alpine)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2025-9230	MEDIUM	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9230 https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45 https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280 https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482 https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3 https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9230
libcrypto3	CVE-2025-9231	MEDIUM	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9231 https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698 https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4 https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2 https://nvd.nist.gov/vuln/detail/CVE-2025-9231 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9231
libcrypto3	CVE-2025-9232	LOW	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9232 https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35 https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3 https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9232
libssl3	CVE-2025-9230	MEDIUM	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9230 https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45 https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280 https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482 https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3 https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba https://lists.debian.org/debian-lts-announce/2025/10/msg00001.html https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9230
libssl3	CVE-2025-9231	MEDIUM	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9231 https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698 https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4 https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2 https://nvd.nist.gov/vuln/detail/CVE-2025-9231 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9231
libssl3	CVE-2025-9232	LOW	3.5.1-r0	3.5.4-r0	http://www.openwall.com/lists/oss-security/2025/09/30/5 https://access.redhat.com/security/cve/CVE-2025-9232 https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35 https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3 https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9232
pcre2	CVE-2025-58050	CRITICAL	10.43-r1	10.46-r0	https://access.redhat.com/security/cve/CVE-2025-58050 https://github.com/PCRE2Project/pcre2/commit/a141712e5967d448c7ce13090ab530c8e3d82254 https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46 https://github.com/PCRE2Project/pcre2/security/advisories/GHSA-c2gv-xgf5-5cc2 https://nvd.nist.gov/vuln/detail/CVE-2025-58050 https://ubuntu.com/security/notices/USN-7777-1 https://www.cve.org/CVERecord?id=CVE-2025-58050
No Misconfigurations found

usr/local/bin/trivy (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/containerd/containerd	CVE-2024-25621	HIGH	v1.7.28	1.7.29	https://github.com/containerd/containerd https://github.com/containerd/containerd/blob/main/docs/rootless.md https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5 https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w https://nvd.nist.gov/vuln/detail/CVE-2024-25621
github.com/containerd/containerd	CVE-2025-64329	MEDIUM	v1.7.28	1.7.29	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/083b53cd6f19b5de7717b0ce92c11bdf95e612df https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2 https://nvd.nist.gov/vuln/detail/CVE-2025-64329
github.com/containerd/containerd/v2	CVE-2024-25621	HIGH	v2.1.4	2.0.7, 2.1.5, 2.2.0	https://github.com/containerd/containerd https://github.com/containerd/containerd/blob/main/docs/rootless.md https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5 https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w https://nvd.nist.gov/vuln/detail/CVE-2024-25621
github.com/containerd/containerd/v2	CVE-2025-64329	MEDIUM	v2.1.4	2.0.7, 2.1.5, 2.2.0	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/083b53cd6f19b5de7717b0ce92c11bdf95e612df https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2 https://nvd.nist.gov/vuln/detail/CVE-2025-64329
github.com/opencontainers/selinux	CVE-2025-52881	HIGH	v1.12.0	1.13.0	http://github.com/opencontainers/runc/commit/a41366e74080fa9f26a2cd3544e2801449697322 http://github.com/opencontainers/runc/commit/fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3 https://access.redhat.com/errata/RHSA-2025:19927 https://access.redhat.com/security/cve/CVE-2025-52881 https://bugzilla.redhat.com/2404705 https://bugzilla.redhat.com/2404708 https://bugzilla.redhat.com/2404715 https://errata.almalinux.org/9/ALSA-2025-19927.html https://github.com/opencontainers/runc https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md https://github.com/opencontainers/runc/commit/3f925525b44d247e390e529e772a0dc0c0bc3557 https://github.com/opencontainers/runc/commit/435cc81be6b79cdec73b4002c0dae549b2f6ae6d https://github.com/opencontainers/runc/commit/44a0fcf685db051c80b8c269812bb177f5802c58 https://github.com/opencontainers/runc/commit/4b37cd93f86e72feac866442988b549b5b7bf3e6 https://github.com/opencontainers/runc/commit/6fc191449109ea14bb7d61238f24a33fe08c651f https://github.com/opencontainers/runc/commit/77889b56db939c323d29d1130f28f9aea2edb544 https://github.com/opencontainers/runc/commit/77d217c7c3775d8ca5af89e477e81568ef4572db https://github.com/opencontainers/runc/commit/a41366e74080fa9f26a2cd3544e2801449697322 https://github.com/opencontainers/runc/commit/b3dd1bc562ed9996d1a0f249e056c16624046d28 https://github.com/opencontainers/runc/commit/d40b3439a9614a86e87b81a94c6811ec6fa2d7d2 https://github.com/opencontainers/runc/commit/d61fd29d854b416feaaf128bf650325cd2182165 https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64 https://github.com/opencontainers/runc/commit/ed6b1693b8b3ae7eb0250a7e76fc888cdacf98c1 https://github.com/opencontainers/runc/commit/fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3 https://github.com/opencontainers/runc/commit/ff6fe1324663538167eca8b3d3eec61e1bd4fa51 https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480 https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2 https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm https://github.com/opencontainers/runc/security/advisories/GHSA-fh74-hm69-rqjw https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r https://github.com/opencontainers/selinux/pull/237 https://github.com/opencontainers/selinux/releases/tag/v1.13.0 https://linux.oracle.com/cve/CVE-2025-52881.html https://linux.oracle.com/errata/ELSA-2025-21232.html https://nvd.nist.gov/vuln/detail/CVE-2025-52881 https://pkg.go.dev/github.com/cyphar/filepath-securejoin/pathrs-lite/procfs https://ubuntu.com/security/notices/USN-7851-1 https://www.cve.org/CVERecord?id=CVE-2025-52881 https://youtu.be/tGseJW_uBB8 https://youtu.be/y1PaBzxwRWQ
stdlib	CVE-2025-58187	HIGH	v1.25.2	1.24.9, 1.25.3	http://www.openwall.com/lists/oss-security/2025/10/08/1 https://go.dev/cl/709854 https://go.dev/issue/75681 https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI https://nvd.nist.gov/vuln/detail/CVE-2025-58187 https://pkg.go.dev/vuln/GO-2025-4007
No Misconfigurations found