git.casona.rocks/casona/maddy:latest (alpine 3.21.3) - Trivy Report - 2025-10-14 15:21:11.371429429 +0000 UTC m=+1.044627550

alpine
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libcrypto3	CVE-2025-9230	MEDIUM	3.3.3-r0	3.3.5-r0	https://access.redhat.com/security/cve/CVE-2025-9230 https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45 https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280 https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482 https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3 https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9230
libcrypto3	CVE-2025-9231	MEDIUM	3.3.3-r0	3.3.5-r0	https://access.redhat.com/security/cve/CVE-2025-9231 https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698 https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4 https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2 https://nvd.nist.gov/vuln/detail/CVE-2025-9231 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9231
libcrypto3	CVE-2025-9232	LOW	3.3.3-r0	3.3.5-r0	https://access.redhat.com/security/cve/CVE-2025-9232 https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35 https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3 https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9232
libssl3	CVE-2025-9230	MEDIUM	3.3.3-r0	3.3.5-r0	https://access.redhat.com/security/cve/CVE-2025-9230 https://github.com/openssl/openssl/commit/5965ea5dd6960f36d8b7f74f8eac67a8eb8f2b45 https://github.com/openssl/openssl/commit/9e91358f365dee6c446dcdcdb01c04d2743fd280 https://github.com/openssl/openssl/commit/a79c4ce559c6a3a8fd4109e9f33c1185d5bf2def https://github.com/openssl/openssl/commit/b5282d677551afda7d20e9c00e09561b547b2dfd https://github.com/openssl/openssl/commit/bae259a211ada6315dc50900686daaaaaa55f482 https://github.openssl.org/openssl/extended-releases/commit/c2b96348bfa662f25f4fabf81958ae822063dae3 https://github.openssl.org/openssl/extended-releases/commit/dfbaf161d8dafc1132dd88cd48ad990ed9b4c8ba https://nvd.nist.gov/vuln/detail/CVE-2025-9230 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9230
libssl3	CVE-2025-9231	MEDIUM	3.3.3-r0	3.3.5-r0	https://access.redhat.com/security/cve/CVE-2025-9231 https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698 https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4 https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2 https://nvd.nist.gov/vuln/detail/CVE-2025-9231 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9231
libssl3	CVE-2025-9232	LOW	3.3.3-r0	3.3.5-r0	https://access.redhat.com/security/cve/CVE-2025-9232 https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35 https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3 https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0 https://nvd.nist.gov/vuln/detail/CVE-2025-9232 https://openssl-library.org/news/secadv/20250930.txt https://ubuntu.com/security/notices/USN-7786-1 https://www.cve.org/CVERecord?id=CVE-2025-9232
No Misconfigurations found
gobinary
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/crypto	CVE-2025-22869	HIGH	v0.32.0	0.35.0	https://access.redhat.com/errata/RHSA-2025:7484 https://access.redhat.com/security/cve/CVE-2025-22869 https://bugzilla.redhat.com/2348367 https://bugzilla.redhat.com/show_bug.cgi?id=2348367 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22869 https://errata.almalinux.org/10/ALSA-2025-7484.html https://errata.rockylinux.org/RLSA-2025:7484 https://github.com/golang/crypto https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22 https://go-review.googlesource.com/c/crypto/+/652135 https://go.dev/cl/652135 https://go.dev/issue/71931 https://linux.oracle.com/cve/CVE-2025-22869.html https://linux.oracle.com/errata/ELSA-2025-7484.html https://nvd.nist.gov/vuln/detail/CVE-2025-22869 https://pkg.go.dev/vuln/GO-2025-3487 https://security.netapp.com/advisory/ntap-20250411-0010 https://security.netapp.com/advisory/ntap-20250411-0010/ https://www.cve.org/CVERecord?id=CVE-2025-22869
golang.org/x/net	CVE-2025-22870	MEDIUM	v0.34.0	0.36.0	http://www.openwall.com/lists/oss-security/2025/03/07/2 https://access.redhat.com/security/cve/CVE-2025-22870 https://github.com/golang/go/issues/71984 https://go-review.googlesource.com/q/project:net https://go.dev/cl/654697 https://go.dev/issue/71984 https://groups.google.com/g/golang-announce/c/4t3lzH3I0eI/m/b42ImqrBAQAJ https://nvd.nist.gov/vuln/detail/CVE-2025-22870 https://pkg.go.dev/vuln/GO-2025-3503 https://security.netapp.com/advisory/ntap-20250509-0007 https://security.netapp.com/advisory/ntap-20250509-0007/ https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-22870
golang.org/x/net	CVE-2025-22872	MEDIUM	v0.34.0	0.38.0	https://access.redhat.com/security/cve/CVE-2025-22872 https://github.com/advisories/GHSA-vvgc-356p-c3xw https://go.dev/cl/662715 https://go.dev/issue/73070 https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA https://nvd.nist.gov/vuln/detail/CVE-2025-22872 https://pkg.go.dev/vuln/GO-2025-3595 https://security.netapp.com/advisory/ntap-20250516-0007 https://security.netapp.com/advisory/ntap-20250516-0007/ https://www.cve.org/CVERecord?id=CVE-2025-22872
golang.org/x/oauth2	CVE-2025-22868	HIGH	v0.25.0	0.27.0	https://access.redhat.com/security/cve/CVE-2025-22868 https://bugzilla.redhat.com/show_bug.cgi?id=2347423 https://bugzilla.redhat.com/show_bug.cgi?id=2348366 https://bugzilla.redhat.com/show_bug.cgi?id=2352914 https://bugzilla.redhat.com/show_bug.cgi?id=2354195 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22868 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27144 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29786 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30204 https://errata.rockylinux.org/RLSA-2025:7479 https://go.dev/cl/652155 https://go.dev/issue/71490 https://nvd.nist.gov/vuln/detail/CVE-2025-22868 https://pkg.go.dev/vuln/GO-2025-3488 https://www.cve.org/CVERecord?id=CVE-2025-22868
stdlib	CVE-2025-22874	HIGH	v1.24.2	1.24.4	https://access.redhat.com/security/cve/CVE-2025-22874 https://go.dev/cl/670375 https://go.dev/issue/73612 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-22874 https://pkg.go.dev/vuln/GO-2025-3749 https://www.cve.org/CVERecord?id=CVE-2025-22874
stdlib	CVE-2025-47907	HIGH	v1.24.2	1.23.12, 1.24.6	https://access.redhat.com/security/cve/CVE-2025-47907 https://go.dev/cl/693735 https://go.dev/issue/74831 https://groups.google.com/g/golang-announce/c/x5MKroML2yM https://nvd.nist.gov/vuln/detail/CVE-2025-47907 https://pkg.go.dev/vuln/GO-2025-3849 https://www.cve.org/CVERecord?id=CVE-2025-47907
stdlib	CVE-2025-0913	MEDIUM	v1.24.2	1.23.10, 1.24.4	https://go.dev/cl/672396 https://go.dev/issue/73702 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://nvd.nist.gov/vuln/detail/CVE-2025-0913 https://pkg.go.dev/vuln/GO-2025-3750
stdlib	CVE-2025-4673	MEDIUM	v1.24.2	1.23.10, 1.24.4	https://access.redhat.com/errata/RHSA-2025:10672 https://access.redhat.com/security/cve/CVE-2025-4673 https://bugzilla.redhat.com/2373305 https://bugzilla.redhat.com/show_bug.cgi?id=2373305 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4673 https://errata.almalinux.org/8/ALSA-2025-10672.html https://errata.rockylinux.org/RLSA-2025:16432 https://go.dev/cl/679257 https://go.dev/issue/73816 https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A https://linux.oracle.com/cve/CVE-2025-4673.html https://linux.oracle.com/errata/ELSA-2025-10677.html https://nvd.nist.gov/vuln/detail/CVE-2025-4673 https://pkg.go.dev/vuln/GO-2025-3751 https://ubuntu.com/security/notices/USN-7574-1 https://www.cve.org/CVERecord?id=CVE-2025-4673
stdlib	CVE-2025-47906	MEDIUM	v1.24.2	1.23.12, 1.24.6	https://access.redhat.com/security/cve/CVE-2025-47906 https://go.dev/cl/691775 https://go.dev/issue/74466 https://groups.google.com/g/golang-announce/c/x5MKroML2yM https://nvd.nist.gov/vuln/detail/CVE-2025-47906 https://pkg.go.dev/vuln/GO-2025-3956 https://www.cve.org/CVERecord?id=CVE-2025-47906
No Misconfigurations found