← All VersionsSMH — VULNERABILITY SCAN REPORTv2.6.0-rc1Generated: 2026-05-17T17:08:31Z  |  trivy + grype
276
Total CVEs
2
Critical
96
High
171
Medium
7
Low
58
Clean
IMAGE (click to drill down)BASE OSTOTALLOWMEDHIGHCRITDISTRIBUTION
sfbu_smh-hazelcast_5.6.1.taralpine120460542
pdf.com_reposilite_3.5.26.tarchainguard2602240
cgr_memcached_1.6.40.tarchainguard2202200
pdf.com_curl_8.18.0-dev.tarchainguard2202200
traceability-service-v2.6.0-rc2.tarchainguard1711060
smh-v2.6.0-rc2.tarchainguard161780
ticketing-service-v2.6.0-rc2.tarchainguard141760
sfbu_smh-keycloak_26.6.1-rc1.tarchainguard120480
pdf.com_flannel-cni-plugin_1.9.0.tarchainguard80800
pdf.com_nginx_1.29.6.tarchainguard50500
pdf.com_ingress-nginx-controller-iamguarded_1.15.3.tarchainguard40040
deadletter-service-v2.6.0-rc2.tarchainguard20110
pdf.com_gitea_1.25.5-rootless.tarchainguard20200
pdf.com_metrics-server-iamguarded_0.8.1.tarchainguard20020
smh-alert-service-v2.6.0-rc2.tarchainguard20110
keycloak-resource-migration-v2.6.0-rc2.tarchainguard10010
registry.tarchainguard10010
busybox_1.36.tarunknown00000
cgr_os-shell-iamguarded_1.0.0.tarchainguard00000
cgr_prometheus_v3.9.1.tarchainguard00000
keycloak-api-importer-v2.6.0-rc2.tarchainguard00000
library_busybox_1.31.1.tarunknown00000
pdf.com_apache-camel-karavan-devmode_4.14.2.tarchainguard00000
pdf.com_backing-image-manager_1.10.2.tarchainguard00000
pdf.com_cert-manager-acmesolver-iamguarded_1.19.tarchainguard00000
pdf.com_cert-manager-cainjector-iamguarded_1.19.tarchainguard00000
pdf.com_cert-manager-controller-iamguarded_1.19.tarchainguard00000
pdf.com_cert-manager-webhook-iamguarded_1.19.tarchainguard00000
pdf.com_coredns_v1.14.3.tarchainguard00000
pdf.com_elasticsearch-iamguarded_9.3.4.tarchainguard00000
pdf.com_etcd_3.6.10.tarchainguard00000
pdf.com_filebeat_9.3.4.tarchainguard00000
pdf.com_flannel_flannel_0.28.4.tarchainguard00000
pdf.com_grafana_13.0.1.tarchainguard00000
pdf.com_jdk_openjdk-17.tarchainguard00000
pdf.com_jdk_openjdk-21.tarchainguard00000
pdf.com_jmx-exporter-iamguarded_1.5.0.tarchainguard00000
pdf.com_k8s-sidecar_2.7.3.tarchainguard00000
pdf.com_kafbat-ui_1.4.2.tarchainguard00000
pdf.com_kafka-exporter_1.9.0.tarchainguard00000
pdf.com_kafka-iamguarded_4.2.0.tarchainguard00000
pdf.com_keycloak-config-cli-iamguarded_6.5.0.tarchainguard00000
pdf.com_kibana-iamguarded_9.3.4.tarchainguard00000
pdf.com_kube-apiserver_v1.35.4.tarchainguard00000
pdf.com_kube-controller-manager_v1.35.4.tarchainguard00000
pdf.com_kube-proxy_v1.35.4.tarchainguard00000
pdf.com_kube-scheduler_v1.35.4.tarchainguard00000
pdf.com_kube-state-metrics_2.18.0.tarchainguard00000
pdf.com_kube-webhook-certgen_1.14.5.tarchainguard00000
pdf.com_kubernetes-csi-external-attacher_4.11.0.tarchainguard00000
pdf.com_kubernetes-csi-external-provisioner_6.2.tarchainguard00000
pdf.com_kubernetes-csi-external-resizer_2.1.tarchainguard00000
pdf.com_kubernetes-csi-external-snapshotter_8.4.0.tarchainguard00000
pdf.com_kubernetes-csi-livenessprobe_2.18.0.tarchainguard00000
pdf.com_kubernetes-csi-node-driver-registrar_2.15.0.tarchainguard00000
pdf.com_logstash_9.3.4.tarchainguard00000
pdf.com_longhorn-engine_v1.10.2.tarchainguard00000
pdf.com_longhorn-instance-manager_v1.10.2.tarchainguard00000
pdf.com_longhorn-manager_v1.10.2.tarchainguard00000
pdf.com_longhorn-share-manager_1.10.2.tarchainguard00000
pdf.com_longhorn-support-bundle-kit_0.0.85.tarchainguard00000
pdf.com_longhorn-ui_v1.10.2.tarchainguard00000
pdf.com_oauth2-proxy-iamguarded_7.15.2.tarchainguard00000
pdf.com_pause_3.10.1.tarunknown00000
pdf.com_pause_3.10.tarunknown00000
pdf.com_pgpool2-iamguarded_4.6.6.tarchainguard00000
pdf.com_postgres-iamguarded_15.tarchainguard00000
pdf.com_postgres-repmgr-iamguarded_18.3.tarchainguard00000
pdf.com_prometheus-config-reloader_0.91.0.tarchainguard00000
pdf.com_prometheus-elasticsearch-exporter-iamguarded_1.10.0.tarchainguard00000
pdf.com_prometheus-node-exporter_1.11.1.tarchainguard00000
pdf.com_prometheus-operator-iamguarded_0.91.0.tarchainguard00000
pdf.com_prometheus-postgres-exporter-iamguarded_0.19.tarchainguard00000
pdf.com_redis-cluster-iamguarded_8.6.2.tarchainguard00000
pdf.com_wait-for-it_0.20200823-dev.tarchainguard00000
56 unique CVEs
CVE ID (click for details)SEVERITYPACKAGEFIXED INDESCRIPTIONIMAGES AFFECTED
CVE-2026-31789CRITICALlibcrypto33.5.6-r0openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing1
CVE-2025-59419HIGHio.netty:netty-codec-smtp4.2.7.Final,4.1.128.Final io.netty/netty-codec-smtp: Netty netty-codec-smtp SMTP Command Injection1
CVE-2025-67721HIGHio.airlift:aircompressor2.0.3aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer1
CVE-2026-22184HIGHzlib1.3.2-r0zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility1
CVE-2026-27135HIGHnghttp2-libs1.68.1nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination1
CVE-2026-28387HIGHlibcrypto33.5.6-r0openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication1
CVE-2026-28388HIGHlibcrypto33.5.6-r0openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing1
CVE-2026-28389HIGHlibcrypto33.5.6-r0openssl: OpenSSL: Denial of Service vulnerability in CMS processing1
CVE-2026-28390HIGHlibcrypto33.5.6-r0openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing1
CVE-2026-29062HIGHtools.jackson.core:jackson-core3.1.0jackson-core: jackson-core: Denial of Service via excessive JSON nesting1
CVE-2026-33814HIGHingress-nginx-controller-1.151.15.5-r1When processing HTTP/2 SETTINGS frames, transport will enter an infini ...3
CVE-2026-33870HIGHreposilite3.5.28-r2io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extensio...2
CVE-2026-33871HIGHreposilite3.5.28-r2netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood2
CVE-2026-39852HIGHkeycloak-26.626.6.1-r5io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests2
CVE-2026-40200HIGHmusl1.2.5-r12musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort1
CVE-2026-42198HIGHorg.postgresql:postgresql42.7.11jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication5
CVE-2026-42579HIGHio.netty:netty-codec-dns4.2.13.Final,4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...4
CVE-2026-42583HIGHio.netty:netty-codec4.1.133.FinalNetty is an asynchronous, event-driven network application framework. ...5
CVE-2026-42584HIGHio.netty:netty-codec-http4.2.13.Final,4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...4
CVE-2026-42587HIGHio.netty:netty-codec-http4.2.13.Final,4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...4
CVE-2026-5588HIGHkeycloak-26.626.6.1-r4bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid1
CVE-2026-5598HIGHkeycloak-26.626.6.1-r4bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons1
CVE-2023-1419MEDIUMio.debezium:debezium-connector-mysql2.3.0.Alpha1debezium: script injection via connector parameter1
CVE-2024-25710MEDIUMorg.apache.commons:commons-compress1.26.0commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file1
CVE-2024-26308MEDIUMorg.apache.commons:commons-compress1.26.0commons-compress: OutOfMemoryError unpacking broken Pack200 file1
CVE-2024-45993MEDIUMgiflib6.1.2-r0giflib: heap buffer overflow via gif2rgb1
CVE-2025-31672MEDIUMorg.apache.poi:poi-ooxml5.4.0org.apache.poi/poi-ooxml: Apache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could read unexpected data...1
CVE-2025-48924MEDIUMorg.apache.commons:commons-lang33.18.0commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang3
CVE-2025-67735MEDIUMio.netty:netty-codec-http4.2.8.Final,4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection1
CVE-2025-68161MEDIUMorg.apache.logging.log4j:log4j-core2.25.3Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification1
CVE-2025-7962MEDIUMcom.sun.mail:jakarta.mail1.6.8,2.0.2 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability1
CVE-2026-0636MEDIUMkeycloak-26.626.6.1-r4bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java1
CVE-2026-1002MEDIUMio.vertx:vertx-core4.5.24,5.0.7 io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files2
CVE-2026-2673MEDIUMlibcrypto33.6.1-r3openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group4
CVE-2026-27171MEDIUMzlib1.3.2-r0zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions1
CVE-2026-31790MEDIUMlibcrypto33.5.6-r0openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key1
CVE-2026-33813MEDIUMgitea1.26.1-r1golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing1
CVE-2026-34477MEDIUMorg.apache.logging.log4j:log4j-core2.25.4org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification1
CVE-2026-34478MEDIUMorg.apache.logging.log4j:log4j-core2.25.4org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute ...1
CVE-2026-34480MEDIUMorg.apache.logging.log4j:log4j-core2.25.4org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging1
CVE-2026-34481MEDIUMorg.apache.logging.log4j:log4j-layout-template-json2.25.4org.apache.logging.log4j: Apache Log4j JsonTemplateLayout: Denial of Service via invalid JSON output1
CVE-2026-4046MEDIUMglibc2.43-r6glibc: glibc: Denial of Service via iconv() function with specific character sets4
CVE-2026-41417MEDIUMio.netty:netty-codec-http4.1.133.Final,4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection4
CVE-2026-42580MEDIUMio.netty:netty-codec-http4.2.13.Final,4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...4
CVE-2026-42581MEDIUMio.netty:netty-codec-http4.2.13.Final,4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...4
CVE-2026-42585MEDIUMio.netty:netty-codec-http4.2.13.Final,4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...4
CVE-2026-42586MEDIUMio.netty:netty-codec-redis4.2.13.Final,4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...1
CVE-2026-44248MEDIUMio.netty:netty-codec-mqtt4.2.13.Final,4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...1
CVE-2026-4437MEDIUMglibc2.43-r4glibc: glibc: Incorrect DNS response parsing via crafted DNS server response4
CVE-2026-4438MEDIUMglibc2.43-r4glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions4
CVE-2026-45292MEDIUMio.opentelemetry:opentelemetry-api1.62.0OpenTelemetry Java SDK has Unbounded Memory Allocation in W3C Baggage Propagation1
CVE-2026-5450MEDIUMglibc2.43-r7glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width5
CVE-2026-5928MEDIUMglibc2.43-r7glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings5
CVE-2026-6042MEDIUMmusl1.2.5-r11musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv1
CVE-2026-6860MEDIUMkeycloak-26.626.6.1-r5Vert.x has a DoS via unbounded server-side SNI SslContext cache growth3
CVE-2026-42578LOWio.netty:netty-handler-proxy4.1.133.Final,4.2.13.Final Netty is an asynchronous, event-driven network application framework. ...4
0
Total CVEs
0
Critical
0
High
0
Medium
0
Low
0
Packages

No vulnerabilities found