File tree Expand file tree Collapse file tree 1 file changed +10
-0
lines changed
Expand file tree Collapse file tree 1 file changed +10
-0
lines changed Original file line number Diff line number Diff line change @@ -9,3 +9,13 @@ CVE-2026-1584 exp:2026-08-27
99# jackson-core async parser DoS - not exploitable, services only use synchronous ObjectMapper API
1010# See: UID2-6670
1111GHSA-72hv-8253-57qq exp:2026-09-01
12+
13+ # libexpat NULL pointer dereference in Alpine base image - not exploitable, our Java services do not use libexpat
14+ # Fixed in libexpat 2.7.5, not yet available in eclipse-temurin Alpine 3.23 base image
15+ # See: UID2-6806
16+ CVE-2026-32776 exp:2026-04-25
17+
18+ # Trivy reports CVE-2026-32776 with transposed digits (32767 instead of 32776) - this is a known Trivy bug
19+ # See: https://github.com/aquasecurity/trivy/discussions/10412 and UID2-6806
20+ # This entry can be removed once Trivy fixes the typo
21+ CVE-2026-32767 exp:2026-04-25
You can’t perform that action at this time.
0 commit comments