Skip to content

Commit 2323d86

Browse files
fluentdo-cipatrick-stephens
fluentdo-ci
and
patrick-stephens
authored
ci: update cve scan results (#92)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: patrick-stephens <6388272+patrick-stephens@users.noreply.github.com>
1 parent a02f20f commit 2323d86

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

54 files changed

+138983
-58312
lines changed

docs/security/agent/grype-25.10.1.json

Lines changed: 6279 additions & 2510 deletions
Large diffs are not rendered by default.

docs/security/agent/grype-25.10.1.md

Lines changed: 31 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -8,59 +8,78 @@ Refer to the [triaged vulnerabilities](https://docs.fluent.do/security/triaged.h
88
| sqlite-libs | 3.34.1-8.el9_6 | [CVE-2025-6965](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965) | High |
99
| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68973) | High |
1010
| glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14087) | Medium |
11+
| libxml2 | 2.9.13-12.el9_6 | [CVE-2026-0990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0990) | Medium |
1112
| glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-14512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14512) | Medium |
13+
| glibc | 2.34-168.el9_6.23 | [CVE-2026-0915](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915) | Medium |
14+
| glibc-common | 2.34-168.el9_6.23 | [CVE-2026-0915](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915) | Medium |
15+
| glibc-langpack-en | 2.34-168.el9_6.23 | [CVE-2026-0915](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915) | Medium |
16+
| glibc-minimal-langpack | 2.34-168.el9_6.23 | [CVE-2026-0915](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915) | Medium |
1217
| systemd-libs | 252-51.el9_6.2 | [CVE-2025-4598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598) | Medium |
13-
| fluent-bit | 25.10.1 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium |
1418
| curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium |
1519
| libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-9086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9086) | Medium |
20+
| libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium |
1621
| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2025-9230](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230) | Medium |
1722
| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2025-9230](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9230) | Medium |
18-
| libxml2 | 2.9.13-12.el9_6 | [CVE-2025-9714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714) | Medium |
19-
| fluent-bit | 25.10.1 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium |
23+
| fluent-bit | 25.10.1 | [CVE-2025-29478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29478) | Medium |
2024
| glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-13601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13601) | Medium |
25+
| openldap | 2.6.8-4.el9 | [CVE-2026-22185](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22185) | Medium |
26+
| fluent-bit | 25.10.1 | [CVE-2025-29477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-29477) | Medium |
2127
| libarchive | 3.5.3-6.el9_6 | [CVE-2025-60753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60753) | Medium |
22-
| curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium |
23-
| libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-10966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966) | Medium |
2428
| libblkid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium |
2529
| libmount | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium |
2630
| libsmartcols | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium |
2731
| libuuid | 2.37.4-21.el9 | [CVE-2025-14104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14104) | Medium |
2832
| coreutils-single | 8.32-39.el9 | [CVE-2025-5278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5278) | Medium |
2933
| libarchive | 3.5.3-6.el9_6 | [CVE-2023-30571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30571) | Medium |
34+
| curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-14017](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017) | Medium |
35+
| libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2025-14017](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017) | Medium |
3036
| gnupg2 | 2.3.3-4.el9 | [CVE-2025-68972](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68972) | Medium |
3137
| shadow-utils | 2:4.9-12.el9 | [CVE-2024-56433](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56433) | Low |
3238
| openldap | 2.6.8-4.el9 | [CVE-2023-2953](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2953) | Low |
39+
| curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low |
40+
| libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low |
3341
| curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low |
3442
| libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-7264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264) | Low |
3543
| libxml2 | 2.9.13-12.el9_6 | [CVE-2024-34459](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459) | Low |
36-
| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low |
37-
| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low |
3844
| curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low |
3945
| libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-9681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681) | Low |
40-
| curl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low |
41-
| libcurl-minimal | 7.76.1-31.el9_6.1 | [CVE-2024-11053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11053) | Low |
46+
| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low |
47+
| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-41996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41996) | Low |
4248
| glib2 | 2.68.4-16.el9_6.2 | [CVE-2023-32636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32636) | Low |
4349
| libxml2 | 2.9.13-12.el9_6 | [CVE-2025-27113](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27113) | Low |
50+
| libgcc | 11.5.0-5.el9_5 | [CVE-2022-27943](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27943) | Low |
51+
| libstdc++ | 11.5.0-5.el9_5 | [CVE-2022-27943](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27943) | Low |
4452
| libarchive | 3.5.3-6.el9_6 | [CVE-2025-1632](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1632) | Low |
4553
| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2024-13176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176) | Low |
4654
| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2024-13176](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176) | Low |
4755
| libxml2 | 2.9.13-12.el9_6 | [CVE-2023-45322](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322) | Low |
4856
| glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-3360](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3360) | Low |
4957
| pcre2 | 10.40-6.el9 | [CVE-2022-41409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41409) | Low |
5058
| pcre2-syntax | 10.40-6.el9 | [CVE-2022-41409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41409) | Low |
59+
| libtasn1 | 4.16.0-9.el9 | [CVE-2025-13151](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13151) | Low |
5160
| ncurses-base | 6.2-10.20210508.el9_6.2 | [CVE-2023-50495](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50495) | Low |
5261
| ncurses-libs | 6.2-10.20210508.el9_6.2 | [CVE-2023-50495](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50495) | Low |
53-
| libgcc | 11.5.0-5.el9_5 | [CVE-2022-27943](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27943) | Low |
54-
| libstdc++ | 11.5.0-5.el9_5 | [CVE-2022-27943](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27943) | Low |
62+
| libxml2 | 2.9.13-12.el9_6 | [CVE-2026-0992](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0992) | Low |
63+
| libxml2 | 2.9.13-12.el9_6 | [CVE-2026-0989](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0989) | Low |
5564
| libarchive | 3.5.3-6.el9_6 | [CVE-2025-5915](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5915) | Low |
5665
| gawk | 5.1.0-6.el9 | [CVE-2023-4156](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4156) | Low |
66+
| glib2 | 2.68.4-16.el9_6.2 | [CVE-2026-0988](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0988) | Low |
67+
| glib2 | 2.68.4-16.el9_6.2 | [CVE-2025-7039](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7039) | Low |
5768
| libarchive | 3.5.3-6.el9_6 | [CVE-2025-5916](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5916) | Low |
69+
| glibc | 2.34-168.el9_6.23 | [CVE-2026-0861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861) | Low |
70+
| glibc-common | 2.34-168.el9_6.23 | [CVE-2026-0861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861) | Low |
71+
| glibc-langpack-en | 2.34-168.el9_6.23 | [CVE-2026-0861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861) | Low |
72+
| glibc-minimal-langpack | 2.34-168.el9_6.23 | [CVE-2026-0861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861) | Low |
73+
| gnupg2 | 2.3.3-4.el9 | [CVE-2022-3219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219) | Low |
5874
| openssl | 1:3.2.2-6.el9_5.1 | [CVE-2025-9232](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9232) | Low |
5975
| openssl-libs | 1:3.2.2-6.el9_5.1 | [CVE-2025-9232](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9232) | Low |
76+
| glibc | 2.34-168.el9_6.23 | [CVE-2025-15281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281) | Low |
77+
| glibc-common | 2.34-168.el9_6.23 | [CVE-2025-15281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281) | Low |
78+
| glibc-langpack-en | 2.34-168.el9_6.23 | [CVE-2025-15281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281) | Low |
79+
| glibc-minimal-langpack | 2.34-168.el9_6.23 | [CVE-2025-15281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281) | Low |
6080
| libarchive | 3.5.3-6.el9_6 | [CVE-2025-5918](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5918) | Low |
6181
| gnupg2 | 2.3.3-4.el9 | [CVE-2025-30258](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30258) | Low |
6282
| sqlite-libs | 3.34.1-8.el9_6 | [CVE-2024-0232](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0232) | Low |
6383
| libarchive | 3.5.3-6.el9_6 | [CVE-2025-5917](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5917) | Low |
64-
| gnupg2 | 2.3.3-4.el9 | [CVE-2022-3219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219) | Low |
6584
| libxml2 | 2.9.13-12.el9_6 | [CVE-2025-6170](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6170) | Low |
6685
| lz4-libs | 1.9.3-5.el9 | [CVE-2025-62813](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62813) | Unknown |

0 commit comments

Comments
 (0)