sz-lk-wiki-tour-app.tar (alt cpe:/o:alt:spcontainer:10.2.2) - Trivy Report - 2026-03-31 10:27:45.533369156 +0000 UTC m=+3.654633216

alt
No Vulnerabilities found
No Misconfigurations found
jar
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
io.netty:netty-codec-http	CVE-2026-33870	HIGH	4.1.128.Final	4.1.132.Final, 4.2.10.Final	https://access.redhat.com/security/cve/CVE-2026-33870 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8 https://nvd.nist.gov/vuln/detail/CVE-2026-33870 https://w4ke.info/2025/06/18/funky-chunks.html https://w4ke.info/2025/10/29/funky-chunks-2.html https://www.cve.org/CVERecord?id=CVE-2026-33870 https://www.rfc-editor.org/rfc/rfc9110
io.netty:netty-codec-http2	CVE-2026-33871	HIGH	4.1.128.Final	4.1.132.Final, 4.2.11.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv https://nvd.nist.gov/vuln/detail/CVE-2026-33871
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24734	HIGH	10.1.48	11.0.18, 10.1.52, 9.0.115	https://access.redhat.com/security/cve/CVE-2026-24734 https://github.com/apache/tomcat https://lists.apache.org/thread/292dlmx3fz1888v6v16221kpozq56gml https://nvd.nist.gov/vuln/detail/CVE-2026-24734 https://www.cve.org/CVERecord?id=CVE-2026-24734
org.assertj:assertj-core	CVE-2026-24400	HIGH	3.27.6	3.27.7	https://access.redhat.com/security/cve/CVE-2026-24400 https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html https://github.com/assertj/assertj https://github.com/assertj/assertj/commit/85ca7eb6609bb179c043b85ae7d290523b1ba79a https://github.com/assertj/assertj/releases/tag/assertj-build-3.27.7 https://github.com/assertj/assertj/security/advisories/GHSA-rqfh-9r24-8c9r https://nvd.nist.gov/vuln/detail/CVE-2026-24400 https://www.cve.org/CVERecord?id=CVE-2026-24400
org.springframework.security:spring-security-web	CVE-2026-22732	CRITICAL	6.5.6	6.5.9, 7.0.4	https://access.redhat.com/security/cve/CVE-2026-22732 https://github.com/spring-projects/spring-security https://nvd.nist.gov/vuln/detail/CVE-2026-22732 https://spring.io/security/cve-2026-22732 https://www.cve.org/CVERecord?id=CVE-2026-22732
No Misconfigurations found