sz-portal-main-stat-app.tar (alt cpe:/o:alt:spcontainer:10.2.2) - Trivy Report - 2026-05-20 14:58:25.61234749 +0000 UTC m=+3.261182492

alt
No Vulnerabilities found
No Misconfigurations found
jar
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
io.netty:netty-codec	CVE-2026-42583	HIGH	4.1.128.Final	4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6 https://nvd.nist.gov/vuln/detail/CVE-2026-42583
io.netty:netty-codec-dns	CVE-2026-42579	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm https://nvd.nist.gov/vuln/detail/CVE-2026-42579 https://tools.ietf.org/html/rfc1035#section-2.3.4 https://tools.ietf.org/html/rfc1035#section-4.1.4
io.netty:netty-codec-http	CVE-2026-33870	HIGH	4.1.128.Final	4.1.132.Final, 4.2.10.Final	https://access.redhat.com/security/cve/CVE-2026-33870 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8 https://nvd.nist.gov/vuln/detail/CVE-2026-33870 https://w4ke.info/2025/06/18/funky-chunks.html https://w4ke.info/2025/10/29/funky-chunks-2.html https://www.cve.org/CVERecord?id=CVE-2026-33870 https://www.rfc-editor.org/rfc/rfc9110
io.netty:netty-codec-http	CVE-2026-42584	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3 https://nvd.nist.gov/vuln/detail/CVE-2026-42584
io.netty:netty-codec-http	CVE-2026-42587	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587
io.netty:netty-codec-http2	CVE-2026-33871	HIGH	4.1.128.Final	4.1.132.Final, 4.2.11.Final	https://access.redhat.com/security/cve/CVE-2026-33871 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv https://nvd.nist.gov/vuln/detail/CVE-2026-33871 https://www.cve.org/CVERecord?id=CVE-2026-33871
io.netty:netty-codec-http2	CVE-2026-42587	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587
org.apache.kafka:kafka-clients	CVE-2026-35554	HIGH	3.9.1	3.9.2, 4.0.2, 4.1.2	http://www.openwall.com/lists/oss-security/2026/04/07/6 https://access.redhat.com/security/cve/CVE-2026-35554 https://github.com/apache/kafka https://github.com/apache/kafka/commit/1df2ac5b2ba4d1b5ed54b895ff6fb9539303ccb5 https://github.com/apache/kafka/pull/21065 https://github.com/apache/kafka/pull/21285 https://github.com/apache/kafka/pull/21286 https://github.com/apache/kafka/pull/21287 https://github.com/apache/kafka/pull/21288 https://issues.apache.org/jira/browse/KAFKA-19012 https://lists.apache.org/thread/f07x7j8ovyqhjd1to25jsnqbm6wj01d6 https://nvd.nist.gov/vuln/detail/CVE-2026-35554 https://www.cve.org/CVERecord?id=CVE-2026-35554
org.lz4:lz4-java	CVE-2025-12183	HIGH	1.8.0	1.8.1	http://www.openwall.com/lists/oss-security/2025/12/01/5 https://access.redhat.com/security/cve/CVE-2025-12183 https://github.com/yawkat/lz4-java https://github.com/yawkat/lz4-java/releases/tag/v1.8.1 https://nvd.nist.gov/vuln/detail/CVE-2025-12183 https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183 https://www.cve.org/CVERecord?id=CVE-2025-12183 https://www.sonatype.com/security-advisories/cve-2025-12183
org.lz4:lz4-java	CVE-2025-66566	HIGH	1.8.0		https://access.redhat.com/errata/RHSA-2026:0752 https://access.redhat.com/security/cve/CVE-2025-66566 https://bugzilla.redhat.com/2419500 https://errata.almalinux.org/9/ALSA-2026-0752.html https://github.com/yawkat/lz4-java https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840 https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q https://linux.oracle.com/cve/CVE-2025-66566.html https://linux.oracle.com/errata/ELSA-2026-0752.html https://nvd.nist.gov/vuln/detail/CVE-2025-66566 https://www.cve.org/CVERecord?id=CVE-2025-66566
org.postgresql:postgresql	CVE-2026-42198	HIGH	42.7.8	42.7.11	https://access.redhat.com/security/cve/CVE-2026-42198 https://github.com/pgjdbc/pgjdbc https://github.com/pgjdbc/pgjdbc/releases/tag/REL42.7.11 https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-98qh-xjc8-98pq https://nvd.nist.gov/vuln/detail/CVE-2026-42198 https://www.cve.org/CVERecord?id=CVE-2026-42198
org.springframework.boot:spring-boot	CVE-2026-40973	HIGH	3.5.7	4.0.6, 3.5.14	https://access.redhat.com/security/cve/CVE-2026-40973 https://github.com/spring-projects/spring-boot https://nvd.nist.gov/vuln/detail/CVE-2026-40973 https://spring.io/security/cve-2026-40973 https://www.cve.org/CVERecord?id=CVE-2026-40973
No Misconfigurations found