pom.xml - Trivy Report - 2026-04-28 11:20:44.429160645 +0000 UTC m=+155.066839179

pom
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
io.netty:netty-codec-http	CVE-2026-33870	HIGH	4.1.125.Final	4.1.132.Final, 4.2.10.Final	https://access.redhat.com/security/cve/CVE-2026-33870 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8 https://nvd.nist.gov/vuln/detail/CVE-2026-33870 https://w4ke.info/2025/06/18/funky-chunks.html https://w4ke.info/2025/10/29/funky-chunks-2.html https://www.cve.org/CVERecord?id=CVE-2026-33870 https://www.rfc-editor.org/rfc/rfc9110
io.netty:netty-codec-http2	CVE-2026-33871	HIGH	4.1.125.Final	4.1.132.Final, 4.2.11.Final	https://access.redhat.com/security/cve/CVE-2026-33871 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv https://nvd.nist.gov/vuln/detail/CVE-2026-33871 https://www.cve.org/CVERecord?id=CVE-2026-33871
org.springframework.boot:spring-boot-starter-actuator	CVE-2026-22731	HIGH	3.4.7	3.5.12, 4.0.4	https://access.redhat.com/security/cve/CVE-2026-22731 https://github.com/spring-projects/spring-boot https://nvd.nist.gov/vuln/detail/CVE-2026-22731 https://spring.io/security/cve-2026-22731 https://www.cve.org/CVERecord?id=CVE-2026-22731
org.springframework.boot:spring-boot-starter-actuator	CVE-2026-22733	HIGH	3.4.7	4.0.4, 3.5.12	https://github.com/spring-projects/spring-boot https://nvd.nist.gov/vuln/detail/CVE-2026-22733 https://spring.io/security/cve-2026-22733
org.springframework.cloud:spring-cloud-gateway-server	CVE-2025-41253	HIGH	4.2.3	4.3.2, 4.2.6	https://github.com/spring-cloud/spring-cloud-gateway https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2025-41253 https://spring.io/security/cve/2025-41253 https://www.cve.org/CVERecord?id=CVE-2025-41253
No Misconfigurations found
dockerfile
No Vulnerabilities found
No Misconfigurations found