sz-lk-trace-tracking-app.tar (alt cpe:/o:alt:spcontainer:10.2.2) - Trivy Report - 2026-06-04 13:00:15.443587669 +0000 UTC m=+15.460267395

alt
No Vulnerabilities found
No Misconfigurations found
jar
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
io.netty:netty-codec	CVE-2026-42583	HIGH	4.1.132.Final	4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6 https://nvd.nist.gov/vuln/detail/CVE-2026-42583 https://www.cve.org/CVERecord?id=CVE-2026-42583
io.netty:netty-codec-dns	CVE-2026-42579	HIGH	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42579 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm https://nvd.nist.gov/vuln/detail/CVE-2026-42579 https://tools.ietf.org/html/rfc1035#section-2.3.4 https://tools.ietf.org/html/rfc1035#section-4.1.4 https://www.cve.org/CVERecord?id=CVE-2026-42579
io.netty:netty-codec-http	CVE-2026-42584	HIGH	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42584 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3 https://nvd.nist.gov/vuln/detail/CVE-2026-42584 https://www.cve.org/CVERecord?id=CVE-2026-42584
io.netty:netty-codec-http	CVE-2026-42587	HIGH	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42587 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587 https://www.cve.org/CVERecord?id=CVE-2026-42587
io.netty:netty-codec-http	CVE-2026-41417	MEDIUM	4.1.132.Final	4.1.133.Final, 4.2.13.Final	https://access.redhat.com/security/cve/CVE-2026-41417 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv https://nvd.nist.gov/vuln/detail/CVE-2026-41417 https://www.cve.org/CVERecord?id=CVE-2026-41417
io.netty:netty-codec-http	CVE-2026-42580	MEDIUM	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42580 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723 https://nvd.nist.gov/vuln/detail/CVE-2026-42580 https://www.cve.org/CVERecord?id=CVE-2026-42580
io.netty:netty-codec-http	CVE-2026-42581	MEDIUM	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42581 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9 https://nvd.nist.gov/vuln/detail/CVE-2026-42581 https://www.cve.org/CVERecord?id=CVE-2026-42581
io.netty:netty-codec-http	CVE-2026-42585	MEDIUM	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42585 https://datatracker.ietf.org/doc/html/rfc9112#name-message-body-length https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv https://nvd.nist.gov/vuln/detail/CVE-2026-42585 https://www.cve.org/CVERecord?id=CVE-2026-42585
io.netty:netty-codec-http2	CVE-2026-42587	HIGH	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42587 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587 https://www.cve.org/CVERecord?id=CVE-2026-42587
io.netty:netty-handler-proxy	CVE-2026-42578	LOW	4.1.132.Final	4.1.133.Final, 4.2.13.Final	https://access.redhat.com/security/cve/CVE-2026-42578 https://github.com/advisories/GHSA-84h7-rjj3-6jx4 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr https://nvd.nist.gov/vuln/detail/CVE-2026-42578 https://www.cve.org/CVERecord?id=CVE-2026-42578
org.apache.commons:commons-lang3	CVE-2025-48924	MEDIUM	3.17.0	3.18.0	http://www.openwall.com/lists/oss-security/2025/07/11/1 https://access.redhat.com/security/cve/CVE-2025-48924 https://github.com/apache/commons-lang https://github.com/apache/commons-lang/commit/b424803abdb2bec818e4fbcb251ce031c22aca53 https://lists.apache.org/thread/bgv0lpswokgol11tloxnjfzdl7yrc1g1 https://lists.debian.org/debian-lts-announce/2025/08/msg00000.html https://lists.debian.org/debian-lts-announce/2025/08/msg00026.html https://lists.debian.org/debian-lts-announce/2025/09/msg00032.html https://lists.debian.org/debian-lts-announce/2025/09/msg00036.html https://nvd.nist.gov/vuln/detail/CVE-2025-48924 https://ubuntu.com/security/notices/USN-8364-1 https://www.cve.org/CVERecord?id=CVE-2025-48924 https://www.openwall.com/lists/oss-security/2025/07/11/1
org.postgresql:postgresql	CVE-2026-42198	HIGH	42.7.10	42.7.11	https://access.redhat.com/security/cve/CVE-2026-42198 https://bugzilla.redhat.com/show_bug.cgi?id=2463857 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42198 https://errata.rockylinux.org/RLSA-2026:22304 https://github.com/pgjdbc/pgjdbc https://github.com/pgjdbc/pgjdbc/releases/tag/REL42.7.11 https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-98qh-xjc8-98pq https://nvd.nist.gov/vuln/detail/CVE-2026-42198 https://www.cve.org/CVERecord?id=CVE-2026-42198
org.springframework.boot:spring-boot	CVE-2026-40973	HIGH	3.5.13	4.0.6, 3.5.14	https://access.redhat.com/security/cve/CVE-2026-40973 https://github.com/spring-projects/spring-boot https://nvd.nist.gov/vuln/detail/CVE-2026-40973 https://spring.io/security/cve-2026-40973 https://www.cve.org/CVERecord?id=CVE-2026-40973
org.springframework.security:spring-security-core	CVE-2026-22751	MEDIUM	6.5.9	6.5.10, 7.0.5	https://access.redhat.com/security/cve/CVE-2026-22751 https://github.com/spring-projects/spring-security https://github.com/spring-projects/spring-security/commit/163772775036c4146815a5266874278c6f45f047 https://github.com/spring-projects/spring-security/commit/4187af38b251fc97fdf9949f7869618111e6e261 https://nvd.nist.gov/vuln/detail/CVE-2026-22751 https://spring.io/security/cve-2026-22751 https://www.cve.org/CVERecord?id=CVE-2026-22751
org.springframework.security:spring-security-core	CVE-2026-22746	LOW	6.5.9	6.5.10, 7.0.5	https://access.redhat.com/security/cve/CVE-2026-22746 https://github.com/spring-projects/spring-security https://nvd.nist.gov/vuln/detail/CVE-2026-22746 https://spring.io/security/cve-2026-22746 https://www.cve.org/CVERecord?id=CVE-2026-22746
org.springframework.security:spring-security-oauth2-jose	CVE-2026-22748	MEDIUM	6.5.9	6.5.10, 7.0.5	https://access.redhat.com/security/cve/CVE-2026-22748 https://github.com/spring-projects/spring-security https://nvd.nist.gov/vuln/detail/CVE-2026-22748 https://spring.io/security/cve-2026-22748 https://www.cve.org/CVERecord?id=CVE-2026-22748
org.springframework:spring-webflux	CVE-2026-22745	MEDIUM	6.2.17	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22745 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22745 https://spring.io/security/cve-2026-22745 https://www.cve.org/CVERecord?id=CVE-2026-22745
org.springframework:spring-webflux	CVE-2026-22740	LOW	6.2.17	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22740 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22740 https://spring.io/security/cve-2026-22740 https://www.cve.org/CVERecord?id=CVE-2026-22740
org.springframework:spring-webflux	CVE-2026-22741	LOW	6.2.17	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22741 https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-config/static-resources.html#page-title https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22741 https://spring.io/security/cve-2026-22741 https://www.cve.org/CVERecord?id=CVE-2026-22741
No Misconfigurations found