sz-lk-wiki-bff.tar (alt cpe:/o:alt:spcontainer:10.2.2) - Trivy Report - 2026-05-21 14:19:37.013977641 +0000 UTC m=+4.407604517

alt
No Vulnerabilities found
No Misconfigurations found
jar
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
io.netty:netty-codec	CVE-2026-42583	HIGH	4.1.128.Final	4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6 https://nvd.nist.gov/vuln/detail/CVE-2026-42583
io.netty:netty-codec-dns	CVE-2026-42579	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm https://nvd.nist.gov/vuln/detail/CVE-2026-42579 https://tools.ietf.org/html/rfc1035#section-2.3.4 https://tools.ietf.org/html/rfc1035#section-4.1.4
io.netty:netty-codec-http	CVE-2026-33870	HIGH	4.1.128.Final	4.1.132.Final, 4.2.10.Final	https://access.redhat.com/security/cve/CVE-2026-33870 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8 https://nvd.nist.gov/vuln/detail/CVE-2026-33870 https://w4ke.info/2025/06/18/funky-chunks.html https://w4ke.info/2025/10/29/funky-chunks-2.html https://www.cve.org/CVERecord?id=CVE-2026-33870 https://www.rfc-editor.org/rfc/rfc9110
io.netty:netty-codec-http	CVE-2026-42584	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3 https://nvd.nist.gov/vuln/detail/CVE-2026-42584
io.netty:netty-codec-http	CVE-2026-42587	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587
io.netty:netty-codec-http2	CVE-2026-33871	HIGH	4.1.128.Final	4.1.132.Final, 4.2.11.Final	https://access.redhat.com/security/cve/CVE-2026-33871 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv https://nvd.nist.gov/vuln/detail/CVE-2026-33871 https://www.cve.org/CVERecord?id=CVE-2026-33871
io.netty:netty-codec-http2	CVE-2026-42587	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587
org.bouncycastle:bcprov-jdk18on	CVE-2026-5598	HIGH	1.80	1.84	https://access.redhat.com/security/cve/CVE-2026-5598 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5 https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905998 https://github.com/bcgit/bc-java/wiki/CVE-2026-5598 https://nvd.nist.gov/vuln/detail/CVE-2026-5598 https://www.cve.org/CVERecord?id=CVE-2026-5598
org.springframework.boot:spring-boot	CVE-2026-40973	HIGH	3.5.7	4.0.6, 3.5.14	https://access.redhat.com/security/cve/CVE-2026-40973 https://github.com/spring-projects/spring-boot https://nvd.nist.gov/vuln/detail/CVE-2026-40973 https://spring.io/security/cve-2026-40973 https://www.cve.org/CVERecord?id=CVE-2026-40973
org.springframework.cloud:spring-cloud-gateway-server	CVE-2025-41253	HIGH	4.3.1	4.3.2, 4.2.6	https://github.com/spring-cloud/spring-cloud-gateway https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2025-41253 https://spring.io/security/cve/2025-41253 https://www.cve.org/CVERecord?id=CVE-2025-41253
org.springframework.security:spring-security-web	CVE-2026-22732	CRITICAL	6.5.6	6.5.9, 7.0.4	https://access.redhat.com/security/cve/CVE-2026-22732 https://github.com/spring-projects/spring-security https://nvd.nist.gov/vuln/detail/CVE-2026-22732 https://spring.io/security/cve-2026-22732 https://www.cve.org/CVERecord?id=CVE-2026-22732
No Misconfigurations found