sz-portal-main-appeal-app.tar (alt cpe:/o:alt:spcontainer:10.2.2) - Trivy Report - 2026-06-03 11:32:58.869790145 +0000 UTC m=+6.644445162

alt
No Vulnerabilities found
No Misconfigurations found
jar
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
io.netty:netty-codec	CVE-2026-42583	HIGH	4.1.132.Final	4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6 https://nvd.nist.gov/vuln/detail/CVE-2026-42583 https://www.cve.org/CVERecord?id=CVE-2026-42583
io.netty:netty-codec-dns	CVE-2026-42579	HIGH	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42579 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm https://nvd.nist.gov/vuln/detail/CVE-2026-42579 https://tools.ietf.org/html/rfc1035#section-2.3.4 https://tools.ietf.org/html/rfc1035#section-4.1.4 https://www.cve.org/CVERecord?id=CVE-2026-42579
io.netty:netty-codec-http	CVE-2026-42584	HIGH	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42584 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3 https://nvd.nist.gov/vuln/detail/CVE-2026-42584 https://www.cve.org/CVERecord?id=CVE-2026-42584
io.netty:netty-codec-http	CVE-2026-42587	HIGH	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42587 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587 https://www.cve.org/CVERecord?id=CVE-2026-42587
io.netty:netty-codec-http	CVE-2026-41417	MEDIUM	4.1.132.Final	4.1.133.Final, 4.2.13.Final	https://access.redhat.com/security/cve/CVE-2026-41417 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv https://nvd.nist.gov/vuln/detail/CVE-2026-41417 https://www.cve.org/CVERecord?id=CVE-2026-41417
io.netty:netty-codec-http	CVE-2026-42580	MEDIUM	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42580 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723 https://nvd.nist.gov/vuln/detail/CVE-2026-42580 https://www.cve.org/CVERecord?id=CVE-2026-42580
io.netty:netty-codec-http	CVE-2026-42581	MEDIUM	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42581 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9 https://nvd.nist.gov/vuln/detail/CVE-2026-42581 https://www.cve.org/CVERecord?id=CVE-2026-42581
io.netty:netty-codec-http	CVE-2026-42585	MEDIUM	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42585 https://datatracker.ietf.org/doc/html/rfc9112#name-message-body-length https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv https://nvd.nist.gov/vuln/detail/CVE-2026-42585 https://www.cve.org/CVERecord?id=CVE-2026-42585
io.netty:netty-codec-http2	CVE-2026-42587	HIGH	4.1.132.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42587 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587 https://www.cve.org/CVERecord?id=CVE-2026-42587
io.netty:netty-handler-proxy	CVE-2026-42578	LOW	4.1.132.Final	4.1.133.Final, 4.2.13.Final	https://access.redhat.com/security/cve/CVE-2026-42578 https://github.com/advisories/GHSA-84h7-rjj3-6jx4 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr https://nvd.nist.gov/vuln/detail/CVE-2026-42578 https://www.cve.org/CVERecord?id=CVE-2026-42578
org.apache.commons:commons-lang3	CVE-2025-48924	MEDIUM	3.17.0	3.18.0	http://www.openwall.com/lists/oss-security/2025/07/11/1 https://access.redhat.com/security/cve/CVE-2025-48924 https://github.com/apache/commons-lang https://github.com/apache/commons-lang/commit/b424803abdb2bec818e4fbcb251ce031c22aca53 https://lists.apache.org/thread/bgv0lpswokgol11tloxnjfzdl7yrc1g1 https://lists.debian.org/debian-lts-announce/2025/08/msg00000.html https://lists.debian.org/debian-lts-announce/2025/08/msg00026.html https://lists.debian.org/debian-lts-announce/2025/09/msg00032.html https://lists.debian.org/debian-lts-announce/2025/09/msg00036.html https://nvd.nist.gov/vuln/detail/CVE-2025-48924 https://ubuntu.com/security/notices/USN-8364-1 https://www.cve.org/CVERecord?id=CVE-2025-48924 https://www.openwall.com/lists/oss-security/2025/07/11/1
org.bouncycastle:bcpkix-jdk18on	CVE-2025-8916	MEDIUM	1.73	1.79	https://access.redhat.com/security/cve/CVE-2025-8916 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/310b30a4fbf36d13f6cc201ffa7771715641e67e https://github.com/bcgit/bc-java/commit/ff444a479942d88de64004dc82c3ee32a9e9075a https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916 https://nvd.nist.gov/vuln/detail/CVE-2025-8916 https://ubuntu.com/security/notices/USN-8108-1 https://www.cve.org/CVERecord?id=CVE-2025-8916
org.bouncycastle:bcpkix-jdk18on	CVE-2026-5588	MEDIUM	1.73	1.84	https://access.redhat.com/security/cve/CVE-2026-5588 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/656bae0dbd9b1521f840521ff786e78749fe3057 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905588 https://nvd.nist.gov/vuln/detail/CVE-2026-5588 https://www.cve.org/CVERecord?id=CVE-2026-5588
org.bouncycastle:bcprov-jdk18on	CVE-2026-5598	HIGH	1.73	1.84	https://access.redhat.com/security/cve/CVE-2026-5598 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5 https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905998 https://github.com/bcgit/bc-java/wiki/CVE-2026-5598 https://nvd.nist.gov/vuln/detail/CVE-2026-5598 https://www.cve.org/CVERecord?id=CVE-2026-5598
org.bouncycastle:bcprov-jdk18on	CVE-2023-33201	MEDIUM	1.73	1.74	https://access.redhat.com/security/cve/CVE-2023-33201 https://bouncycastle.org https://bouncycastle.org/releasenotes.html#r1rv74 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/ccf93ca736b89250ff4ce079a5aa56f5cbf0ebbd https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc https://github.com/bcgit/bc-java/commits/main/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java https://github.com/bcgit/bc-java/wiki/CVE-2023-33201 https://lists.debian.org/debian-lts-announce/2023/08/msg00000.html https://nvd.nist.gov/vuln/detail/CVE-2023-33201 https://security.netapp.com/advisory/ntap-20230824-0008 https://security.netapp.com/advisory/ntap-20230824-0008/ https://ubuntu.com/security/notices/USN-8108-1 https://www.cve.org/CVERecord?id=CVE-2023-33201
org.bouncycastle:bcprov-jdk18on	CVE-2024-29857	MEDIUM	1.73	1.78	https://access.redhat.com/security/cve/CVE-2024-29857 https://github.com/bcgit/bc-csharp/commit/56daa6eac526f165416d17f661422d60de0dfd63 https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857 https://github.com/bcgit/bc-java/commit/efc498ca4caa340ac2fe11f2efee06c1a294501f https://github.com/bcgit/bc-java/commit/fee80dd230e7fba132d03a34f1dd1d6aae0d0281 https://github.com/bcgit/bc-java/issues/1635 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857 https://nvd.nist.gov/vuln/detail/CVE-2024-29857 https://security.netapp.com/advisory/ntap-20241206-0008 https://security.netapp.com/advisory/ntap-20241206-0008/ https://ubuntu.com/security/notices/USN-8108-1 https://www.bouncycastle.org/latest_releases.html https://www.cve.org/CVERecord?id=CVE-2024-29857
org.bouncycastle:bcprov-jdk18on	CVE-2024-30171	MEDIUM	1.73	1.78	https://access.redhat.com/security/cve/CVE-2024-30171 https://github.com/bcgit/bc-csharp/commit/c984b8bfd8544dfc55dba91a02cbbbb9c580c217 https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171 https://github.com/bcgit/bc-java/commit/d7d5e735abd64bf0f413f54fd9e495fc02400fb0 https://github.com/bcgit/bc-java/commit/e0569dcb1dea9d421d84fc4c5c5688fe101afa2d https://github.com/bcgit/bc-java/issues/1528 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171 https://nvd.nist.gov/vuln/detail/CVE-2024-30171 https://people.redhat.com/~hkario/marvin/ https://security.netapp.com/advisory/ntap-20240614-0008 https://security.netapp.com/advisory/ntap-20240614-0008/ https://ubuntu.com/security/notices/USN-8108-1 https://www.bouncycastle.org/latest_releases.html https://www.cve.org/CVERecord?id=CVE-2024-30171
org.bouncycastle:bcprov-jdk18on	CVE-2024-30172	MEDIUM	1.73	1.78	https://access.redhat.com/security/cve/CVE-2024-30172 https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030172 https://github.com/bcgit/bc-java/commit/1b9fd9b545e691bfb3941a9f6a797660c8860f02 https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49 https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49 (r1rv78v1) https://github.com/bcgit/bc-java/commit/ebe1c75579170072dc59b8dee2b55ce31663178f https://github.com/bcgit/bc-java/issues/1599 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030172 https://nvd.nist.gov/vuln/detail/CVE-2024-30172 https://security.netapp.com/advisory/ntap-20240614-0007 https://security.netapp.com/advisory/ntap-20240614-0007/ https://ubuntu.com/security/notices/USN-8108-1 https://www.bouncycastle.org/latest_releases.html https://www.cve.org/CVERecord?id=CVE-2024-30172
org.bouncycastle:bcprov-jdk18on	CVE-2024-34447	MEDIUM	1.73	1.78	http://security.netapp.com/advisory/ntap-20240614-0007 https://access.redhat.com/security/cve/CVE-2024-34447 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/issues/1656 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9034447 https://nvd.nist.gov/vuln/detail/CVE-2024-34447 https://security.netapp.com/advisory/ntap-20240614-0007/ https://ubuntu.com/security/notices/USN-8108-1 https://www.bouncycastle.org/latest_releases.html https://www.cve.org/CVERecord?id=CVE-2024-34447
org.bouncycastle:bcprov-jdk18on	CVE-2025-8885	MEDIUM	1.73	1.78	https://access.redhat.com/security/cve/CVE-2025-8885 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java https://github.com/bcgit/bc-java/commit/3790993df5d28f661a64439a8664343437ed3865 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885 https://nvd.nist.gov/vuln/detail/CVE-2025-8885 https://www.cve.org/CVERecord?id=CVE-2025-8885
org.postgresql:postgresql	CVE-2026-42198	HIGH	42.7.10	42.7.11	https://access.redhat.com/security/cve/CVE-2026-42198 https://github.com/pgjdbc/pgjdbc https://github.com/pgjdbc/pgjdbc/releases/tag/REL42.7.11 https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-98qh-xjc8-98pq https://nvd.nist.gov/vuln/detail/CVE-2026-42198 https://www.cve.org/CVERecord?id=CVE-2026-42198
org.springframework.boot:spring-boot	CVE-2026-40973	HIGH	3.5.13	4.0.6, 3.5.14	https://access.redhat.com/security/cve/CVE-2026-40973 https://github.com/spring-projects/spring-boot https://nvd.nist.gov/vuln/detail/CVE-2026-40973 https://spring.io/security/cve-2026-40973 https://www.cve.org/CVERecord?id=CVE-2026-40973
org.springframework.security:spring-security-core	CVE-2026-22751	MEDIUM	6.5.9	6.5.10, 7.0.5	https://access.redhat.com/security/cve/CVE-2026-22751 https://github.com/spring-projects/spring-security https://github.com/spring-projects/spring-security/commit/163772775036c4146815a5266874278c6f45f047 https://github.com/spring-projects/spring-security/commit/4187af38b251fc97fdf9949f7869618111e6e261 https://nvd.nist.gov/vuln/detail/CVE-2026-22751 https://spring.io/security/cve-2026-22751 https://www.cve.org/CVERecord?id=CVE-2026-22751
org.springframework.security:spring-security-core	CVE-2026-22746	LOW	6.5.9	6.5.10, 7.0.5	https://access.redhat.com/security/cve/CVE-2026-22746 https://github.com/spring-projects/spring-security https://nvd.nist.gov/vuln/detail/CVE-2026-22746 https://spring.io/security/cve-2026-22746 https://www.cve.org/CVERecord?id=CVE-2026-22746
org.springframework.security:spring-security-oauth2-jose	CVE-2026-22748	MEDIUM	6.5.9	6.5.10, 7.0.5	https://access.redhat.com/security/cve/CVE-2026-22748 https://github.com/spring-projects/spring-security https://nvd.nist.gov/vuln/detail/CVE-2026-22748 https://spring.io/security/cve-2026-22748 https://www.cve.org/CVERecord?id=CVE-2026-22748
org.springframework:spring-webflux	CVE-2026-22745	MEDIUM	6.2.17	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22745 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22745 https://spring.io/security/cve-2026-22745 https://www.cve.org/CVERecord?id=CVE-2026-22745
org.springframework:spring-webflux	CVE-2026-22740	LOW	6.2.17	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22740 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22740 https://spring.io/security/cve-2026-22740 https://www.cve.org/CVERecord?id=CVE-2026-22740
org.springframework:spring-webflux	CVE-2026-22741	LOW	6.2.17	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22741 https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-config/static-resources.html#page-title https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22741 https://spring.io/security/cve-2026-22741 https://www.cve.org/CVERecord?id=CVE-2026-22741
No Misconfigurations found