sz-portal-main-bff.tar (alt cpe:/o:alt:spcontainer:10.2.2) - Trivy Report - 2026-06-04 13:16:52.919824191 +0000 UTC m=+3.546741540

alt
No Vulnerabilities found
No Misconfigurations found
jar
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
ch.qos.logback:logback-core	CVE-2026-1225	LOW	1.5.20	1.5.25	https://access.redhat.com/security/cve/CVE-2026-1225 https://github.com/qos-ch/logback https://github.com/qos-ch/logback/commit/1f97ae1844b1be8486e4e9cade98d7123d3eded5 https://github.com/qos-ch/logback/issues/997 https://logback.qos.ch/news.html#1.5.25 https://nvd.nist.gov/vuln/detail/CVE-2026-1225 https://www.cve.org/CVERecord?id=CVE-2026-1225
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	MEDIUM	2.19.2	2.21.1, 2.18.6	https://github.com/FasterXML/jackson-core https://github.com/FasterXML/jackson-core/commit/b0c428e6f993e1b5ece5c1c3cb2523e887cd52cf https://github.com/FasterXML/jackson-core/pull/1555 https://github.com/FasterXML/jackson-core/security/advisories/GHSA-72hv-8253-57qq
io.netty:netty-codec	CVE-2026-42583	HIGH	4.1.128.Final	4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6 https://nvd.nist.gov/vuln/detail/CVE-2026-42583 https://www.cve.org/CVERecord?id=CVE-2026-42583
io.netty:netty-codec-dns	CVE-2026-42579	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42579 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm https://nvd.nist.gov/vuln/detail/CVE-2026-42579 https://tools.ietf.org/html/rfc1035#section-2.3.4 https://tools.ietf.org/html/rfc1035#section-4.1.4 https://www.cve.org/CVERecord?id=CVE-2026-42579
io.netty:netty-codec-http	CVE-2026-33870	HIGH	4.1.128.Final	4.1.132.Final, 4.2.10.Final	https://access.redhat.com/security/cve/CVE-2026-33870 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8 https://nvd.nist.gov/vuln/detail/CVE-2026-33870 https://w4ke.info/2025/06/18/funky-chunks.html https://w4ke.info/2025/10/29/funky-chunks-2.html https://www.cve.org/CVERecord?id=CVE-2026-33870 https://www.rfc-editor.org/rfc/rfc9110
io.netty:netty-codec-http	CVE-2026-42584	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42584 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3 https://nvd.nist.gov/vuln/detail/CVE-2026-42584 https://www.cve.org/CVERecord?id=CVE-2026-42584
io.netty:netty-codec-http	CVE-2026-42587	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42587 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587 https://www.cve.org/CVERecord?id=CVE-2026-42587
io.netty:netty-codec-http	CVE-2025-67735	MEDIUM	4.1.128.Final	4.2.8.Final, 4.1.129.Final	https://access.redhat.com/security/cve/CVE-2025-67735 https://github.com/netty/netty https://github.com/netty/netty/commit/77e81f1e5944d98b3acf887d3aa443b252752e94 https://github.com/netty/netty/security/advisories/GHSA-84h7-rjj3-6jx4 https://nvd.nist.gov/vuln/detail/CVE-2025-67735 https://www.cve.org/CVERecord?id=CVE-2025-67735
io.netty:netty-codec-http	CVE-2026-41417	MEDIUM	4.1.128.Final	4.1.133.Final, 4.2.13.Final	https://access.redhat.com/security/cve/CVE-2026-41417 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv https://nvd.nist.gov/vuln/detail/CVE-2026-41417 https://www.cve.org/CVERecord?id=CVE-2026-41417
io.netty:netty-codec-http	CVE-2026-42580	MEDIUM	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42580 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723 https://nvd.nist.gov/vuln/detail/CVE-2026-42580 https://www.cve.org/CVERecord?id=CVE-2026-42580
io.netty:netty-codec-http	CVE-2026-42581	MEDIUM	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42581 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9 https://nvd.nist.gov/vuln/detail/CVE-2026-42581 https://www.cve.org/CVERecord?id=CVE-2026-42581
io.netty:netty-codec-http	CVE-2026-42585	MEDIUM	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42585 https://datatracker.ietf.org/doc/html/rfc9112#name-message-body-length https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv https://nvd.nist.gov/vuln/detail/CVE-2026-42585 https://www.cve.org/CVERecord?id=CVE-2026-42585
io.netty:netty-codec-http2	CVE-2026-33871	HIGH	4.1.128.Final	4.1.132.Final, 4.2.11.Final	https://access.redhat.com/security/cve/CVE-2026-33871 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv https://nvd.nist.gov/vuln/detail/CVE-2026-33871 https://www.cve.org/CVERecord?id=CVE-2026-33871
io.netty:netty-codec-http2	CVE-2026-42587	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42587 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587 https://www.cve.org/CVERecord?id=CVE-2026-42587
io.netty:netty-handler-proxy	CVE-2026-42578	LOW	4.1.128.Final	4.1.133.Final, 4.2.13.Final	https://access.redhat.com/security/cve/CVE-2026-42578 https://github.com/advisories/GHSA-84h7-rjj3-6jx4 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr https://nvd.nist.gov/vuln/detail/CVE-2026-42578 https://www.cve.org/CVERecord?id=CVE-2026-42578
org.bouncycastle:bcprov-jdk18on	CVE-2026-5598	HIGH	1.80	1.84	https://access.redhat.com/security/cve/CVE-2026-5598 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5 https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905998 https://github.com/bcgit/bc-java/wiki/CVE-2026-5598 https://nvd.nist.gov/vuln/detail/CVE-2026-5598 https://www.cve.org/CVERecord?id=CVE-2026-5598
org.bouncycastle:bcprov-jdk18on	CVE-2026-0636	MEDIUM	1.80	1.84	https://access.redhat.com/security/cve/CVE-2026-0636 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636 https://nvd.nist.gov/vuln/detail/CVE-2026-0636 https://www.cve.org/CVERecord?id=CVE-2026-0636
org.springframework.boot:spring-boot	CVE-2026-40973	HIGH	3.5.7	4.0.6, 3.5.14	https://access.redhat.com/security/cve/CVE-2026-40973 https://github.com/spring-projects/spring-boot https://nvd.nist.gov/vuln/detail/CVE-2026-40973 https://spring.io/security/cve-2026-40973 https://www.cve.org/CVERecord?id=CVE-2026-40973
org.springframework.cloud:spring-cloud-gateway-server	CVE-2025-41253	HIGH	4.3.1	4.3.2, 4.2.6	https://github.com/spring-cloud/spring-cloud-gateway https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2025-41253 https://spring.io/security/cve/2025-41253 https://www.cve.org/CVERecord?id=CVE-2025-41253
org.springframework:spring-webflux	CVE-2026-22737	MEDIUM	6.2.12	7.0.6, 6.2.17	https://access.redhat.com/security/cve/CVE-2026-22737 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln/detail/CVE-2026-22737 https://spring.io/security/cve-2026-22737 https://www.cve.org/CVERecord?id=CVE-2026-22737
org.springframework:spring-webflux	CVE-2026-22745	MEDIUM	6.2.12	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22745 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22745 https://spring.io/security/cve-2026-22745 https://www.cve.org/CVERecord?id=CVE-2026-22745
org.springframework:spring-webflux	CVE-2026-22735	LOW	6.2.12	7.0.6, 6.2.17	https://access.redhat.com/security/cve/CVE-2026-22735 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln/detail/CVE-2026-22735 https://spring.io/security/cve-2026-22735 https://www.cve.org/CVERecord?id=CVE-2026-22735
org.springframework:spring-webflux	CVE-2026-22740	LOW	6.2.12	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22740 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22740 https://spring.io/security/cve-2026-22740 https://www.cve.org/CVERecord?id=CVE-2026-22740
org.springframework:spring-webflux	CVE-2026-22741	LOW	6.2.12	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22741 https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-config/static-resources.html#page-title https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22741 https://spring.io/security/cve-2026-22741 https://www.cve.org/CVERecord?id=CVE-2026-22741
No Misconfigurations found