grype --sort-by severity ghcr.io/bridgecrewio/checkov:3.2.461
✔ Loaded image ghcr.io/bridgecrewio/checkov:3.2.461
✔ Parsed image sha256:c9d32efb9b22f6b46305ff32256b05f61cf113f4600fa0a743ee44685ded71bf
✔ Cataloged contents 88a5bb07f0bc4153bb16ff11e87953cd43ec7661c7f085a5770bf7369fa36f5b
├── ✔ Packages [371 packages]
├── ✔ File metadata [5,282 locations]
├── ✔ File digests [5,282 files]
└── ✔ Executables [950 executables]
✔ Scanned for vulnerabilities [162 vulnerability matches]
├── by severity: 3 critical, 28 high, 31 medium, 10 low, 90 negligible
└── by status: 15 fixed, 147 not-fixed, 0 ignored (1 dropped)
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY EPSS% RISK
libsqlite3-0 3.40.1-2+deb12u1 (won't fix) deb CVE-2025-6965 Critical 14.10 < 0.1
libsqlite3-0 3.40.1-2+deb12u1 deb CVE-2025-7458 Critical 6.32 < 0.1
stdlib go1.22.7 1.23.8, 1.24.2 go-module CVE-2025-22871 Critical 4.17 < 0.1
libldap-2.5-0 2.5.13+dfsg-5 (won't fix) deb CVE-2023-2953 High 77.22 0.8
libperl5.36 5.36.0-7+deb12u2 (won't fix) deb CVE-2023-31484 High 74.86 0.7
perl 5.36.0-7+deb12u2 (won't fix) deb CVE-2023-31484 High 74.86 0.7
perl-base 5.36.0-7+deb12u2 (won't fix) deb CVE-2023-31484 High 74.86 0.7
perl-modules-5.36 5.36.0-7+deb12u2 (won't fix) deb CVE-2023-31484 High 74.86 0.7
libexpat1 2.5.0-1+deb12u1 (won't fix) deb CVE-2023-52425 High 70.55 0.5
libexpat1 2.5.0-1+deb12u1 (won't fix) deb CVE-2024-8176 High 57.27 0.3
setuptools 70.0.0 78.1.1 python GHSA-5rjg-fvgr-3xxf High 34.61 0.1
git 1:2.39.5-0+deb12u2 deb CVE-2025-48385 High 30.36 < 0.1
git-man 1:2.39.5-0+deb12u2 deb CVE-2025-48385 High 30.36 < 0.1
python 3.11.13 3.13.6 binary CVE-2025-8194 High 26.10 < 0.1
dpkg 1.21.22 (won't fix) deb CVE-2025-6297 High 24.81 < 0.1
stdlib go1.22.7 1.23.12, 1.24.6 go-module CVE-2025-47907 High 16.79 < 0.1
stdlib go1.24.4 1.23.12, 1.24.6 go-module CVE-2025-47907 High 16.79 < 0.1
asteval 1.0.5 1.0.6 python GHSA-3wwr-3g9f-9gc7 High 9.56 < 0.1
git 1:2.39.5-0+deb12u2 deb CVE-2025-46835 High 4.74 < 0.1
git-man 1:2.39.5-0+deb12u2 deb CVE-2025-46835 High 4.74 < 0.1
git 1:2.39.5-0+deb12u2 deb CVE-2025-48384 High 3.13 < 0.1
git-man 1:2.39.5-0+deb12u2 deb CVE-2025-48384 High 3.13 < 0.1
libpam-modules 1.5.2-6+deb12u1 deb CVE-2025-6020 High 2.75 < 0.1
libpam-modules-bin 1.5.2-6+deb12u1 deb CVE-2025-6020 High 2.75 < 0.1
libpam-runtime 1.5.2-6+deb12u1 deb CVE-2025-6020 High 2.75 < 0.1
libpam0g 1.5.2-6+deb12u1 deb CVE-2025-6020 High 2.75 < 0.1
stdlib go1.22.7 1.23.11, 1.24.5 go-module CVE-2025-4674 High 1.41 < 0.1
stdlib go1.24.4 1.23.11, 1.24.5 go-module CVE-2025-4674 High 1.41 < 0.1
libc-bin 2.36-9+deb12u10 (won't fix) deb CVE-2025-4802 High 0.49 < 0.1
libc6 2.36-9+deb12u10 (won't fix) deb CVE-2025-4802 High 0.49 < 0.1
asteval 1.0.5 1.0.6 python GHSA-vp47-9734-prjw High N/A N/A
libsqlite3-0 3.40.1-2+deb12u1 (won't fix) deb CVE-2025-29088 Medium 24.16 < 0.1
libpam-modules 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-22365 Medium 24.07 < 0.1
libpam-modules-bin 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-22365 Medium 24.07 < 0.1
libpam-runtime 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-22365 Medium 24.07 < 0.1
libpam0g 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-22365 Medium 24.07 < 0.1
python 3.11.13 3.13.6, 3.14.0b3 binary CVE-2025-6069 Medium 23.76 < 0.1
libexpat1 2.5.0-1+deb12u1 (won't fix) deb CVE-2024-50602 Medium 18.22 < 0.1
libncursesw6 6.4-4 (won't fix) deb CVE-2023-50495 Medium 15.01 < 0.1
libtinfo6 6.4-4 (won't fix) deb CVE-2023-50495 Medium 15.01 < 0.1
ncurses-base 6.4-4 (won't fix) deb CVE-2023-50495 Medium 15.01 < 0.1
ncurses-bin 6.4-4 (won't fix) deb CVE-2023-50495 Medium 15.01 < 0.1
stdlib go1.22.7 1.23.10, 1.24.4 go-module CVE-2025-4673 Medium 12.26 < 0.1
stdlib go1.22.7 1.22.11, 1.23.5, 1.24.0-rc.2 go-module CVE-2024-45336 Medium 7.25 < 0.1
libgssapi-krb5-2 1.20.1-2+deb12u3 (won't fix) deb CVE-2025-3576 Medium 7.10 < 0.1
libk5crypto3 1.20.1-2+deb12u3 (won't fix) deb CVE-2025-3576 Medium 7.10 < 0.1
libkrb5-3 1.20.1-2+deb12u3 (won't fix) deb CVE-2025-3576 Medium 7.10 < 0.1
libkrb5support0 1.20.1-2+deb12u3 (won't fix) deb CVE-2025-3576 Medium 7.10 < 0.1
libpam-modules 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-10041 Medium 7.40 < 0.1
libpam-modules-bin 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-10041 Medium 7.40 < 0.1
libpam-runtime 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-10041 Medium 7.40 < 0.1
libpam0g 1.5.2-6+deb12u1 (won't fix) deb CVE-2024-10041 Medium 7.40 < 0.1
tar 1.34+dfsg-1.2+deb12u1 deb CVE-2025-45582 Medium 7.19 < 0.1
stdlib go1.22.7 1.22.11, 1.23.5, 1.24.0-rc.2 go-module CVE-2024-45341 Medium 4.94 < 0.1
libc-bin 2.36-9+deb12u10 (won't fix) deb CVE-2025-8058 Medium 2.14 < 0.1
libc6 2.36-9+deb12u10 (won't fix) deb CVE-2025-8058 Medium 2.14 < 0.1
urllib3 1.26.20 2.5.0 python GHSA-pq67-6m6q-mj2v Medium 1.33 < 0.1
stdlib go1.22.7 1.22.12, 1.23.6, 1.24.0-rc.3 go-module CVE-2025-22866 Medium 0.82 < 0.1
libperl5.36 5.36.0-7+deb12u2 (won't fix) deb CVE-2025-40909 Medium 0.30 < 0.1
perl 5.36.0-7+deb12u2 (won't fix) deb CVE-2025-40909 Medium 0.30 < 0.1
perl-base 5.36.0-7+deb12u2 (won't fix) deb CVE-2025-40909 Medium 0.30 < 0.1
perl-modules-5.36 5.36.0-7+deb12u2 (won't fix) deb CVE-2025-40909 Medium 0.30 < 0.1
login 1:4.13+dfsg1-1+deb12u1 (won't fix) deb CVE-2024-56433 Low 85.57 0.9
passwd 1:4.13+dfsg1-1+deb12u1 (won't fix) deb CVE-2024-56433 Low 85.57 0.9
coreutils 9.1-1 (won't fix) deb CVE-2016-2781 Low 22.33 < 0.1
git 1:2.39.5-0+deb12u2 deb CVE-2025-27613 Low 3.52 < 0.1
git-man 1:2.39.5-0+deb12u2 deb CVE-2025-27613 Low 3.52 < 0.1
libncursesw6 6.4-4 (won't fix) deb CVE-2025-6141 Low 2.39 < 0.1
libtinfo6 6.4-4 (won't fix) deb CVE-2025-6141 Low 2.39 < 0.1
ncurses-base 6.4-4 (won't fix) deb CVE-2025-6141 Low 2.39 < 0.1
ncurses-bin 6.4-4 (won't fix) deb CVE-2025-6141 Low 2.39 < 0.1
gpgv 2.2.40-1.1 (won't fix) deb CVE-2025-30258 Low 2.74 < 0.1
openssh-client 1:9.2p1-2+deb12u7 deb CVE-2020-15778 Negligible 98.50 3.4
openssh-client 1:9.2p1-2+deb12u7 deb CVE-2019-6110 Negligible 97.83 2.6
openssh-client 1:9.2p1-2+deb12u7 deb CVE-2016-20012 Negligible 95.97 1.3
libgnutls30 3.7.9-2+deb12u5 deb CVE-2011-3389 Negligible 89.77 0.3
libc-bin 2.36-9+deb12u10 deb CVE-2018-20796 Negligible 89.29 0.3
libc6 2.36-9+deb12u10 deb CVE-2018-20796 Negligible 89.29 0.3
tar 1.34+dfsg-1.2+deb12u1 deb CVE-2005-2541 Negligible 86.62 0.2
libldap-2.5-0 2.5.13+dfsg-5 deb CVE-2017-17740 Negligible 85.67 0.1
openssh-client 1:9.2p1-2+deb12u7 deb CVE-2008-3234 Negligible 85.52 0.1
openssh-client 1:9.2p1-2+deb12u7 deb CVE-2020-14145 Negligible 82.95 0.1
libldap-2.5-0 2.5.13+dfsg-5 deb CVE-2015-3276 Negligible 81.80 < 0.1
apt 2.6.1 deb CVE-2011-3374 Negligible 80.42 < 0.1
libapt-pkg6.0 2.6.1 deb CVE-2011-3374 Negligible 80.42 < 0.1
libgcrypt20 1.10.1-3 deb CVE-2018-6829 Negligible 78.61 < 0.1
openssh-client 1:9.2p1-2+deb12u7 deb CVE-2018-15919 Negligible 71.50 < 0.1
libc-bin 2.36-9+deb12u10 deb CVE-2019-1010023 Negligible 71.10 < 0.1
libc6 2.36-9+deb12u10 deb CVE-2019-1010023 Negligible 71.10 < 0.1
openssh-client 1:9.2p1-2+deb12u7 deb CVE-2007-2768 Negligible 70.28 < 0.1
git 1:2.39.5-0+deb12u2 deb CVE-2022-24975 Negligible 67.90 < 0.1
git-man 1:2.39.5-0+deb12u2 deb CVE-2022-24975 Negligible 67.90 < 0.1
openssh-client 1:9.2p1-2+deb12u7 deb CVE-2007-2243 Negligible 64.12 < 0.1
libexpat1 2.5.0-1+deb12u1 deb CVE-2024-28757 Negligible 63.75 < 0.1
libgssapi-krb5-2 1.20.1-2+deb12u3 deb CVE-2018-5709 Negligible 63.25 < 0.1
libk5crypto3 1.20.1-2+deb12u3 deb CVE-2018-5709 Negligible 63.25 < 0.1
libkrb5-3 1.20.1-2+deb12u3 deb CVE-2018-5709 Negligible 63.25 < 0.1
libkrb5support0 1.20.1-2+deb12u3 deb CVE-2018-5709 Negligible 63.25 < 0.1
libperl5.36 5.36.0-7+deb12u2 deb CVE-2023-31486 Negligible 62.63 < 0.1
perl 5.36.0-7+deb12u2 deb CVE-2023-31486 Negligible 62.63 < 0.1
perl-base 5.36.0-7+deb12u2 deb CVE-2023-31486 Negligible 62.63 < 0.1
perl-modules-5.36 5.36.0-7+deb12u2 deb CVE-2023-31486 Negligible 62.63 < 0.1
libc-bin 2.36-9+deb12u10 deb CVE-2019-1010024 Negligible 58.35 < 0.1
libc6 2.36-9+deb12u10 deb CVE-2019-1010024 Negligible 58.35 < 0.1
libc-bin 2.36-9+deb12u10 deb CVE-2010-4756 Negligible 58.25 < 0.1
libc6 2.36-9+deb12u10 deb CVE-2010-4756 Negligible 58.25 < 0.1
libldap-2.5-0 2.5.13+dfsg-5 deb CVE-2020-15719 Negligible 58.09 < 0.1
login 1:4.13+dfsg1-1+deb12u1 deb CVE-2007-5686 Negligible 55.41 < 0.1
passwd 1:4.13+dfsg1-1+deb12u1 deb CVE-2007-5686 Negligible 55.41 < 0.1
git 1:2.39.5-0+deb12u2 deb CVE-2018-1000021 Negligible 53.34 < 0.1
git-man 1:2.39.5-0+deb12u2 deb CVE-2018-1000021 Negligible 53.34 < 0.1
libgcrypt20 1.10.1-3 deb CVE-2024-2236 Negligible 52.96 < 0.1
libcurl3-gnutls 7.88.1-10+deb12u12 deb CVE-2025-0725 Negligible 51.26 < 0.1
libc-bin 2.36-9+deb12u10 deb CVE-2019-1010025 Negligible 46.39 < 0.1
libc6 2.36-9+deb12u10 deb CVE-2019-1010025 Negligible 46.39 < 0.1
libgssapi-krb5-2 1.20.1-2+deb12u3 deb CVE-2024-26458 Negligible 43.15 < 0.1
libk5crypto3 1.20.1-2+deb12u3 deb CVE-2024-26458 Negligible 43.15 < 0.1
libkrb5-3 1.20.1-2+deb12u3 deb CVE-2024-26458 Negligible 43.15 < 0.1
libkrb5support0 1.20.1-2+deb12u3 deb CVE-2024-26458 Negligible 43.15 < 0.1
libsqlite3-0 3.40.1-2+deb12u1 deb CVE-2021-45346 Negligible 42.93 < 0.1
libc-bin 2.36-9+deb12u10 deb CVE-2019-9192 Negligible 37.94 < 0.1
libc6 2.36-9+deb12u10 deb CVE-2019-9192 Negligible 37.94 < 0.1
libperl5.36 5.36.0-7+deb12u2 deb CVE-2011-4116 Negligible 37.61 < 0.1
perl 5.36.0-7+deb12u2 deb CVE-2011-4116 Negligible 37.61 < 0.1
perl-base 5.36.0-7+deb12u2 deb CVE-2011-4116 Negligible 37.61 < 0.1
perl-modules-5.36 5.36.0-7+deb12u2 deb CVE-2011-4116 Negligible 37.61 < 0.1
libc-bin 2.36-9+deb12u10 deb CVE-2019-1010022 Negligible 35.59 < 0.1
libc6 2.36-9+deb12u10 deb CVE-2019-1010022 Negligible 35.59 < 0.1
libcurl3-gnutls 7.88.1-10+deb12u12 deb CVE-2024-2379 Negligible 34.61 < 0.1
libsystemd0 252.38-1~deb12u1 deb CVE-2023-31437 Negligible 32.96 < 0.1
libudev1 252.38-1~deb12u1 deb CVE-2023-31437 Negligible 32.96 < 0.1
libldap-2.5-0 2.5.13+dfsg-5 deb CVE-2017-14159 Negligible 30.63 < 0.1
libsystemd0 252.38-1~deb12u1 deb CVE-2023-31438 Negligible 28.38 < 0.1
libudev1 252.38-1~deb12u1 deb CVE-2023-31438 Negligible 28.38 < 0.1
libsystemd0 252.38-1~deb12u1 deb CVE-2023-31439 Negligible 27.23 < 0.1
libudev1 252.38-1~deb12u1 deb CVE-2023-31439 Negligible 27.23 < 0.1
libgssapi-krb5-2 1.20.1-2+deb12u3 deb CVE-2024-26461 Negligible 24.68 < 0.1
libk5crypto3 1.20.1-2+deb12u3 deb CVE-2024-26461 Negligible 24.68 < 0.1
libkrb5-3 1.20.1-2+deb12u3 deb CVE-2024-26461 Negligible 24.68 < 0.1
libkrb5support0 1.20.1-2+deb12u3 deb CVE-2024-26461 Negligible 24.68 < 0.1
git 1:2.39.5-0+deb12u2 deb CVE-2024-52005 Negligible 22.70 < 0.1
git-man 1:2.39.5-0+deb12u2 deb CVE-2024-52005 Negligible 22.70 < 0.1
libsystemd0 252.38-1~deb12u1 deb CVE-2013-4392 Negligible 21.05 < 0.1
libudev1 252.38-1~deb12u1 deb CVE-2013-4392 Negligible 21.05 < 0.1
coreutils 9.1-1 deb CVE-2017-18018 Negligible 17.23 < 0.1
libssl3 3.0.17-1~deb12u2 deb CVE-2025-27587 Negligible 15.05 < 0.1
openssl 3.0.17-1~deb12u2 deb CVE-2025-27587 Negligible 15.05 < 0.1
gcc-12-base 12.2.0-14+deb12u1 deb CVE-2022-27943 Negligible 12.43 < 0.1
libgcc-s1 12.2.0-14+deb12u1 deb CVE-2022-27943 Negligible 12.43 < 0.1
libstdc++6 12.2.0-14+deb12u1 deb CVE-2022-27943 Negligible 12.43 < 0.1
bsdutils 1:2.38.1-5+deb12u3 deb CVE-2022-0563 Negligible 4.86 < 0.1
libblkid1 2.38.1-5+deb12u3 deb CVE-2022-0563 Negligible 4.86 < 0.1
libmount1 2.38.1-5+deb12u3 deb CVE-2022-0563 Negligible 4.86 < 0.1
libsmartcols1 2.38.1-5+deb12u3 deb CVE-2022-0563 Negligible 4.86 < 0.1
libuuid1 2.38.1-5+deb12u3 deb CVE-2022-0563 Negligible 4.86 < 0.1
mount 2.38.1-5+deb12u3 deb CVE-2022-0563 Negligible 4.86 < 0.1
util-linux 2.38.1-5+deb12u3 deb CVE-2022-0563 Negligible 4.86 < 0.1
util-linux-extra 2.38.1-5+deb12u3 deb CVE-2022-0563 Negligible 4.86 < 0.1
libexpat1 2.5.0-1+deb12u1 deb CVE-2023-52426 Negligible 3.09 < 0.1
coreutils 9.1-1 deb CVE-2025-5278 Negligible 2.71 < 0.1
gpgv 2.2.40-1.1 deb CVE-2022-3219 Negligible 1.25 < 0.1
openssh-client 1:9.2p1-2+deb12u7 deb CVE-2023-51767 Negligible 1.23 < 0.1
👍 React with 👍 1lucaspierru-cure51
