docker.io/paketobuildpacks/builder-jammy-base:latest (ubuntu 22.04)¶
Trivy Image Scan
- Image:
docker.io/paketobuildpacks/builder-jammy-base:latest (ubuntu 22.04)
- Scan date: 2025-02-19
docker.io/paketobuildpacks/builder-jammy-base:latest (ubuntu 22.04) (ubuntu)¶
(gobinary)¶
cnb/buildpacks/paketo-buildpacks_apache-tomcat/8.4.1/bin/helper (gobinary)¶
cnb/buildpacks/paketo-buildpacks_apache-tomcat/8.4.1/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_apache-tomee/1.11.0/bin/helper (gobinary)¶
cnb/buildpacks/paketo-buildpacks_apache-tomee/1.11.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_azure-application-insights/5.23.0/bin/helper (gobinary)¶
cnb/buildpacks/paketo-buildpacks_azure-application-insights/5.23.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_bellsoft-liberica/11.0.4/bin/helper (gobinary)¶
Package | Vulnerability ID | Severity | Installed Version | Fixed Version | Links |
---|---|---|---|---|---|
stdlib | CVE-2025-22866 | MEDIUM | v1.23.5 | 1.22.12, 1.23.6, 1.24.0-rc.3 | https://access.redhat.com/security/cve/CVE-2025-22866 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://www.cve.org/CVERecord?id=CVE-2025-22866 |
No Misconfigurations found |
cnb/buildpacks/paketo-buildpacks_bellsoft-liberica/11.0.4/bin/main (gobinary)¶
Package | Vulnerability ID | Severity | Installed Version | Fixed Version | Links |
---|---|---|---|---|---|
stdlib | CVE-2025-22866 | MEDIUM | v1.23.5 | 1.22.12, 1.23.6, 1.24.0-rc.3 | https://access.redhat.com/security/cve/CVE-2025-22866 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://www.cve.org/CVERecord?id=CVE-2025-22866 |
No Misconfigurations found |
cnb/buildpacks/paketo-buildpacks_bundle-install/0.8.14/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_bundler/0.8.25/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_ca-certificates/3.8.5/bin/helper (gobinary)¶
cnb/buildpacks/paketo-buildpacks_ca-certificates/3.8.5/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_ca-certificates/3.9.0/bin/helper (gobinary)¶
cnb/buildpacks/paketo-buildpacks_ca-certificates/3.9.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_clojure-tools/2.14.3/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_conda-env-update/0.7.14/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_cpython/1.13.21/bin/env (gobinary)¶
cnb/buildpacks/paketo-buildpacks_cpython/1.13.21/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_datadog/5.28.2/bin/helper (gobinary)¶
cnb/buildpacks/paketo-buildpacks_datadog/5.28.2/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_dist-zip/5.9.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_dotnet-core-aspnet-runtime/1.0.5/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_dotnet-core-sdk/1.0.5/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_dotnet-execute/1.0.5/bin/port-chooser (gobinary)¶
cnb/buildpacks/paketo-buildpacks_dotnet-execute/1.0.5/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_dotnet-publish/1.0.3/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_encrypt-at-rest/4.8.5/bin/helper (gobinary)¶
cnb/buildpacks/paketo-buildpacks_encrypt-at-rest/4.8.5/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_environment-variables/4.7.2/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_environment-variables/4.8.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_executable-jar/6.12.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_git/1.0.32/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_go-build/2.2.21/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_go-dist/2.6.13/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_go-mod-vendor/1.0.49/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_google-stackdriver/9.3.1/bin/helper (gobinary)¶
cnb/buildpacks/paketo-buildpacks_google-stackdriver/9.3.1/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_gradle/7.16.1/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_httpd/0.7.39/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_icu/0.7.33/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_image-labels/4.7.2/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_image-labels/4.8.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_jattach/1.9.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_java-memory-assistant/1.7.0/bin/helper (gobinary)¶
cnb/buildpacks/paketo-buildpacks_java-memory-assistant/1.7.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_leiningen/4.11.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_liberty/5.0.0/bin/helper (gobinary)¶
Package | Vulnerability ID | Severity | Installed Version | Fixed Version | Links |
---|---|---|---|---|---|
stdlib | CVE-2025-22866 | MEDIUM | v1.23.5 | 1.22.12, 1.23.6, 1.24.0-rc.3 | https://access.redhat.com/security/cve/CVE-2025-22866 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://www.cve.org/CVERecord?id=CVE-2025-22866 |
No Misconfigurations found |
cnb/buildpacks/paketo-buildpacks_liberty/5.0.0/bin/main (gobinary)¶
Package | Vulnerability ID | Severity | Installed Version | Fixed Version | Links |
---|---|---|---|---|---|
stdlib | CVE-2025-22866 | MEDIUM | v1.23.5 | 1.22.12, 1.23.6, 1.24.0-rc.3 | https://access.redhat.com/security/cve/CVE-2025-22866 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://www.cve.org/CVERecord?id=CVE-2025-22866 |
No Misconfigurations found |
cnb/buildpacks/paketo-buildpacks_maven/6.19.2/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_miniconda/0.10.4/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_mri/0.17.15/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_native-image/5.15.0/bin/main (gobinary)¶
cnb/buildpacks/paketo-buildpacks_nginx/0.17.16/bin/configure (gobinary)¶
cnb/buildpacks/paketo-buildpacks_nginx/0.17.16/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/4.1.11/bin/inspector (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/4.1.11/bin/optimize-memory (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/4.1.11/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/5.1.3/bin/inspector (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/5.1.3/bin/optimize-memory (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/5.1.3/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/5.1.4/bin/inspector (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/5.1.4/bin/optimize-memory (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/5.1.4/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/5.2.2/bin/inspector (gobinary)¶
Package | Vulnerability ID | Severity | Installed Version | Fixed Version | Links |
---|---|---|---|---|---|
stdlib | CVE-2025-22866 | MEDIUM | v1.23.5 | 1.22.12, 1.23.6, 1.24.0-rc.3 | https://access.redhat.com/security/cve/CVE-2025-22866 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://www.cve.org/CVERecord?id=CVE-2025-22866 |
No Misconfigurations found |
cnb/buildpacks/paketo-buildpacks_node-engine/5.2.2/bin/optimize-memory (gobinary)¶
Package | Vulnerability ID | Severity | Installed Version | Fixed Version | Links |
---|---|---|---|---|---|
stdlib | CVE-2025-22866 | MEDIUM | v1.23.5 | 1.22.12, 1.23.6, 1.24.0-rc.3 | https://access.redhat.com/security/cve/CVE-2025-22866 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://www.cve.org/CVERecord?id=CVE-2025-22866 |
No Misconfigurations found |
cnb/buildpacks/paketo-buildpacks_node-engine/5.2.2/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-engine/5.2.3/bin/inspector (gobinary)¶
No Vulnerabilities found | |||||
---|---|---|---|---|---|
No Misconfigurations found |
cnb/buildpacks/paketo-buildpacks_node-engine/5.2.3/bin/optimize-memory (gobinary)¶
No Vulnerabilities found | |||||
---|---|---|---|---|---|
No Misconfigurations found |
cnb/buildpacks/paketo-buildpacks_node-engine/5.2.3/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-run-script/2.0.3/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-run-script/2.0.6/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_node-start/2.1.18/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_npm-install/1.6.8/bin/run (gobinary)¶
cnb/buildpacks/paketo-buildpacks_npm-install/1.6.8/bin/setup-symlinks (gobinary)¶
cnb/buildpacks/paketo-buildpacks_npm-install/1.8.2/bin/run (gobinary)¶
Package | Vulnerability ID | Severity | Installed Version | Fixed Version | Links |
---|---|---|---|---|---|
github.com/anchore/stereoscope | CVE-2024-24579 | MEDIUM | v0.0.0-20230412183729-8602f1afc574 | 0.0.1 | https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579 |
github.com/mholt/archiver/v3 | CVE-2024-0406 | MEDIUM | v3.5.1 | no fix available | https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406 |
No Misconfigurations found |
cnb/buildpacks/paketo-buildpacks_npm-install/1.8.2/bin/setup-symlinks (gobinary)¶
Package | Vulnerability ID | Severity | Installed Version | Fixed Version | Links |
---|---|---|---|---|---|
github.com/anchore/stereoscope | CVE-2024-24579 | MEDIUM | v0.0.0-20230412183729-8602f1afc574 | 0.0.1 | https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579 |
github.com/mholt/archiver/v3 | CVE-2024-0406 | MEDIUM | v3.5.1 | no fix available | https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406 |
No Misconfigurations found |