Skip to content

to be continuous

TF_IMAGE

registry.hub.docker.com/hashicorp/terraform:latest (alpine 3.21.3)¶

Trivy Image Scan

Image: registry.hub.docker.com/hashicorp/terraform:latest (alpine 3.21.3)
Scan date: 2025-04-18

registry.hub.docker.com/hashicorp/terraform:latest (alpine 3.21.3) (alpine)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
c-ares	CVE-2025-31498	HIGH	1.34.3-r0	1.34.5-r0	http://www.openwall.com/lists/oss-security/2025/04/08/3 https://access.redhat.com/security/cve/CVE-2025-31498 https://github.com/c-ares/c-ares/commit/29d38719112639d8c0ba910254a3dd4f482ea2d1 https://github.com/c-ares/c-ares/pull/821 https://github.com/c-ares/c-ares/security/advisories/GHSA-6hxc-62jh-p29v https://nvd.nist.gov/vuln/detail/CVE-2025-31498 https://www.cve.org/CVERecord?id=CVE-2025-31498
No Misconfigurations found

bin/terraform (gobinary)¶

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2025-22872	MEDIUM	v0.36.0	0.38.0	https://go.dev/cl/662715 https://go.dev/issue/73070 https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA https://nvd.nist.gov/vuln/detail/CVE-2025-22872 https://pkg.go.dev/vuln/GO-2025-3595
stdlib	CVE-2024-45336	MEDIUM	v1.23.3	1.22.11, 1.23.5, 1.24.0-rc.2	https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45336 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643100 https://go.dev/issue/70530 https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45336.html https://linux.oracle.com/errata/ELSA-2025-3772.html https://nvd.nist.gov/vuln/detail/CVE-2024-45336 https://pkg.go.dev/vuln/GO-2025-3420 https://security.netapp.com/advisory/ntap-20250221-0003/ https://www.cve.org/CVERecord?id=CVE-2024-45336
stdlib	CVE-2024-45341	MEDIUM	v1.23.3	1.22.11, 1.23.5, 1.24.0-rc.2	https://access.redhat.com/errata/RHSA-2025:3772 https://access.redhat.com/security/cve/CVE-2024-45341 https://bugzilla.redhat.com/2341750 https://bugzilla.redhat.com/2341751 https://errata.almalinux.org/8/ALSA-2025-3772.html https://go.dev/cl/643099 https://go.dev/issue/71156 https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ https://linux.oracle.com/cve/CVE-2024-45341.html https://linux.oracle.com/errata/ELSA-2025-3772.html https://nvd.nist.gov/vuln/detail/CVE-2024-45341 https://pkg.go.dev/vuln/GO-2025-3373 https://security.netapp.com/advisory/ntap-20250221-0004/ https://www.cve.org/CVERecord?id=CVE-2024-45341
stdlib	CVE-2025-22866	MEDIUM	v1.23.3	1.22.12, 1.23.6, 1.24.0-rc.3	https://access.redhat.com/security/cve/CVE-2025-22866 https://go.dev/cl/643735 https://go.dev/issue/71383 https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k https://nvd.nist.gov/vuln/detail/CVE-2025-22866 https://pkg.go.dev/vuln/GO-2025-3447 https://security.netapp.com/advisory/ntap-20250221-0002/ https://www.cve.org/CVERecord?id=CVE-2025-22866
stdlib	CVE-2025-22871	MEDIUM	v1.23.3	1.23.8, 1.24.2	http://www.openwall.com/lists/oss-security/2025/04/04/4 https://access.redhat.com/security/cve/CVE-2025-22871 https://go.dev/cl/652998 https://go.dev/issue/71988 https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk https://nvd.nist.gov/vuln/detail/CVE-2025-22871 https://pkg.go.dev/vuln/GO-2025-3563 https://www.cve.org/CVERecord?id=CVE-2025-22871
No Misconfigurations found