onlyati/assign-package.woodpecker
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages 2 Wiki Activity Actions

Vulnerability dashboard #6

New issue
Open
opened 2026-03-22 22:40:18 +00:00 by bot-ci · 0 comments
bot-ci commented 2026-03-22 22:40:18 +00:00
Collaborator
Copy link

This issue list updates about vulnerabilites that are detected by trivy.woodpecker plugin.

Summary

Severity Count
CRITICAL 0
HIGH 1
MEDIUM 1
LOW 1

Detected packages and vulnerabilites

Packages

code.thinkaboutit.tech/onlyati/assign-package.woodpecker:latest (debian 13.4):

Name Version
base-files 13.8+deb13u4
media-types 13.0.0
netbase 6.5
tzdata 2026a
tzdata-legacy 2026a

code.thinkaboutit.tech/onlyati/nodejs24-debian13:latest (debian 13.3):

Name Version
base-files 13.8+deb13u3
gcc-14-base 14.2.0
libc6 2.41
libgcc-s1 14.2.0
libgomp1 14.2.0
libssl3t64 3.5.4
libstdc++6 14.2.0
libzstd1 1.5.7+dfsg
media-types 13.0.0
netbase 6.5
tzdata 2025b
tzdata-legacy 2025b
zlib1g 1.3.dfsg+really1.3.1

go.mod:

Name Version
git.thinkaboutit.tech/pandora/assign-package.woodpecker

usr/local/bin/assign-package.woodpecker:

Name Version
git.thinkaboutit.tech/pandora/assign-package.woodpecker 1.0.3-SNAPSHOT-b1a9bbe
stdlib v1.26.1
Vulnerabilities

code.thinkaboutit.tech/onlyati/nodejs24-debian13:latest (debian 13.3):

Package Name Severity Installed version Fixed Version Status Link
libc6 HIGH 2.41-12+deb13u1 2.41-12+deb13u2 fixed CVE-2026-0861
libc6 MEDIUM 2.41-12+deb13u1 2.41-12+deb13u2 fixed CVE-2025-15281
libc6 MEDIUM 2.41-12+deb13u1 2.41-12+deb13u2 fixed CVE-2026-0915
libc6 LOW 2.41-12+deb13u1 affected CVE-2010-4756
libc6 LOW 2.41-12+deb13u1 affected CVE-2018-20796
libc6 LOW 2.41-12+deb13u1 affected CVE-2019-1010022
libc6 LOW 2.41-12+deb13u1 affected CVE-2019-1010023
libc6 LOW 2.41-12+deb13u1 affected CVE-2019-1010024
libc6 LOW 2.41-12+deb13u1 affected CVE-2019-1010025
libc6 LOW 2.41-12+deb13u1 affected CVE-2019-9192
libssl3t64 LOW 3.5.4-1~deb13u2 affected CVE-2026-2673
zlib1g MEDIUM 1:1.3.dfsg+really1.3.1-1+b1 affected CVE-2026-27171
This issue list updates about vulnerabilites that are detected by [trivy.woodpecker](https://code.thinkaboutit.tech/pandora/trivy.woodpecker) plugin. ## Summary | Severity | Count | | -------- | ----- | | CRITICAL | 0 | | HIGH | 1 | | MEDIUM | 1 | | LOW | 1 | ## Detected packages and vulnerabilites <details><summary>Packages</summary> **code.thinkaboutit.tech/onlyati/assign-package.woodpecker:latest (debian 13.4)**: | Name | Version | | ---- | ------- | | base-files | 13.8+deb13u4 | | media-types | 13.0.0 | | netbase | 6.5 | | tzdata | 2026a | | tzdata-legacy | 2026a | **code.thinkaboutit.tech/onlyati/nodejs24-debian13:latest (debian 13.3)**: | Name | Version | | ---- | ------- | | base-files | 13.8+deb13u3 | | gcc-14-base | 14.2.0 | | libc6 | 2.41 | | libgcc-s1 | 14.2.0 | | libgomp1 | 14.2.0 | | libssl3t64 | 3.5.4 | | libstdc++6 | 14.2.0 | | libzstd1 | 1.5.7+dfsg | | media-types | 13.0.0 | | netbase | 6.5 | | tzdata | 2025b | | tzdata-legacy | 2025b | | zlib1g | 1.3.dfsg+really1.3.1 | **go.mod**: | Name | Version | | ---- | ------- | | git.thinkaboutit.tech/pandora/assign-package.woodpecker | | **usr/local/bin/assign-package.woodpecker**: | Name | Version | | ---- | ------- | | git.thinkaboutit.tech/pandora/assign-package.woodpecker | 1.0.3-SNAPSHOT-b1a9bbe | | stdlib | v1.26.1 | </details> <details><summary>Vulnerabilities</summary> **code.thinkaboutit.tech/onlyati/nodejs24-debian13:latest (debian 13.3)**: | Package Name | Severity | Installed version | Fixed Version | Status | Link | | ------------ | -------- | ----------------- | ------------- | ------ | ---- | | libc6 | HIGH | 2.41-12+deb13u1 | 2.41-12+deb13u2 | fixed | [CVE-2026-0861](https://avd.aquasec.com/nvd/cve-2026-0861) | | libc6 | MEDIUM | 2.41-12+deb13u1 | 2.41-12+deb13u2 | fixed | [CVE-2025-15281](https://avd.aquasec.com/nvd/cve-2025-15281) | | libc6 | MEDIUM | 2.41-12+deb13u1 | 2.41-12+deb13u2 | fixed | [CVE-2026-0915](https://avd.aquasec.com/nvd/cve-2026-0915) | | libc6 | LOW | 2.41-12+deb13u1 | | affected | [CVE-2010-4756](https://avd.aquasec.com/nvd/cve-2010-4756) | | libc6 | LOW | 2.41-12+deb13u1 | | affected | [CVE-2018-20796](https://avd.aquasec.com/nvd/cve-2018-20796) | | libc6 | LOW | 2.41-12+deb13u1 | | affected | [CVE-2019-1010022](https://avd.aquasec.com/nvd/cve-2019-1010022) | | libc6 | LOW | 2.41-12+deb13u1 | | affected | [CVE-2019-1010023](https://avd.aquasec.com/nvd/cve-2019-1010023) | | libc6 | LOW | 2.41-12+deb13u1 | | affected | [CVE-2019-1010024](https://avd.aquasec.com/nvd/cve-2019-1010024) | | libc6 | LOW | 2.41-12+deb13u1 | | affected | [CVE-2019-1010025](https://avd.aquasec.com/nvd/cve-2019-1010025) | | libc6 | LOW | 2.41-12+deb13u1 | | affected | [CVE-2019-9192](https://avd.aquasec.com/nvd/cve-2019-9192) | | libssl3t64 | LOW | 3.5.4-1~deb13u2 | | affected | [CVE-2026-2673](https://avd.aquasec.com/nvd/cve-2026-2673) | | zlib1g | MEDIUM | 1:1.3.dfsg+really1.3.1-1+b1 | | affected | [CVE-2026-27171](https://avd.aquasec.com/nvd/cve-2026-27171) | </details>
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
onlyati-patch-1
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
onlyati/assign-package.woodpecker#6
No description provided.