Vulnerability dashboard #6

New issue

Open

opened 2026-03-23 18:27:16 +00:00 by bot-ci · 0 comments

bot-ci commented

2026-03-23 18:27:16 +00:00

Owner

This issue list updates about vulnerabilities that are detected by trivy.woodpecker plugin.

Summary

Severity	Count
CRITICAL	0
HIGH	1
MEDIUM	2
LOW	0
UNKNOWN	0

Detected packages and vulnerabilities

Packages

code.thinkaboutit.tech/pandora/assign-package.woodpecker:latest (debian 13.5)

code.thinkaboutit.tech/pandora/assign-package.woodpecker:latest

Name	Version
base-files	13.8+deb13u5
media-types	13.0.0
netbase	6.5
tzdata	2026b
tzdata-legacy	2026b

go.mod

https://code.thinkaboutit.tech/pandora/assign-package.woodpecker

Name	Version
code.thinkaboutit.tech/pandora/assign-package.woodpecker
code.thinkaboutit.tech/pandora/woodpecker-utils.gopack	v1.4.0
github.com/davecgh/go-spew	v1.1.1
github.com/pmezard/go-difflib	v1.0.0
github.com/stretchr/testify	v1.11.1
gopkg.in/yaml.v3	v3.0.1

usr/local/bin/assign-package.woodpecker

code.thinkaboutit.tech/pandora/assign-package.woodpecker:latest

Name	Version
code.thinkaboutit.tech/pandora/assign-package.woodpecker	1.1.4-SNAPSHOT-fb92818
stdlib	v1.26.3
code.thinkaboutit.tech/pandora/woodpecker-utils.gopack	v1.4.0

Vulnerabilities

usr/local/bin/assign-package.woodpecker

code.thinkaboutit.tech/pandora/assign-package.woodpecker:latest

Package Name	Severity	Installed version	Fixed Version	Status	Link
stdlib	HIGH	v1.26.3	1.25.11, 1.26.4	fixed	CVE-2026-42504
stdlib	MEDIUM	v1.26.3	1.25.11, 1.26.4	fixed	CVE-2026-27145
stdlib	MEDIUM	v1.26.3	1.25.11, 1.26.4	fixed	CVE-2026-42507

This issue list updates about vulnerabilities that are detected by [trivy.woodpecker](https://code.thinkaboutit.tech/pandora/trivy.woodpecker) plugin. ## Summary | Severity | Count | | -------- | ----- | | CRITICAL | 0 | | HIGH | 1 | | MEDIUM | 2 | | LOW | 0 | | UNKNOWN | 0 | ## Detected packages and vulnerabilities <details><summary>Packages</summary> ### code.thinkaboutit.tech/pandora/assign-package.woodpecker:latest (debian 13.5) **code.thinkaboutit.tech/pandora/assign-package.woodpecker:latest** | Name | Version | | ---- | ------- | | base-files | 13.8+deb13u5 | | media-types | 13.0.0 | | netbase | 6.5 | | tzdata | 2026b | | tzdata-legacy | 2026b | ### go.mod **https://code.thinkaboutit.tech/pandora/assign-package.woodpecker** | Name | Version | | ---- | ------- | | code.thinkaboutit.tech/pandora/assign-package.woodpecker | | | code.thinkaboutit.tech/pandora/woodpecker-utils.gopack | v1.4.0 | | github.com/davecgh/go-spew | v1.1.1 | | github.com/pmezard/go-difflib | v1.0.0 | | github.com/stretchr/testify | v1.11.1 | | gopkg.in/yaml.v3 | v3.0.1 | ### usr/local/bin/assign-package.woodpecker **code.thinkaboutit.tech/pandora/assign-package.woodpecker:latest** | Name | Version | | ---- | ------- | | code.thinkaboutit.tech/pandora/assign-package.woodpecker | 1.1.4-SNAPSHOT-fb92818 | | stdlib | v1.26.3 | | code.thinkaboutit.tech/pandora/woodpecker-utils.gopack | v1.4.0 | </details> <details><summary>Vulnerabilities</summary> ### usr/local/bin/assign-package.woodpecker **code.thinkaboutit.tech/pandora/assign-package.woodpecker:latest** | Package Name | Severity | Installed version | Fixed Version | Status | Link | | ------------ | -------- | ----------------- | ------------- | ------ | ---- | | stdlib | HIGH | v1.26.3 | 1.25.11, 1.26.4 | fixed | [CVE-2026-42504](https://avd.aquasec.com/nvd/cve-2026-42504) | | stdlib | MEDIUM | v1.26.3 | 1.25.11, 1.26.4 | fixed | [CVE-2026-27145](https://avd.aquasec.com/nvd/cve-2026-27145) | | stdlib | MEDIUM | v1.26.3 | 1.25.11, 1.26.4 | fixed | [CVE-2026-42507](https://avd.aquasec.com/nvd/cve-2026-42507) | </details>

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

pandora/assign-package.woodpecker#6

No description provided.

Rows
Columns