Search:
| Image | Mirrored | Release | Binary/Package | Dependency | Vulnerability ID (CVE) | Severity | Status | Justification (for status not affected) | Type (language or OS) |
|---|---|---|---|---|---|---|---|---|---|
| quay.io/stackstate/hbase-master:2.5-7.13.17 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| quay.io/stackstate/hbase-master:2.5-7.13.17 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| quay.io/stackstate/hbase-master:2.5-7.13.17 | false | Observability v2.7 dev | Java | io.netty:netty-codec-http2@4.1.123.Final | CVE-2025-55163 | HIGH | affected | jar | |
| quay.io/stackstate/hbase-master:2.5-7.13.17 | false | Observability v2.7 dev | Java | io.netty:netty-codec-smtp@4.1.123.Final | CVE-2025-59419 | HIGH | affected | jar | |
| quay.io/stackstate/hbase-regionserver:2.5-7.13.17 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| quay.io/stackstate/hbase-regionserver:2.5-7.13.17 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| quay.io/stackstate/hbase-regionserver:2.5-7.13.17 | false | Observability v2.7 dev | Java | io.netty:netty-codec-http2@4.1.123.Final | CVE-2025-55163 | HIGH | affected | jar | |
| quay.io/stackstate/hbase-regionserver:2.5-7.13.17 | false | Observability v2.7 dev | Java | io.netty:netty-codec-smtp@4.1.123.Final | CVE-2025-59419 | HIGH | affected | jar | |
| quay.io/stackstate/stackgraph-console:2.5-7.13.17 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| quay.io/stackstate/stackgraph-console:2.5-7.13.17 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| quay.io/stackstate/stackgraph-console:2.5-7.13.17 | false | Observability v2.7 dev | Java | io.netty:netty-codec-http2@4.1.121.Final | CVE-2025-55163 | HIGH | affected | jar | |
| quay.io/stackstate/stackgraph-console:2.5-7.13.17 | false | Observability v2.7 dev | Java | io.netty:netty-codec-smtp@4.1.121.Final | CVE-2025-59419 | HIGH | affected | jar | |
| quay.io/stackstate/stackgraph-hbase:2.5-7.13.17 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| quay.io/stackstate/stackgraph-hbase:2.5-7.13.17 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| quay.io/stackstate/stackgraph-hbase:2.5-7.13.17 | false | Observability v2.7 dev | Java | io.netty:netty-codec-http2@4.1.123.Final | CVE-2025-55163 | HIGH | affected | jar | |
| quay.io/stackstate/stackgraph-hbase:2.5-7.13.17 | false | Observability v2.7 dev | Java | io.netty:netty-codec-smtp@4.1.123.Final | CVE-2025-59419 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260120082832-master-71580a5 | false | Observability v2.7 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | Java | com.squareup.okhttp3:okhttp@3.12.12 | CVE-2021-0341 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | Java | io.netty:netty-codec-http2@4.1.121.Final | CVE-2025-55163 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | Java | io.netty:netty-codec-smtp@4.1.121.Final | CVE-2025-59419 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260120082832-master-71580a5-2.5 | false | Observability v2.7 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/tephra-server:2.5-7.13.17 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| quay.io/stackstate/tephra-server:2.5-7.13.17 | false | Observability v2.7 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| quay.io/stackstate/tephra-server:2.5-7.13.17 | false | Observability v2.7 dev | Java | io.netty:netty-codec-http2@4.1.123.Final | CVE-2025-55163 | HIGH | affected | jar | |
| quay.io/stackstate/tephra-server:2.5-7.13.17 | false | Observability v2.7 dev | Java | io.netty:netty-codec-smtp@4.1.123.Final | CVE-2025-59419 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-58183 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | usr/local/bin/supercronic | stdlib@v1.25.3 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | usr/local/bin/supercronic | stdlib@v1.25.3 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/clickhouse:25.9.5-85835861-137 | false | Observability v2.7 dev | gpgv | gpgv@2.2.27-3ubuntu2.4 | CVE-2025-68973 | HIGH | affected | ubuntu | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | containerd | containerd@1.7.27-150000.123.1 | SUSE-SU-2025:4288-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | glib2-tools | glib2-tools@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | go1.25 | go1.25@1.25.3-150000.1.19.1 | SUSE-SU-2025:4336-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | libgio-2_0-0 | libgio-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | libgmodule-2_0-0 | libgmodule-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | libgobject-2_0-0 | libgobject-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/helm | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/helm | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/kubectl | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/kubectl | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/mc | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/mc | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/sts | stdlib@v1.24.10 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/sts | stdlib@v1.24.10 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/elasticsearch:8.19.4-8fb32031 | false | Observability v2.7 dev | gpgv | gpgv@2.4.4-2ubuntu17.3 | CVE-2025-68973 | HIGH | affected | ubuntu | |
| registry.rancher.com/suse-observability/elasticsearch:8.19.4-8fb32031 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/elasticsearch:8.19.4-8fb32031 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/envoy:v1.31.1-92f410cd | false | Observability v2.7 dev | gpgv | gpgv@2.2.27-3ubuntu2.4 | CVE-2025-68973 | HIGH | affected | ubuntu | |
| registry.rancher.com/suse-observability/hadoop:3.4.2-java21-8-5e4f83b6 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.7.1 | CVE-2025-12183 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hadoop:3.4.2-java21-8-5e4f83b6 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.7.1 | CVE-2025-66566 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/jmx-exporter:0.20.0-d19cf0ff-182 | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/jmx-exporter:0.20.0-d19cf0ff-182 | false | Observability v2.7 dev | libpng16-16 | libpng16-16@1.6.40-150600.1.3 | SUSE-SU-2025:4494-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/kafka:3.9.1-4e2ea587-187 | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/kafka:3.9.1-4e2ea587-187 | false | Observability v2.7 dev | libpng16-16 | libpng16-16@1.6.40-150600.1.3 | SUSE-SU-2025:4494-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/kafka:3.9.1-4e2ea587-187 | false | Observability v2.7 dev | Java | commons-beanutils:commons-beanutils@1.9.4 | CVE-2025-48734 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/kafka:3.9.1-4e2ea587-187 | false | Observability v2.7 dev | Java | org.bitbucket.b_c:jose4j@0.9.4 | CVE-2024-29371 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/kafka:3.9.1-4e2ea587-187 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/kafka:3.9.1-4e2ea587-187 | false | Observability v2.7 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.7 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-58183 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.7 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.7 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.7 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.7 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/minio:RELEASE.2025-11-19T12-41-50Z-15bb6f44-162 | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/minio:RELEASE.2025-11-19T12-41-50Z-15bb6f44-162 | false | Observability v2.7 dev | usr/bin/minio | github.com/coredns/coredns@v1.12.4 | CVE-2025-68151 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/minio:RELEASE.2025-11-19T12-41-50Z-15bb6f44-162 | false | Observability v2.7 dev | usr/bin/minio | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/minio:RELEASE.2025-11-19T12-41-50Z-15bb6f44-162 | false | Observability v2.7 dev | usr/bin/minio | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/nginx-prometheus-exporter:1.5.1-f5b5d433-31 | false | Observability v2.7 dev | usr/bin/nginx-prometheus-exporter | stdlib@v1.25.3 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/nginx-prometheus-exporter:1.5.1-f5b5d433-31 | false | Observability v2.7 dev | usr/bin/nginx-prometheus-exporter | stdlib@v1.25.3 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.175 | false | Observability v2.7 dev | glib2-tools | glib2-tools@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.175 | false | Observability v2.7 dev | libgio-2_0-0 | libgio-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.175 | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.175 | false | Observability v2.7 dev | libgmodule-2_0-0 | libgmodule-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.175 | false | Observability v2.7 dev | libgobject-2_0-0 | libgobject-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.175 | false | Observability v2.7 dev | Python | jaraco.context@5.3.0 | GHSA-58pv-8j8x-9vj2 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.175 | false | Observability v2.7 dev | Python | pyasn1@0.6.1 | CVE-2026-23490 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.175 | false | Observability v2.7 dev | Python | urllib3@1.26.19 | CVE-2025-66418 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.175 | false | Observability v2.7 dev | Python | urllib3@1.26.19 | CVE-2025-66471 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.175 | false | Observability v2.7 dev | Python | urllib3@1.26.19 | CVE-2026-21441 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/sts-opentelemetry-collector:v0.0.25 | false | Observability v2.7 dev | usr/bin/sts-opentelemetry-collector | github.com/expr-lang/expr@v1.17.6 | CVE-2025-68156 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | github.com/sirupsen/logrus@v1.6.0 | CVE-2025-65637 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-24790 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-39325 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-45283 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-45288 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-29409 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-39326 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-45289 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-45290 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-24783 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/wait:1.0.11-04b49abf | false | Observability v2.7 dev | sudo | sudo@1.9.16_p2-r0 | CVE-2025-32462 | HIGH | affected | alpine | |
| registry.rancher.com/suse-observability/wait:1.0.11-04b49abf | false | Observability v2.7 dev | sudo | sudo@1.9.16_p2-r0 | CVE-2025-32463 | HIGH | affected | alpine | |
| registry.rancher.com/suse-observability/workload-observer:53fa70d5 | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/zookeeper:3.9.3-eda4e09e-204 | false | Observability v2.7 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.16.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/zookeeper:3.9.3-eda4e09e-204 | false | Observability v2.7 dev | libpng16-16 | libpng16-16@1.6.40-150600.1.3 | SUSE-SU-2025:4494-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/zookeeper:3.9.3-eda4e09e-204 | false | Observability v2.7 dev | Java | io.netty:netty-handler@4.1.113.Final | CVE-2025-24970 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/zookeeper:3.9.3-eda4e09e-204 | false | Observability v2.7 dev | Java | org.eclipse.jetty:jetty-server@9.4.56.v20240826 | CVE-2024-13009 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | bin/clickhouse-backup | github.com/nwaples/rardecode/v2@v2.1.1 | CVE-2025-11579 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | bin/clickhouse-backup | golang.org/x/crypto@v0.42.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | bin/clickhouse-backup | golang.org/x/crypto@v0.42.0 | CVE-2025-58181 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/clickhouse-backup:2.6.39-d0d7ba46-65 | false | Observability v2.7 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-61725 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/helm | golang.org/x/crypto@v0.43.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/helm | golang.org/x/crypto@v0.43.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/yq | stdlib@v1.25.4 | CVE-2025-61729 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.1-bci | false | Observability v2.7 dev | usr/local/bin/yq | stdlib@v1.25.4 | CVE-2025-61727 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | golang.org/x/crypto@v0.21.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | golang.org/x/crypto@v0.21.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | golang.org/x/net@v0.23.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | golang.org/x/oauth2@v0.16.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61724 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/elasticsearch-exporter:v1.8.0-d2aa61ab | false | Observability v2.7 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/minio:RELEASE.2025-11-19T12-41-50Z-15bb6f44-162 | false | Observability v2.7 dev | usr/bin/minio | golang.org/x/crypto@v0.41.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/minio:RELEASE.2025-11-19T12-41-50Z-15bb6f44-162 | false | Observability v2.7 dev | usr/bin/minio | golang.org/x/crypto@v0.41.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/minio:RELEASE.2025-11-19T12-41-50Z-15bb6f44-162 | false | Observability v2.7 dev | usr/bin/minio | gopkg.in/square/go-jose.v2@v2.6.0 | CVE-2024-28180 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/nginx-prometheus-exporter:1.5.1-f5b5d433-31 | false | Observability v2.7 dev | usr/bin/nginx-prometheus-exporter | golang.org/x/crypto@v0.42.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/nginx-prometheus-exporter:1.5.1-f5b5d433-31 | false | Observability v2.7 dev | usr/bin/nginx-prometheus-exporter | golang.org/x/crypto@v0.42.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | golang.org/x/net@v0.34.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | golang.org/x/net@v0.34.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | golang.org/x/oauth2@v0.25.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61724 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/victoria-metrics:v1.109.0-accea47f | false | Observability v2.7 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | golang.org/x/net@v0.34.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | golang.org/x/net@v0.34.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | golang.org/x/oauth2@v0.25.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61724 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmagent:v1.109.0-e6dc53fb | false | Observability v2.7 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | google.golang.org/protobuf@v1.30.0 | CVE-2024-24786 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-34156 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-39318 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-39319 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-45284 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-24784 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-24785 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-24789 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-34155 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-34158 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | github.com/golang-jwt/jwt/v5@v5.2.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | golang.org/x/net@v0.34.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | golang.org/x/net@v0.34.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | golang.org/x/oauth2@v0.25.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61724 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmbackup:v1.109.0-4c7c50f9 | false | Observability v2.7 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | github.com/golang-jwt/jwt/v5@v5.2.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | golang.org/x/net@v0.34.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | golang.org/x/net@v0.34.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | golang.org/x/oauth2@v0.25.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61724 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/vmrestore:v1.109.0-4af7dbf5 | false | Observability v2.7 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |