Search:
| Image | Mirrored | Release | Binary/Package | Dependency | Vulnerability ID (CVE) | Severity | Status | Justification (for status not affected) | Type (language or OS) |
|---|---|---|---|---|---|---|---|---|---|
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-58183 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | usr/local/bin/supercronic | stdlib@v1.25.3 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | usr/local/bin/supercronic | stdlib@v1.25.3 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | usr/local/bin/supercronic | stdlib@v1.25.3 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | usr/local/bin/supercronic | stdlib@v1.25.3 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | usr/local/bin/supercronic | stdlib@v1.25.3 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.2 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.2 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/elasticsearch:8.19.4-c4527168-release-206 | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/hadoop:3.4.2-java21-8-aef270ee-release-359 | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/hadoop:3.4.2-java21-8-aef270ee-release-359 | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/hadoop:3.4.2-java21-8-aef270ee-release-359 | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/hadoop:3.4.2-java21-8-aef270ee-release-359 | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/hadoop:3.4.2-java21-8-aef270ee-release-359 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/hadoop:3.4.2-java21-8-aef270ee-release-359 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/hadoop:3.4.2-java21-8-aef270ee-release-359 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/hadoop:3.4.2-java21-8-aef270ee-release-359 | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.7.1 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/hadoop:3.4.2-java21-8-aef270ee-release-359 | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.7.1 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/jmx-exporter:0.20.0-58a72255-279-release | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/jmx-exporter:0.20.0-58a72255-279-release | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/jmx-exporter:0.20.0-58a72255-279-release | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/jmx-exporter:0.20.0-58a72255-279-release | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/jmx-exporter:0.20.0-58a72255-279-release | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/kafka:3.9.1-2f5d8989-278-release | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/kafka:3.9.1-2f5d8989-278-release | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/kafka:3.9.1-2f5d8989-278-release | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/kafka:3.9.1-2f5d8989-278-release | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/kafka:3.9.1-2f5d8989-278-release | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/kafka:3.9.1-2f5d8989-278-release | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.16.2 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/kafka:3.9.1-2f5d8989-278-release | false | Observability v2.8 dev | Java | commons-beanutils:commons-beanutils@1.9.4 | CVE-2025-48734 | HIGH | affected | jar | |
| quay.io/stackstate/kafka:3.9.1-2f5d8989-278-release | false | Observability v2.8 dev | Java | org.bitbucket.b_c:jose4j@0.9.4 | CVE-2024-29371 | HIGH | affected | jar | |
| quay.io/stackstate/kafka:3.9.1-2f5d8989-278-release | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/kafka:3.9.1-2f5d8989-278-release | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | github.com/coredns/coredns@v1.12.4 | CVE-2026-26017 | HIGH | affected | gobinary | |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | github.com/coredns/coredns@v1.12.4 | CVE-2026-26018 | HIGH | affected | gobinary | |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | github.com/coredns/coredns@v1.12.4 | CVE-2025-68151 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | stdlib@v1.24.9 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | stdlib@v1.24.9 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | stdlib@v1.24.9 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/nginx-prometheus-exporter:1.5.1-fdbee6c2-87-release | false | Observability v2.8 dev | usr/bin/nginx-prometheus-exporter | stdlib@v1.25.3 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/nginx-prometheus-exporter:1.5.1-fdbee6c2-87-release | false | Observability v2.8 dev | usr/bin/nginx-prometheus-exporter | stdlib@v1.25.3 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/nginx-prometheus-exporter:1.5.1-fdbee6c2-87-release | false | Observability v2.8 dev | usr/bin/nginx-prometheus-exporter | stdlib@v1.25.3 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/nginx-prometheus-exporter:1.5.1-fdbee6c2-87-release | false | Observability v2.8 dev | usr/bin/nginx-prometheus-exporter | stdlib@v1.25.3 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/nginx-prometheus-exporter:1.5.1-fdbee6c2-87-release | false | Observability v2.8 dev | usr/bin/nginx-prometheus-exporter | stdlib@v1.25.3 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.20.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | github.com/docker/cli@v26.0.1+incompatible | CVE-2025-15558 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61728 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-correlate:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.20.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | github.com/docker/cli@v26.0.1+incompatible | CVE-2025-15558 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61728 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-kafka-to-es:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.20.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | github.com/docker/cli@v26.0.1+incompatible | CVE-2025-15558 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61728 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-receiver:7.0.0-snapshot.20260306144508-master-9f992fe | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.2 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.20.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | com.squareup.okhttp3:okhttp@3.12.12 | CVE-2021-0341 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | io.netty:netty-codec-http2@4.1.121.Final | CVE-2025-55163 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | io.netty:netty-codec-smtp@4.1.121.Final | CVE-2025-59419 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | net.jpountz.lz4:lz4@1.3.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-12183 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | Java | org.lz4:lz4-java@1.8.0 | CVE-2025-66566 | HIGH | affected | jar | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | usr/bin/sts-toolbox | github.com/docker/cli@v26.0.1+incompatible | CVE-2025-15558 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61728 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/stackstate-server:7.0.0-snapshot.20260306144508-master-9f992fe-2.5 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | github.com/sirupsen/logrus@v1.6.0 | CVE-2025-65637 | HIGH | affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-24790 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-39325 | HIGH | affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-45283 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-45288 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-29409 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-39326 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-45289 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-45290 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-24783 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61729 | HIGH | affected | gobinary | |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| quay.io/stackstate/zookeeper:3.9.3-352e04a1-283-release | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/zookeeper:3.9.3-352e04a1-283-release | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/zookeeper:3.9.3-352e04a1-283-release | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/zookeeper:3.9.3-352e04a1-283-release | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/zookeeper:3.9.3-352e04a1-283-release | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| quay.io/stackstate/zookeeper:3.9.3-352e04a1-283-release | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.2 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| quay.io/stackstate/zookeeper:3.9.3-352e04a1-283-release | false | Observability v2.8 dev | Java | io.netty:netty-handler@4.1.113.Final | CVE-2025-24970 | HIGH | affected | jar | |
| quay.io/stackstate/zookeeper:3.9.3-352e04a1-283-release | false | Observability v2.8 dev | Java | org.eclipse.jetty:jetty-server@9.4.56.v20240826 | CVE-2024-13009 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | libpython3_6m1_0 | libpython3_6m1_0@3.6.15-150300.10.103.1 | SUSE-SU-2026:0664-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | python3-base | python3-base@3.6.15-150300.10.103.1 | SUSE-SU-2026:0664-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | Python | wheel@0.45.1 | CVE-2026-24049 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/bin/sts-toolbox | github.com/docker/cli@v26.0.1+incompatible | CVE-2025-15558 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61728 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/bin/sts-toolbox | stdlib@v1.24.9 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/helm | stdlib@v1.25.6 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/kubectl | stdlib@v1.24.9 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/kubectl | stdlib@v1.24.9 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/kubectl | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/kubectl | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/kubectl | stdlib@v1.24.9 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/mc | stdlib@v1.24.9 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/mc | stdlib@v1.24.9 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/mc | stdlib@v1.24.9 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/mc | stdlib@v1.24.9 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/mc | stdlib@v1.24.9 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/sts | stdlib@v1.24.10 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/sts | stdlib@v1.24.10 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/sts | stdlib@v1.24.10 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/sts | stdlib@v1.24.10 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/sts | stdlib@v1.24.10 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | glibc | glibc@2.38-150600.14.37.1 | SUSE-SU-2026:0371-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | gpg2 | gpg2@2.4.4-150600.3.12.1 | SUSE-SU-2026:0434-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | java-21-openjdk | java-21-openjdk@21.0.9.0-150600.3.18.2 | SUSE-SU-2026:0363-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | java-21-openjdk-headless | java-21-openjdk-headless@21.0.9.0-150600.3.18.2 | SUSE-SU-2026:0363-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.28.1 | SUSE-SU-2026:0373-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | libpng16-16 | libpng16-16@1.6.40-150600.3.6.1 | SUSE-SU-2026:0597-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.19.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | Java | io.netty:netty-codec-http2@4.1.123.Final | CVE-2025-55163 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-master:2.5-7.13.18 | false | Observability v2.8 dev | Java | io.netty:netty-codec-smtp@4.1.123.Final | CVE-2025-59419 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | glibc | glibc@2.38-150600.14.37.1 | SUSE-SU-2026:0371-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | gpg2 | gpg2@2.4.4-150600.3.12.1 | SUSE-SU-2026:0434-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | java-21-openjdk | java-21-openjdk@21.0.9.0-150600.3.18.2 | SUSE-SU-2026:0363-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | java-21-openjdk-headless | java-21-openjdk-headless@21.0.9.0-150600.3.18.2 | SUSE-SU-2026:0363-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.28.1 | SUSE-SU-2026:0373-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | libpng16-16 | libpng16-16@1.6.40-150600.3.6.1 | SUSE-SU-2026:0597-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.19.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | Java | io.netty:netty-codec-http2@4.1.123.Final | CVE-2025-55163 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/hbase-regionserver:2.5-7.13.18 | false | Observability v2.8 dev | Java | io.netty:netty-codec-smtp@4.1.123.Final | CVE-2025-59419 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.8 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.8 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-58183 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.8 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.8 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-61728 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.8 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-61729 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.8 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-47912 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.8 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-58188 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.8 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-61727 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/kafkaup-operator:0.0.6 | false | Observability v2.8 dev | kafkaup-operator | stdlib@v1.25.1 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | glib2-tools | glib2-tools@2.78.6-150600.4.22.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | glib2-tools | glib2-tools@2.78.6-150600.4.22.1 | SUSE-SU-2026:0373-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | glibc | glibc@2.38-150600.14.37.1 | SUSE-SU-2026:0371-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | gpg2 | gpg2@2.4.4-150600.3.9.1 | SUSE-SU-2026:0215-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | gpg2 | gpg2@2.4.4-150600.3.9.1 | SUSE-SU-2026:0434-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libgio-2_0-0 | libgio-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libgio-2_0-0 | libgio-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0373-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0373-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libgmodule-2_0-0 | libgmodule-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libgmodule-2_0-0 | libgmodule-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0373-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libgobject-2_0-0 | libgobject-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0018-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libgobject-2_0-0 | libgobject-2_0-0@2.78.6-150600.4.22.1 | SUSE-SU-2026:0373-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libopenssl-3-fips-provider | libopenssl-3-fips-provider@3.1.4-150600.5.39.1 | SUSE-SU-2026:0312-1 | CRITICAL | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libopenssl3 | libopenssl3@3.1.4-150600.5.39.1 | SUSE-SU-2026:0312-1 | CRITICAL | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | libpython3_11-1_0 | libpython3_11-1_0@3.11.14-150600.3.38.1 | SUSE-SU-2026:0767-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | openssl-3 | openssl-3@3.1.4-150600.5.39.1 | SUSE-SU-2026:0312-1 | CRITICAL | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | python311 | python311@3.11.14-150600.3.38.1 | SUSE-SU-2026:0767-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | python311-base | python311-base@3.11.14-150600.3.38.1 | SUSE-SU-2026:0767-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | python311-dbm | python311-dbm@3.11.14-150600.3.38.1 | SUSE-SU-2026:0767-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | python311-devel | python311-devel@3.11.14-150600.3.38.1 | SUSE-SU-2026:0767-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | python311-wheel | python311-wheel@0.42.0-150600.1.2 | SUSE-SU-2026:0424-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | Python | jaraco.context@5.3.0 | CVE-2026-23949 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | Python | urllib3@1.26.19 | CVE-2025-66418 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | Python | urllib3@1.26.19 | CVE-2025-66471 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | Python | urllib3@1.26.19 | CVE-2026-21441 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | Python | wheel@0.40.0 | CVE-2026-24049 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/spotlight:5.2.0-snapshot.179 | false | Observability v2.8 dev | Python | wheel@0.45.1 | CVE-2026-24049 | HIGH | affected | python-pkg | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | glibc | glibc@2.38-150600.14.37.1 | SUSE-SU-2026:0371-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | gpg2 | gpg2@2.4.4-150600.3.12.1 | SUSE-SU-2026:0434-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | java-21-openjdk | java-21-openjdk@21.0.9.0-150600.3.18.2 | SUSE-SU-2026:0363-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | java-21-openjdk-headless | java-21-openjdk-headless@21.0.9.0-150600.3.18.2 | SUSE-SU-2026:0363-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.28.1 | SUSE-SU-2026:0373-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | libpng16-16 | libpng16-16@1.6.40-150600.3.6.1 | SUSE-SU-2026:0597-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.15.2 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | Java | io.netty:netty-codec-http2@4.1.121.Final | CVE-2025-55163 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-console:2.5-7.13.18 | false | Observability v2.8 dev | Java | io.netty:netty-codec-smtp@4.1.121.Final | CVE-2025-59419 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | glibc | glibc@2.38-150600.14.37.1 | SUSE-SU-2026:0371-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | gpg2 | gpg2@2.4.4-150600.3.12.1 | SUSE-SU-2026:0434-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | java-21-openjdk | java-21-openjdk@21.0.9.0-150600.3.18.2 | SUSE-SU-2026:0363-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | java-21-openjdk-headless | java-21-openjdk-headless@21.0.9.0-150600.3.18.2 | SUSE-SU-2026:0363-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.28.1 | SUSE-SU-2026:0373-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | libpng16-16 | libpng16-16@1.6.40-150600.3.6.1 | SUSE-SU-2026:0597-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.19.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | Java | io.netty:netty-codec-http2@4.1.123.Final | CVE-2025-55163 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/stackgraph-hbase:2.5-7.13.18 | false | Observability v2.8 dev | Java | io.netty:netty-codec-smtp@4.1.123.Final | CVE-2025-59419 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/sts-opentelemetry-collector:v0.0.25 | false | Observability v2.8 dev | usr/bin/sts-opentelemetry-collector | github.com/expr-lang/expr@v1.17.6 | CVE-2025-68156 | HIGH | affected | gobinary | |
| registry.rancher.com/suse-observability/sts-opentelemetry-collector:v0.0.25 | false | Observability v2.8 dev | usr/bin/sts-opentelemetry-collector | stdlib@v1.25.5 | CVE-2025-68121 | HIGH*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/sts-opentelemetry-collector:v0.0.25 | false | Observability v2.8 dev | usr/bin/sts-opentelemetry-collector | stdlib@v1.25.5 | CVE-2025-61726 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/sts-opentelemetry-collector:v0.0.25 | false | Observability v2.8 dev | usr/bin/sts-opentelemetry-collector | stdlib@v1.25.5 | CVE-2025-61728 | MEDIUM*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/sts-opentelemetry-collector:v0.0.25 | false | Observability v2.8 dev | usr/bin/sts-opentelemetry-collector | stdlib@v1.25.5 | CVE-2025-61730 | LOW*Severity modified based on SUSE's CVE database and CVSS rating |
affected | gobinary | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | glibc | glibc@2.38-150600.14.37.1 | SUSE-SU-2026:0371-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | gpg2 | gpg2@2.4.4-150600.3.12.1 | SUSE-SU-2026:0434-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | java-21-openjdk | java-21-openjdk@21.0.9.0-150600.3.18.2 | SUSE-SU-2026:0363-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | java-21-openjdk-headless | java-21-openjdk-headless@21.0.9.0-150600.3.18.2 | SUSE-SU-2026:0363-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | libfreebl3 | libfreebl3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | libglib-2_0-0 | libglib-2_0-0@2.78.6-150600.4.28.1 | SUSE-SU-2026:0373-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | libpng16-16 | libpng16-16@1.6.40-150600.3.6.1 | SUSE-SU-2026:0597-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | libsoftokn3 | libsoftokn3@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss | mozilla-nss@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss-certs | mozilla-nss-certs@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | mozilla-nss-sysinit | mozilla-nss-sysinit@3.112.2-150400.3.60.1 | SUSE-SU-2026:0813-1 | HIGH | affected | sles | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.17.1 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.fasterxml.jackson.core:jackson-core@2.19.0 | GHSA-72hv-8253-57qq | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2021-22569 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | Java | com.google.protobuf:protobuf-java@2.5.0 | CVE-2024-7254 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | Java | io.netty:netty-codec-http2@4.1.123.Final | CVE-2025-55163 | HIGH | affected | jar | |
| registry.rancher.com/suse-observability/tephra-server:2.5-7.13.18 | false | Observability v2.8 dev | Java | io.netty:netty-codec-smtp@4.1.123.Final | CVE-2025-59419 | HIGH | affected | jar | |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | github.com/nwaples/rardecode/v2@v2.1.1 | CVE-2025-11579 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | go.opentelemetry.io/otel/sdk@v1.38.0 | CVE-2026-24051 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | golang.org/x/crypto@v0.42.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | golang.org/x/crypto@v0.42.0 | CVE-2025-58181 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | bin/clickhouse-backup | stdlib@v1.25.1 | CVE-2025-61725 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/clickhouse-backup:2.6.39-a7171eea-137-release | false | Observability v2.8 dev | usr/local/bin/supercronic | stdlib@v1.25.3 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | golang.org/x/crypto@v0.21.0 | CVE-2024-45337 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | golang.org/x/crypto@v0.21.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | golang.org/x/crypto@v0.21.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | golang.org/x/crypto@v0.21.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | golang.org/x/net@v0.23.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | golang.org/x/oauth2@v0.16.0 | CVE-2025-22868 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-22873 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61724 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/elasticsearch-exporter:v1.8.0-bf725da8-release-157 | false | Observability v2.8 dev | bin/elasticsearch_exporter | stdlib@v1.22.7 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | go.opentelemetry.io/otel/sdk@v1.37.0 | CVE-2026-24051 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | golang.org/x/crypto@v0.41.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | golang.org/x/crypto@v0.41.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | gopkg.in/square/go-jose.v2@v2.6.0 | CVE-2024-28180 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/minio:RELEASE.2025-11-19T12-41-50Z-e064c44f-183-release | false | Observability v2.8 dev | usr/bin/minio | stdlib@v1.24.9 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/nginx-prometheus-exporter:1.5.1-fdbee6c2-87-release | false | Observability v2.8 dev | usr/bin/nginx-prometheus-exporter | golang.org/x/crypto@v0.42.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/nginx-prometheus-exporter:1.5.1-fdbee6c2-87-release | false | Observability v2.8 dev | usr/bin/nginx-prometheus-exporter | golang.org/x/crypto@v0.42.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/nginx-prometheus-exporter:1.5.1-fdbee6c2-87-release | false | Observability v2.8 dev | usr/bin/nginx-prometheus-exporter | stdlib@v1.25.3 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | golang.org/x/net@v0.34.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | golang.org/x/net@v0.34.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | golang.org/x/oauth2@v0.25.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-22873 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61724 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/victoria-metrics:v1.109.0-9bebf8bd-release-143 | false | Observability v2.8 dev | victoria-metrics-prod | stdlib@v1.23.4 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | golang.org/x/net@v0.34.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | golang.org/x/net@v0.34.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | golang.org/x/oauth2@v0.25.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-22873 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61724 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmagent:v1.109.0-cbe73f5f-release-137 | false | Observability v2.8 dev | vmagent-prod | stdlib@v1.23.4 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | google.golang.org/protobuf@v1.30.0 | CVE-2024-24786 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-34156 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-39318 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-39319 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2023-45284 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-24784 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-24785 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-24789 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-34155 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2024-34158 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-22873 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | usr/local/bin/supercronic-linux-amd64 | stdlib@v1.20.5 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | github.com/golang-jwt/jwt/v5@v5.2.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | go.opentelemetry.io/otel/sdk@v1.33.0 | CVE-2026-24051 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | golang.org/x/net@v0.34.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | golang.org/x/net@v0.34.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | golang.org/x/oauth2@v0.25.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-22873 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61724 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmbackup:v1.109.0-3cb9d6ad-release-53 | false | Observability v2.8 dev | vmbackup-prod | stdlib@v1.23.4 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | github.com/golang-jwt/jwt/v5@v5.2.1 | CVE-2025-30204 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | go.opentelemetry.io/otel/sdk@v1.33.0 | CVE-2026-24051 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-22869 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-47914 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | golang.org/x/crypto@v0.32.0 | CVE-2025-58181 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | golang.org/x/net@v0.34.0 | CVE-2025-22870 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | golang.org/x/net@v0.34.0 | CVE-2025-22872 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | golang.org/x/oauth2@v0.25.0 | CVE-2025-22868 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-47907 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-58183 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-22873 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61724 | none | not affected | vulnerable code not in execute path | gobinary |
| quay.io/stackstate/vmrestore:v1.109.0-d1e2ca0c-release-40 | false | Observability v2.8 dev | vmrestore-prod | stdlib@v1.23.4 | CVE-2025-61725 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/kubectl | stdlib@v1.24.9 | CVE-2025-61728 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/mc | stdlib@v1.24.9 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/sts | stdlib@v1.24.10 | CVE-2025-61728 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/yq | stdlib@v1.25.4 | CVE-2025-68121 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/yq | stdlib@v1.25.4 | CVE-2025-61726 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/yq | stdlib@v1.25.4 | CVE-2025-61728 | none | not affected | vulnerable code not present | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/yq | stdlib@v1.25.4 | CVE-2025-61729 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/yq | stdlib@v1.25.4 | CVE-2025-61727 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/container-tools:1.8.3-610 | false | Observability v2.8 dev | usr/local/bin/yq | stdlib@v1.25.4 | CVE-2025-61730 | none | not affected | vulnerable code not in execute path | gobinary |
| registry.rancher.com/suse-observability/sts-opentelemetry-collector:v0.0.25 | false | Observability v2.8 dev | usr/bin/sts-opentelemetry-collector | go.opentelemetry.io/otel/sdk@v1.38.0 | CVE-2026-24051 | none | not affected | vulnerable code not present | gobinary |