🛡️ Security Vulnerability Report
Scan Summary: - 🔴 2 High Severity
📦 OS Packages
Target: Container Image
| Library |
Severity |
Vulnerability |
Fixed Version |
Status |
| zlib |
🔴 HIGH |
CVE-2026-22184 |
1.3.2-r0 |
✅ Fixed |
Details:
- Installed Version:
1.3.1-r2
- Title: Arbitrary code execution via buffer overflow in
untgz utility.
🐹 Go Binary
Target: bin/go-http-server
| Library |
Severity |
Vulnerability |
Fixed Version |
Status |
| stdlib |
🔴 HIGH |
CVE-2026-25679 |
1.25.8, 1.26.1 |
✅ Fixed |
Details:
- Installed Version:
v1.24.13
- Title:
net/url: Incorrect parsing of IPv6 host literals in net/url.
🛠️ Remediation Steps
- OS Update: Update the base image or run a package manager update to pull
zlib >= 1.3.2-r0.
- Go Update: Recompile the binary using Go version
1.25.8 or 1.26.1.
🛡️ Security Vulnerability Report
Scan Summary: - 🔴 2 High Severity
📦 OS Packages
Target:
Container Image1.3.2-r0Details:
1.3.1-r2untgzutility.🐹 Go Binary
Target:
bin/go-http-server1.25.8,1.26.1Details:
v1.24.13net/url: Incorrect parsing of IPv6 host literals innet/url.🛠️ Remediation Steps
zlib >= 1.3.2-r0.1.25.8or1.26.1.