````yaml ╭ [0] ╭ Target: nmaguiar/imgutils:build-lite (alpine 3.24.0_alpha20260127) │ ├ Class : os-pkgs │ ╰ Type : alpine ╰ [1] ╭ Target : usr/bin/crictl ├ Class : lang-pkgs ├ Type : gobinary ├ Packages ╭ [0] ╭ ID : sigs.k8s.io/cri-tools@v1.35.0 │ │ ├ Name : sigs.k8s.io/cri-tools │ │ ├ Identifier ╭ PURL: pkg:golang/sigs.k8s.io/cri-tools@v1.35.0 │ │ │ ╰ UID : b46141223cc00a39 │ │ ├ Version : v1.35.0 │ │ ├ Relationship: root │ │ ├ DependsOn ╭ [0] : github.com/Masterminds/semver/v3@v3.4.0 │ │ │ ├ [1] : github.com/bahlo/generic-list-go@v0.2.0 │ │ │ ├ [2] : github.com/beorn7/perks@v1.0.1 │ │ │ ├ [3] : github.com/blang/semver/v4@v4.0.0 │ │ │ ├ [4] : github.com/buger/jsonparser@v1.1.1 │ │ │ ├ [5] : github.com/cenkalti/backoff/v5@v5.0.2 │ │ │ ├ [6] : github.com/cespare/xxhash/v2@v2.3.0 │ │ │ ├ [7] : github.com/cpuguy83/go-md2man/v2@v2.0.7 │ │ │ ├ [8] : github.com/davecgh/go-spew@v1.1.2-0.20180830191138-d8f796 │ │ │ │ af33cc │ │ │ ├ [9] : github.com/distribution/reference@v0.6.0 │ │ │ ├ [10]: github.com/docker/docker@v28.3.3+incompatible │ │ │ ├ [11]: github.com/docker/go-units@v0.5.0 │ │ │ ├ [12]: github.com/felixge/httpsnoop@v1.0.4 │ │ │ ├ [13]: github.com/fsnotify/fsnotify@v1.9.0 │ │ │ ├ [14]: github.com/fxamacker/cbor/v2@v2.9.0 │ │ │ ├ [15]: github.com/go-logr/logr@v1.4.3 │ │ │ ├ [16]: github.com/go-logr/stdr@v1.2.2 │ │ │ ├ [17]: github.com/google/go-cmp@v0.7.0 │ │ │ ├ [18]: github.com/google/uuid@v1.6.0 │ │ │ ├ [19]: github.com/gorilla/websocket@v1.5.4-0.20250319132907-e064 │ │ │ │ f32e3674 │ │ │ ├ [20]: github.com/grpc-ecosystem/grpc-gateway/v2@v2.27.1 │ │ │ ├ [21]: github.com/invopop/jsonschema@v0.13.0 │ │ │ ├ [22]: github.com/json-iterator/go@v1.1.12 │ │ │ ├ [23]: github.com/liggitt/tabwriter@v0.0.0-20181228230101-89fcab │ │ │ │ 3d43de │ │ │ ├ [24]: github.com/mailru/easyjson@v0.7.7 │ │ │ ├ [25]: github.com/mitchellh/go-wordwrap@v1.0.1 │ │ │ ├ [26]: github.com/moby/spdystream@v0.5.0 │ │ │ ├ [27]: github.com/moby/term@v0.5.2 │ │ │ ├ [28]: github.com/modern-go/concurrent@v0.0.0-20180306012644-bac │ │ │ │ d9c7ef1dd │ │ │ ├ [29]: github.com/modern-go/reflect2@v1.0.3-0.20250322232337-35a │ │ │ │ 7c28c31ee │ │ │ ├ [30]: github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b │ │ │ │ 61c822 │ │ │ ├ [31]: github.com/mxk/go-flowrate@v0.0.0-20140419014527-cca7078d │ │ │ │ 478f │ │ │ ├ [32]: github.com/onsi/ginkgo/v2@v2.27.2 │ │ │ ├ [33]: github.com/onsi/gomega@v1.38.2 │ │ │ ├ [34]: github.com/opencontainers/go-digest@v1.0.0 │ │ │ ├ [35]: github.com/prometheus/client_golang@v1.23.2 │ │ │ ├ [36]: github.com/prometheus/client_model@v0.6.2 │ │ │ ├ [37]: github.com/prometheus/common@v0.66.1 │ │ │ ├ [38]: github.com/prometheus/procfs@v0.16.1 │ │ │ ├ [39]: github.com/russross/blackfriday/v2@v2.1.0 │ │ │ ├ [40]: github.com/sirupsen/logrus@v1.9.3 │ │ │ ├ [41]: github.com/spf13/pflag@v1.0.9 │ │ │ ├ [42]: github.com/urfave/cli/v2@v2.27.7 │ │ │ ├ [43]: github.com/wk8/go-ordered-map/v2@v2.1.8 │ │ │ ├ [44]: github.com/x448/float16@v0.8.4 │ │ │ ├ [45]: github.com/xrash/smetrics@v0.0.0-20240521201337-686a1a299 │ │ │ │ 4c1 │ │ │ ├ [46]: go.opentelemetry.io/auto/sdk@v1.1.0 │ │ │ ├ [47]: go.opentelemetry.io/contrib/instrumentation/google.golang │ │ │ │ .org/grpc/otelgrpc@v0.60.0 │ │ │ ├ [48]: go.opentelemetry.io/contrib/instrumentation/net/http/otel │ │ │ │ http@v0.61.0 │ │ │ ├ [49]: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptra │ │ │ │ cegrpc@v1.37.0 │ │ │ ├ [50]: go.opentelemetry.io/otel/exporters/otlp/otlptrace@v1.37.0 │ │ │ ├ [51]: go.opentelemetry.io/otel/metric@v1.37.0 │ │ │ ├ [52]: go.opentelemetry.io/otel/sdk@v1.37.0 │ │ │ ├ [53]: go.opentelemetry.io/otel/trace@v1.37.0 │ │ │ ├ [54]: go.opentelemetry.io/otel@v1.37.0 │ │ │ ├ [55]: go.opentelemetry.io/proto/otlp@v1.7.0 │ │ │ ├ [56]: go.yaml.in/yaml/v2@v2.4.3 │ │ │ ├ [57]: go.yaml.in/yaml/v3@v3.0.4 │ │ │ ├ [58]: golang.org/x/mod@v0.29.0 │ │ │ ├ [59]: golang.org/x/net@v0.47.0 │ │ │ ├ [60]: golang.org/x/oauth2@v0.30.0 │ │ │ ├ [61]: golang.org/x/sync@v0.18.0 │ │ │ ├ [62]: golang.org/x/sys@v0.38.0 │ │ │ ├ [63]: golang.org/x/term@v0.37.0 │ │ │ ├ [64]: golang.org/x/text@v0.31.0 │ │ │ ├ [65]: golang.org/x/time@v0.9.0 │ │ │ ├ [66]: golang.org/x/tools@v0.38.0 │ │ │ ├ [67]: google.golang.org/genproto/googleapis/api@v0.0.0-20250707 │ │ │ │ 201910-8d1bb00bc6a7 │ │ │ ├ [68]: google.golang.org/genproto/googleapis/rpc@v0.0.0-20250707 │ │ │ │ 201910-8d1bb00bc6a7 │ │ │ ├ [69]: google.golang.org/grpc@v1.75.0 │ │ │ ├ [70]: google.golang.org/protobuf@v1.36.8 │ │ │ ├ [71]: gopkg.in/inf.v0@v0.9.1 │ │ │ ├ [72]: gopkg.in/yaml.v3@v3.0.1 │ │ │ ├ [73]: k8s.io/api@v0.35.0-rc.1 │ │ │ ├ [74]: k8s.io/apimachinery@v0.35.0-rc.1 │ │ │ ├ [75]: k8s.io/cli-runtime@v0.35.0-rc.1 │ │ │ ├ [76]: k8s.io/client-go@v0.35.0-rc.1 │ │ │ ├ [77]: k8s.io/component-base@v0.35.0-rc.1 │ │ │ ├ [78]: k8s.io/cri-api@v0.35.0-rc.1 │ │ │ ├ [79]: k8s.io/cri-client@v0.35.0-rc.1 │ │ │ ├ [80]: k8s.io/klog/v2@v2.130.1 │ │ │ ├ [81]: k8s.io/kube-openapi@v0.0.0-20250910181357-589584f1c912 │ │ │ ├ [82]: k8s.io/kubectl@v0.35.0-rc.1 │ │ │ ├ [83]: k8s.io/kubelet@v0.35.0-rc.1 │ │ │ ├ [84]: k8s.io/utils@v0.0.0-20251002143259-bc988d571ff4 │ │ │ ├ [85]: sigs.k8s.io/json@v0.0.0-20250730193827-2d320260d730 │ │ │ ├ [86]: sigs.k8s.io/randfill@v1.0.0 │ │ │ ├ [87]: sigs.k8s.io/structured-merge-diff/v6@v6.3.0 │ │ │ ├ [88]: sigs.k8s.io/yaml@v1.6.0 │ │ │ ╰ [89]: stdlib@v1.25.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac7550 │ │ │ │ 5f7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94 │ │ │ a747bed890985ec0 │ │ ╰ AnalyzedBy : gobinary │ ├ [1] ╭ ID : stdlib@v1.25.0 │ │ ├ Name : stdlib │ │ ├ Identifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ │ ╰ UID : 7efd7a2bdb3f994b │ │ ├ Version : v1.25.0 │ │ ├ Relationship: direct │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac7550 │ │ │ │ 5f7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94 │ │ │ a747bed890985ec0 │ │ ╰ AnalyzedBy : gobinary │ ├ [2] ╭ ID : github.com/Masterminds/semver/v3@v3.4.0 │ │ ├ Name : github.com/Masterminds/semver/v3 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/masterminds/semver/v3@v3.4.0 │ │ │ ╰ UID : 61979fc8ec4a16d1 │ │ ├ Version : v3.4.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [3] ╭ ID : github.com/bahlo/generic-list-go@v0.2.0 │ │ ├ Name : github.com/bahlo/generic-list-go │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/bahlo/generic-list-go@v0.2.0 │ │ │ ╰ UID : cc1b9b6d9db37f11 │ │ ├ Version : v0.2.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [4] ╭ ID : github.com/beorn7/perks@v1.0.1 │ │ ├ Name : github.com/beorn7/perks │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/beorn7/perks@v1.0.1 │ │ │ ╰ UID : a600fae07525a979 │ │ ├ Version : v1.0.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [5] ╭ ID : github.com/blang/semver/v4@v4.0.0 │ │ ├ Name : github.com/blang/semver/v4 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/blang/semver/v4@v4.0.0 │ │ │ ╰ UID : 3c4c58067a3fb5f4 │ │ ├ Version : v4.0.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [6] ╭ ID : github.com/buger/jsonparser@v1.1.1 │ │ ├ Name : github.com/buger/jsonparser │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/buger/jsonparser@v1.1.1 │ │ │ ╰ UID : ca4c6b1f9a21412b │ │ ├ Version : v1.1.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [7] ╭ ID : github.com/cenkalti/backoff/v5@v5.0.2 │ │ ├ Name : github.com/cenkalti/backoff/v5 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/cenkalti/backoff/v5@v5.0.2 │ │ │ ╰ UID : 17da9672588a8cd7 │ │ ├ Version : v5.0.2 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [8] ╭ ID : github.com/cespare/xxhash/v2@v2.3.0 │ │ ├ Name : github.com/cespare/xxhash/v2 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/cespare/xxhash/v2@v2.3.0 │ │ │ ╰ UID : ae14b47911e674c0 │ │ ├ Version : v2.3.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [9] ╭ ID : github.com/cpuguy83/go-md2man/v2@v2.0.7 │ │ ├ Name : github.com/cpuguy83/go-md2man/v2 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/cpuguy83/go-md2man/v2@v2.0.7 │ │ │ ╰ UID : 53631060e8952d0 │ │ ├ Version : v2.0.7 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [10] ╭ ID : github.com/davecgh/go-spew@v1.1.2-0.20180830191138-d8f796af33cc │ │ ├ Name : github.com/davecgh/go-spew │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/davecgh/go-spew@v1.1.2-0.201808301911 │ │ │ │ 38-d8f796af33cc │ │ │ ╰ UID : 168e0b1cd8db2fed │ │ ├ Version : v1.1.2-0.20180830191138-d8f796af33cc │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [11] ╭ ID : github.com/distribution/reference@v0.6.0 │ │ ├ Name : github.com/distribution/reference │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/distribution/reference@v0.6.0 │ │ │ ╰ UID : de61d6c0a0a57b33 │ │ ├ Version : v0.6.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [12] ╭ ID : github.com/docker/docker@v28.3.3+incompatible │ │ ├ Name : github.com/docker/docker │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/docker/docker@v28.3.3%2Bincompatible │ │ │ ╰ UID : a108c38e2d3411ae │ │ ├ Version : v28.3.3+incompatible │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [13] ╭ ID : github.com/docker/go-units@v0.5.0 │ │ ├ Name : github.com/docker/go-units │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/docker/go-units@v0.5.0 │ │ │ ╰ UID : 8a035529378502ea │ │ ├ Version : v0.5.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [14] ╭ ID : github.com/felixge/httpsnoop@v1.0.4 │ │ ├ Name : github.com/felixge/httpsnoop │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/felixge/httpsnoop@v1.0.4 │ │ │ ╰ UID : 416ab57515c73dc2 │ │ ├ Version : v1.0.4 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [15] ╭ ID : github.com/fsnotify/fsnotify@v1.9.0 │ │ ├ Name : github.com/fsnotify/fsnotify │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/fsnotify/fsnotify@v1.9.0 │ │ │ ╰ UID : 4e3a94a1b8cfcc63 │ │ ├ Version : v1.9.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [16] ╭ ID : github.com/fxamacker/cbor/v2@v2.9.0 │ │ ├ Name : github.com/fxamacker/cbor/v2 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/fxamacker/cbor/v2@v2.9.0 │ │ │ ╰ UID : bfa2bf70a280b22b │ │ ├ Version : v2.9.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [17] ╭ ID : github.com/go-logr/logr@v1.4.3 │ │ ├ Name : github.com/go-logr/logr │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/go-logr/logr@v1.4.3 │ │ │ ╰ UID : 3e9387ec5e0495ae │ │ ├ Version : v1.4.3 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [18] ╭ ID : github.com/go-logr/stdr@v1.2.2 │ │ ├ Name : github.com/go-logr/stdr │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/go-logr/stdr@v1.2.2 │ │ │ ╰ UID : c75c5a2e1b160a5d │ │ ├ Version : v1.2.2 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [19] ╭ ID : github.com/google/go-cmp@v0.7.0 │ │ ├ Name : github.com/google/go-cmp │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/google/go-cmp@v0.7.0 │ │ │ ╰ UID : 3c19127019e40e93 │ │ ├ Version : v0.7.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [20] ╭ ID : github.com/google/uuid@v1.6.0 │ │ ├ Name : github.com/google/uuid │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/google/uuid@v1.6.0 │ │ │ ╰ UID : 3290f48c8d5533ff │ │ ├ Version : v1.6.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [21] ╭ ID : github.com/gorilla/websocket@v1.5.4-0.20250319132907-e064f32e3674 │ │ ├ Name : github.com/gorilla/websocket │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/gorilla/websocket@v1.5.4-0.2025031913 │ │ │ │ 2907-e064f32e3674 │ │ │ ╰ UID : 1d5a2f6d05a6ee57 │ │ ├ Version : v1.5.4-0.20250319132907-e064f32e3674 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [22] ╭ ID : github.com/grpc-ecosystem/grpc-gateway/v2@v2.27.1 │ │ ├ Name : github.com/grpc-ecosystem/grpc-gateway/v2 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/grpc-ecosystem/grpc-gateway/v2@v2.27.1 │ │ │ ╰ UID : 381e0fc6fff88a2c │ │ ├ Version : v2.27.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [23] ╭ ID : github.com/invopop/jsonschema@v0.13.0 │ │ ├ Name : github.com/invopop/jsonschema │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/invopop/jsonschema@v0.13.0 │ │ │ ╰ UID : 346245bdd925cb0e │ │ ├ Version : v0.13.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [24] ╭ ID : github.com/json-iterator/go@v1.1.12 │ │ ├ Name : github.com/json-iterator/go │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/json-iterator/go@v1.1.12 │ │ │ ╰ UID : 77804eec1fc4967d │ │ ├ Version : v1.1.12 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [25] ╭ ID : github.com/liggitt/tabwriter@v0.0.0-20181228230101-89fcab3d43de │ │ ├ Name : github.com/liggitt/tabwriter │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/liggitt/tabwriter@v0.0.0-201812282301 │ │ │ │ 01-89fcab3d43de │ │ │ ╰ UID : c7923f6efc458305 │ │ ├ Version : v0.0.0-20181228230101-89fcab3d43de │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [26] ╭ ID : github.com/mailru/easyjson@v0.7.7 │ │ ├ Name : github.com/mailru/easyjson │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/mailru/easyjson@v0.7.7 │ │ │ ╰ UID : cb1165ed9ed49e75 │ │ ├ Version : v0.7.7 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [27] ╭ ID : github.com/mitchellh/go-wordwrap@v1.0.1 │ │ ├ Name : github.com/mitchellh/go-wordwrap │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/mitchellh/go-wordwrap@v1.0.1 │ │ │ ╰ UID : 8e93ccdafc17a7d4 │ │ ├ Version : v1.0.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [28] ╭ ID : github.com/moby/spdystream@v0.5.0 │ │ ├ Name : github.com/moby/spdystream │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/moby/spdystream@v0.5.0 │ │ │ ╰ UID : 2ebdf32ca1a4f777 │ │ ├ Version : v0.5.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [29] ╭ ID : github.com/moby/term@v0.5.2 │ │ ├ Name : github.com/moby/term │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/moby/term@v0.5.2 │ │ │ ╰ UID : 37049f197bfbec80 │ │ ├ Version : v0.5.2 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [30] ╭ ID : github.com/modern-go/concurrent@v0.0.0-20180306012644-bacd9c7ef1dd │ │ ├ Name : github.com/modern-go/concurrent │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/modern-go/concurrent@v0.0.0-201803060 │ │ │ │ 12644-bacd9c7ef1dd │ │ │ ╰ UID : 9cf390cf1781d6e3 │ │ ├ Version : v0.0.0-20180306012644-bacd9c7ef1dd │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [31] ╭ ID : github.com/modern-go/reflect2@v1.0.3-0.20250322232337-35a7c28c31ee │ │ ├ Name : github.com/modern-go/reflect2 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/modern-go/reflect2@v1.0.3-0.202503222 │ │ │ │ 32337-35a7c28c31ee │ │ │ ╰ UID : 698f2c299844d62f │ │ ├ Version : v1.0.3-0.20250322232337-35a7c28c31ee │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [32] ╭ ID : github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822 │ │ ├ Name : github.com/munnerz/goautoneg │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/munnerz/goautoneg@v0.0.0-201910100834 │ │ │ │ 16-a7dc8b61c822 │ │ │ ╰ UID : a384b2e132544011 │ │ ├ Version : v0.0.0-20191010083416-a7dc8b61c822 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [33] ╭ ID : github.com/mxk/go-flowrate@v0.0.0-20140419014527-cca7078d478f │ │ ├ Name : github.com/mxk/go-flowrate │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/mxk/go-flowrate@v0.0.0-20140419014527 │ │ │ │ -cca7078d478f │ │ │ ╰ UID : 44ae3a481333854f │ │ ├ Version : v0.0.0-20140419014527-cca7078d478f │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [34] ╭ ID : github.com/onsi/ginkgo/v2@v2.27.2 │ │ ├ Name : github.com/onsi/ginkgo/v2 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/onsi/ginkgo/v2@v2.27.2 │ │ │ ╰ UID : f607f62db9227e1e │ │ ├ Version : v2.27.2 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [35] ╭ ID : github.com/onsi/gomega@v1.38.2 │ │ ├ Name : github.com/onsi/gomega │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/onsi/gomega@v1.38.2 │ │ │ ╰ UID : 59432a6edec3acf9 │ │ ├ Version : v1.38.2 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [36] ╭ ID : github.com/opencontainers/go-digest@v1.0.0 │ │ ├ Name : github.com/opencontainers/go-digest │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/opencontainers/go-digest@v1.0.0 │ │ │ ╰ UID : c2f429f266feed25 │ │ ├ Version : v1.0.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [37] ╭ ID : github.com/prometheus/client_golang@v1.23.2 │ │ ├ Name : github.com/prometheus/client_golang │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/prometheus/client_golang@v1.23.2 │ │ │ ╰ UID : 1296fa7c1600be60 │ │ ├ Version : v1.23.2 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [38] ╭ ID : github.com/prometheus/client_model@v0.6.2 │ │ ├ Name : github.com/prometheus/client_model │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/prometheus/client_model@v0.6.2 │ │ │ ╰ UID : 367b97fec4d40939 │ │ ├ Version : v0.6.2 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [39] ╭ ID : github.com/prometheus/common@v0.66.1 │ │ ├ Name : github.com/prometheus/common │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/prometheus/common@v0.66.1 │ │ │ ╰ UID : f5763bd4efaf8b86 │ │ ├ Version : v0.66.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [40] ╭ ID : github.com/prometheus/procfs@v0.16.1 │ │ ├ Name : github.com/prometheus/procfs │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/prometheus/procfs@v0.16.1 │ │ │ ╰ UID : fab8672fabe0e226 │ │ ├ Version : v0.16.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [41] ╭ ID : github.com/russross/blackfriday/v2@v2.1.0 │ │ ├ Name : github.com/russross/blackfriday/v2 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/russross/blackfriday/v2@v2.1.0 │ │ │ ╰ UID : 761d5729d0c46ad9 │ │ ├ Version : v2.1.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [42] ╭ ID : github.com/sirupsen/logrus@v1.9.3 │ │ ├ Name : github.com/sirupsen/logrus │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/sirupsen/logrus@v1.9.3 │ │ │ ╰ UID : bcb0226bd1fa8b41 │ │ ├ Version : v1.9.3 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [43] ╭ ID : github.com/spf13/pflag@v1.0.9 │ │ ├ Name : github.com/spf13/pflag │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/spf13/pflag@v1.0.9 │ │ │ ╰ UID : a53accbfd46f7978 │ │ ├ Version : v1.0.9 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [44] ╭ ID : github.com/urfave/cli/v2@v2.27.7 │ │ ├ Name : github.com/urfave/cli/v2 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/urfave/cli/v2@v2.27.7 │ │ │ ╰ UID : 85129e2d21a968af │ │ ├ Version : v2.27.7 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [45] ╭ ID : github.com/wk8/go-ordered-map/v2@v2.1.8 │ │ ├ Name : github.com/wk8/go-ordered-map/v2 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/wk8/go-ordered-map/v2@v2.1.8 │ │ │ ╰ UID : 45a8eacafcbe81df │ │ ├ Version : v2.1.8 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [46] ╭ ID : github.com/x448/float16@v0.8.4 │ │ ├ Name : github.com/x448/float16 │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/x448/float16@v0.8.4 │ │ │ ╰ UID : ac5447e20076e8df │ │ ├ Version : v0.8.4 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [47] ╭ ID : github.com/xrash/smetrics@v0.0.0-20240521201337-686a1a2994c1 │ │ ├ Name : github.com/xrash/smetrics │ │ ├ Identifier ╭ PURL: pkg:golang/github.com/xrash/smetrics@v0.0.0-20240521201337- │ │ │ │ 686a1a2994c1 │ │ │ ╰ UID : c1853d36683b5a8a │ │ ├ Version : v0.0.0-20240521201337-686a1a2994c1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [48] ╭ ID : go.opentelemetry.io/auto/sdk@v1.1.0 │ │ ├ Name : go.opentelemetry.io/auto/sdk │ │ ├ Identifier ╭ PURL: pkg:golang/go.opentelemetry.io/auto/sdk@v1.1.0 │ │ │ ╰ UID : 3975c84ff401eef6 │ │ ├ Version : v1.1.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [49] ╭ ID : go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc │ │ │ /otelgrpc@v0.60.0 │ │ ├ Name : go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc │ │ │ /otelgrpc │ │ ├ Identifier ╭ PURL: pkg:golang/go.opentelemetry.io/contrib/instrumentation/goog │ │ │ │ le.golang.org/grpc/otelgrpc@v0.60.0 │ │ │ ╰ UID : d01467d19a0d5e4e │ │ ├ Version : v0.60.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [50] ╭ ID : go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.6 │ │ │ 1.0 │ │ ├ Name : go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp │ │ ├ Identifier ╭ PURL: pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/ │ │ │ │ http/otelhttp@v0.61.0 │ │ │ ╰ UID : 62aace81e21fd210 │ │ ├ Version : v0.61.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [51] ╭ ID : go.opentelemetry.io/otel@v1.37.0 │ │ ├ Name : go.opentelemetry.io/otel │ │ ├ Identifier ╭ PURL: pkg:golang/go.opentelemetry.io/otel@v1.37.0 │ │ │ ╰ UID : 4e08428689a0c42e │ │ ├ Version : v1.37.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [52] ╭ ID : go.opentelemetry.io/otel/exporters/otlp/otlptrace@v1.37.0 │ │ ├ Name : go.opentelemetry.io/otel/exporters/otlp/otlptrace │ │ ├ Identifier ╭ PURL: pkg:golang/go.opentelemetry.io/otel/exporters/otlp/otlptrac │ │ │ │ e@v1.37.0 │ │ │ ╰ UID : 3fdad2e2e100e4f9 │ │ ├ Version : v1.37.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [53] ╭ ID : go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc@v1 │ │ │ .37.0 │ │ ├ Name : go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc │ │ ├ Identifier ╭ PURL: pkg:golang/go.opentelemetry.io/otel/exporters/otlp/otlptrac │ │ │ │ e/otlptracegrpc@v1.37.0 │ │ │ ╰ UID : efcf09017fe778cb │ │ ├ Version : v1.37.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [54] ╭ ID : go.opentelemetry.io/otel/metric@v1.37.0 │ │ ├ Name : go.opentelemetry.io/otel/metric │ │ ├ Identifier ╭ PURL: pkg:golang/go.opentelemetry.io/otel/metric@v1.37.0 │ │ │ ╰ UID : 8aec881805755c6a │ │ ├ Version : v1.37.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [55] ╭ ID : go.opentelemetry.io/otel/sdk@v1.37.0 │ │ ├ Name : go.opentelemetry.io/otel/sdk │ │ ├ Identifier ╭ PURL: pkg:golang/go.opentelemetry.io/otel/sdk@v1.37.0 │ │ │ ╰ UID : badfb66d9fa38d4c │ │ ├ Version : v1.37.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [56] ╭ ID : go.opentelemetry.io/otel/trace@v1.37.0 │ │ ├ Name : go.opentelemetry.io/otel/trace │ │ ├ Identifier ╭ PURL: pkg:golang/go.opentelemetry.io/otel/trace@v1.37.0 │ │ │ ╰ UID : 54bb41ef5c5dea0a │ │ ├ Version : v1.37.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [57] ╭ ID : go.opentelemetry.io/proto/otlp@v1.7.0 │ │ ├ Name : go.opentelemetry.io/proto/otlp │ │ ├ Identifier ╭ PURL: pkg:golang/go.opentelemetry.io/proto/otlp@v1.7.0 │ │ │ ╰ UID : 4d170e89d2a95465 │ │ ├ Version : v1.7.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [58] ╭ ID : go.yaml.in/yaml/v2@v2.4.3 │ │ ├ Name : go.yaml.in/yaml/v2 │ │ ├ Identifier ╭ PURL: pkg:golang/go.yaml.in/yaml/v2@v2.4.3 │ │ │ ╰ UID : c6df5a28cf374077 │ │ ├ Version : v2.4.3 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [59] ╭ ID : go.yaml.in/yaml/v3@v3.0.4 │ │ ├ Name : go.yaml.in/yaml/v3 │ │ ├ Identifier ╭ PURL: pkg:golang/go.yaml.in/yaml/v3@v3.0.4 │ │ │ ╰ UID : 79e367f10d642c78 │ │ ├ Version : v3.0.4 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [60] ╭ ID : golang.org/x/mod@v0.29.0 │ │ ├ Name : golang.org/x/mod │ │ ├ Identifier ╭ PURL: pkg:golang/golang.org/x/mod@v0.29.0 │ │ │ ╰ UID : 91b0c1b20cffa4b9 │ │ ├ Version : v0.29.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [61] ╭ ID : golang.org/x/net@v0.47.0 │ │ ├ Name : golang.org/x/net │ │ ├ Identifier ╭ PURL: pkg:golang/golang.org/x/net@v0.47.0 │ │ │ ╰ UID : 5594252c20b6331 │ │ ├ Version : v0.47.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [62] ╭ ID : golang.org/x/oauth2@v0.30.0 │ │ ├ Name : golang.org/x/oauth2 │ │ ├ Identifier ╭ PURL: pkg:golang/golang.org/x/oauth2@v0.30.0 │ │ │ ╰ UID : 83d39ce75f4e4650 │ │ ├ Version : v0.30.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [63] ╭ ID : golang.org/x/sync@v0.18.0 │ │ ├ Name : golang.org/x/sync │ │ ├ Identifier ╭ PURL: pkg:golang/golang.org/x/sync@v0.18.0 │ │ │ ╰ UID : 1bfd5ccebef5de06 │ │ ├ Version : v0.18.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [64] ╭ ID : golang.org/x/sys@v0.38.0 │ │ ├ Name : golang.org/x/sys │ │ ├ Identifier ╭ PURL: pkg:golang/golang.org/x/sys@v0.38.0 │ │ │ ╰ UID : 9aa434950a57a85e │ │ ├ Version : v0.38.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [65] ╭ ID : golang.org/x/term@v0.37.0 │ │ ├ Name : golang.org/x/term │ │ ├ Identifier ╭ PURL: pkg:golang/golang.org/x/term@v0.37.0 │ │ │ ╰ UID : 16825d21e72cf15b │ │ ├ Version : v0.37.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [66] ╭ ID : golang.org/x/text@v0.31.0 │ │ ├ Name : golang.org/x/text │ │ ├ Identifier ╭ PURL: pkg:golang/golang.org/x/text@v0.31.0 │ │ │ ╰ UID : af1b94c742843c56 │ │ ├ Version : v0.31.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [67] ╭ ID : golang.org/x/time@v0.9.0 │ │ ├ Name : golang.org/x/time │ │ ├ Identifier ╭ PURL: pkg:golang/golang.org/x/time@v0.9.0 │ │ │ ╰ UID : 9b2171fbfc6a6db3 │ │ ├ Version : v0.9.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [68] ╭ ID : golang.org/x/tools@v0.38.0 │ │ ├ Name : golang.org/x/tools │ │ ├ Identifier ╭ PURL: pkg:golang/golang.org/x/tools@v0.38.0 │ │ │ ╰ UID : 9b1f9285f498c11e │ │ ├ Version : v0.38.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [69] ╭ ID : google.golang.org/genproto/googleapis/api@v0.0.0-20250707201910-8d │ │ │ 1bb00bc6a7 │ │ ├ Name : google.golang.org/genproto/googleapis/api │ │ ├ Identifier ╭ PURL: pkg:golang/google.golang.org/genproto/googleapis/api@v0.0.0 │ │ │ │ -20250707201910-8d1bb00bc6a7 │ │ │ ╰ UID : 2a6740c97fcde2eb │ │ ├ Version : v0.0.0-20250707201910-8d1bb00bc6a7 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [70] ╭ ID : google.golang.org/genproto/googleapis/rpc@v0.0.0-20250707201910-8d │ │ │ 1bb00bc6a7 │ │ ├ Name : google.golang.org/genproto/googleapis/rpc │ │ ├ Identifier ╭ PURL: pkg:golang/google.golang.org/genproto/googleapis/rpc@v0.0.0 │ │ │ │ -20250707201910-8d1bb00bc6a7 │ │ │ ╰ UID : 2362217f783656dd │ │ ├ Version : v0.0.0-20250707201910-8d1bb00bc6a7 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [71] ╭ ID : google.golang.org/grpc@v1.75.0 │ │ ├ Name : google.golang.org/grpc │ │ ├ Identifier ╭ PURL: pkg:golang/google.golang.org/grpc@v1.75.0 │ │ │ ╰ UID : dc760fcc5f8111f9 │ │ ├ Version : v1.75.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [72] ╭ ID : google.golang.org/protobuf@v1.36.8 │ │ ├ Name : google.golang.org/protobuf │ │ ├ Identifier ╭ PURL: pkg:golang/google.golang.org/protobuf@v1.36.8 │ │ │ ╰ UID : 5be951b1048bc3a8 │ │ ├ Version : v1.36.8 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [73] ╭ ID : gopkg.in/inf.v0@v0.9.1 │ │ ├ Name : gopkg.in/inf.v0 │ │ ├ Identifier ╭ PURL: pkg:golang/gopkg.in/inf.v0@v0.9.1 │ │ │ ╰ UID : cc9ad2e2566a6b03 │ │ ├ Version : v0.9.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [74] ╭ ID : gopkg.in/yaml.v3@v3.0.1 │ │ ├ Name : gopkg.in/yaml.v3 │ │ ├ Identifier ╭ PURL: pkg:golang/gopkg.in/yaml.v3@v3.0.1 │ │ │ ╰ UID : 4add0fad6833945 │ │ ├ Version : v3.0.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [75] ╭ ID : k8s.io/api@v0.35.0-rc.1 │ │ ├ Name : k8s.io/api │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/api@v0.35.0-rc.1 │ │ │ ╰ UID : 9cb3c27b98ec05dd │ │ ├ Version : v0.35.0-rc.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [76] ╭ ID : k8s.io/apimachinery@v0.35.0-rc.1 │ │ ├ Name : k8s.io/apimachinery │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/apimachinery@v0.35.0-rc.1 │ │ │ ╰ UID : f523aff66d12c9e7 │ │ ├ Version : v0.35.0-rc.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [77] ╭ ID : k8s.io/cli-runtime@v0.35.0-rc.1 │ │ ├ Name : k8s.io/cli-runtime │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/cli-runtime@v0.35.0-rc.1 │ │ │ ╰ UID : c8de41a13ca9174a │ │ ├ Version : v0.35.0-rc.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [78] ╭ ID : k8s.io/client-go@v0.35.0-rc.1 │ │ ├ Name : k8s.io/client-go │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/client-go@v0.35.0-rc.1 │ │ │ ╰ UID : 64c0564101280fb6 │ │ ├ Version : v0.35.0-rc.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [79] ╭ ID : k8s.io/component-base@v0.35.0-rc.1 │ │ ├ Name : k8s.io/component-base │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/component-base@v0.35.0-rc.1 │ │ │ ╰ UID : 83ae1719f9b55204 │ │ ├ Version : v0.35.0-rc.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [80] ╭ ID : k8s.io/cri-api@v0.35.0-rc.1 │ │ ├ Name : k8s.io/cri-api │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/cri-api@v0.35.0-rc.1 │ │ │ ╰ UID : 34d9e99e243527a │ │ ├ Version : v0.35.0-rc.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [81] ╭ ID : k8s.io/cri-client@v0.35.0-rc.1 │ │ ├ Name : k8s.io/cri-client │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/cri-client@v0.35.0-rc.1 │ │ │ ╰ UID : 2a522efdc500df3c │ │ ├ Version : v0.35.0-rc.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [82] ╭ ID : k8s.io/klog/v2@v2.130.1 │ │ ├ Name : k8s.io/klog/v2 │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/klog/v2@v2.130.1 │ │ │ ╰ UID : ee6e2153ab63167d │ │ ├ Version : v2.130.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [83] ╭ ID : k8s.io/kube-openapi@v0.0.0-20250910181357-589584f1c912 │ │ ├ Name : k8s.io/kube-openapi │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/kube-openapi@v0.0.0-20250910181357-589584 │ │ │ │ f1c912 │ │ │ ╰ UID : 21d3f77e6c05ff01 │ │ ├ Version : v0.0.0-20250910181357-589584f1c912 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [84] ╭ ID : k8s.io/kubectl@v0.35.0-rc.1 │ │ ├ Name : k8s.io/kubectl │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/kubectl@v0.35.0-rc.1 │ │ │ ╰ UID : 4e880628d64b8040 │ │ ├ Version : v0.35.0-rc.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [85] ╭ ID : k8s.io/kubelet@v0.35.0-rc.1 │ │ ├ Name : k8s.io/kubelet │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/kubelet@v0.35.0-rc.1 │ │ │ ╰ UID : 8a1975a862833fd │ │ ├ Version : v0.35.0-rc.1 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [86] ╭ ID : k8s.io/utils@v0.0.0-20251002143259-bc988d571ff4 │ │ ├ Name : k8s.io/utils │ │ ├ Identifier ╭ PURL: pkg:golang/k8s.io/utils@v0.0.0-20251002143259-bc988d571ff4 │ │ │ ╰ UID : 4c3632aadc3e2d71 │ │ ├ Version : v0.0.0-20251002143259-bc988d571ff4 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [87] ╭ ID : sigs.k8s.io/json@v0.0.0-20250730193827-2d320260d730 │ │ ├ Name : sigs.k8s.io/json │ │ ├ Identifier ╭ PURL: pkg:golang/sigs.k8s.io/json@v0.0.0-20250730193827-2d320260d │ │ │ │ 730 │ │ │ ╰ UID : e7fc47e37916501f │ │ ├ Version : v0.0.0-20250730193827-2d320260d730 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [88] ╭ ID : sigs.k8s.io/randfill@v1.0.0 │ │ ├ Name : sigs.k8s.io/randfill │ │ ├ Identifier ╭ PURL: pkg:golang/sigs.k8s.io/randfill@v1.0.0 │ │ │ ╰ UID : 3854cab13adf03f0 │ │ ├ Version : v1.0.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ├ [89] ╭ ID : sigs.k8s.io/structured-merge-diff/v6@v6.3.0 │ │ ├ Name : sigs.k8s.io/structured-merge-diff/v6 │ │ ├ Identifier ╭ PURL: pkg:golang/sigs.k8s.io/structured-merge-diff/v6@v6.3.0 │ │ │ ╰ UID : ae969a91cd3ce93b │ │ ├ Version : v6.3.0 │ │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ │ 7290f68d53f8ee │ │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ │ 47bed890985ec0 │ │ ╰ AnalyzedBy: gobinary │ ╰ [90] ╭ ID : sigs.k8s.io/yaml@v1.6.0 │ ├ Name : sigs.k8s.io/yaml │ ├ Identifier ╭ PURL: pkg:golang/sigs.k8s.io/yaml@v1.6.0 │ │ ╰ UID : 4b3e50227fc8eb87 │ ├ Version : v1.6.0 │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac75505f │ │ │ 7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b58c94a7 │ │ 47bed890985ec0 │ ╰ AnalyzedBy: gobinary ╰ Vulnerabilities ╭ [0] ╭ VulnerabilityID : CVE-2025-68121 │ ├ VendorIDs ─ [0]: GO-2026-4337 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.13, 1.25.7, 1.26.0-rc.3 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ SeveritySource : nvd │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-68121 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:5cef1d421fc2e2e42b6823c7505e35330990922575a7bb31e3305 │ │ 16d25128975 │ ├ Title : During session resumption in crypto/tls, if the underlying │ │ Config has ... │ ├ Description : During session resumption in crypto/tls, if the underlying │ │ Config has its ClientCAs or RootCAs fields mutated between │ │ the initial handshake and the resumed handshake, the resumed │ │ handshake may succeed when it should have failed. This may │ │ happen when a user calls Config.Clone and mutates the │ │ returned Config, or uses Config.GetConfigForClient. This can │ │ cause a client to resume a session with a server that it │ │ would not have resumed with during the initial handshake, or │ │ cause a server to resume a session with a client that it │ │ would not have resumed with during the initial handshake. │ ├ Severity : CRITICAL │ ├ CweIDs ─ [0]: CWE-295 │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ bitnami: 2 │ │ ╰ nvd : 4 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I: │ │ │ │ L/A:N │ │ │ ╰ V3Score : 4.8 │ │ ╰ nvd ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I: │ │ │ H/A:H │ │ ╰ V3Score : 10 │ ├ References ╭ [0]: https://go.dev/cl/737700 │ │ ├ [1]: https://go.dev/issue/77217 │ │ ├ [2]: https://groups.google.com/g/golang-announce/c/K09ubi9F │ │ │ QFk │ │ ├ [3]: https://nvd.nist.gov/vuln/detail/CVE-2025-68121 │ │ ╰ [4]: https://pkg.go.dev/vuln/GO-2026-4337 │ ├ PublishedDate : 2026-02-05T18:16:10.857Z │ ╰ LastModifiedDate: 2026-02-10T16:08:03.303Z ├ [1] ╭ VulnerabilityID : CVE-2025-58183 │ ├ VendorIDs ─ [0]: GO-2025-4014 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.8, 1.25.2 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-58183 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:00fa1135eae47520ee6973a2c2fb4f93776a3a0a287454adb472c │ │ 0992d5ddb10 │ ├ Title : golang: archive/tar: Unbounded allocation when parsing GNU │ │ sparse map │ ├ Description : tar.Reader does not set a maximum size on the number of │ │ sparse region data blocks in GNU tar pax 1.0 sparse files. A │ │ maliciously-crafted archive containing a large number of │ │ sparse regions can cause a Reader to read an unbounded │ │ amount of data from the archive into memory. When reading │ │ from a compressed source, a small compressed input can │ │ result in large allocations. │ ├ Severity : HIGH │ ├ VendorSeverity ╭ alma : 2 │ │ ├ amazon : 3 │ │ ├ azure : 2 │ │ ├ bitnami : 2 │ │ ├ cbl-mariner: 2 │ │ ├ oracle-oval: 2 │ │ ├ redhat : 2 │ │ ╰ rocky : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I: │ │ │ │ N/A:L │ │ │ ╰ V3Score : 4.3 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:H │ │ ╰ V3Score : 7.5 │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2025/10/08/1 │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2026:1381 │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2025-58183 │ │ ├ [3] : https://bugzilla.redhat.com/2407258 │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2407258 │ │ ├ [5] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-20 │ │ │ 25-58183 │ │ ├ [6] : https://errata.almalinux.org/9/ALSA-2026-1381.html │ │ ├ [7] : https://errata.rockylinux.org/RLSA-2025:23326 │ │ ├ [8] : https://go.dev/cl/709861 │ │ ├ [9] : https://go.dev/issue/75677 │ │ ├ [10]: https://groups.google.com/g/golang-announce/c/4Emdl2i │ │ │ Q_bI │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2025-58183.html │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2026-50076.html │ │ ├ [13]: https://nvd.nist.gov/vuln/detail/CVE-2025-58183 │ │ ├ [14]: https://pkg.go.dev/vuln/GO-2025-4014 │ │ ╰ [15]: https://www.cve.org/CVERecord?id=CVE-2025-58183 │ ├ PublishedDate : 2025-10-29T23:16:19.357Z │ ╰ LastModifiedDate: 2025-11-04T22:16:33.2Z ├ [2] ╭ VulnerabilityID : CVE-2025-61726 │ ├ VendorIDs ─ [0]: GO-2026-4341 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.12, 1.25.6 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-61726 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:572c0dd5fd8a980722883c5adf85ea520ba851a656476977e3f5b │ │ 5376e78617c │ ├ Title : golang: net/url: Memory exhaustion in query parameter │ │ parsing in net/url │ ├ Description : The net/url package does not set a limit on the number of │ │ query parameters in a query. While the maximum size of query │ │ parameters in URLs is generally limited by the maximum │ │ request header size, the net/http.Request.ParseForm method │ │ can parse large URL-encoded forms. Parsing a large form │ │ containing many unique query parameters can cause excessive │ │ memory consumption. │ ├ Severity : HIGH │ ├ CweIDs ─ [0]: CWE-770 │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ azure : 2 │ │ ├ bitnami : 3 │ │ ├ cbl-mariner: 2 │ │ ╰ redhat : 3 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 7.5 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:H │ │ ╰ V3Score : 7.5 │ ├ References ╭ [0]: https://access.redhat.com/security/cve/CVE-2025-61726 │ │ ├ [1]: https://go.dev/cl/736712 │ │ ├ [2]: https://go.dev/issue/77101 │ │ ├ [3]: https://groups.google.com/g/golang-announce/c/Vd2tYVM8 │ │ │ eUc │ │ ├ [4]: https://nvd.nist.gov/vuln/detail/CVE-2025-61726 │ │ ├ [5]: https://pkg.go.dev/vuln/GO-2026-4341 │ │ ╰ [6]: https://www.cve.org/CVERecord?id=CVE-2025-61726 │ ├ PublishedDate : 2026-01-28T20:16:09.713Z │ ╰ LastModifiedDate: 2026-02-06T18:47:34.52Z ├ [3] ╭ VulnerabilityID : CVE-2025-61728 │ ├ VendorIDs ─ [0]: GO-2026-4342 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.12, 1.25.6 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-61728 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:80a29d238d9a2044abca07200a4a01d583d3687d52284fedf301a │ │ 6ca042bcae7 │ ├ Title : golang: archive/zip: Excessive CPU consumption when building │ │ archive index in archive/zip │ ├ Description : archive/zip uses a super-linear file name indexing algorithm │ │ that is invoked the first time a file in an archive is │ │ opened. This can lead to a denial of service when consuming │ │ a maliciously constructed ZIP archive. │ ├ Severity : HIGH │ ├ CweIDs ─ [0]: CWE-770 │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ azure : 2 │ │ ├ bitnami: 2 │ │ ╰ redhat : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 6.5 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:H │ │ ╰ V3Score : 7.5 │ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2026/01/15/4 │ │ ├ [1]: https://access.redhat.com/security/cve/CVE-2025-61728 │ │ ├ [2]: https://go.dev/cl/736713 │ │ ├ [3]: https://go.dev/issue/77102 │ │ ├ [4]: https://groups.google.com/g/golang-announce/c/Vd2tYVM8 │ │ │ eUc │ │ ├ [5]: https://nvd.nist.gov/vuln/detail/CVE-2025-61728 │ │ ├ [6]: https://pkg.go.dev/vuln/GO-2026-4342 │ │ ╰ [7]: https://www.cve.org/CVERecord?id=CVE-2025-61728 │ ├ PublishedDate : 2026-01-28T20:16:09.83Z │ ╰ LastModifiedDate: 2026-02-06T18:45:10.42Z ├ [4] ╭ VulnerabilityID : CVE-2025-61729 │ ├ VendorIDs ─ [0]: GO-2025-4155 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.11, 1.25.5 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-61729 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:3fe8c946ec4ee95318a3916ee40b040d6f1bc4decc250e2c0ca62 │ │ 0e9eadb3e15 │ ├ Title : crypto/x509: golang: Denial of Service due to excessive │ │ resource consumption via crafted certificate │ ├ Description : Within HostnameError.Error(), when constructing an error │ │ string, there is no limit to the number of hosts that will │ │ be printed out. Furthermore, the error string is constructed │ │ by repeated string concatenation, leading to quadratic │ │ runtime. Therefore, a certificate provided by a malicious │ │ actor can result in excessive resource consumption. │ ├ Severity : HIGH │ ├ CweIDs ─ [0]: CWE-295 │ ├ VendorSeverity ╭ alma : 3 │ │ ├ amazon : 3 │ │ ├ bitnami : 3 │ │ ├ oracle-oval: 3 │ │ ├ redhat : 3 │ │ ╰ rocky : 3 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 7.5 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:H │ │ ╰ V3Score : 7.5 │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2026:1908 │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2025-61729 │ │ ├ [2] : https://bugzilla.redhat.com/2418462 │ │ ├ [3] : https://bugzilla.redhat.com/show_bug.cgi?id=2418462 │ │ ├ [4] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-20 │ │ │ 25-61729 │ │ ├ [5] : https://errata.almalinux.org/9/ALSA-2026-1908.html │ │ ├ [6] : https://errata.rockylinux.org/RLSA-2026:1908 │ │ ├ [7] : https://go.dev/cl/725920 │ │ ├ [8] : https://go.dev/issue/76445 │ │ ├ [9] : https://groups.google.com/g/golang-announce/c/8FJoBkP │ │ │ ddm4 │ │ ├ [10]: https://linux.oracle.com/cve/CVE-2025-61729.html │ │ ├ [11]: https://linux.oracle.com/errata/ELSA-2026-2323.html │ │ ├ [12]: https://nvd.nist.gov/vuln/detail/CVE-2025-61729 │ │ ├ [13]: https://pkg.go.dev/vuln/GO-2025-4155 │ │ ╰ [14]: https://www.cve.org/CVERecord?id=CVE-2025-61729 │ ├ PublishedDate : 2025-12-02T19:15:51.447Z │ ╰ LastModifiedDate: 2025-12-19T18:25:28.283Z ├ [5] ╭ VulnerabilityID : CVE-2025-61730 │ ├ VendorIDs ─ [0]: GO-2026-4340 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.12, 1.25.6 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-61730 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:0a0130451ae68aba9692e7d2a30f40bf8c2286bbb742d98e2f265 │ │ a9423c484d2 │ ├ Title : During the TLS 1.3 handshake if multiple messages are sent │ │ in records ... │ ├ Description : During the TLS 1.3 handshake if multiple messages are sent │ │ in records that span encryption level boundaries (for │ │ instance the Client Hello and Encrypted Extensions │ │ messages), the subsequent messages may be processed before │ │ the encryption level changes. This can cause some minor │ │ information disclosure if a network-local attacker can │ │ inject messages during the handshake. │ ├ Severity : HIGH │ ├ VendorSeverity ╭ amazon : 3 │ │ ╰ bitnami: 2 │ ├ CVSS ─ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I: │ │ │ N/A:N │ │ ╰ V3Score : 5.3 │ ├ References ╭ [0]: https://go.dev/cl/724120 │ │ ├ [1]: https://go.dev/issue/76443 │ │ ├ [2]: https://groups.google.com/g/golang-announce/c/Vd2tYVM8 │ │ │ eUc │ │ ├ [3]: https://nvd.nist.gov/vuln/detail/CVE-2025-61730 │ │ ╰ [4]: https://pkg.go.dev/vuln/GO-2026-4340 │ ├ PublishedDate : 2026-01-28T20:16:09.94Z │ ╰ LastModifiedDate: 2026-02-03T20:36:41.3Z ├ [6] ╭ VulnerabilityID : CVE-2025-47910 │ ├ VendorIDs ─ [0]: GO-2025-3955 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.25.1 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-47910 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:cd63cb1c4f1e673c8efb4f418b45dca15a79bd3416e90d5b5f72a │ │ ccafb17e5ca │ ├ Title : net/http: CrossOriginProtection bypass in net/http │ ├ Description : When using http.CrossOriginProtection, the │ │ AddInsecureBypassPattern method can unexpectedly bypass more │ │ requests than intended. CrossOriginProtection then skips │ │ validation, but forwards the original request path, which │ │ may be served by a different handler without the intended │ │ security protections. │ ├ Severity : MEDIUM │ ├ VendorSeverity ╭ bitnami: 2 │ │ ╰ redhat : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I: │ │ │ │ L/A:N │ │ │ ╰ V3Score : 5.4 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I: │ │ │ L/A:N │ │ ╰ V3Score : 5.4 │ ├ References ╭ [0]: https://access.redhat.com/security/cve/CVE-2025-47910 │ │ ├ [1]: https://go.dev/cl/699275 │ │ ├ [2]: https://go.dev/issue/75054 │ │ ├ [3]: https://groups.google.com/g/golang-announce/c/PtW9VW21 │ │ │ NPs/m/DJhMQ-m5AQAJ │ │ ├ [4]: https://nvd.nist.gov/vuln/detail/CVE-2025-47910 │ │ ├ [5]: https://pkg.go.dev/vuln/GO-2025-3955 │ │ ╰ [6]: https://www.cve.org/CVERecord?id=CVE-2025-47910 │ ├ PublishedDate : 2025-09-22T21:15:59.627Z │ ╰ LastModifiedDate: 2025-09-24T14:15:49.437Z ├ [7] ╭ VulnerabilityID : CVE-2025-47912 │ ├ VendorIDs ─ [0]: GO-2025-4010 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.8, 1.25.2 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-47912 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:c1943ea24c43576d4c92ac278763adc94d86a2b6812cc37054ee7 │ │ 9829c092ed3 │ ├ Title : net/url: Insufficient validation of bracketed IPv6 hostnames │ │ in net/url │ ├ Description : The Parse function permits values other than IPv6 addresses │ │ to be included in square brackets within the host component │ │ of a URL. RFC 3986 permits IPv6 addresses to be included │ │ within the host component, enclosed within square brackets. │ │ For example: "http://[::1]/". IPv4 addresses and hostnames │ │ must not appear within square brackets. Parse did not │ │ enforce this requirement. │ ├ Severity : MEDIUM │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ bitnami: 2 │ │ ╰ redhat : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I: │ │ │ │ N/A:N │ │ │ ╰ V3Score : 5.3 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I: │ │ │ N/A:N │ │ ╰ V3Score : 5.3 │ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/10/08/1 │ │ ├ [1]: https://access.redhat.com/security/cve/CVE-2025-47912 │ │ ├ [2]: https://go.dev/cl/709857 │ │ ├ [3]: https://go.dev/issue/75678 │ │ ├ [4]: https://groups.google.com/g/golang-announce/c/4Emdl2iQ │ │ │ _bI │ │ ├ [5]: https://nvd.nist.gov/vuln/detail/CVE-2025-47912 │ │ ├ [6]: https://pkg.go.dev/vuln/GO-2025-4010 │ │ ╰ [7]: https://www.cve.org/CVERecord?id=CVE-2025-47912 │ ├ PublishedDate : 2025-10-29T23:16:18.187Z │ ╰ LastModifiedDate: 2026-01-29T13:57:18.69Z ├ [8] ╭ VulnerabilityID : CVE-2025-58185 │ ├ VendorIDs ─ [0]: GO-2025-4011 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.8, 1.25.2 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-58185 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:b2561d2d30729c1629ff9252cb992e94a5bbbb4b090a3f8e8614d │ │ 4108870e93c │ ├ Title : encoding/asn1: Parsing DER payload can cause memory │ │ exhaustion in encoding/asn1 │ ├ Description : Parsing a maliciously crafted DER payload could allocate │ │ large amounts of memory, causing memory exhaustion. │ ├ Severity : MEDIUM │ ├ CweIDs ─ [0]: CWE-770 │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ bitnami: 2 │ │ ╰ redhat : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:L │ │ │ ╰ V3Score : 5.3 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:L │ │ ╰ V3Score : 5.3 │ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/10/08/1 │ │ ├ [1]: https://access.redhat.com/security/cve/CVE-2025-58185 │ │ ├ [2]: https://github.com/golang/go/commit/8709a41d5ef7321f48 │ │ │ 6a1857f189c3fee20e8edd │ │ ├ [3]: https://go.dev/cl/709856 │ │ ├ [4]: https://go.dev/issue/75671 │ │ ├ [5]: https://groups.google.com/g/golang-announce/c/4Emdl2iQ │ │ │ _bI │ │ ├ [6]: https://nvd.nist.gov/vuln/detail/CVE-2025-58185 │ │ ├ [7]: https://pkg.go.dev/vuln/GO-2025-4011 │ │ ╰ [8]: https://www.cve.org/CVERecord?id=CVE-2025-58185 │ ├ PublishedDate : 2025-10-29T23:16:19.45Z │ ╰ LastModifiedDate: 2026-02-06T20:26:41.997Z ├ [9] ╭ VulnerabilityID : CVE-2025-58186 │ ├ VendorIDs ─ [0]: GO-2025-4012 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.8, 1.25.2 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-58186 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:b91ceac3b63995d6dd9f914b43837ff6567c37d3fbebd6899daa1 │ │ 4764bb3bd7f │ ├ Title : golang.org/net/http: Lack of limit when parsing cookies can │ │ cause memory exhaustion in net/http │ ├ Description : Despite HTTP headers having a default limit of 1MB, the │ │ number of cookies that can be parsed does not have a limit. │ │ By sending a lot of very small cookies such as "a=;", an │ │ attacker can make an HTTP server allocate a large amount of │ │ structs, causing large memory consumption. │ ├ Severity : MEDIUM │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ bitnami: 2 │ │ ╰ redhat : 1 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:L │ │ │ ╰ V3Score : 5.3 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:L │ │ ╰ V3Score : 5.3 │ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/10/08/1 │ │ ├ [1]: https://access.redhat.com/security/cve/CVE-2025-58186 │ │ ├ [2]: https://go.dev/cl/709855 │ │ ├ [3]: https://go.dev/issue/75672 │ │ ├ [4]: https://groups.google.com/g/golang-announce/c/4Emdl2iQ │ │ │ _bI │ │ ├ [5]: https://nvd.nist.gov/vuln/detail/CVE-2025-58186 │ │ ├ [6]: https://pkg.go.dev/vuln/GO-2025-4012 │ │ ╰ [7]: https://www.cve.org/CVERecord?id=CVE-2025-58186 │ ├ PublishedDate : 2025-10-29T23:16:19.547Z │ ╰ LastModifiedDate: 2025-11-04T22:16:33.45Z ├ [10] ╭ VulnerabilityID : CVE-2025-58187 │ ├ VendorIDs ─ [0]: GO-2025-4007 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.9, 1.25.3 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-58187 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:bb6b10edfa073b80580583d93eace717292128107a8fd565e60db │ │ 94af8f2eb6e │ ├ Title : crypto/x509: Quadratic complexity when checking name │ │ constraints in crypto/x509 │ ├ Description : Due to the design of the name constraint checking algorithm, │ │ the processing time of some inputs scale non-linearly with │ │ respect to the size of the certificate. This affects │ │ programs which validate arbitrary certificate chains. │ ├ Severity : MEDIUM │ ├ CweIDs ─ [0]: CWE-407 │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ bitnami: 3 │ │ ╰ redhat : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 7.5 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:L │ │ ╰ V3Score : 5.3 │ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/10/08/1 │ │ ├ [1]: https://access.redhat.com/security/cve/CVE-2025-58187 │ │ ├ [2]: https://github.com/golang/go/commit/3fc4c79fdbb17b9b29 │ │ │ ea9f8c29dd780df075d4c4 │ │ ├ [3]: https://go.dev/cl/709854 │ │ ├ [4]: https://go.dev/issue/75681 │ │ ├ [5]: https://groups.google.com/g/golang-announce/c/4Emdl2iQ │ │ │ _bI │ │ ├ [6]: https://nvd.nist.gov/vuln/detail/CVE-2025-58187 │ │ ├ [7]: https://pkg.go.dev/vuln/GO-2025-4007 │ │ ╰ [8]: https://www.cve.org/CVERecord?id=CVE-2025-58187 │ ├ PublishedDate : 2025-10-29T23:16:19.643Z │ ╰ LastModifiedDate: 2026-01-29T16:02:27.08Z ├ [11] ╭ VulnerabilityID : CVE-2025-58188 │ ├ VendorIDs ─ [0]: GO-2025-4013 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.8, 1.25.2 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-58188 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:cfef5b85221445bdde6239a174b58358ad6900a72609b5a26cd91 │ │ 1d0f43c0115 │ ├ Title : crypto/x509: golang: Panic when validating certificates with │ │ DSA public keys in crypto/x509 │ ├ Description : Validating certificate chains which contain DSA public keys │ │ can cause programs to panic, due to a interface cast that │ │ assumes they implement the Equal method. This affects │ │ programs which validate arbitrary certificate chains. │ ├ Severity : MEDIUM │ ├ CweIDs ─ [0]: CWE-295 │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ bitnami: 3 │ │ ╰ redhat : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 7.5 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:L │ │ ╰ V3Score : 5.3 │ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/10/08/1 │ │ ├ [1]: https://access.redhat.com/security/cve/CVE-2025-58188 │ │ ├ [2]: https://github.com/golang/go/commit/6e4007e8cffbb870e6 │ │ │ b606307ab7308236ecefb9 │ │ ├ [3]: https://go.dev/cl/709853 │ │ ├ [4]: https://go.dev/issue/75675 │ │ ├ [5]: https://groups.google.com/g/golang-announce/c/4Emdl2iQ │ │ │ _bI │ │ ├ [6]: https://nvd.nist.gov/vuln/detail/CVE-2025-58188 │ │ ├ [7]: https://pkg.go.dev/vuln/GO-2025-4013 │ │ ╰ [8]: https://www.cve.org/CVERecord?id=CVE-2025-58188 │ ├ PublishedDate : 2025-10-29T23:16:19.74Z │ ╰ LastModifiedDate: 2026-01-29T15:55:11.97Z ├ [12] ╭ VulnerabilityID : CVE-2025-58189 │ ├ VendorIDs ─ [0]: GO-2025-4008 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.8, 1.25.2 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-58189 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:71dc5efdb8142ed5cd5488d40a9a18bef6b1cacce9d8dbdb61fd0 │ │ 39b9618cf93 │ ├ Title : crypto/tls: go crypto/tls ALPN negotiation error contains │ │ attacker controlled information │ ├ Description : When Conn.Handshake fails during ALPN negotiation the error │ │ contains attacker controlled information (the ALPN protocols │ │ sent by the client) which is not escaped. │ ├ Severity : MEDIUM │ ├ CweIDs ─ [0]: CWE-532 │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ bitnami: 2 │ │ ╰ redhat : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I: │ │ │ │ N/A:N │ │ │ ╰ V3Score : 5.3 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ L/A:N │ │ ╰ V3Score : 5.3 │ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/10/08/1 │ │ ├ [1]: https://access.redhat.com/security/cve/CVE-2025-58189 │ │ ├ [2]: https://go.dev/cl/707776 │ │ ├ [3]: https://go.dev/issue/75652 │ │ ├ [4]: https://groups.google.com/g/golang-announce/c/4Emdl2iQ │ │ │ _bI │ │ ├ [5]: https://nvd.nist.gov/vuln/detail/CVE-2025-58189 │ │ ├ [6]: https://pkg.go.dev/vuln/GO-2025-4008 │ │ ╰ [7]: https://www.cve.org/CVERecord?id=CVE-2025-58189 │ ├ PublishedDate : 2025-10-29T23:16:19.833Z │ ╰ LastModifiedDate: 2026-01-29T15:49:24.543Z ├ [13] ╭ VulnerabilityID : CVE-2025-61723 │ ├ VendorIDs ─ [0]: GO-2025-4009 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.8, 1.25.2 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-61723 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:51b91f730b5ee9e3990ff83cd2c4aafbf27978adf77d609805e2c │ │ dddba2f535f │ ├ Title : encoding/pem: Quadratic complexity when parsing some invalid │ │ inputs in encoding/pem │ ├ Description : The processing time for parsing some invalid inputs scales │ │ non-linearly with respect to the size of the input. This │ │ affects programs which parse untrusted PEM inputs. │ ├ Severity : MEDIUM │ ├ CweIDs ─ [0]: CWE-770 │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ bitnami: 3 │ │ ╰ redhat : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 7.5 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:L │ │ ╰ V3Score : 5.3 │ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/10/08/1 │ │ ├ [1]: https://access.redhat.com/security/cve/CVE-2025-61723 │ │ ├ [2]: https://github.com/golang/go/commit/5ce8cd16f3859ec5ac │ │ │ 4106ad8ec15d6236f4501b │ │ ├ [3]: https://go.dev/cl/709858 │ │ ├ [4]: https://go.dev/issue/75676 │ │ ├ [5]: https://groups.google.com/g/golang-announce/c/4Emdl2iQ │ │ │ _bI │ │ ├ [6]: https://nvd.nist.gov/vuln/detail/CVE-2025-61723 │ │ ├ [7]: https://pkg.go.dev/vuln/GO-2025-4009 │ │ ╰ [8]: https://www.cve.org/CVERecord?id=CVE-2025-61723 │ ├ PublishedDate : 2025-10-29T23:16:19.927Z │ ╰ LastModifiedDate: 2026-01-29T15:49:05.343Z ├ [14] ╭ VulnerabilityID : CVE-2025-61724 │ ├ VendorIDs ─ [0]: GO-2025-4015 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.8, 1.25.2 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-61724 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:0918dafd043e3fec5df338a7e9fb7b79cbca5212c9c73d163ecc0 │ │ 12aadfa5303 │ ├ Title : net/textproto: Excessive CPU consumption in │ │ Reader.ReadResponse in net/textproto │ ├ Description : The Reader.ReadResponse function constructs a response │ │ string through repeated string concatenation of lines. When │ │ the number of lines in a response is large, this can cause │ │ excessive CPU consumption. │ ├ Severity : MEDIUM │ ├ CweIDs ─ [0]: CWE-770 │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ bitnami: 2 │ │ ╰ redhat : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:L │ │ │ ╰ V3Score : 5.3 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:L │ │ ╰ V3Score : 5.3 │ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/10/08/1 │ │ ├ [1]: https://access.redhat.com/security/cve/CVE-2025-61724 │ │ ├ [2]: https://go.dev/cl/709859 │ │ ├ [3]: https://go.dev/issue/75716 │ │ ├ [4]: https://groups.google.com/g/golang-announce/c/4Emdl2iQ │ │ │ _bI │ │ ├ [5]: https://nvd.nist.gov/vuln/detail/CVE-2025-61724 │ │ ├ [6]: https://pkg.go.dev/vuln/GO-2025-4015 │ │ ╰ [7]: https://www.cve.org/CVERecord?id=CVE-2025-61724 │ ├ PublishedDate : 2025-10-29T23:16:20.02Z │ ╰ LastModifiedDate: 2026-01-29T15:30:53.69Z ├ [15] ╭ VulnerabilityID : CVE-2025-61725 │ ├ VendorIDs ─ [0]: GO-2025-4006 │ ├ PkgID : stdlib@v1.25.0 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ │ ╰ UID : 7efd7a2bdb3f994b │ ├ InstalledVersion: v1.25.0 │ ├ FixedVersion : 1.24.8, 1.25.2 │ ├ Status : fixed │ ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ │ 75505f7290f68d53f8ee │ │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ │ 8c94a747bed890985ec0 │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-61725 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database │ │ ╰ URL : https://pkg.go.dev/vuln/ │ ├ Fingerprint : sha256:555ba0fa4b0860aa6d415e6d1c3d70ff479caf62bbda4a1c09dbe │ │ a395e74153f │ ├ Title : net/mail: Excessive CPU consumption in ParseAddress in │ │ net/mail │ ├ Description : The ParseAddress function constructs domain-literal address │ │ components through repeated string concatenation. When │ │ parsing large domain-literal components, this can cause │ │ excessive CPU consumption. │ ├ Severity : MEDIUM │ ├ VendorSeverity ╭ amazon : 3 │ │ ├ bitnami: 3 │ │ ╰ redhat : 2 │ ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 7.5 │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I: │ │ │ N/A:L │ │ ╰ V3Score : 5.3 │ ├ References ╭ [0]: http://www.openwall.com/lists/oss-security/2025/10/08/1 │ │ ├ [1]: https://access.redhat.com/security/cve/CVE-2025-61725 │ │ ├ [2]: https://go.dev/cl/709860 │ │ ├ [3]: https://go.dev/issue/75680 │ │ ├ [4]: https://groups.google.com/g/golang-announce/c/4Emdl2iQ │ │ │ _bI │ │ ├ [5]: https://nvd.nist.gov/vuln/detail/CVE-2025-61725 │ │ ├ [6]: https://pkg.go.dev/vuln/GO-2025-4006 │ │ ╰ [7]: https://www.cve.org/CVERecord?id=CVE-2025-61725 │ ├ PublishedDate : 2025-10-29T23:16:20.113Z │ ╰ LastModifiedDate: 2025-12-09T18:15:56.347Z ╰ [16] ╭ VulnerabilityID : CVE-2025-61727 ├ VendorIDs ─ [0]: GO-2025-4175 ├ PkgID : stdlib@v1.25.0 ├ PkgName : stdlib ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.25.0 │ ╰ UID : 7efd7a2bdb3f994b ├ InstalledVersion: v1.25.0 ├ FixedVersion : 1.24.11, 1.25.5 ├ Status : fixed ├ Layer ╭ Digest: sha256:0e025eb11e613d22293ec4a384ff5ddd9c8ec40dc6ac │ │ 75505f7290f68d53f8ee │ ╰ DiffID: sha256:9a463271bcc7545a3a45fcd1a9b390d623e4b67a25b5 │ 8c94a747bed890985ec0 ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2025-61727 ├ DataSource ╭ ID : govulndb │ ├ Name: The Go Vulnerability Database │ ╰ URL : https://pkg.go.dev/vuln/ ├ Fingerprint : sha256:67eb881fbd8bf6ea76d0fcbff05cb62a7281f9e92f452bf0f11fd │ 6bb91295776 ├ Title : golang: crypto/x509: excluded subdomain constraint does not │ restrict wildcard SANs ├ Description : An excluded subdomain constraint in a certificate chain does │ not restrict the usage of wildcard SANs in the leaf │ certificate. For example a constraint that excludes the │ subdomain test.example.com does not prevent a leaf │ certificate from claiming the SAN *.example.com. ├ Severity : MEDIUM ├ CweIDs ─ [0]: CWE-295 ├ VendorSeverity ╭ amazon : 3 │ ├ bitnami: 2 │ ╰ redhat : 2 ├ CVSS ╭ bitnami ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I: │ │ │ L/A:N │ │ ╰ V3Score : 6.5 │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I: │ │ L/A:N │ ╰ V3Score : 6.5 ├ References ╭ [0]: https://access.redhat.com/security/cve/CVE-2025-61727 │ ├ [1]: https://go.dev/cl/723900 │ ├ [2]: https://go.dev/issue/76442 │ ├ [3]: https://groups.google.com/g/golang-announce/c/8FJoBkPd │ │ dm4 │ ├ [4]: https://nvd.nist.gov/vuln/detail/CVE-2025-61727 │ ├ [5]: https://pkg.go.dev/vuln/GO-2025-4175 │ ╰ [6]: https://www.cve.org/CVERecord?id=CVE-2025-61727 ├ PublishedDate : 2025-12-03T20:16:25.607Z ╰ LastModifiedDate: 2025-12-18T20:15:10.957Z ````