UNCLASSIFIED - NO CUI

Skip to content

chore(findings): opensource/debian/java-25

Summary

opensource/debian/java-25 has 167 new findings discovered during continuous monitoring.

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=opensource/debian/java-25&tag=25&branch=master

EPSS (Exploit Prediction Scoring System) provides an estimate of the likelihood that a vulnerability will be exploited in the wild.

KEV (Known Exploited Vulnerabilities) indicates whether a vulnerability is actively being exploited according to CISA.

id source severity package impact workaround epss_score kev
CVE-2011-3389 Twistlock CVE Low gnutls28-3.8.9-3 0.04632 false
CVE-2011-3389 Anchore CVE Low libgnutls30t64-3.8.9-3 0.04632 false
CVE-2017-16232 Anchore CVE Low libtiff6-4.7.0-3 0.01738 false
CVE-2014-8166 Twistlock CVE Low cups-2.4.10-3+deb13u1 0.00992 false
CVE-2014-8166 Anchore CVE Low libcups2t64-2.4.10-3+deb13u1 0.00992 false
CVE-2018-18064 Twistlock CVE Low cairo-1.18.4-1 0.00510 false
CVE-2018-18064 Anchore CVE Low libcairo-gobject2-1.18.4-1+b1 0.00510 false
CVE-2018-18064 Anchore CVE Low libcairo2-1.18.4-1+b1 0.00510 false
CVE-2012-0039 Anchore CVE Low libglib2.0-0t64-2.84.4-3~deb13u1 0.00492 false
CVE-2012-0039 Anchore CVE Low libglib2.0-data-2.84.4-3~deb13u1 0.00492 false
CVE-2018-5709 Twistlock CVE Low krb5-1.21.3-5 0.00482 false
CVE-2018-5709 Anchore CVE Low krb5-locales-1.21.3-5 0.00482 false
CVE-2018-5709 Anchore CVE Low libkrb5support0-1.21.3-5 0.00482 false
CVE-2018-5709 Anchore CVE Low libk5crypto3-1.21.3-5 0.00482 false
CVE-2018-5709 Anchore CVE Low libkrb5-3-1.21.3-5 0.00482 false
CVE-2018-5709 Anchore CVE Low libgssapi-krb5-2-1.21.3-5 0.00482 false
CVE-2017-5563 Twistlock CVE Low tiff-4.7.0-3 0.00457 false
CVE-2017-5563 Anchore CVE Low libtiff6-4.7.0-3 0.00457 false
CVE-2017-17973 Anchore CVE Low libtiff6-4.7.0-3 0.00419 false
CVE-2017-9937 Twistlock CVE Low jbigkit-2.1-6.1 0.00354 false
CVE-2017-9937 Anchore CVE Low libjbig0-2.1-6.1+b2 0.00354 false
CVE-2017-7475 Twistlock CVE Low cairo-1.18.4-1 0.00344 false
CVE-2017-7475 Anchore CVE Low libcairo-gobject2-1.18.4-1+b1 0.00344 false
CVE-2017-7475 Anchore CVE Low libcairo2-1.18.4-1+b1 0.00344 false
CVE-2018-10126 Twistlock CVE Low tiff-4.7.0-3 0.00340 false
CVE-2018-10126 Anchore CVE Low libtiff6-4.7.0-3 0.00340 false
CVE-2024-45993 Twistlock CVE Low giflib-5.2.2-1 0.00225 false
CVE-2024-45993 Anchore CVE Low libgif7-5.2.2-1+b1 0.00225 false
CVE-2024-26458 Twistlock CVE Low krb5-1.21.3-5 0.00212 false
CVE-2024-26458 Anchore CVE Low libgssapi-krb5-2-1.21.3-5 0.00212 false
CVE-2024-26458 Anchore CVE Low krb5-locales-1.21.3-5 0.00212 false
CVE-2024-26458 Anchore CVE Low libk5crypto3-1.21.3-5 0.00212 false
CVE-2024-26458 Anchore CVE Low libkrb5support0-1.21.3-5 0.00212 false
CVE-2024-26458 Anchore CVE Low libkrb5-3-1.21.3-5 0.00212 false
CVE-2024-52616 Twistlock CVE Low avahi-0.8-16 0.00173 false
CVE-2024-52616 Anchore CVE Medium libavahi-client3-0.8-16 0.00173 false
CVE-2024-52616 Anchore CVE Medium libavahi-common-data-0.8-16 0.00173 false
CVE-2024-52616 Anchore CVE Medium libavahi-common3-0.8-16 0.00173 false
CVE-2025-29070 Anchore CVE Low liblcms2-2-2.16-2 0.00168 false
CVE-2023-45931 Anchore CVE Low libgbm1-25.0.7-2 0.00162 false
CVE-2023-45931 Anchore CVE Low libglx-mesa0-25.0.7-2 0.00162 false
CVE-2023-45931 Anchore CVE Low libgl1-mesa-dri-25.0.7-2 0.00162 false
CVE-2023-45931 Anchore CVE Low mesa-vulkan-drivers-25.0.7-2 0.00162 false
CVE-2023-45931 Anchore CVE Low mesa-libgallium-25.0.7-2 0.00162 false
CVE-2025-1352 Twistlock CVE Low elfutils-0.192-4 0.00154 false
CVE-2025-1352 Anchore CVE Low libelf1t64-0.192-4 0.00154 false
CVE-2024-52615 Twistlock CVE Low avahi-0.8-16 0.00152 false
CVE-2024-52615 Anchore CVE Medium libavahi-client3-0.8-16 0.00152 false
CVE-2024-52615 Anchore CVE Medium libavahi-common-data-0.8-16 0.00152 false
CVE-2024-52615 Anchore CVE Medium libavahi-common3-0.8-16 0.00152 false
CVE-2023-31437 Anchore CVE Low libsystemd-shared-257.8-1~deb13u2 0.00128 false
CVE-2023-31437 Anchore CVE Low systemd-timesyncd-257.8-1~deb13u2 0.00128 false
CVE-2023-31437 Anchore CVE Low systemd-cryptsetup-257.8-1~deb13u2 0.00128 false
CVE-2023-31437 Anchore CVE Low systemd-sysv-257.8-1~deb13u2 0.00128 false
CVE-2023-31437 Anchore CVE Low libnss-systemd-257.8-1~deb13u2 0.00128 false
CVE-2023-31437 Anchore CVE Low systemd-257.8-1~deb13u2 0.00128 false
CVE-2023-31437 Anchore CVE Low libpam-systemd-257.8-1~deb13u2 0.00128 false
CVE-2023-45924 Anchore CVE Low libglx0-1.7.0-1+b2 0.00126 false
CVE-2023-45924 Anchore CVE Low libgl1-1.7.0-1+b2 0.00126 false
CVE-2023-45924 Anchore CVE Low libglvnd0-1.7.0-1+b2 0.00126 false
CVE-2017-15131 Twistlock CVE Low xdg-user-dirs-0.18-2 0.00120 false
CVE-2017-15131 Anchore CVE Low xdg-user-dirs-0.18-2 0.00120 false
CVE-2017-11697 Twistlock CVE Low nss-2:3.110-1 0.00113 false
CVE-2017-11697 Anchore CVE Low libnss3-2:3.110-1 0.00113 false
CVE-2024-7883 Twistlock CVE Low llvm-toolchain-19-1:19.1.7-3 0.00108 false
CVE-2024-7883 Anchore CVE Low libllvm19-1:19.1.7-3+b1 0.00108 false
CVE-2023-31438 Anchore CVE Low libpam-systemd-257.8-1~deb13u2 0.00100 false
CVE-2023-31438 Anchore CVE Low systemd-257.8-1~deb13u2 0.00100 false
CVE-2023-31438 Anchore CVE Low systemd-sysv-257.8-1~deb13u2 0.00100 false
CVE-2023-31438 Anchore CVE Low systemd-cryptsetup-257.8-1~deb13u2 0.00100 false
CVE-2023-31438 Anchore CVE Low libnss-systemd-257.8-1~deb13u2 0.00100 false
CVE-2023-31438 Anchore CVE Low systemd-timesyncd-257.8-1~deb13u2 0.00100 false
CVE-2023-31438 Anchore CVE Low libsystemd-shared-257.8-1~deb13u2 0.00100 false
CVE-2017-9117 Twistlock CVE Low tiff-4.7.0-3 0.00098 false
CVE-2017-9117 Anchore CVE Low libtiff6-4.7.0-3 0.00098 false
CVE-2023-31439 Anchore CVE Low libpam-systemd-257.8-1~deb13u2 0.00094 false
CVE-2023-31439 Anchore CVE Low systemd-timesyncd-257.8-1~deb13u2 0.00094 false
CVE-2023-31439 Anchore CVE Low systemd-cryptsetup-257.8-1~deb13u2 0.00094 false
CVE-2023-31439 Anchore CVE Low libsystemd-shared-257.8-1~deb13u2 0.00094 false
CVE-2023-31439 Anchore CVE Low systemd-sysv-257.8-1~deb13u2 0.00094 false
CVE-2023-31439 Anchore CVE Low systemd-257.8-1~deb13u2 0.00094 false
CVE-2023-31439 Anchore CVE Low libnss-systemd-257.8-1~deb13u2 0.00094 false
CVE-2017-11698 Twistlock CVE Low nss-2:3.110-1 0.00094 false
CVE-2017-11698 Anchore CVE Low libnss3-2:3.110-1 0.00094 false
CVE-2017-11696 Twistlock CVE Low nss-2:3.110-1 0.00094 false
CVE-2017-11696 Anchore CVE Low libnss3-2:3.110-1 0.00094 false
CVE-2017-11695 Twistlock CVE Low nss-2:3.110-1 0.00094 false
CVE-2017-11695 Anchore CVE Low libnss3-2:3.110-1 0.00094 false
CVE-2024-26461 Twistlock CVE Low krb5-1.21.3-5 0.00081 false
CVE-2024-26461 Anchore CVE Low krb5-locales-1.21.3-5 0.00081 false
CVE-2024-26461 Anchore CVE Low libgssapi-krb5-2-1.21.3-5 0.00081 false
CVE-2024-26461 Anchore CVE Low libk5crypto3-1.21.3-5 0.00081 false
CVE-2024-26461 Anchore CVE Low libkrb5-3-1.21.3-5 0.00081 false
CVE-2024-26461 Anchore CVE Low libkrb5support0-1.21.3-5 0.00081 false
CVE-2021-4214 Twistlock CVE Low libpng1.6-1.6.48-1 0.00076 false
CVE-2021-4214 Anchore CVE Low libpng16-16t64-1.6.48-1 0.00076 false
CVE-2025-1377 Twistlock CVE Low elfutils-0.192-4 0.00074 false
CVE-2025-1377 Anchore CVE Low libelf1t64-0.192-4 0.00074 false
CVE-2023-45919 Anchore CVE Low mesa-vulkan-drivers-25.0.7-2 0.00067 false
CVE-2023-45919 Anchore CVE Low libglx-mesa0-25.0.7-2 0.00067 false
CVE-2023-45919 Anchore CVE Low libgbm1-25.0.7-2 0.00067 false
CVE-2023-45919 Anchore CVE Low mesa-libgallium-25.0.7-2 0.00067 false
CVE-2023-45919 Anchore CVE Low libgl1-mesa-dri-25.0.7-2 0.00067 false
CVE-2013-4392 Anchore CVE Low libnss-systemd-257.8-1~deb13u2 0.00067 false
CVE-2013-4392 Anchore CVE Low systemd-sysv-257.8-1~deb13u2 0.00067 false
CVE-2013-4392 Anchore CVE Low systemd-cryptsetup-257.8-1~deb13u2 0.00067 false
CVE-2013-4392 Anchore CVE Low systemd-257.8-1~deb13u2 0.00067 false
CVE-2013-4392 Anchore CVE Low libsystemd-shared-257.8-1~deb13u2 0.00067 false
CVE-2013-4392 Anchore CVE Low systemd-timesyncd-257.8-1~deb13u2 0.00067 false
CVE-2013-4392 Anchore CVE Low libpam-systemd-257.8-1~deb13u2 0.00067 false
CVE-2023-45922 Anchore CVE Low libglx-mesa0-25.0.7-2 0.00060 false
CVE-2023-45922 Anchore CVE Low mesa-libgallium-25.0.7-2 0.00060 false
CVE-2023-45922 Anchore CVE Low libgl1-mesa-dri-25.0.7-2 0.00060 false
CVE-2023-45922 Anchore CVE Low libgbm1-25.0.7-2 0.00060 false
CVE-2023-45922 Anchore CVE Low mesa-vulkan-drivers-25.0.7-2 0.00060 false
CVE-2025-1376 Twistlock CVE Low elfutils-0.192-4 0.00055 false
CVE-2025-1376 Anchore CVE Low libelf1t64-0.192-4 0.00055 false
CVE-2025-59375 Twistlock CVE Low expat-2.7.1-2 0.00054 false
CVE-2025-59375 Anchore CVE High libexpat1-2.7.1-2 0.00054 false
CVE-2022-1210 Twistlock CVE Low tiff-4.7.0-3 0.00047 false
CVE-2022-1210 Anchore CVE Low libtiff6-4.7.0-3 0.00047 false
CVE-2025-1372 Twistlock CVE Low elfutils-0.192-4 0.00035 false
CVE-2025-1372 Anchore CVE Low libelf1t64-0.192-4 0.00035 false
CVE-2025-1371 Twistlock CVE Low elfutils-0.192-4 0.00033 false
CVE-2025-1371 Anchore CVE Low libelf1t64-0.192-4 0.00033 false
CVE-2025-1365 Twistlock CVE Low elfutils-0.192-4 0.00031 false
CVE-2025-1365 Anchore CVE Low libelf1t64-0.192-4 0.00031 false
CVE-2025-8961 Twistlock CVE Low tiff-4.7.0-3 0.00029 false
CVE-2025-8961 Anchore CVE Low libtiff6-4.7.0-3 0.00029 false
CVE-2023-37769 Twistlock CVE Low pixman-0.44.0-3 0.00029 false
CVE-2023-37769 Anchore CVE Low libpixman-1-0-0.44.0-3 0.00029 false
CVE-2025-8534 Twistlock CVE Low tiff-4.7.0-3 0.00026 false
CVE-2025-8534 Anchore CVE Low libtiff6-4.7.0-3 0.00026 false
CVE-2025-9165 Twistlock CVE Low tiff-4.7.0-3 0.00021 false
CVE-2025-9165 Anchore CVE Low libtiff6-4.7.0-3 0.00021 false
CVE-2025-6141 Anchore CVE Low libncursesw6-6.5+20250216-2 0.00019 false
CVE-2023-39742 Twistlock CVE Low giflib-5.2.2-1 0.00019 false
CVE-2023-39742 Anchore CVE Low libgif7-5.2.2-1+b1 0.00019 false
CVE-2025-50422 Twistlock CVE Low cairo-1.18.4-1 0.00018 false
CVE-2025-50422 Anchore CVE Low libcairo-gobject2-1.18.4-1+b1 0.00018 false
CVE-2025-50422 Anchore CVE Low libcairo2-1.18.4-1+b1 0.00018 false
CVE-2025-9714 Twistlock CVE Low libxml2-2.12.7+dfsg+really2.9.14-2.1+deb13u1 0.00017 false
CVE-2025-9714 Anchore CVE Medium libxml2-2.12.7+dfsg+really2.9.14-2.1+deb13u1 0.00017 false
CVE-2023-45913 Anchore CVE Low mesa-libgallium-25.0.7-2 0.00017 false
CVE-2023-45913 Anchore CVE Low mesa-vulkan-drivers-25.0.7-2 0.00017 false
CVE-2023-45913 Anchore CVE Low libgbm1-25.0.7-2 0.00017 false
CVE-2023-45913 Anchore CVE Low libglx-mesa0-25.0.7-2 0.00017 false
CVE-2023-45913 Anchore CVE Low libgl1-mesa-dri-25.0.7-2 0.00017 false
CVE-2023-1916 Twistlock CVE Low tiff-4.7.0-3 0.00017 false
CVE-2023-1916 Anchore CVE Low libtiff6-4.7.0-3 0.00017 false
CVE-2025-31344 Twistlock CVE Low giflib-5.2.2-1 0.00016 false
CVE-2025-31344 Anchore CVE High libgif7-5.2.2-1+b1 0.00016 false
CVE-2024-13978 Twistlock CVE Low tiff-4.7.0-3 0.00016 false
CVE-2024-13978 Anchore CVE Low libtiff6-4.7.0-3 0.00016 false
CVE-2023-6228 Twistlock CVE Low tiff-4.7.0-3 0.00016 false
CVE-2023-6228 Anchore CVE Low libtiff6-4.7.0-3 0.00016 false
CVE-2025-8177 Twistlock CVE Low tiff-4.7.0-3 0.00015 false
CVE-2025-8177 Anchore CVE Low libtiff6-4.7.0-3 0.00015 false
CVE-2025-8176 Twistlock CVE Low tiff-4.7.0-3 0.00015 false
CVE-2025-8176 Anchore CVE Low libtiff6-4.7.0-3 0.00015 false
CVE-2024-25260 Twistlock CVE Low elfutils-0.192-4 0.00014 false
CVE-2024-25260 Anchore CVE Low libelf1t64-0.192-4 0.00014 false
CVE-2023-3164 Twistlock CVE Low tiff-4.7.0-3 0.00010 false
CVE-2023-3164 Anchore CVE Low libtiff6-4.7.0-3 0.00010 false
CVE-2025-8732 Anchore CVE Low libxml2-2.12.7+dfsg+really2.9.14-2.1+deb13u1 0.00009 false
b1ef7d65d0170c3b0311b319febeabf4 Anchore Compliance Critical N/A N/A
4f029df9e0cc26a272955dfee8c15434 Anchore Compliance Critical N/A N/A

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=opensource/debian/java-25&tag=25&branch=master

Tasks

Contributor:

  • Apply the StatusReview label to this issue for a merge request review and wait for feedback

OR

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue for a VAT justifications review and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Review or Verification label will be removed and the issue will be sent back to To-Do. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Review or Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

UNCLASSIFIED - NO CUI