Skip to content

[automatic] Publish and update 169 advisories for 42 packages #222

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[automatic] Publish and update 169 advisories for 42 packages #222

wants to merge 1 commit into from

Conversation

@jlsec-bot
Copy link
Contributor

@jlsec-bot jlsec-bot commented Nov 4, 2025

This action searched recent NVD/EUVD changes/publications, checking 6000 (+0) advisories from NVD and 114 (+5826) from EUVD for advisories that pertain here. It identified 169 advisories as being related to the Julia package(s): libnode_jll, mosquitto_client_jll, Ghostscript_jll, LibArchive_jll, MbedTLS_jll, FFMPEG_jll, FFplay_jll, OpenSSL_jll, Openresty_jll, MongoC_jll, Libtiff_jll, Python_jll, LibRaw_jll, Git_jll, ImageMagick_jll, XML2_jll, GStreamer_jll, iperf_jll, OpenSSH_jll, XSLT_jll, Poppler_jll, cJSON_jll, Perl_jll, LibModbus_jll, Soup3_jll, libavif_jll, CURL_jll, LibCURL_jll, systemd_jll, LibPQ_jll, Qemu_jll, Qemu_static_jll, Vim_jll, GnuTLS_jll, GAP_pkg_guava_jll, rsync_jll, OpenJpeg_jll, Expat_jll, libssh_jll, LibSSH2_jll, Kerberos_krb5_jll, and yaml_cpp_jll.

78 advisories apply to all registered versions of a package

These advisories had no obvious failures but computed a range without bounds.

  • CVE-2021-43666 for packages: MbedTLS_jll
    • MbedTLS_jll computed ["*"]. Its latest version (2.28.10+0) has components: {mbedtls = "2.28.10"}
      • arm:mbed_tls at <= 3.0.0 includes all versions
  • CVE-2022-0367 for packages: LibModbus_jll
    • LibModbus_jll computed ["*"]. Its latest version (3.1.10+0) has components: {libmodbus = "*"}
      • libmodbus:libmodbus at < 3.1.7 includes all versions
  • CVE-2023-26819 for packages: cJSON_jll
    • cJSON_jll computed ["*"]. Its latest version (1.7.18+0) has components: {cjson = "*"}
      • cjson_project:cjson at = 1.7.15 includes all versions
  • CVE-2023-2976 for packages: GAP_pkg_guava_jll
    • GAP_pkg_guava_jll computed ["*"]. Its latest version (301.200000.0+0) has components: {guava = "3.20"}
      • google:guava at < 32.0.0 includes all versions
  • CVE-2023-3019 for packages: Qemu_jll, and Qemu_static_jll
    • Qemu_jll computed ["*"]. Its latest version (7.2.9+0) has components: {qemu = "7.2.9"}
      • qemu:qemu at < 8.2.0 includes all versions
    • Qemu_static_jll computed ["*"]. Its latest version (7.2.9+0) has components: {qemu = "7.2.9"}
      • qemu:qemu at < 8.2.0 includes all versions
  • CVE-2023-31484 for packages: Perl_jll
    • Perl_jll computed ["*"]. Its latest version (5.34.1+0) has components: {"perl:xml-namespacesupport" = "1.12", "perl:file-which" = "1.27", "perl:getopt-tabular" = "0.3", "perl:regexp-common" = "2017060201", "perl:json" = "4.03", "perl:xml-sax" = ["1.02", "Base-1.09"], "perl:term-readline-gnu" = "1.42", "perl:xml-writer" = "0.900", "perl:exporter-lite" = "0.08", perl = "5.34.1", "perl:term-readkey" = "2.38"}
      • perl:perl at < 5.38.0 includes all versions
  • CVE-2023-5088 for packages: Qemu_jll, and Qemu_static_jll
    • Qemu_jll computed ["*"]. Its latest version (7.2.9+0) has components: {qemu = "7.2.9"}
      • qemu:qemu at < 8.2.0 includes all versions
    • Qemu_static_jll computed ["*"]. Its latest version (7.2.9+0) has components: {qemu = "7.2.9"}
      • qemu:qemu at < 8.2.0 includes all versions
  • CVE-2023-53154 for packages: cJSON_jll
    • cJSON_jll computed ["*"]. Its latest version (1.7.18+0) has components: {cjson = "*"}
      • cjson_project:cjson at < 1.7.18 includes all versions
  • CVE-2023-6693 for packages: Qemu_jll, and Qemu_static_jll
    • Qemu_jll computed ["*"]. Its latest version (7.2.9+0) has components: {qemu = "7.2.9"}
      • qemu:qemu at < 8.2.1 includes all versions
    • Qemu_static_jll computed ["*"]. Its latest version (7.2.9+0) has components: {qemu = "7.2.9"}
      • qemu:qemu at < 8.2.1 includes all versions
  • CVE-2024-10525 for packages: mosquitto_client_jll
    • mosquitto_client_jll computed ["*"]. Its latest version (2.0.15+0) has components: {mosquitto = "2.0.15"}
      • eclipse:mosquitto at >= 1.3.2, < 2.0.19 includes all versions
  • CVE-2024-10976 for packages: LibPQ_jll
    • LibPQ_jll computed ["*"]. Its latest version (16.8.0+0) has components: {postgresql = "*"}
      • postgresql:postgresql at >= 12.0, < 12.21 mapped to [< 14.1.0+0, >= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 13.0, < 13.17 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 14.0, < 14.14 mapped to [>= 14.1.0+0], includes the latest version`
      • postgresql:postgresql at >= 15.0, < 15.9 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 16.0, < 16.5 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 17.0, < 17.1 mapped to [>= 16.0.0+0], includes the latest version`
  • CVE-2024-10977 for packages: LibPQ_jll
    • LibPQ_jll computed ["*"]. Its latest version (16.8.0+0) has components: {postgresql = "*"}
      • postgresql:postgresql at >= 12.0, < 12.21 mapped to [< 14.1.0+0, >= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 13.0, < 13.17 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 14.0, < 14.14 mapped to [>= 14.1.0+0], includes the latest version`
      • postgresql:postgresql at >= 15.0, < 15.9 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 16.0, < 16.5 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at = 17.0- mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at = 17.0-beta1 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at = 17.0-beta2 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at = 17.0-beta3 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at = 17.0-rc1 mapped to [>= 16.0.0+0], includes the latest version`
  • CVE-2024-10978 for packages: LibPQ_jll
    • LibPQ_jll computed ["*"]. Its latest version (16.8.0+0) has components: {postgresql = "*"}
      • postgresql:postgresql at >= 12.0, < 12.21 mapped to [< 14.1.0+0, >= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 13.0, < 13.17 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 14.0, < 14.14 mapped to [>= 14.1.0+0], includes the latest version`
      • postgresql:postgresql at >= 15.0, < 15.9 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 16.0, < 16.5 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at = 17.0- mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at = 17.0-beta1 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at = 17.0-beta2 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at = 17.0-beta3 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at = 17.0-rc1 mapped to [>= 16.0.0+0], includes the latest version`
  • CVE-2024-10979 for packages: LibPQ_jll
    • LibPQ_jll computed ["*"]. Its latest version (16.8.0+0) has components: {postgresql = "*"}
      • postgresql:postgresql at >= 12.0, < 12.21 mapped to [< 14.1.0+0, >= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 13.0, < 13.17 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 14.0, < 14.14 mapped to [>= 14.1.0+0], includes the latest version`
      • postgresql:postgresql at >= 15.0, < 15.9 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 16.0, < 16.5 mapped to [>= 16.0.0+0], includes the latest version`
      • postgresql:postgresql at >= 17.0, < 17.1 mapped to [>= 16.0.0+0], includes the latest version`
  • CVE-2024-26306 for packages: iperf_jll
    • iperf_jll computed ["*"]. Its latest version (3.7.0+0) has components: {iperf3 = "3.7"}
      • es:iperf3 at < 3.17 includes all versions
  • CVE-2024-3447 for packages: Qemu_jll, and Qemu_static_jll
    • Qemu_jll computed ["*"]. Its latest version (7.2.9+0) has components: {qemu = "7.2.9"}
      • qemu:qemu at < 7.2.11 includes all versions
    • Qemu_static_jll computed ["*"]. Its latest version (7.2.9+0) has components: {qemu = "7.2.9"}
      • qemu:qemu at < 7.2.11 includes all versions
  • CVE-2024-36843 for packages: LibModbus_jll
    • LibModbus_jll computed ["*"]. Its latest version (3.1.10+0) has components: {libmodbus = "*"}
      • libmodbus:libmodbus at = 3.1.6 includes all versions
  • CVE-2024-36844 for packages: LibModbus_jll
    • LibModbus_jll computed ["*"]. Its latest version (3.1.10+0) has components: {libmodbus = "*"}
      • libmodbus:libmodbus at = 3.1.6 includes all versions
  • CVE-2024-36845 for packages: LibModbus_jll
    • LibModbus_jll computed ["*"]. Its latest version (3.1.10+0) has components: {libmodbus = "*"}
      • libmodbus:libmodbus at = 3.1.6 includes all versions
  • CVE-2024-3935 for packages: mosquitto_client_jll
    • mosquitto_client_jll computed ["*"]. Its latest version (2.0.15+0) has components: {mosquitto = "2.0.15"}
      • eclipse:mosquitto at >= 2.0.0, < 2.0.19 includes all versions
  • CVE-2024-46951 for packages: Ghostscript_jll
    • Ghostscript_jll computed ["*"]. Its latest version (9.55.1+0) has components: {ghostscript = "9.55.0"}
      • artifex:ghostscript at < 10.04.0 includes all versions
  • CVE-2024-46953 for packages: Ghostscript_jll
    • Ghostscript_jll computed ["*"]. Its latest version (9.55.1+0) has components: {ghostscript = "9.55.0"}
      • artifex:ghostscript at < 10.04.0 includes all versions
  • CVE-2024-46955 for packages: Ghostscript_jll
    • Ghostscript_jll computed ["*"]. Its latest version (9.55.1+0) has components: {ghostscript = "9.55.0"}
      • artifex:ghostscript at < 10.04.0 includes all versions
  • CVE-2024-46956 for packages: Ghostscript_jll
    • Ghostscript_jll computed ["*"]. Its latest version (9.55.1+0) has components: {ghostscript = "9.55.0"}
      • artifex:ghostscript at < 10.04.0 includes all versions
  • CVE-2024-47537 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47538 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47539 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47540 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47541 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47542 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47543 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47544 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47545 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47546 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47596 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47597 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47598 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47599 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47600 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47601 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47602 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47603 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47606 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47607 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47613 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47615 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47774 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47775 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47776 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47777 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47778 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47814 for packages: Vim_jll
    • Vim_jll computed ["*"]. Its latest version (9.1.0+0) has components: {vim = "9.1.0"}
      • vim:vim at < 9.1.0764 includes all versions
  • CVE-2024-47834 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-47835 for packages: GStreamer_jll
    • GStreamer_jll computed ["*"]. Its latest version (1.20.3+0) has components: {gstreamer = "1.20.3"}
      • gstreamer_project:gstreamer at < 1.24.10 includes all versions
  • CVE-2024-52530 for packages: Soup3_jll
    • Soup3_jll computed ["*"]. Its latest version (3.2.1+0) has components: {libsoup = "3.2.1"}
      • gnome:libsoup at < 3.6.0 includes all versions
  • CVE-2024-52531 for packages: Soup3_jll
    • Soup3_jll computed ["*"]. Its latest version (3.2.1+0) has components: {libsoup = "3.2.1"}
      • gnome:libsoup at < 3.6.1 includes all versions
  • CVE-2024-52532 for packages: Soup3_jll
    • Soup3_jll computed ["*"]. Its latest version (3.2.1+0) has components: {libsoup = "3.2.1"}
      • gnome:libsoup at < 3.6.1 includes all versions
  • CVE-2024-56378 for packages: Poppler_jll
    • Poppler_jll computed ["*"]. Its latest version (24.6.0+0) has components: {poppler = "24.06.0", poppler-ink = "24.06.0"}
      • freedesktop:poppler at <= 24.12.0 includes all versions
  • CVE-2025-27830 for packages: Ghostscript_jll
    • Ghostscript_jll computed ["*"]. Its latest version (9.55.1+0) has components: {ghostscript = "9.55.0"}
      • artifex:ghostscript at < 10.05.0 includes all versions
  • CVE-2025-27831 for packages: Ghostscript_jll
    • Ghostscript_jll computed ["*"]. Its latest version (9.55.1+0) has components: {ghostscript = "9.55.0"}
      • artifex:ghostscript at < 10.05.0 includes all versions
  • CVE-2025-27832 for packages: Ghostscript_jll
    • Ghostscript_jll computed ["*"]. Its latest version (9.55.1+0) has components: {ghostscript = "9.55.0"}
      • artifex:ghostscript at < 10.05.0 includes all versions
  • CVE-2025-27835 for packages: Ghostscript_jll
    • Ghostscript_jll computed ["*"]. Its latest version (9.55.1+0) has components: {ghostscript = "9.55.0"}
      • artifex:ghostscript at < 10.05.0 includes all versions
  • CVE-2025-27836 for packages: Ghostscript_jll
    • Ghostscript_jll computed ["*"]. Its latest version (9.55.1+0) has components: {ghostscript = "9.55.0"}
      • artifex:ghostscript at < 10.05.0 includes all versions
  • CVE-2025-2784 for packages: Soup3_jll
    • Soup3_jll computed ["*"]. Its latest version (3.2.1+0) has components: {libsoup = "3.2.1"}
      • gnome:libsoup at < 3.6.5 includes all versions
  • CVE-2025-32364 for packages: Poppler_jll
    • Poppler_jll computed ["*"]. Its latest version (24.6.0+0) has components: {poppler = "24.06.0", poppler-ink = "24.06.0"}
      • freedesktop:poppler at < 25.04.0 includes all versions
  • CVE-2025-32365 for packages: Poppler_jll
    • Poppler_jll computed ["*"]. Its latest version (24.6.0+0) has components: {poppler = "24.06.0", poppler-ink = "24.06.0"}
      • freedesktop:poppler at < 25.04.0 includes all versions
  • CVE-2025-32988 for packages: GnuTLS_jll
    • GnuTLS_jll computed ["*"]. Its latest version (3.8.4+0) has components: {gnutls = "3.8.4"}
      • gnu:gnutls at < 3.8.10 includes all versions
  • CVE-2025-43961 for packages: LibRaw_jll
    • LibRaw_jll computed ["*"]. Its latest version (0.20.2+0) has components: {libraw = "0.20.2"}
      • libraw:libraw at < 0.21.4 includes all versions
  • CVE-2025-43962 for packages: LibRaw_jll
    • LibRaw_jll computed ["*"]. Its latest version (0.20.2+0) has components: {libraw = "0.20.2"}
      • libraw:libraw at < 0.21.4 includes all versions
  • CVE-2025-43963 for packages: LibRaw_jll
    • LibRaw_jll computed ["*"]. Its latest version (0.20.2+0) has components: {libraw = "0.20.2"}
      • libraw:libraw at < 0.21.4 includes all versions
  • CVE-2025-43964 for packages: LibRaw_jll
    • LibRaw_jll computed ["*"]. Its latest version (0.20.2+0) has components: {libraw = "0.20.2"}
      • libraw:libraw at < 0.21.4 includes all versions
  • CVE-2025-4598 for packages: systemd_jll
    • systemd_jll computed ["*"]. Its latest version (256.7.0+0) has components: {systemd = "256.7"}
      • systemd_project:systemd at >= 256, < 256.14 mapped to [>= 256.7.0+0], includes the latest version`
  • CVE-2025-47917 for packages: MbedTLS_jll
    • MbedTLS_jll computed ["*"]. Its latest version (2.28.10+0) has components: {mbedtls = "2.28.10"}
      • arm:mbed_tls at < 3.6.4 includes all versions
  • CVE-2025-48965 for packages: MbedTLS_jll
    • MbedTLS_jll computed ["*"]. Its latest version (2.28.10+0) has components: {mbedtls = "2.28.10"}
      • arm:mbed_tls at < 3.6.4 includes all versions
  • CVE-2025-52496 for packages: MbedTLS_jll
    • MbedTLS_jll computed ["*"]. Its latest version (2.28.10+0) has components: {mbedtls = "2.28.10"}
      • arm:mbed_tls at < 3.6.4 includes all versions
  • CVE-2025-52497 for packages: MbedTLS_jll
    • MbedTLS_jll computed ["*"]. Its latest version (2.28.10+0) has components: {mbedtls = "2.28.10"}
      • arm:mbed_tls at < 3.6.4 includes all versions
  • CVE-2025-54349 for packages: iperf_jll
    • iperf_jll computed ["*"]. Its latest version (3.7.0+0) has components: {iperf3 = "3.7"}
      • es:iperf3 at >= 3.2, < 3.19.1 includes all versions
  • CVE-2025-54350 for packages: iperf_jll
    • iperf_jll computed ["*"]. Its latest version (3.7.0+0) has components: {iperf3 = "3.7"}
      • es:iperf3 at >= 3.2, < 3.19.1 includes all versions

7 advisories apply to the latest version of a package and do not have a patch

  • CVE-2021-36647 for packages: MbedTLS_jll
    • MbedTLS_jll computed ["< 2.27.0+0", ">= 2.28.0+0"]. Its latest version (2.28.10+0) has components: {mbedtls = "2.28.10"}
      • arm:mbed_tls at >= 2.28.0, < 3.0.0 mapped to [>= 2.28.0+0], includes the latest version`
  • CVE-2023-30581 for packages: libnode_jll
    • libnode_jll computed [">= 16.14.0+0"]. Its latest version (18.12.1+0) has components: {node-v = "18.12.1", nodejs = "18.12.1"}
      • nodejs:node.js at >= 18.0.0, < 18.16.1 mapped to [>= 18.12.1+0], includes the latest version`
  • CVE-2023-30585 for packages: libnode_jll
    • libnode_jll computed [">= 16.14.0+0"]. Its latest version (18.12.1+0) has components: {node-v = "18.12.1", nodejs = "18.12.1"}
      • nodejs:node.js at >= 18.0.0, < 18.16.1 mapped to [>= 18.12.1+0], includes the latest version`
  • CVE-2023-30590 for packages: libnode_jll
    • libnode_jll computed [">= 16.14.0+0"]. Its latest version (18.12.1+0) has components: {node-v = "18.12.1", nodejs = "18.12.1"}
      • nodejs:node.js at >= 18.0.0, < 18.16.1 mapped to [>= 18.12.1+0], includes the latest version`
  • CVE-2023-38552 for packages: libnode_jll
    • libnode_jll computed [">= 18.12.1+0"]. Its latest version (18.12.1+0) has components: {node-v = "18.12.1", nodejs = "18.12.1"}
      • nodejs:node.js at >= 18.0.0, <= 18.18.1 mapped to [>= 18.12.1+0], includes the latest version`
  • CVE-2024-10918 for packages: LibModbus_jll
    • LibModbus_jll computed [">= 3.1.10+0"]. Its latest version (3.1.10+0) has components: {libmodbus = "*"}
      • libmodbus:libmodbus at = 3.1.10 mapped to [>= 3.1.10+0], includes the latest version`
  • CVE-2025-23084 for packages: libnode_jll
    • libnode_jll computed [">= 18.12.1+0"]. Its latest version (18.12.1+0) has components: {node-v = "18.12.1", nodejs = "18.12.1"}
      • nodejs:node.js at >= 18.0, < 18.20.6 mapped to [>= 18.12.1+0], includes the latest version`

84 advisories found concrete vulnerable ranges

  • CVE-2015-20107 for packages: Python_jll
    • Python_jll computed ["< 3.10.8+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2017-5950 for packages: yaml_cpp_jll
    • yaml_cpp_jll computed ["< 0.6.3+0"]. Its latest version (0.8.1+0) has components: {yaml-cpp = "0.8.0"}
  • CVE-2020-10735 for packages: Python_jll
    • Python_jll computed ["< 3.10.7+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2021-24119 for packages: MbedTLS_jll
    • MbedTLS_jll computed ["< 2.26.0+0"]. Its latest version (2.28.10+0) has components: {mbedtls = "2.28.10"}
  • CVE-2021-28861 for packages: Python_jll
    • Python_jll computed ["< 3.10.7+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2021-29338 for packages: OpenJpeg_jll
    • OpenJpeg_jll computed [">= 2.4.0+0, < 2.5.0+0"]. Its latest version (2.5.5+0) has components: {openjpeg = "2.5.4"}
  • CVE-2021-29921 for packages: Python_jll
    • Python_jll computed ["< 3.10.7+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2021-32050 for packages: MongoC_jll
    • MongoC_jll computed ["< 1.19.1+0"]. Its latest version (1.28.1+0) has components: {mongo-c-driver = "1.28.1"}
  • CVE-2021-3426 for packages: Python_jll
    • Python_jll computed ["< 3.8.8+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2021-3575 for packages: OpenJpeg_jll
    • OpenJpeg_jll computed ["< 2.5.0+0"]. Its latest version (2.5.5+0) has components: {openjpeg = "2.5.4"}
  • CVE-2021-36976 for packages: LibArchive_jll
    • LibArchive_jll computed ["< 3.7.4+0"]. Its latest version (3.8.2+0) has components: {libarchive = "3.8.2"}
  • CVE-2021-3733 for packages: Python_jll
    • Python_jll computed ["< 3.10.7+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2021-3737 for packages: Python_jll
    • Python_jll computed ["< 3.10.7+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2021-4189 for packages: Python_jll
    • Python_jll computed ["< 3.10.7+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2021-44732 for packages: MbedTLS_jll
    • MbedTLS_jll computed ["< 2.28.0+0"]. Its latest version (2.28.10+0) has components: {mbedtls = "2.28.10"}
  • CVE-2022-0391 for packages: Python_jll
    • Python_jll computed ["< 3.10.7+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2022-1122 for packages: OpenJpeg_jll
    • OpenJpeg_jll computed [">= 2.4.0+0, < 2.5.0+0"]. Its latest version (2.5.5+0) has components: {openjpeg = "2.5.4"}
  • CVE-2022-2068 for packages: OpenSSL_jll, and Openresty_jll
    • OpenSSL_jll computed ["< 1.1.16+0"]. Its latest version (3.5.4+0) has components: {openssl = "3.5.4"}
    • Openresty_jll computed ["< 1.21.4+0"]. Its latest version (1.27.1+0) has components: {openresty = "1.27.1.1", openssl = "3.0.15", pcre = "8.45", zlib = "1.3.1"}
  • CVE-2022-36227 for packages: LibArchive_jll
    • LibArchive_jll computed ["< 3.7.4+0"]. Its latest version (3.8.2+0) has components: {libarchive = "3.8.2"}
  • CVE-2022-42919 for packages: Python_jll
    • Python_jll computed [">= 3.8.8+0, < 3.10.13+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2022-4415 for packages: systemd_jll
    • systemd_jll computed ["< 256.7.0+0"]. Its latest version (256.7.0+0) has components: {systemd = "256.7"}
  • CVE-2022-45061 for packages: Python_jll
    • Python_jll computed ["< 3.10.13+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2022-46392 for packages: MbedTLS_jll
    • MbedTLS_jll computed ["< 2.28.2+0"]. Its latest version (2.28.10+0) has components: {mbedtls = "2.28.10"}
  • CVE-2022-49043 for packages: XML2_jll
    • XML2_jll computed ["< 2.12.0+0"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
  • CVE-2023-0437 for packages: MongoC_jll
    • MongoC_jll computed ["< 1.25.1+0"]. Its latest version (1.28.1+0) has components: {mongo-c-driver = "1.28.1"}
  • CVE-2023-1544 for packages: Qemu_jll, and Qemu_static_jll
    • Qemu_jll computed ["< 7.2.9+0"]. Its latest version (7.2.9+0) has components: {qemu = "7.2.9"}
    • Qemu_static_jll computed ["< 7.2.9+0"]. Its latest version (7.2.9+0) has components: {qemu = "7.2.9"}
  • CVE-2023-24329 for packages: Python_jll
    • Python_jll computed ["< 3.10.13+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2023-26965 for packages: Libtiff_jll
    • Libtiff_jll computed ["< 4.5.1+0"]. Its latest version (4.7.2+0) has components: {tiff = "4.7.1"}
  • CVE-2023-27043 for packages: Python_jll
    • Python_jll computed ["< 3.10.16+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2023-2908 for packages: Libtiff_jll
    • Libtiff_jll computed ["< 4.5.1+0"]. Its latest version (4.7.2+0) has components: {tiff = "4.7.1"}
  • CVE-2023-3316 for packages: Libtiff_jll
    • Libtiff_jll computed ["< 4.5.1+0"]. Its latest version (4.7.2+0) has components: {tiff = "4.7.1"}
  • CVE-2023-3618 for packages: Libtiff_jll
    • Libtiff_jll computed ["< 4.5.1+0"]. Its latest version (4.7.2+0) has components: {tiff = "4.7.1"}
  • CVE-2023-39615 for packages: XML2_jll
    • XML2_jll computed [">= 2.11.5+0, < 2.12.0+0"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
  • CVE-2023-40217 for packages: Python_jll
    • Python_jll computed ["< 3.10.13+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2023-45322 for packages: XML2_jll
    • XML2_jll computed ["< 2.12.0+0"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
  • CVE-2023-48795 for packages: LibSSH2_jll, and OpenSSH_jll
    • LibSSH2_jll computed ["< 1.11.3+0"]. Its latest version (1.11.3+1) has components: {libssh2 = "1.11.1"}
    • libssh_jll has no vulnerable versions; some versions contain vulnerable libssh:libssh. Its latest version (0.11.3+0) has components: {libssh = "0.11.3"}
    • OpenSSH_jll computed ["< 9.9.1+0"]. Its latest version (10.2.1+0) has components: {openssh = "10.2p1"}
  • CVE-2023-49502 for packages: FFMPEG_jll
    • FFMPEG_jll computed [">= 6.1.1+0, < 7.1.0+0"]. Its latest version (8.0.0+0) has components: {ffmpeg = "8.0"}
    • FFplay_jll has no vulnerable versions; some versions contain vulnerable ffmpeg:ffmpeg. Its latest version (7.1.1+0) has components: {ffmpeg = "7.1.1"}
  • CVE-2023-5363 for packages: OpenSSL_jll
    • OpenSSL_jll computed [">= 3.0.8+0, < 3.0.12+0"]. Its latest version (3.5.4+0) has components: {openssl = "3.5.4"}
    • Openresty_jll has no vulnerable versions; some versions contain vulnerable openssl:openssl. Its latest version (1.27.1+0) has components: {openresty = "1.27.1.1", openssl = "3.0.15", pcre = "8.45", zlib = "1.3.1"}
  • CVE-2023-5678 for packages: OpenSSL_jll, and Openresty_jll
    • OpenSSL_jll computed ["< 3.0.13+0"]. Its latest version (3.5.4+0) has components: {openssl = "3.5.4"}
    • Openresty_jll computed ["< 1.27.1+0"]. Its latest version (1.27.1+0) has components: {openresty = "1.27.1.1", openssl = "3.0.15", pcre = "8.45", zlib = "1.3.1"}
  • CVE-2023-6601 for packages: FFMPEG_jll, and FFplay_jll
    • FFMPEG_jll computed ["< 6.1.1+0"]. Its latest version (8.0.0+0) has components: {ffmpeg = "8.0"}
    • FFplay_jll computed ["< 7.1.0+0"]. Its latest version (7.1.1+0) has components: {ffmpeg = "7.1.1"}
  • CVE-2023-6602 for packages: FFMPEG_jll, and FFplay_jll
    • FFMPEG_jll computed ["< 6.1.1+0"]. Its latest version (8.0.0+0) has components: {ffmpeg = "8.0"}
    • FFplay_jll computed ["< 7.1.0+0"]. Its latest version (7.1.1+0) has components: {ffmpeg = "7.1.1"}
  • CVE-2023-6604 for packages: FFMPEG_jll, and FFplay_jll
    • FFMPEG_jll computed ["< 6.1.1+0"]. Its latest version (8.0.0+0) has components: {ffmpeg = "8.0"}
    • FFplay_jll computed ["< 7.1.0+0"]. Its latest version (7.1.1+0) has components: {ffmpeg = "7.1.1"}
  • CVE-2023-6605 for packages: FFMPEG_jll, and FFplay_jll
    • FFMPEG_jll computed ["< 6.1.1+0"]. Its latest version (8.0.0+0) has components: {ffmpeg = "8.0"}
    • FFplay_jll computed ["< 7.1.0+0"]. Its latest version (7.1.1+0) has components: {ffmpeg = "7.1.1"}
  • CVE-2024-0727 for packages: OpenSSL_jll, and Openresty_jll
    • OpenSSL_jll computed ["< 3.0.13+0"]. Its latest version (3.5.4+0) has components: {openssl = "3.5.4"}
    • Openresty_jll computed ["< 1.27.1+0"]. Its latest version (1.27.1+0) has components: {openresty = "1.27.1.1", openssl = "3.0.15", pcre = "8.45", zlib = "1.3.1"}
  • CVE-2024-12085 for packages: rsync_jll
    • rsync_jll computed ["< 3.3.0+0"]. Its latest version (3.4.1+0) has components: {rsync = "3.4.1"}
  • CVE-2024-12086 for packages: rsync_jll
    • rsync_jll computed ["< 3.4.0+0"]. Its latest version (3.4.1+0) has components: {rsync = "3.4.1"}
  • CVE-2024-12087 for packages: rsync_jll
    • rsync_jll computed ["< 3.4.0+0"]. Its latest version (3.4.1+0) has components: {rsync = "3.4.1"}
  • CVE-2024-12088 for packages: rsync_jll
    • rsync_jll computed ["< 3.4.0+0"]. Its latest version (3.4.1+0) has components: {rsync = "3.4.1"}
  • CVE-2024-13978 for packages: Libtiff_jll
    • Libtiff_jll computed ["< 4.7.2+0"]. Its latest version (4.7.2+0) has components: {tiff = "4.7.1"}
  • CVE-2024-25062 for packages: XML2_jll
    • XML2_jll computed ["< 2.12.5+0"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
  • CVE-2024-31578 for packages: FFMPEG_jll, and FFplay_jll
    • FFMPEG_jll computed ["< 7.1.0+0"]. Its latest version (8.0.0+0) has components: {ffmpeg = "8.0"}
    • FFplay_jll computed ["< 7.1.0+0"]. Its latest version (7.1.1+0) has components: {ffmpeg = "7.1.1"}
  • CVE-2024-34459 for packages: XML2_jll
    • XML2_jll computed ["< 2.12.7+0"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
  • CVE-2024-35367 for packages: FFMPEG_jll
    • FFMPEG_jll computed [">= 6.1.1+0, < 6.1.2+0"]. Its latest version (8.0.0+0) has components: {ffmpeg = "8.0"}
    • FFplay_jll has no vulnerable versions; some versions contain vulnerable ffmpeg:ffmpeg. Its latest version (7.1.1+0) has components: {ffmpeg = "7.1.1"}
  • CVE-2024-36618 for packages: FFMPEG_jll
    • FFMPEG_jll computed [">= 6.1.1+0, < 6.1.2+0"]. Its latest version (8.0.0+0) has components: {ffmpeg = "8.0"}
    • FFplay_jll has no vulnerable versions; some versions contain vulnerable ffmpeg:ffmpeg. Its latest version (7.1.1+0) has components: {ffmpeg = "7.1.1"}
  • CVE-2024-37371 for packages: Kerberos_krb5_jll
    • Kerberos_krb5_jll computed ["< 1.21.3+0"]. Its latest version (1.21.3+0) has components: {krb5 = "1.21.3"}
  • CVE-2024-45490 for packages: Expat_jll
    • Expat_jll computed ["< 2.6.4+0"]. Its latest version (2.7.3+0) has components: {expat = "2.7.3"}
  • CVE-2024-4741 for packages: OpenSSL_jll, and Openresty_jll
    • OpenSSL_jll computed ["< 3.0.14+0"]. Its latest version (3.5.4+0) has components: {openssl = "3.5.4"}
    • Openresty_jll computed [">= 1.19.9+0, < 1.27.1+0"]. Its latest version (1.27.1+0) has components: {openresty = "1.27.1.1", openssl = "3.0.15", pcre = "8.45", zlib = "1.3.1"}
  • CVE-2024-48958 for packages: LibArchive_jll
    • LibArchive_jll computed [">= 3.7.4+0, < 3.7.9+0"]. Its latest version (3.8.2+0) has components: {libarchive = "3.8.2"}
  • CVE-2024-5535 for packages: OpenSSL_jll, and Openresty_jll
    • OpenSSL_jll computed ["< 3.0.15+0"]. Its latest version (3.5.4+0) has components: {openssl = "3.5.4"}
    • Openresty_jll computed ["< 1.27.1+0"]. Its latest version (1.27.1+0) has components: {openresty = "1.27.1.1", openssl = "3.0.15", pcre = "8.45", zlib = "1.3.1"}
  • CVE-2024-55549 for packages: XSLT_jll
    • XSLT_jll computed ["< 1.1.43+0"]. Its latest version (1.1.43+0) has components: {libxslt = "1.1.43"}
  • CVE-2024-56171 for packages: XML2_jll
    • XML2_jll computed ["< 2.13.6+1"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
  • CVE-2024-6232 for packages: Python_jll
    • Python_jll computed ["< 3.10.16+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2024-6381 for packages: MongoC_jll
    • MongoC_jll computed ["< 1.28.1+0"]. Its latest version (1.28.1+0) has components: {mongo-c-driver = "1.28.1"}
  • CVE-2024-7006 for packages: Libtiff_jll
    • Libtiff_jll computed ["< 4.7.0+0"]. Its latest version (4.7.2+0) has components: {tiff = "4.7.1"}
  • CVE-2024-7055 for packages: FFMPEG_jll, and FFplay_jll
    • FFMPEG_jll computed ["< 6.1.2+0"]. Its latest version (8.0.0+0) has components: {ffmpeg = "8.0"}
    • FFplay_jll computed ["< 7.1.0+0"]. Its latest version (7.1.1+0) has components: {ffmpeg = "7.1.1"}
  • CVE-2024-7264 for packages: CURL_jll, and LibCURL_jll
    • CURL_jll computed ["< 8.9.1+0"]. Its latest version (8.16.0+0) has components: {curl = "8.16.0"}
    • LibCURL_jll computed ["< 8.9.1+0"]. Its latest version (8.16.0+0) has components: {curl = "8.16.0"}
  • CVE-2024-7592 for packages: Python_jll
    • Python_jll computed ["< 3.10.16+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2024-9287 for packages: Python_jll
    • Python_jll computed ["< 3.10.16+0"]. Its latest version (3.11.12+0) has components: {"python:idle" = "3.11.12", python = "3.11.12"}
  • CVE-2025-0518 for packages: FFMPEG_jll, and FFplay_jll
    • FFMPEG_jll computed [">= 7.1.0+0, < 7.1.1+0"]. Its latest version (8.0.0+0) has components: {ffmpeg = "8.0"}
    • FFplay_jll computed [">= 7.1.0+0, < 7.1.1+0"]. Its latest version (7.1.1+0) has components: {ffmpeg = "7.1.1"}
  • CVE-2025-0755 for packages: MongoC_jll
    • MongoC_jll computed ["< 1.28.1+0"]. Its latest version (1.28.1+0) has components: {mongo-c-driver = "1.28.1"}
  • CVE-2025-24855 for packages: XSLT_jll
    • XSLT_jll computed ["< 1.1.43+0"]. Its latest version (1.1.43+0) has components: {libxslt = "1.1.43"}
  • CVE-2025-24928 for packages: XML2_jll
    • XML2_jll computed ["< 2.13.6+1"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
  • CVE-2025-26465 for packages: OpenSSH_jll
    • OpenSSH_jll computed [">= 9.3.2+0, < 9.9.1+0"]. Its latest version (10.2.1+0) has components: {openssh = "10.2p1"}
  • CVE-2025-27113 for packages: XML2_jll
    • XML2_jll computed ["< 2.13.6+1"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
  • CVE-2025-32414 for packages: XML2_jll
    • XML2_jll computed ["< 2.13.8+0", ">= 2.14.1+0, < 2.14.4+0"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
  • CVE-2025-32415 for packages: XML2_jll
    • XML2_jll computed ["< 2.13.8+0", ">= 2.14.1+0, < 2.14.4+0"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}
  • CVE-2025-48174 for packages: libavif_jll
    • libavif_jll computed ["< 1.3.0+0"]. Its latest version (1.3.0+0) has components: {libavif = "1.3.0"}
  • CVE-2025-48175 for packages: libavif_jll
    • libavif_jll computed ["< 1.3.0+0"]. Its latest version (1.3.0+0) has components: {libavif = "1.3.0"}
  • CVE-2025-48384 for packages: Git_jll
    • Git_jll computed ["< 2.50.1+0"]. Its latest version (2.51.3+0) has components: {git-for-windows = "2.51.2.windows.1", git = "2.51.2"}
  • CVE-2025-53014 for packages: ImageMagick_jll
    • ImageMagick_jll computed ["< 7.1.2001+0"]. Its latest version (7.1.2005+0) has components: {imagemagick = "7.1.2-3"}
  • CVE-2025-53019 for packages: ImageMagick_jll
    • ImageMagick_jll computed ["< 7.1.2001+0"]. Its latest version (7.1.2005+0) has components: {imagemagick = "7.1.2-3"}
  • CVE-2025-53101 for packages: ImageMagick_jll
    • ImageMagick_jll computed ["< 7.1.2001+0"]. Its latest version (7.1.2005+0) has components: {imagemagick = "7.1.2-3"}
  • CVE-2025-5318 for packages: libssh_jll
    • libssh_jll computed ["< 0.11.3+0"]. Its latest version (0.11.3+0) has components: {libssh = "0.11.3"}
  • CVE-2025-6021 for packages: XML2_jll
    • XML2_jll computed ["< 2.14.4+0"]. Its latest version (2.15.1+0) has components: {libxml2 = "2.15.1"}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jlsec-bot @mbauman