{ "_class" : "io.jenkins.plugins.analysis.core.restapi.ReportApi", "issues" : [ { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-643fee7a", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-busybox-binsh: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox-binsh package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox-binsh | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox-binsh, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_oracle at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-busybox-binsh: : CVE-2025-60876-busybox-binsh: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox-binsh package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox-binsh | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox-binsh, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_oracle at: /lib/apk/db/installed", "type" : "CVE-2025-60876-busybox-binsh" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-c8e3b39b", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-busybox: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_oracle at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-busybox: : CVE-2025-60876-busybox: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_oracle at: /lib/apk/db/installed", "type" : "CVE-2025-60876-busybox" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-cc599489", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-ssl_client: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for ssl_client package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | ssl_client | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: ssl_client, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_oracle at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-ssl_client: : CVE-2025-60876-ssl_client: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for ssl_client package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | ssl_client | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: ssl_client, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_oracle at: /lib/apk/db/installed", "type" : "CVE-2025-60876-ssl_client" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//var/govway/batch/generatoreStatistiche/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /var/govway/batch/generatoreStatistiche/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_batch_oracle at: /var/govway/batch/generatoreStatistiche/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /var/govway/batch/generatoreStatistiche/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_batch_oracle at: /var/govway/batch/generatoreStatistiche/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//var/govway/batch/generatoreStatistiche/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /var/govway/batch/generatoreStatistiche/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_batch_oracle at: /var/govway/batch/generatoreStatistiche/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /var/govway/batch/generatoreStatistiche/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_batch_oracle at: /var/govway/batch/generatoreStatistiche/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-643fee7a", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-busybox-binsh: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox-binsh package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox-binsh | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox-binsh, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_postgres at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-busybox-binsh: : CVE-2025-60876-busybox-binsh: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox-binsh package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox-binsh | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox-binsh, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_postgres at: /lib/apk/db/installed", "type" : "CVE-2025-60876-busybox-binsh" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-c8e3b39b", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-busybox: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_postgres at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-busybox: : CVE-2025-60876-busybox: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_postgres at: /lib/apk/db/installed", "type" : "CVE-2025-60876-busybox" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-cc599489", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-ssl_client: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for ssl_client package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | ssl_client | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: ssl_client, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_postgres at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-ssl_client: : CVE-2025-60876-ssl_client: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for ssl_client package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | ssl_client | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: ssl_client, version 1.37.0-r30 was found in image linkitaly/govway:master_batch_postgres at: /lib/apk/db/installed", "type" : "CVE-2025-60876-ssl_client" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//var/govway/batch/generatoreStatistiche/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /var/govway/batch/generatoreStatistiche/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_batch_postgres at: /var/govway/batch/generatoreStatistiche/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /var/govway/batch/generatoreStatistiche/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_batch_postgres at: /var/govway/batch/generatoreStatistiche/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//var/govway/batch/generatoreStatistiche/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /var/govway/batch/generatoreStatistiche/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_batch_postgres at: /var/govway/batch/generatoreStatistiche/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /var/govway/batch/generatoreStatistiche/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_batch_postgres at: /var/govway/batch/generatoreStatistiche/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-643fee7a", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-busybox-binsh: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox-binsh package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox-binsh | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox-binsh, version 1.37.0-r30 was found in image linkitaly/govway:master_oracle at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-busybox-binsh: : CVE-2025-60876-busybox-binsh: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox-binsh package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox-binsh | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox-binsh, version 1.37.0-r30 was found in image linkitaly/govway:master_oracle at: /lib/apk/db/installed", "type" : "CVE-2025-60876-busybox-binsh" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-c8e3b39b", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-busybox: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox, version 1.37.0-r30 was found in image linkitaly/govway:master_oracle at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-busybox: : CVE-2025-60876-busybox: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox, version 1.37.0-r30 was found in image linkitaly/govway:master_oracle at: /lib/apk/db/installed", "type" : "CVE-2025-60876-busybox" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-cc599489", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-ssl_client: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for ssl_client package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | ssl_client | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: ssl_client, version 1.37.0-r30 was found in image linkitaly/govway:master_oracle at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-ssl_client: : CVE-2025-60876-ssl_client: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for ssl_client package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | ssl_client | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: ssl_client, version 1.37.0-r30 was found in image linkitaly/govway:master_oracle at: /lib/apk/db/installed", "type" : "CVE-2025-60876-ssl_client" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "jasperreports-6.20.0.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "fingerprint" : "FALLBACK-c94c81d2", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "HIGH", "toString" : "jasperreports-6.20.0.jar(1,0): GHSA-7c3f-cg9x-f3gr-jasperreports: : GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "type" : "GHSA-7c3f-cg9x-f3gr-jasperreports" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "jasperreports-6.20.0.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "fingerprint" : "FALLBACK-c94c81d2", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "HIGH", "toString" : "jasperreports-6.20.0.jar(1,0): GHSA-7c3f-cg9x-f3gr-jasperreports: : GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "type" : "GHSA-7c3f-cg9x-f3gr-jasperreports" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-643fee7a", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-busybox-binsh: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox-binsh package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox-binsh | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox-binsh, version 1.37.0-r30 was found in image linkitaly/govway:master_postgres at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-busybox-binsh: : CVE-2025-60876-busybox-binsh: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox-binsh package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox-binsh | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox-binsh, version 1.37.0-r30 was found in image linkitaly/govway:master_postgres at: /lib/apk/db/installed", "type" : "CVE-2025-60876-busybox-binsh" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-c8e3b39b", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-busybox: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox, version 1.37.0-r30 was found in image linkitaly/govway:master_postgres at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-busybox: : CVE-2025-60876-busybox: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox, version 1.37.0-r30 was found in image linkitaly/govway:master_postgres at: /lib/apk/db/installed", "type" : "CVE-2025-60876-busybox" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-cc599489", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-ssl_client: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for ssl_client package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | ssl_client | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: ssl_client, version 1.37.0-r30 was found in image linkitaly/govway:master_postgres at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-ssl_client: : CVE-2025-60876-ssl_client: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for ssl_client package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | ssl_client | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: ssl_client, version 1.37.0-r30 was found in image linkitaly/govway:master_postgres at: /lib/apk/db/installed", "type" : "CVE-2025-60876-ssl_client" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "jasperreports-6.20.0.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "fingerprint" : "FALLBACK-c94c81d2", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "HIGH", "toString" : "jasperreports-6.20.0.jar(1,0): GHSA-7c3f-cg9x-f3gr-jasperreports: : GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "type" : "GHSA-7c3f-cg9x-f3gr-jasperreports" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "jasperreports-6.20.0.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "fingerprint" : "FALLBACK-c94c81d2", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "HIGH", "toString" : "jasperreports-6.20.0.jar(1,0): GHSA-7c3f-cg9x-f3gr-jasperreports: : GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "type" : "GHSA-7c3f-cg9x-f3gr-jasperreports" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-643fee7a", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-busybox-binsh: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox-binsh package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox-binsh | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox-binsh, version 1.37.0-r30 was found in image linkitaly/govway:master_standalone at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-busybox-binsh: : CVE-2025-60876-busybox-binsh: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox-binsh package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox-binsh | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox-binsh, version 1.37.0-r30 was found in image linkitaly/govway:master_standalone at: /lib/apk/db/installed", "type" : "CVE-2025-60876-busybox-binsh" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-c8e3b39b", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-busybox: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox, version 1.37.0-r30 was found in image linkitaly/govway:master_standalone at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-busybox: : CVE-2025-60876-busybox: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for busybox package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | busybox | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: busybox, version 1.37.0-r30 was found in image linkitaly/govway:master_standalone at: /lib/apk/db/installed", "type" : "CVE-2025-60876-busybox" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "installed", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//lib/apk/db/installed", "fingerprint" : "FALLBACK-cc599489", "lineEnd" : 1, "lineStart" : 1, "message" : "CVE-2025-60876-ssl_client: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for ssl_client package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | ssl_client | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: ssl_client, version 1.37.0-r30 was found in image linkitaly/govway:master_standalone at: /lib/apk/db/installed", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "installed(1,0): CVE-2025-60876-ssl_client: : CVE-2025-60876-ssl_client: ApkMatcherCpeMatch\u000a\u000aCVE-2025-60876 medium vulnerability for ssl_client package\u000a\u000aFor additional help see: **Vulnerability CVE-2025-60876**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | ssl_client | 1.37.0-r30 | | apk | /lib/apk/db/installed | nvd:cpe | [CVE-2025-60876](https://nvd.nist.gov/vuln/detail/CVE-2025-60876) |\u000a\u000a\u000aA medium vulnerability in apk package: ssl_client, version 1.37.0-r30 was found in image linkitaly/govway:master_standalone at: /lib/apk/db/installed", "type" : "CVE-2025-60876-ssl_client" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "jasperreports-6.20.0.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "fingerprint" : "FALLBACK-c94c81d2", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "HIGH", "toString" : "jasperreports-6.20.0.jar(1,0): GHSA-7c3f-cg9x-f3gr-jasperreports: : GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "type" : "GHSA-7c3f-cg9x-f3gr-jasperreports" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "commons-lang-2.6.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "fingerprint" : "FALLBACK-7016d195", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "commons-lang-2.6.jar(1,0): GHSA-j288-q9x7-2f5v-commons-lang: : GHSA-j288-q9x7-2f5v-commons-lang: JavaMatcherExactDirectMatch\u000a\u000aGHSA-j288-q9x7-2f5v medium vulnerability for commons-lang package\u000a\u000aFor additional help see: **Vulnerability GHSA-j288-q9x7-2f5v**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | commons-lang | 2.6 | | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/commons-lang-2.6.jar | github:language:java | [GHSA-j288-q9x7-2f5v](https://github.com/advisories/GHSA-j288-q9x7-2f5v) |\u000a\u000a\u000aA medium vulnerability in java-archive package: commons-lang, version 2.6 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/commons-lang-2.6.jar", "type" : "GHSA-j288-q9x7-2f5v-commons-lang" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "jasperreports-6.20.0.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "fingerprint" : "FALLBACK-c94c81d2", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "HIGH", "toString" : "jasperreports-6.20.0.jar(1,0): GHSA-7c3f-cg9x-f3gr-jasperreports: : GHSA-7c3f-cg9x-f3gr-jasperreports: JavaMatcherExactDirectMatch\u000a\u000aGHSA-7c3f-cg9x-f3gr high vulnerability for jasperreports package\u000a\u000aFor additional help see: **Vulnerability GHSA-7c3f-cg9x-f3gr**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| high | jasperreports | 6.20.0 | | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar | github:language:java | [GHSA-7c3f-cg9x-f3gr](https://github.com/advisories/GHSA-7c3f-cg9x-f3gr) |\u000a\u000a\u000aA high vulnerability in java-archive package: jasperreports, version 6.20.0 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/jasperreports-6.20.0.jar", "type" : "GHSA-7c3f-cg9x-f3gr-jasperreports" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.24.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "fingerprint" : "FALLBACK-ab41412b", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1347", "severity" : "NORMAL", "toString" : "log4j-core-2.24.3.jar(1,0): GHSA-vc5p-v9hr-52mj-log4j-core: : GHSA-vc5p-v9hr-52mj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-vc5p-v9hr-52mj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-vc5p-v9hr-52mj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.24.3 | 2.25.3 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.24.3.jar | github:language:java | [GHSA-vc5p-v9hr-52mj](https://github.com/advisories/GHSA-vc5p-v9hr-52mj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.24.3 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/log4j-core-2.24.3.jar", "type" : "GHSA-vc5p-v9hr-52mj-log4j-core" } ], "size" : 50, "toString" : "50 warnings (high: 6, normal: 44)" }