gitlab-toolbox-ce-fipspackaged by Chainguard
packaged by Chainguard
Last changed
Request a free trial
Contact our team to test out this image for free. Please also indicate any other images you would like to evaluate.
Tag:
Severity:All
Expand | CVE ID | Severity | Package | Version | Last detected |
|---|---|---|---|---|---|
CVE-2025-32460 | Critical | graphicsmagick | 1.3.46-r1 | ||
CVE-2019-16775 | High | npm | 1.0.1 | ||
CVE-2026-42501 | High | stdlib | go1.25.9 | ||
CVE-2026-45022 | High | github.com/go-git/go-git/v5 | v5.18.0 | ||
GHSA-c4rq-3m3g-8wgx | High | nokogiri | 1.19.1 | ||
GHSA-h6ch-v84p-w6p9 | High | diff | 1.0.0 | ||
CVE-2019-20920 | High | handlebars | 1.0.0 | ||
CVE-2026-41636 | High | thrift | 0.0.0-DEVELOPMENT | ||
CVE-2026-35611 | High | addressable | 2.8.7 | ||
CVE-2026-33540 | High | github.com/distribution/distribution/v3 | v3.0.0-20221208165359-362910506bc2 | ||
CVE-2026-33814 | High | stdlib | go1.25.9 | ||
CVE-2026-39836 | High | stdlib | go1.25.9 | ||
CVE-2026-44432 | High | urllib3 | 2.6.3 | ||
CVE-2026-44431 | High | urllib3 | 2.6.3 | ||
CVE-2019-16776 | High | npm | 1.0.1 | ||
CVE-2020-7788 | High | ini | 1.0.0 | ||
GHSA-2cf5-4w76-r9qv | High | handlebars | 1.0.0 | ||
CVE-2019-16777 | High | npm | 1.0.1 | ||
CVE-2026-33811 | High | stdlib | go1.25.9 | ||
CVE-2026-41316 | High | erb | 4.0.3 | ||
CVE-2026-34040 | High | github.com/docker/docker | v28.0.0+incompatible | ||
GHSA-g9r4-xpmj-mj65 | High | handlebars | 1.0.0 | ||
CVE-2016-3956 | High | npm | 1.0.1 | ||
CVE-2026-35172 | High | github.com/distribution/distribution/v3 | v3.0.0-20221208165359-362910506bc2 | ||
CVE-2026-4786 | High | python-3.12 | 3.12.13-r4 | ||
GHSA-q2c6-c6pm-g3gh | High | handlebars | 1.0.0 | ||
GHSA-q42p-pg8m-cqh6 | High | handlebars | 1.0.0 | ||
CVE-2026-42246 | High | net-imap | 0.5.9 | ||
CVE-2020-7712 | High | json | 1.0.0 | ||
CVE-2018-7408 | High | npm | 1.0.1 | ||
CVE-2021-21353 | Medium | pug | 1.0.0 | ||
CVE-2024-29034 | Medium | carrierwave | 1.3.4 | ||
GHSA-3h96-34p3-xm76 | Medium | graphql | 2.5.11 | ||
GHSA-v2fc-qm4h-8hqv | Medium | nokogiri | 1.19.1 | ||
CVE-2026-44312 | Medium | css_parser | 1.14.0 | ||
CVE-2026-39823 | Medium | stdlib | go1.25.9 | ||
CVE-2024-8796 | Medium | devise-two-factor | 5.1.0 | ||
CVE-2026-39826 | Medium | stdlib | go1.25.9 | ||
CVE-2015-8861 | Medium | handlebars | 1.0.0 | ||
CVE-2023-49090 | Medium | carrierwave | 1.3.4 | ||
CVE-2026-44837 | Medium | view_component | 3.23.2 | ||
CVE-2025-15367 | Medium | python-3.12 | 3.12.13-r4 | ||
CVE-2026-42256 | Medium | net-imap | 0.5.9 | ||
CVE-2026-4224 | Medium | python-3.12 | 3.12.13-r4 | ||
CVE-2026-42257 | Medium | net-imap | 0.5.9 | ||
CVE-2026-7210 | Medium | python-3.12 | 3.12.13-r4 | ||
CVE-2026-32700 | Medium | devise | 4.9.4 | ||
CVE-2026-3644 | Medium | python-3.12 | 3.12.13-r4 | ||
CVE-2026-33635 | Medium | icalendar | 2.10.3 | ||
CVE-2025-15366 | Medium | python-3.12 | 3.12.13-r4 | ||
CVE-2026-3446 | Medium | python-3.12 | 3.12.13-r4 | ||
CVE-2026-2297 | Medium | python-3.12 | 3.12.13-r4 | ||
CVE-2026-33997 | Medium | github.com/docker/docker | v28.0.0+incompatible | ||
CVE-2025-67202 | Medium | sidekiq-cron | 2.3.1 | ||
CVE-2026-39819 | Medium | stdlib | go1.25.9 | ||
CVE-2026-41888 | Medium | github.com/distribution/distribution/v3 | v3.0.0-20221208165359-362910506bc2 | ||
CVE-2026-42258 | Medium | net-imap | 0.5.9 | ||
CVE-2026-33532 | Medium | yaml | 1.0.0 | ||
CVE-2020-15095 | Medium | npm | 1.0.1 | ||
CVE-2026-25765 | Medium | faraday | 2.13.4 | ||
CVE-2026-44836 | Medium | view_component | 3.23.2 | ||
CVE-2026-39817 | Medium | stdlib | go1.25.9 | ||
CVE-2025-12781 | Medium | python-3.12 | 3.12.13-r4 | ||
CVE-2024-36361 | Medium | pug | 1.0.0 | ||
CVE-2026-40295 | Medium | devise | 4.9.4 | ||
CVE-2013-4116 | Low | npm | 1.0.1 | ||
GHSA-wx77-rp39-c6vg | Low | markdown | 1.0.0 | ||
CVE-2026-24001 | Low | diff | 1.0.0 | ||
CVE-2025-13462 | Low | python-3.12 | 3.12.13-r4 | ||
CVE-2026-42245 | Low | net-imap | 0.5.9 | ||
CVE-2026-6019 | Low | python-3.12 | 3.12.13-r4 | ||
CVE-2026-3479 | Unknown | python-3.12 | 3.12.13-r4 |
Last updated:
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.