Critical
High
Medium
Low
Secrets
Misconfig
| Severity | CVE ID | Package | Installed | Fixed In | Description |
|---|---|---|---|---|---|
| HIGH | CVE-2025-4565 | protobuf | 5.27.2 | 4.25.8, 5.29.5, 6.31.1 | python-protobuf: Unbounded recursion in Python Protobuf |
| HIGH | CVE-2026-0994 | protobuf | 5.27.2 | 6.33.5, 5.29.6 | python: protobuf: Protobuf: Denial of Service due to recursion depth bypass |
| MEDIUM | CVE-2026-28684 | python-dotenv | 1.1.1 | 1.2.2 | python-dotenv: python-dotenv: Arbitrary file overwrite via symbolic link following |
| MEDIUM | CVE-2026-25645 | requests | 2.32.4 | 2.33.0 | requests: Requests: Security bypass due to predictable temporary file creation |
| Type | File | Line | Match |
|---|---|---|---|
| ✅ No secrets found | |||
| Severity | ID | Check | File | Message |
|---|---|---|---|---|
| HIGH | DS002 | Image user should not be 'root' | Dockerfile | Specify at least 1 USER command in Dockerfile with non-root user as argument |