🛡️ Security Scan Report

Trivy Vulnerability & Secret Scanner
Service: eizen-agent-gateway
Branch: ldev
Build: #252
Date: 2026-06-24 12:28:16

1

Critical

2

High

1

Medium

0

Low

0

Secrets

1

Misconfig

🔴 Vulnerabilities (3)
SeverityCVE IDPackageInstalledFixed InDescription
CRITICAL CVE-2025-66516 org.apache.tika:tika-core 2.9.1 3.2.2 tika-core: tika-parsers: tika-parser-pdf-module: Apache Tika core, Apache Tika parsers, Apache Tika
HIGH CVE-2026-41731 org.springframework.kafka:spring-kafka 3.2.1 4.0.6, 3.3.16 spring-kafka: Spring for Apache Kafka: Arbitrary code execution via insecure deserialization of craf
MEDIUM CVE-2026-41726 org.springframework.kafka:spring-kafka 3.2.1 4.0.6, 3.3.16 spring-kafka: Spring-kafka: Denial of Service due to unbounded heap growth via unique header values
🔑 Secrets (0)
TypeFileLineMatch
✅ No secrets found
⚙️ Misconfigurations (1)
SeverityIDCheckFileMessage
HIGH DS002 Image user should not be 'root' Dockerfile Specify at least 1 USER command in Dockerfile with non-root user as argument
📄 Raw JSON Report (click to expand)