🛡️ Security Scan Report

Trivy Vulnerability & Secret Scanner
Service: ha-process-engine
Branch: ldev
Build: #255
Date: 2026-06-24 13:11:40

1

Critical

1

High

2

Medium

0

Low

0

Secrets

1

Misconfig

🔴 Vulnerabilities (3)
SeverityCVE IDPackageInstalledFixed InDescription
MEDIUM GHSA-72hv-8253-57qq com.fasterxml.jackson.core:jackson-core 2.18.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
MEDIUM CVE-2025-7962 com.sun.mail:jakarta.mail 2.0.1 1.6.8, 2.0.2 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability
CRITICAL CVE-2025-66516 org.apache.tika:tika-core 3.1.0 3.2.2 tika-core: tika-parsers: tika-parser-pdf-module: Apache Tika core, Apache Tika parsers, Apache Tika
🔑 Secrets (0)
TypeFileLineMatch
✅ No secrets found
⚙️ Misconfigurations (1)
SeverityIDCheckFileMessage
HIGH DS002 Image user should not be 'root' Dockerfile Specify at least 1 USER command in Dockerfile with non-root user as argument
📄 Raw JSON Report (click to expand)