🚨 Security Scan Alert
A periodic security scan found critical issues in the container image:
- Image:
ghcr.io/stacklok/dockyard/uvx/chroma-mcp:0.2.6
- Critical vulnerabilities: 3
- High vulnerabilities: 13
- Secrets detected: 0
Details
See the Security tab for full details.
Critical Vulnerabilities
- CVE-2025-15467 in
libssl3t64: openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
- CVE-2025-15467 in
openssl: openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
- CVE-2025-15467 in
openssl-provider-legacy: openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
Automated security scan from periodic-security-scan workflow
🚨 Security Scan Alert
A periodic security scan found critical issues in the container image:
ghcr.io/stacklok/dockyard/uvx/chroma-mcp:0.2.6Details
See the Security tab for full details.
Critical Vulnerabilities
libssl3t64: openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsingopenssl: openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsingopenssl-provider-legacy: openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsingAutomated security scan from periodic-security-scan workflow