commercial-expanso-edgepackaged by Chainguard
packaged by Chainguard
Last changed
Request a free trial
Contact our team to test out this image for free. Please also indicate any other images you would like to evaluate.
Tag:
Severity:All
Expand | CVE ID | Severity | Package | Version | Last detected |
|---|---|---|---|---|---|
CVE-2026-39831 | Critical | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-39830 | Critical | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-39833 | Critical | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-42508 | Critical | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-27143 | Critical | stdlib | go1.26.1 | ||
CVE-2026-39834 | Critical | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-39832 | Critical | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-46595 | Critical | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-39821 | Critical | golang.org/x/net | v0.52.0 | ||
CVE-2026-32281 | High | stdlib | go1.26.1 | ||
CVE-2026-39836 | High | stdlib | go1.26.1 | ||
CVE-2026-34986 | High | github.com/go-jose/go-jose/v4 | v4.1.3 | ||
CVE-2026-33814 | High | stdlib | go1.26.1 | ||
CVE-2026-42499 | High | stdlib | go1.26.1 | ||
CVE-2026-33810 | High | stdlib | go1.26.1 | ||
CVE-2026-42501 | High | stdlib | go1.26.1 | ||
CVE-2026-46597 | High | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-42504 | High | stdlib | go1.26.1 | ||
CVE-2026-32283 | High | stdlib | go1.26.1 | ||
CVE-2026-33814 | High | golang.org/x/net | v0.52.0 | ||
CVE-2026-33811 | High | stdlib | go1.26.1 | ||
CVE-2026-39829 | High | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-27140 | High | stdlib | go1.26.1 | ||
CVE-2026-39820 | High | stdlib | go1.26.1 | ||
CVE-2026-27144 | High | stdlib | go1.26.1 | ||
CVE-2026-32280 | High | stdlib | go1.26.1 | ||
CVE-2026-41602 | High | github.com/apache/thrift | v0.22.0 | ||
CVE-2026-25680 | Medium | golang.org/x/net | v0.52.0 | ||
CVE-2026-40898 | Medium | github.com/quic-go/quic-go | v0.57.1 | ||
CVE-2026-42507 | Medium | stdlib | go1.26.1 | ||
CVE-2026-25681 | Medium | golang.org/x/net | v0.52.0 | ||
CVE-2026-39835 | Medium | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-46598 | Medium | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-39825 | Medium | stdlib | go1.26.1 | ||
CVE-2026-27145 | Medium | stdlib | go1.26.1 | ||
CVE-2026-39817 | Medium | stdlib | go1.26.1 | ||
GHSA-xmrv-pmrh-hhx2 | Medium | github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs | v1.64.2 | ||
CVE-2026-39826 | Medium | stdlib | go1.26.1 | ||
CVE-2026-32289 | Medium | stdlib | go1.26.1 | ||
CVE-2026-32288 | Medium | stdlib | go1.26.1 | ||
CVE-2026-39828 | Medium | golang.org/x/crypto | v0.49.0 | ||
CVE-2026-42502 | Medium | golang.org/x/net | v0.52.0 | ||
CVE-2026-39819 | Medium | stdlib | go1.26.1 | ||
CVE-2026-42506 | Medium | golang.org/x/net | v0.52.0 | ||
CVE-2026-39827 | Medium | golang.org/x/crypto | v0.49.0 | ||
GHSA-xmrv-pmrh-hhx2 | Medium | github.com/aws/aws-sdk-go-v2/service/bedrockruntime | v1.50.3 | ||
GHSA-xmrv-pmrh-hhx2 | Medium | github.com/aws/aws-sdk-go-v2/service/kinesis | v1.43.4 | ||
CVE-2026-27136 | Medium | golang.org/x/net | v0.52.0 | ||
CVE-2026-32282 | Medium | stdlib | go1.26.1 | ||
CVE-2026-39823 | Medium | stdlib | go1.26.1 | ||
GHSA-xmrv-pmrh-hhx2 | Medium | github.com/aws/aws-sdk-go-v2/service/lambda | v1.88.4 | ||
GHSA-xmrv-pmrh-hhx2 | Medium | github.com/aws/aws-sdk-go-v2/service/s3 | v1.97.2 | ||
CVE-2026-41889 | Low | github.com/jackc/pgx/v5 | v5.9.1 | ||
CVE-2026-39824 | Low | golang.org/x/sys | v0.42.0 | ||
CVE-2026-26995 | Unknown | github.com/refraction-networking/utls | v1.8.1 |
Last updated:
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.