| castimaging/admin-center |
CVE-2024-47072 |
HIGH |
com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream |
3.2.0-funcrel |
| castimaging/admin-center |
CVE-2019-17495 |
CRITICAL |
Cross-site scripting in Swagger-UI |
3.2.0-funcrel |
| castimaging/admin-center |
CVE-2024-12797 |
HIGH |
openssl: RFC7250 handshakes with unauthenticated servers don’t abort as expected |
3.2.0-funcrel |
| castimaging/admin-center |
CVE-2024-7254 |
HIGH |
protobuf: StackOverflow vulnerability in Protocol Buffers |
3.2.0-funcrel |
| castimaging/admin-center |
CVE-2024-56337 |
HIGH |
tomcat: Incomplete fix for |
3.2.0-funcrel |
| castimaging/admin-center |
CVE-2025-24813 |
CRITICAL |
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT |
3.2.0-funcrel |
| castimaging/admin-center |
CVE-2024-50379 |
HIGH |
tomcat: RCE due to TOCTOU issue in JSP compilation |
3.2.0-funcrel |
| castimaging/admin-center |
CVE-2025-24970 |
HIGH |
Upgrade io.netty:netty-handler to version 4.1.118.Final |
3.1.1-funcrel |
| castimaging/admin-center |
CVE-2016-1000027 |
CRITICAL |
Upgrade org.springframework:spring-web to version 6.0.0 |
3.1.1-funcrel |
| castimaging/admin-center |
CVE-2024-38816 |
HIGH |
Upgrade org.springframework:spring-webflux to version 6.1.13; Upgrade org.springframework:spring-webmvc to version 6.1.13 |
3.1.1-funcrel |
| castimaging/admin-center |
CVE-2024-38819 |
HIGH |
Upgrade org.springframework:spring-webflux to version 6.1.14; Upgrade org.springframework:spring-webmvc to version 6.1.14 |
3.1.1-funcrel |
| castimaging/admin-center |
CVE-2022-1471 |
HIGH |
Upgrade org.yaml:snakeyaml to version 2.0 |
3.1.1-funcrel |
| castimaging/ai-service |
CVE-2024-39689 |
HIGH |
Upgrade certifi to version 2024.07.04 |
3.1.1-funcrel |
| castimaging/ai-service |
CVE-2024-1135 |
HIGH |
Upgrade gunicorn to version 22.0.0 |
3.1.1-funcrel |
| castimaging/ai-service |
CVE-2024-3651 |
HIGH |
Upgrade idna to version 3.7 |
3.1.1-funcrel |
| castimaging/ai-service |
CVE-2024-6345 |
HIGH |
Upgrade setuptools to version 70.0.0 |
3.1.1-funcrel |
| castimaging/ai-service |
CVE-2023-6730 |
CRITICAL |
Upgrade transformers to version 4.36.0 |
3.1.1-funcrel |
| castimaging/ai-service |
CVE-2023-7018 |
HIGH |
Upgrade transformers to version 4.36.0 |
3.1.1-funcrel |
| castimaging/ai-service |
CVE-2024-49768 |
HIGH |
Upgrade waitress to version 3.0.1 |
3.1.1-funcrel |
| castimaging/ai-service |
CVE-2024-49769 |
HIGH |
Upgrade waitress to version 3.0.1 |
3.1.1-funcrel |
| castimaging/analysis-node |
CVE-2024-47175 |
HIGH |
cups: libppd: remote command injection via attacker controlled data in PPD file |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2025-21172 |
HIGH |
dotnet: .NET and Visual Studio Remote Code Execution Vulnerability |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2025-21173 |
HIGH |
dotnet: .NET Elevation of Privilege Vulnerability |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2025-21176 |
HIGH |
dotnet: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2024-2961 |
HIGH |
glibc: Out of bounds write in iconv may lead to remote code execution |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2024-10963 |
HIGH |
pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2024-10041 |
HIGH |
pam: libpam: Libpam vulnerable to read hashed password |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2024-12085 |
HIGH |
rsync: Info Leak via Uninitialized Stack Contents |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2024-8508 |
HIGH |
unbound: Unbounded name compression could lead to Denial of Service |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2024-1488 |
HIGH |
unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2025-21171 |
HIGH |
dotnet: .NET Remote Code Execution Vulnerability |
3.2.0-funcrel |
| castimaging/analysis-node |
CVE-2024-7254 |
HIGH |
Upgrade com.google.protobuf:protobuf-java to version 3.25.5, 4.27.5, 4.28.2 |
3.1.1-funcrel |
| castimaging/analysis-node |
CVE-2023-24998 |
HIGH |
Upgrade commons-fileupload:commons-fileupload to version 1.5 |
3.1.1-funcrel |
| castimaging/analysis-node |
CVE-2024-47554 |
HIGH |
Upgrade commons-io:commons-io to version 2.14.0 |
3.1.1-funcrel |
| castimaging/analysis-node |
CVE-2012-6153 |
HIGH |
Upgrade org.apache.httpcomponents:httpclient to version 4.2.3 |
3.1.1-funcrel |
| castimaging/analysis-node |
CVE-2022-41404 |
HIGH |
Upgrade org.ini4j:ini4j to version 0.5.4 |
3.1.1-funcrel |
| castimaging/analysis-node |
CVE-2024-1597 |
HIGH |
Upgrade org.postgresql:postgresql to version 42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2 |
3.1.1-funcrel |
| castimaging/analysis-node |
CVE-2024-4340 |
HIGH |
Upgrade sqlparse to version 0.5.0 |
3.1.1-funcrel |
| castimaging/auth-service |
CVE-2024-47554 |
HIGH |
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader |
3.2.0-funcrel |
| castimaging/auth-service |
CVE-2024-47072 |
HIGH |
com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream |
3.2.0-funcrel |
| castimaging/auth-service |
CVE-2024-12797 |
HIGH |
openssl: RFC7250 handshakes with unauthenticated servers don’t abort as expected |
3.2.0-funcrel |
| castimaging/auth-service |
CVE-2024-38819 |
HIGH |
org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks |
3.2.0-funcrel |
| castimaging/auth-service |
CVE-2024-38821 |
CRITICAL |
Spring-WebFlux: Authorization Bypass of Static Resources in WebFlux Applications |
3.2.0-funcrel |
| castimaging/auth-service |
CVE-2024-38816 |
HIGH |
spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource |
3.2.0-funcrel |
| castimaging/auth-service |
CVE-2025-24970 |
HIGH |
Upgrade io.netty:netty-handler to version 4.1.118.Final |
3.1.1-funcrel |
| castimaging/auth-service |
CVE-2024-57699 |
HIGH |
Upgrade net.minidev:json-smart to version 2.5.2 |
3.1.1-funcrel |
| castimaging/console |
CVE-2024-47072 |
HIGH |
com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream |
3.1.1-funcrel |
| castimaging/console |
CVE-2024-12797 |
HIGH |
Upgrade libcrypto3 to version 3.3.3-r0; Upgrade libssl3 to version 3.3.3-r0; Upgrade openssl to version 3.3.3-r0 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2021-43565 |
HIGH |
Upgrade golang.org/x/crypto to version 0.0.0-20211202192323-5770296d904e |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2022-27191 |
HIGH |
Upgrade golang.org/x/crypto to version 0.0.0-20220314234659-1baeb1ce4c0b |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2024-45337 |
HIGH |
Upgrade golang.org/x/crypto to version 0.31.0 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2022-29526 |
HIGH |
Upgrade golang.org/x/sys to version 0.0.0-20220412211240-33da011f77ad |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2023-29403 |
CRITICAL |
Upgrade stdlib to version 1.19.10, 1.20.5 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2023-29406 |
HIGH |
Upgrade stdlib to version 1.19.11, 1.20.6 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2023-29409 |
HIGH |
Upgrade stdlib to version 1.19.12, 1.20.7, 1.21.0-rc.4 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2023-39325 |
HIGH |
Upgrade stdlib to version 1.20.10, 1.21.3 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2023-45283 |
HIGH |
Upgrade stdlib to version 1.20.11, 1.21.4, 1.20.12, 1.21.5 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2024-24790 |
CRITICAL |
Upgrade stdlib to version 1.21.11, 1.22.4 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2024-24791 |
HIGH |
Upgrade stdlib to version 1.21.12, 1.22.5 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2023-45289 |
HIGH |
Upgrade stdlib to version 1.21.8, 1.22.1 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2023-45290 |
HIGH |
Upgrade stdlib to version 1.21.8, 1.22.1 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2024-24783 |
HIGH |
Upgrade stdlib to version 1.21.8, 1.22.1 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2024-24784 |
HIGH |
Upgrade stdlib to version 1.21.8, 1.22.1 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2024-24785 |
HIGH |
Upgrade stdlib to version 1.21.8, 1.22.1 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2023-45288 |
HIGH |
Upgrade stdlib to version 1.21.9, 1.22.2 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2025-22866 |
HIGH |
Upgrade stdlib to version 1.22.12, 1.23.6, 1.24.0-rc.3 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2024-34155 |
HIGH |
Upgrade stdlib to version 1.22.7, 1.23.1 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2024-34156 |
HIGH |
Upgrade stdlib to version 1.22.7, 1.23.1 |
3.1.1-funcrel |
| castimaging/etl-service |
CVE-2024-34158 |
HIGH |
Upgrade stdlib to version 1.22.7, 1.23.1 |
3.1.1-funcrel |
| castimaging/gateway |
CVE-2024-47072 |
HIGH |
com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream |
3.2.0-funcrel |
| castimaging/gateway |
CVE-2024-47072 |
HIGH |
com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream |
3.2.0-funcrel |
| castimaging/gateway |
CVE-2024-38819 |
HIGH |
org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks |
3.2.0-funcrel |
| castimaging/gateway |
CVE-2024-38819 |
HIGH |
org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks |
3.2.0-funcrel |
| castimaging/gateway |
CVE-2024-7254 |
HIGH |
protobuf: StackOverflow vulnerability in Protocol Buffers |
3.2.0-funcrel |
| castimaging/gateway |
CVE-2024-38816 |
HIGH |
spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource |
3.2.0-funcrel |
| castimaging/gateway |
CVE-2024-38816 |
HIGH |
spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource |
3.2.0-funcrel |
| castimaging/gateway |
CVE-2024-56337 |
HIGH |
tomcat: Incomplete fix for |
3.2.0-funcrel |
| castimaging/gateway |
CVE-2024-50379 |
HIGH |
tomcat: RCE due to TOCTOU issue in JSP compilation |
3.2.0-funcrel |
| castimaging/gateway |
CVE-2025-24813 |
HIGH |
tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT |
3.2.0-funcrel |
| castimaging/gateway |
CVE-2025-24970 |
HIGH |
Upgrade io.netty:netty-handler to version 4.1.118.Final |
3.1.1-funcrel |
| castimaging/gateway |
CVE-2025-24970 |
HIGH |
Upgrade io.netty:netty-handler to version 4.1.118.Final |
3.1.1-funcrel |
| castimaging/gateway |
CVE-2024-12797 |
HIGH |
Upgrade libcrypto3 to version 3.3.3-r0; Upgrade libssl3 to version 3.3.3-r0; Upgrade openssl to version 3.3.3-r0 |
3.1.1-funcrel |
| castimaging/gateway |
CVE-2024-12797 |
HIGH |
Upgrade libcrypto3 to version 3.3.3-r0; Upgrade libssl3 to version 3.3.3-r0; Upgrade openssl to version 3.3.3-r0 |
3.1.1-funcrel |
| castimaging/sso-service |
CVE-2024-7341 |
HIGH |
wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters |
3.2.0-funcrel |
| castimaging/sso-service |
CVE-2024-8698 |
HIGH |
keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak |
3.2.0-funcrel |
| castimaging/viewer |
CVE-2024-45337 |
HIGH |
Upgrade golang.org/x/crypto to version 0.31.0 |
3.1.1-funcrel |
| castimaging/viewer |
CVE-2024-45337 |
HIGH |
Upgrade golang.org/x/crypto to version 0.31.0 |
3.1.1-funcrel |
| castimaging/viewer |
CVE-2024-45338 |
HIGH |
Upgrade golang.org/x/net to version 0.33.0 |
3.1.1-funcrel |
| castimaging/viewer |
CVE-2024-24791 |
HIGH |
Upgrade stdlib to version 1.21.12, 1.22.5 |
3.1.1-funcrel |
| castimaging/viewer |
CVE-2025-22866 |
HIGH |
Upgrade stdlib to version 1.22.12, 1.23.6, 1.24.0-rc.3 |
3.1.1-funcrel |
| castimaging/viewer |
CVE-2024-34155 |
HIGH |
Upgrade stdlib to version 1.22.7, 1.23.1 |
3.1.1-funcrel |
| castimaging/viewer |
CVE-2024-34156 |
HIGH |
Upgrade stdlib to version 1.22.7, 1.23.1 |
3.1.1-funcrel |
| castimaging/viewer |
CVE-2024-34158 |
HIGH |
Upgrade stdlib to version 1.22.7, 1.23.1 |
3.1.1-funcrel |