Sicherheitsstatus

Diese Seite zeigt die aktuellen Ergebnisse automatisierter Schwachstellen-Scans von Container-Images (Trivy) über die neuesten Versionen der msg.ZenTestAI-Dienste.

Scans werden täglich automatisch durchgeführt. Jeder Dienstabschnitt unten listet die Befunde mit den Schweregraden „Kritisch“ und „Hoch“ auf für:

latest — das neueste Release (main branch)
Vorherige Releases — der letzte Patch jedes der beiden vorangegangenen Minor-Releases

Nur CVEs mit den Schweregraden Kritisch und Hoch werden auf dieser Seite verfolgt. Befunde mit den Schweregraden „Mittel“ und „Niedrig“ werden intern überwacht und im Rahmen der regulären Wartung behoben.

Individuelle Befunde, die überprüft und als nicht ausnutzbar eingestuft wurden, sind pro Dienst dokumentiert. Korrekturen werden mit dem nächsten regulären Release bereitgestellt.

hinweis

Der Zeitstempel in jedem Abschnitt zeigt an, wann der jeweilige Scan zuletzt ausgeführt wurde. Wenn der Zeitstempel älter als 48 Stunden ist, wenden Sie sich bitte an den Support.

Übersicht

Modul	Kritisch	Hoch	Gescant (UTC)
Frontend	0	8	2026-05-27T05:32:54Z
Backend	0	0	2026-05-27T05:30:26Z
Runner	2	4	2026-05-27T05:28:09Z

Frontend

Schweregrad-Filter: KRITISCH, HOCH (MITTEL/NIEDRIG werden nicht verfolgt)

Neueste Versionen

Ziel	Hoch	Gescant (UTC)
latest	8	2026-05-27T05:32:54Z
1.15.16	8	2026-05-27T05:33:14Z
1.14.18	8	2026-05-27T05:32:30Z

Offene Befunde

latest

CVE	Schweregrad	Paket	Installiert	Behoben	Titel
CVE-2026-27135	HIGH	nghttp2-libs	1.65.0-r0	1.68.1	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
CVE-2026-6321	HIGH	fast-uri	3.1.0	3.1.1	fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies
CVE-2026-6322	HIGH	fast-uri	3.1.0	3.1.2	fast-uri normalize() decoded percent-encoded authority delimiters insi ...
CVE-2026-33811	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	When using LookupCNAME with the cgo DNS resolver, a very long CNAME re ...
CVE-2026-33814	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ...
CVE-2026-39820	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ...
CVE-2026-39836	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	Panic in Dial and LookupPort when handling NUL byte on Windows in net
CVE-2026-42499	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ...

1.15.16

CVE	Schweregrad	Paket	Installiert	Behoben	Titel
CVE-2026-27135	HIGH	nghttp2-libs	1.65.0-r0	1.68.1	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
CVE-2026-6321	HIGH	fast-uri	3.1.0	3.1.1	fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies
CVE-2026-6322	HIGH	fast-uri	3.1.0	3.1.2	fast-uri normalize() decoded percent-encoded authority delimiters insi ...
CVE-2026-33811	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	When using LookupCNAME with the cgo DNS resolver, a very long CNAME re ...
CVE-2026-33814	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ...
CVE-2026-39820	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ...
CVE-2026-39836	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	Panic in Dial and LookupPort when handling NUL byte on Windows in net
CVE-2026-42499	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ...

1.14.18

CVE	Schweregrad	Paket	Installiert	Behoben	Titel
CVE-2026-27135	HIGH	nghttp2-libs	1.65.0-r0	1.68.1	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
CVE-2026-6321	HIGH	fast-uri	3.1.0	3.1.1	fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies
CVE-2026-6322	HIGH	fast-uri	3.1.0	3.1.2	fast-uri normalize() decoded percent-encoded authority delimiters insi ...
CVE-2026-33811	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	When using LookupCNAME with the cgo DNS resolver, a very long CNAME re ...
CVE-2026-33814	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ...
CVE-2026-39820	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ...
CVE-2026-39836	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	Panic in Dial and LookupPort when handling NUL byte on Windows in net
CVE-2026-42499	HIGH	stdlib	v1.25.9	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ...

Backend

Schweregrad-Filter: KRITISCH, HOCH (MITTEL/NIEDRIG werden nicht verfolgt)

Neueste Versionen

Ziel	Hoch	Gescant (UTC)
latest	0	2026-05-27T05:30:26Z
1.15.17	0	2026-05-27T05:30:05Z
1.14.19	1	2026-05-27T05:30:04Z

Offene Befunde

1.14.19

CVE	Schweregrad	Paket	Installiert	Behoben	Titel
CVE-2026-27135	HIGH	nghttp2-libs	1.65.0-r0	1.68.1	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

Runner

Schweregrad-Filter: KRITISCH, HOCH (MITTEL/NIEDRIG werden nicht verfolgt)

Neueste Versionen

Ziel	Kritisch	Hoch	Gescant (UTC)
latest	2	4	2026-05-27T05:28:09Z
1.15.20	2	4	2026-05-27T05:27:59Z
1.14.27	4	10	2026-05-27T05:26:28Z

Offene Befunde

latest

CVE	Schweregrad	Paket	Installiert	Behoben	Titel
CVE-2026-3593	CRITICAL	bind-libs	9.20.22-r0	9.20.23-r0	bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
CVE-2026-3039	HIGH	bind-libs	9.20.22-r0	9.20.23-r0	bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation
CVE-2026-5946	HIGH	bind-libs	9.20.22-r0	9.20.23-r0	bind: Invalid handling of CLASS != IN
CVE-2026-3593	CRITICAL	bind-tools	9.20.22-r0	9.20.23-r0	bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
CVE-2026-3039	HIGH	bind-tools	9.20.22-r0	9.20.23-r0	bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation
CVE-2026-5946	HIGH	bind-tools	9.20.22-r0	9.20.23-r0	bind: Invalid handling of CLASS != IN

1.15.20

CVE	Schweregrad	Paket	Installiert	Behoben	Titel
CVE-2026-3593	CRITICAL	bind-libs	9.20.22-r0	9.20.23-r0	bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
CVE-2026-3039	HIGH	bind-libs	9.20.22-r0	9.20.23-r0	bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation
CVE-2026-5946	HIGH	bind-libs	9.20.22-r0	9.20.23-r0	bind: Invalid handling of CLASS != IN
CVE-2026-3593	CRITICAL	bind-tools	9.20.22-r0	9.20.23-r0	bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
CVE-2026-3039	HIGH	bind-tools	9.20.22-r0	9.20.23-r0	bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation
CVE-2026-5946	HIGH	bind-tools	9.20.22-r0	9.20.23-r0	bind: Invalid handling of CLASS != IN

1.14.27

CVE	Schweregrad	Paket	Installiert	Behoben	Titel
CVE-2026-3593	CRITICAL	bind-libs	9.20.22-r0	9.20.23-r0	bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
CVE-2026-3039	HIGH	bind-libs	9.20.22-r0	9.20.23-r0	bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation
CVE-2026-5946	HIGH	bind-libs	9.20.22-r0	9.20.23-r0	bind: Invalid handling of CLASS != IN
CVE-2026-3593	CRITICAL	bind-tools	9.20.22-r0	9.20.23-r0	bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation
CVE-2026-3039	HIGH	bind-tools	9.20.22-r0	9.20.23-r0	bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation
CVE-2026-5946	HIGH	bind-tools	9.20.22-r0	9.20.23-r0	bind: Invalid handling of CLASS != IN
CVE-2026-34980	HIGH	cups-libs	2.4.16-r0	2.4.18-r0	cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network
CVE-2026-33845	CRITICAL	gnutls	3.8.12-r0	3.8.13-r0	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
CVE-2026-42010	CRITICAL	gnutls	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Authentication Bypass via NUL Character in Username
CVE-2026-33846	HIGH	gnutls	3.8.12-r0	3.8.13-r0	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly
CVE-2026-3833	HIGH	gnutls	3.8.12-r0	3.8.13-r0	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
CVE-2026-42009	HIGH	gnutls	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability
CVE-2026-41254	HIGH	lcms2	2.16-r0	2.19-r0	Little CMS: lcms2: mm2/Little-CMS: Little CMS: Information disclosure or denial of service via integer overflow in CubeSize
CVE-2026-27135	HIGH	nghttp2-libs	1.65.0-r0	1.68.1	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

Übersicht​

Frontend​

Neueste Versionen

Offene Befunde

latest

1.15.16

1.14.18

Backend​

Neueste Versionen

Offene Befunde

1.14.19

Runner​

Neueste Versionen

Offene Befunde

latest

1.15.20

1.14.27

Übersicht

Frontend

Backend

Runner