gitlab-toolbox-ce-fipspackaged by Chainguard
packaged by Chainguard
Last changed
Request a free trial
Contact our team to test out this image for free. Please also indicate any other images you would like to evaluate.
Tag:
Severity:All
Expand | CVE ID | Severity | Package | Version | Last detected |
|---|---|---|---|---|---|
CVE-2026-4176 | Critical | perl | 5.42.1-r1 | ||
CVE-2021-23383 | Critical | handlebars | 1.0.0 | ||
CVE-2025-32460 | Critical | graphicsmagick | 1.3.46-r1 | ||
CVE-2019-19919 | Critical | handlebars | 1.0.0 | ||
CVE-2021-23369 | Critical | handlebars | 1.0.0 | ||
CVE-2026-4519 | High | python-3.12 | 3.12.13-r0 | ||
CVE-2016-3956 | High | npm | 1.0.1 | ||
CVE-2020-7712 | High | json | 1.0.0 | ||
CVE-2026-34040 | High | github.com/docker/docker | v28.0.0+incompatible | ||
CVE-2019-16777 | High | npm | 1.0.1 | ||
CVE-2018-7408 | High | npm | 1.0.1 | ||
GHSA-2cf5-4w76-r9qv | High | handlebars | 1.0.0 | ||
CVE-2026-4437 | High | glibc | 2.43-r3 | ||
CVE-2026-33195 | High | activestorage | 7.2.3 | ||
GHSA-q2c6-c6pm-g3gh | High | handlebars | 1.0.0 | ||
GHSA-g9r4-xpmj-mj65 | High | handlebars | 1.0.0 | ||
CVE-2019-16776 | High | npm | 1.0.1 | ||
CVE-2020-7788 | High | ini | 1.0.0 | ||
GHSA-h6ch-v84p-w6p9 | High | diff | 1.0.0 | ||
CVE-2019-20920 | High | handlebars | 1.0.0 | ||
GHSA-q42p-pg8m-cqh6 | High | handlebars | 1.0.0 | ||
CVE-2026-4046 | High | glibc | 2.43-r3 | ||
CVE-2019-16775 | High | npm | 1.0.1 | ||
CVE-2026-3644 | Medium | python-3.12 | 3.12.13-r0 | ||
CVE-2026-33169 | Medium | activesupport | 7.2.3 | ||
CVE-2026-34515 | Medium | aiohttp | 3.13.3 | ||
CVE-2024-36361 | Medium | pug | 1.0.0 | ||
CVE-2026-33174 | Medium | activestorage | 7.2.3 | ||
CVE-2023-6237 | Medium | openssl-provider-fips-3.1.2 | 3.1.2-r5 | ||
CVE-2026-32700 | Medium | devise | 4.9.4 | ||
CVE-2021-21353 | Medium | pug | 1.0.0 | ||
CVE-2026-33997 | Medium | github.com/docker/docker | v28.0.0+incompatible | ||
CVE-2026-34525 | Medium | aiohttp | 3.13.3 | ||
CVE-2024-4603 | Medium | openssl-provider-fips-3.1.2 | 3.1.2-r5 | ||
CVE-2020-15095 | Medium | npm | 1.0.1 | ||
CVE-2026-33635 | Medium | icalendar | 2.10.3 | ||
CVE-2026-4224 | Medium | python-3.12 | 3.12.13-r0 | ||
CVE-2026-34165 | Medium | github.com/go-git/go-git/v5 | v5.16.5 | ||
CVE-2025-15366 | Medium | python-3.12 | 3.12.13-r0 | ||
CVE-2026-33532 | Medium | yaml | 1.0.0 | ||
CVE-2026-4438 | Medium | glibc | 2.43-r3 | ||
CVE-2025-15367 | Medium | python-3.12 | 3.12.13-r0 | ||
CVE-2026-34165 | Medium | github.com/go-git/go-git/v5 | v5.16.5 | ||
CVE-2026-34516 | Medium | aiohttp | 3.13.3 | ||
CVE-2023-49090 | Medium | carrierwave | 1.3.4 | ||
CVE-2026-2297 | Medium | python-3.12 | 3.12.13-r0 | ||
CVE-2015-8861 | Medium | handlebars | 1.0.0 | ||
CVE-2024-8796 | Medium | devise-two-factor | 5.1.0 | ||
CVE-2024-13176 | Medium | openssl-provider-fips-3.1.2 | 3.1.2-r5 | ||
CVE-2026-33176 | Medium | activesupport | 7.2.3 | ||
CVE-2025-12781 | Medium | python-3.12 | 3.12.13-r0 | ||
CVE-2026-33306 | Medium | bcrypt | 3.1.21 | ||
CVE-2024-29034 | Medium | carrierwave | 1.3.4 | ||
CVE-2026-33170 | Medium | activesupport | 7.2.3 | ||
CVE-2026-33202 | Medium | activestorage | 7.2.3 | ||
CVE-2026-25765 | Medium | faraday | 2.13.4 | ||
CVE-2026-33173 | Medium | activestorage | 7.2.3 | ||
CVE-2026-22815 | Medium | aiohttp | 3.13.3 | ||
CVE-2026-3479 | Low | python-3.12 | 3.12.13-r0 | ||
CVE-2026-33658 | Low | activestorage | 7.2.3 | ||
CVE-2026-34514 | Low | aiohttp | 3.13.3 | ||
CVE-2026-33762 | Low | github.com/go-git/go-git/v5 | v5.16.5 | ||
GHSA-46fp-8f5p-pf2m | Low | loofah | 2.25.0 | ||
CVE-2013-4116 | Low | npm | 1.0.1 | ||
CVE-2026-33168 | Low | actionview | 7.2.3 | ||
CVE-2026-34519 | Low | aiohttp | 3.13.3 | ||
CVE-2025-13462 | Low | python-3.12 | 3.12.13-r0 | ||
CVE-2026-34518 | Low | aiohttp | 3.13.3 | ||
CVE-2026-34520 | Low | aiohttp | 3.13.3 | ||
CVE-2026-34513 | Low | aiohttp | 3.13.3 | ||
CVE-2026-24001 | Low | diff | 1.0.0 | ||
CVE-2026-33762 | Low | github.com/go-git/go-git/v5 | v5.16.5 | ||
GHSA-wx77-rp39-c6vg | Low | markdown | 1.0.0 | ||
CVE-2026-34517 | Low | aiohttp | 3.13.3 | ||
GHSA-2j22-pr5w-6gq8 | Low | loofah | 2.25.0 | ||
GHSA-hvc4-mjv4-5mw6 | Unknown | openssl-provider-fips-3.1.2 | 3.1.2-r5 | ||
GHSA-85xr-ghj6-6m46 | Unknown | openssl-provider-fips-3.1.2 | 3.1.2-r5 | ||
GHSA-r9fv-h47r-823f | Unknown | openssl-provider-fips-3.1.2 | 3.1.2-r5 |
Last updated:
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.