Skip to content

chore: bump up x/crypto to v0.45.0#2821

Merged
simar7 merged 2 commits intoaquasecurity:mainfrom
afdesk:chore/bump-x-crypto-0.45
Nov 24, 2025
Merged

chore: bump up x/crypto to v0.45.0#2821
simar7 merged 2 commits intoaquasecurity:mainfrom
afdesk:chore/bump-x-crypto-0.45

Conversation

@afdesk
Copy link
Copy Markdown
Contributor

@afdesk afdesk commented Nov 24, 2025

Description

This PR fixes vulnerabilities in the main branch.

Before:

% trivy i -q docker.io/afdesk/trivy-operator:main

Report Summary

┌──────────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                        Target                        │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ docker.io/afdesk/trivy-operator:main (alpine 3.22.2) │  alpine  │        0        │    -    │
├──────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ usr/local/bin/trivy-operator                         │ gobinary │        2        │    -    │
└──────────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)


usr/local/bin/trivy-operator (gobinary)

Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 0, CRITICAL: 0)

┌─────────────────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│       Library       │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                            Title                            │
├─────────────────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ golang.org/x/crypto │ CVE-2025-47914 │ MEDIUM   │ fixed  │ v0.42.0           │ 0.45.0        │ SSH Agent servers do not validate the size of messages when │
│                     │                │          │        │                   │               │ processing...                                               │
│                     │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-47914                  │
│                     ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                     │ CVE-2025-58181 │          │        │                   │               │ SSH servers parsing GSSAPI authentication requests do not   │
│                     │                │          │        │                   │               │ validate the ...                                            │
│                     │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-58181                  │
└─────────────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘

Afrer:

% trivy i -q --cache-backend memory afdesk/trivy-operator:xcrypto045 

Report Summary

┌──────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                      Target                      │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ afdesk/trivy-operator:xcrypto045 (alpine 3.22.2) │  alpine  │        0        │    -    │
├──────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ usr/local/bin/trivy-operator                     │ gobinary │        0        │    -    │
└──────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@github-actions github-actions bot added the misc label Nov 24, 2025
@afdesk afdesk marked this pull request as ready for review November 24, 2025 06:12
@afdesk afdesk requested a review from simar7 as a code owner November 24, 2025 06:12
@simar7 simar7 merged commit 40d0181 into aquasecurity:main Nov 24, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simar7 simar7 simar7 approved these changes

Assignees

No one assigned

Labels

misc

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@afdesk @simar7