Skip to content

docker-scout detects itself to have high CVEs #209

New issue
New issue
Open
Open
docker-scout detects itself to have high CVEs#209
@gergelyfabian

Description

@gergelyfabian
gergelyfabian
opened on Jan 5, 2026

Docker scout is detected to have CVEs, as it uses Go stdlib 1.25.0.
Upgrading to 1.25.5 would fix these.

## Packages and Vulnerabilities

   0C     5H     0M     0L  stdlib 1.25.0
pkg:golang/[email protected]

89: sha256:d6d58f95f6788f1bafd21e449744691d6b91232840954b19a1b11e014a4e5e71
/home/user/.docker/cli-plugins/docker-scout (evident by)

    ✗ HIGH CVE-2025-61729
      https://scout.docker.com/v/CVE-2025-61729?s=golang&n=stdlib&t=golang&vr=%3E%3D1.25.0%2C%3C1.25.5
      Affected range : >=1.25.0  
                     : <1.25.5   
      Fixed version  : 1.25.5    
    
    ✗ HIGH CVE-2025-61725
      https://scout.docker.com/v/CVE-2025-61725?s=golang&n=stdlib&t=golang&vr=%3E%3D1.25.0%2C%3C1.25.2
      Affected range : >=1.25.0  
                     : <1.25.2   
      Fixed version  : 1.25.2    
    
    ✗ HIGH CVE-2025-61723
      https://scout.docker.com/v/CVE-2025-61723?s=golang&n=stdlib&t=golang&vr=%3E%3D1.25.0%2C%3C1.25.2
      Affected range : >=1.25.0  
                     : <1.25.2   
      Fixed version  : 1.25.2    
    
    ✗ HIGH CVE-2025-58188
      https://scout.docker.com/v/CVE-2025-58188?s=golang&n=stdlib&t=golang&vr=%3E%3D1.25.0%2C%3C1.25.2
      Affected range : >=1.25.0  
                     : <1.25.2   
      Fixed version  : 1.25.2    
    
    ✗ HIGH CVE-2025-58187
      https://scout.docker.com/v/CVE-2025-58187?s=golang&n=stdlib&t=golang&vr=%3E%3D1.25.0%2C%3C1.25.3
      Affected range : >=1.25.0  
                     : <1.25.3   
      Fixed version  : 1.25.3

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions