Critical
High
Medium
Low
Secrets
Misconfig
| Severity | CVE ID | Package | Installed | Fixed In | Description |
|---|---|---|---|---|---|
| MEDIUM | CVE-2024-47081 | requests | 2.32.3 | 2.32.4 | requests: Requests vulnerable to .netrc credentials leak via malicious URLs |
| Type | File | Line | Match |
|---|---|---|---|
| AWS | security-reports/gitleaks-report.json | 156 | "Match": "********************",... |
| AWS | security-reports/gitleaks-report.json | 157 | "Secret": "********************",... |
| AWS | security-reports/gitleaks-report.json | 198 | "Match": "********************",... |
| AWS | security-reports/gitleaks-report.json | 199 | "Secret": "********************",... |
| Severity | ID | Check | File | Message |
|---|---|---|---|---|
| HIGH | DS-0002 | Image user should not be 'root' | Dockerfile | Specify at least 1 USER command in Dockerfile with non-root user as argument |
{
"SchemaVersion": 2,
"Trivy": {
"Version": "0.69.0"
},
"ReportID": "019c6ba8-23a8-7b85-8e5b-42f528d17252",
"CreatedAt": "2026-02-17T12:51:47.240756282Z",
"ArtifactID": "sha256:d09065945663b771e5151054bccb07a0b0447ca22983f8c2dd5eb39a005b74d2",
"ArtifactName": "/src",
"ArtifactType": "repository",
"Metadata": {
"RepoURL": "https://github.com/eizen-ai/eizen-inference-component.git",
"Branch": "optimise",
"Commit": "f436e7b8c8d61e253832113302ad3427d9ff5ce0",
"CommitMsg": "Update Dockerfile",
"Author": "Karthik <karthik.byroni@eizen.ai>",
"Committer": "GitHub <noreply@github.com>"
},
"Results": [
{
"Target": "requirements.txt",
"Class": "lang-pkgs",
"Type": "pip",
"Packages": [
{
"Name": "boto3",
"Identifier": {
"PURL": "pkg:pypi/boto3@1.38.29",
"UID": "75d198c208dd6e5f"
},
"Version": "1.38.29",
"Locations": [
{
"StartLine": 1,
"EndLine": 1
}
],
"AnalyzedBy": "pip"
},
{
"Name": "fastapi",
"Identifier": {
"PURL": "pkg:pypi/fastapi@0.115.12",
"UID": "16fdc410189af07f"
},
"Version": "0.115.12",
"Locations": [
{
"StartLine": 2,
"EndLine": 2
}
],
"AnalyzedBy": "pip"
},
{
"Name": "lap",
"Identifier": {
"PURL": "pkg:pypi/lap@0.5.12",
"UID": "5243f447c9e7a870"
},
"Version": "0.5.12",
"Locations": [
{
"StartLine": 3,
"EndLine": 3
}
],
"AnalyzedBy": "pip"
},
{
"Name": "numpy",
"Identifier": {
"PURL": "pkg:pypi/numpy@1.26.4",
"UID": "cbdd077fc471bfde"
},
"Version": "1.26.4",
"Locations": [
{
"StartLine": 9,
"EndLine": 9
}
],
"AnalyzedBy": "pip"
},
{
"Name": "opencv-python",
"Identifier": {
"PURL": "pkg:pypi/opencv-python@4.11.0.86",
"UID": "624403a6e1415577"
},
"Version": "4.11.0.86",
"Locations": [
{
"StartLine": 4,
"EndLine": 4
}
],
"AnalyzedBy": "pip"
},
{
"Name": "python-dotenv",
"Identifier": {
"PURL": "pkg:pypi/python-dotenv@1.1.0",
"UID": "29835025373b835b"
},
"Version": "1.1.0",
"Locations": [
{
"StartLine": 5,
"EndLine": 5
}
],
"AnalyzedBy": "pip"
},
{
"Name": "requests",
"Identifier": {
"PURL": "pkg:pypi/requests@2.32.3",
"UID": "9263bc84439968f4"
},
"Version": "2.32.3",
"Locations": [
{
"StartLine": 6,
"EndLine": 6
}
],
"AnalyzedBy": "pip"
},
{
"Name": "ultralytics",
"Identifier": {
"PURL": "pkg:pypi/ultralytics@8.3.149",
"UID": "bd5b5069514343e9"
},
"Version": "8.3.149",
"Locations": [
{
"StartLine": 7,
"EndLine": 7
}
],
"AnalyzedBy": "pip"
},
{
"Name": "uvicorn",
"Identifier": {
"PURL": "pkg:pypi/uvicorn@0.34.3",
"UID": "f20c0cfac8ab9978"
},
"Version": "0.34.3",
"Locations": [
{
"StartLine": 8,
"EndLine": 8
}
],
"AnalyzedBy": "pip"
}
],
"Vulnerabilities": [
{
"VulnerabilityID": "CVE-2024-47081",
"VendorIDs": [
"GHSA-9hjg-9r4m-mvj7"
],
"PkgName": "requests",
"PkgIdentifier": {
"PURL": "pkg:pypi/requests@2.32.3",
"UID": "9263bc84439968f4"
},
"InstalledVersion": "2.32.3",
"FixedVersion": "2.32.4",
"Status": "fixed",
"SeveritySource": "ghsa",
"PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-47081",
"DataSource": {
"ID": "ghsa",
"Name": "GitHub Security Advisory pip",
"URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip"
},
"Fingerprint": "sha256:3e0c0094f3ed390dd819c033e2cd1e74bc739f48f758919fbd8ed93a32259eec",
"Title": "requests: Requests vulnerable to .netrc credentials leak via malicious URLs",
"Description": "Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.",
"Severity": "MEDIUM",
"CweIDs": [
"CWE-522"
],
"VendorSeverity": {
"alma": 2,
"amazon": 2,
"azure": 2,
"cbl-mariner": 2,
"ghsa": 2,
"oracle-oval": 2,
"photon": 2,
"redhat": 2,
"rocky": 2,
"ubuntu": 2
},
"CVSS": {
"ghsa": {
"V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"V3Score": 5.3
},
"redhat": {
"V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"V3Score": 5.3
}
},
"References": [
"http://seclists.org/fulldisclosure/2025/Jun/2",
"http://www.openwall.com/lists/oss-security/2025/06/03/11",
"http://www.openwall.com/lists/oss-security/2025/06/03/9",
"http://www.openwall.com/lists/oss-security/2025/06/04/1",
"http://www.openwall.com/lists/oss-security/2025/06/04/6",
"https://access.redhat.com/errata/RHSA-2025:14999",
"https://access.redhat.com/security/cve/CVE-2024-47081",
"https://bugzilla.redhat.com/2371272",
"https://bugzilla.redhat.com/show_bug.cgi?id=2371272",
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47081",
"https://errata.almalinux.org/8/ALSA-2025-14999.html",
"https://errata.rockylinux.org/RLSA-2025:13604",
"https://github.com/psf/requests",
"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef",
"https://github.com/psf/requests/pull/6965",
"https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7",
"https://linux.oracle.com/cve/CVE-2024-47081.html",
"https://linux.oracle.com/errata/ELSA-2025-14999.html",
"https://nvd.nist.gov/vuln/detail/CVE-2024-47081",
"https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env",
"https://seclists.org/fulldisclosure/2025/Jun/2",
"https://ubuntu.com/security/notices/USN-7568-1",
"https://ubuntu.com/security/notices/USN-7762-1",
"https://www.cve.org/CVERecord?id=CVE-2024-47081",
"https://www.openwall.com/lists/oss-security/2025/06/03/9"
],
"PublishedDate": "2025-06-09T18:15:24.983Z",
"LastModifiedDate": "2025-06-12T16:06:47.857Z"
}
]
},
{
"Target": "Dockerfile",
"Class": "config",
"Type": "dockerfile",
"MisconfSummary": {
"Successes": 23,
"Failures": 1
},
"Misconfigurations": [
{
"Type": "Dockerfile Security Check",
"ID": "DS-0002",
"Title": "Image user should not be 'root'",
"Description": "Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.",
"Message": "Specify at least 1 USER command in Dockerfile with non-root user as argument",
"Namespace": "builtin.dockerfile.DS002",
"Query": "data.builtin.dockerfile.DS002.deny",
"Resolution": "Add 'USER <non root user name>' line to the Dockerfile",
"Severity": "HIGH",
"PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0002",
"References": [
"https://docs.docker.com/develop/develop-images/dockerfile_best-practices/",
"https://avd.aquasec.com/misconfig/ds-0002"
],
"Status": "FAIL",
"CauseMetadata": {
"Provider": "Dockerfile",
"Service": "general"
}
}
]
},
{
"Target": "security-reports/gitleaks-report.json",
"Class": "secret",
"Secrets": [
{
"RuleID": "aws-access-key-id",
"Category": "AWS",
"Severity": "CRITICAL",
"Title": "AWS Access Key ID",
"StartLine": 156,
"EndLine": 156,
"Code": {
"Lines": [
{
"Number": 154,
"Content": " \"StartColumn\": 15,",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"StartColumn\": 15,",
"FirstCause": false,
"LastCause": false
},
{
"Number": 155,
"Content": " \"EndColumn\": 34,",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"EndColumn\": 34,",
"FirstCause": false,
"LastCause": false
},
{
"Number": 156,
"Content": " \"Match\": \"********************\",",
"IsCause": true,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"Match\": \"********************\",",
"FirstCause": true,
"LastCause": true
},
{
"Number": 157,
"Content": " \"Secret\": \"********************\",",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"Secret\": \"********************\",",
"FirstCause": false,
"LastCause": false
}
]
},
"Match": " \"Match\": \"********************\",",
"Offset": 6522
},
{
"RuleID": "aws-access-key-id",
"Category": "AWS",
"Severity": "CRITICAL",
"Title": "AWS Access Key ID",
"StartLine": 157,
"EndLine": 157,
"Code": {
"Lines": [
{
"Number": 155,
"Content": " \"EndColumn\": 34,",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"EndColumn\": 34,",
"FirstCause": false,
"LastCause": false
},
{
"Number": 156,
"Content": " \"Match\": \"********************\",",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"Match\": \"********************\",",
"FirstCause": false,
"LastCause": false
},
{
"Number": 157,
"Content": " \"Secret\": \"********************\",",
"IsCause": true,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"Secret\": \"********************\",",
"FirstCause": true,
"LastCause": true
},
{
"Number": 158,
"Content": " \"File\": \".env\",",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"File\": \".env\",",
"FirstCause": false,
"LastCause": false
}
]
},
"Match": " \"Secret\": \"********************\",",
"Offset": 6558
},
{
"RuleID": "aws-access-key-id",
"Category": "AWS",
"Severity": "CRITICAL",
"Title": "AWS Access Key ID",
"StartLine": 198,
"EndLine": 198,
"Code": {
"Lines": [
{
"Number": 196,
"Content": " \"StartColumn\": 15,",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"StartColumn\": 15,",
"FirstCause": false,
"LastCause": false
},
{
"Number": 197,
"Content": " \"EndColumn\": 34,",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"EndColumn\": 34,",
"FirstCause": false,
"LastCause": false
},
{
"Number": 198,
"Content": " \"Match\": \"********************\",",
"IsCause": true,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"Match\": \"********************\",",
"FirstCause": true,
"LastCause": true
},
{
"Number": 199,
"Content": " \"Secret\": \"********************\",",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"Secret\": \"********************\",",
"FirstCause": false,
"LastCause": false
}
]
},
"Match": " \"Match\": \"********************\",",
"Offset": 8198
},
{
"RuleID": "aws-access-key-id",
"Category": "AWS",
"Severity": "CRITICAL",
"Title": "AWS Access Key ID",
"StartLine": 199,
"EndLine": 199,
"Code": {
"Lines": [
{
"Number": 197,
"Content": " \"EndColumn\": 34,",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"EndColumn\": 34,",
"FirstCause": false,
"LastCause": false
},
{
"Number": 198,
"Content": " \"Match\": \"********************\",",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"Match\": \"********************\",",
"FirstCause": false,
"LastCause": false
},
{
"Number": 199,
"Content": " \"Secret\": \"********************\",",
"IsCause": true,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"Secret\": \"********************\",",
"FirstCause": true,
"LastCause": true
},
{
"Number": 200,
"Content": " \"File\": \".env\",",
"IsCause": false,
"Annotation": "",
"Truncated": false,
"Highlighted": " \"File\": \".env\",",
"FirstCause": false,
"LastCause": false
}
]
},
"Match": " \"Secret\": \"********************\",",
"Offset": 8234
}
]
}
]
}