Skip to content

bug: multiple CVEs detected in transitory packages #12256

New issue
New issue
Closed
Closed
bug: multiple CVEs detected in transitory packages#12256
Labels
status: backlogTriaged but not yet being worked onstatus: resolved/staleClosed due to stalenesstype: bugBug report
@kbsteere

Description

@kbsteere
kbsteere
opened on Feb 12, 2025

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

the following upstream packages have multiple vulnerabilities:

  1. CVE-2025-22866
  2. CVE-2025-24970
  3. CVE-2025-25193

What's the timeline for fixes with these CVEs?

Expected Behavior

No response

How are you starting LocalStack?

Custom (please describe below)

Steps To Reproduce

building localstack from source and running it in a container.

Environment



Anything else?


No response
Metadata
Metadata
Assignees
No one assigned
    Labels
    status: backlogTriaged but not yet being worked onstatus: resolved/staleClosed due to stalenesstype: bugBug report
    Type
    No type
    Projects
    No projects
    Milestone
    No milestone
    Relationships
    None yet
    Development
    No branches or pull requests
    Issue actions