| admin-center | CVE-2024-8176 | HIGH | libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat | 3.2.3 |
| admin-center | CVE-2025-22235 | HIGH | org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed | 3.2.3 |
| admin-center | CVE-2025-27820 | HIGH | org.apache.httpcomponents.client5/httpclient5: Apache HttpComponents: PSL (Public Suffix List) validation bypass | 3.2.3 |
| admin-center | CVE-2025-29087 | HIGH | sqlite: Integer Overflow in SQLite concat_ws Function | 3.2.3 |
| admin-center | CVE-2025-31498 | HIGH | c-ares: c-ares has a use-after-free in read_answers() | 3.2.3 |
| auth-service | CVE-2024-10039 | HIGH | keycloak-core: mTLS passthrough | 3.2.3 |
| auth-service | CVE-2024-8176 | HIGH | libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat | 3.2.3 |
| auth-service | CVE-2025-22235 | HIGH | org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed | 3.2.3 |
| auth-service | CVE-2025-27820 | HIGH | org.apache.httpcomponents.client5/httpclient5: Apache HttpComponents: PSL (Public Suffix List) validation bypass | 3.2.3 |
| auth-service | CVE-2025-29087 | HIGH | sqlite: Integer Overflow in SQLite concat_ws Function | 3.2.3 |
| auth-service | CVE-2025-31498 | HIGH | c-ares: c-ares has a use-after-free in read_answers() | 3.2.3 |
| console | CVE-2024-8176 | HIGH | libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat | 3.2.3 |
| console | CVE-2025-22235 | HIGH | org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed | 3.2.3 |
| console | CVE-2025-29087 | HIGH | sqlite: Integer Overflow in SQLite concat_ws Function | 3.2.3 |
| console | CVE-2025-31498 | HIGH | c-ares: c-ares has a use-after-free in read_answers() | 3.2.3 |
| gateway | CVE-2024-8176 | HIGH | libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat | 3.2.3 |
| gateway | CVE-2025-22235 | HIGH | org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed | 3.2.3 |
| gateway | CVE-2025-27820 | HIGH | org.apache.httpcomponents.client5/httpclient5: Apache HttpComponents: PSL (Public Suffix List) validation bypass | 3.2.3 |
| gateway | CVE-2025-29087 | HIGH | sqlite: Integer Overflow in SQLite concat_ws Function | 3.2.3 |
| gateway | CVE-2025-31498 | HIGH | c-ares: c-ares has a use-after-free in read_answers() | 3.2.3 |
| sso-service | CVE-2024-10039 | HIGH | keycloak-core: mTLS passthrough | 3.2.3 |
| sso-service | CVE-2024-10270 | HIGH | org.keycloak:keycloak-services: Keycloak Denial of Service | 3.2.3 |
| sso-service | CVE-2024-10451 | HIGH | org.keycloak:keycloak-quarkus-server: Sensitive Data Exposure in Keycloak Build Process | 3.2.3 |
| sso-service | CVE-2024-12397 | HIGH | io.quarkus.http/quarkus-http-core: Quarkus HTTP Cookie Smuggling | 3.2.3 |
| sso-service | CVE-2025-24970 | HIGH | io.netty:netty-handler: SslHandler doesn’t correctly validate packets which can lead to native crash when using native SSLEngine | 3.2.3 |
| ai-service | CVE-2025-31115 | HIGH | xz: XZ has a heap-use-after-free bug in threaded .xz decoder | 3.2.3 |
| ai-service | CVE-2025-43859 | CRITICAL | h11: h11 accepts some malformed Chunked-Encoding bodies | 3.2.3 |
| viewer | CVE-2025-21587 | HIGH | openjdk: Better TLS connection support (Oracle CPU 2025-04) | 3.2.3 |
| viewer | CVE-2025-23083 | HIGH | nodejs: Node.js Worker Thread Exposure via Diagnostics Channel | 3.2.3 |
| viewer | CVE-2025-29087 | HIGH | sqlite: Integer Overflow in SQLite concat_ws Function | 3.2.3 |
| viewer | CVE-2025-31115 | HIGH | xz: XZ has a heap-use-after-free bug in threaded .xz decoder | 3.2.3 |