Vulnerability checks - Rest PKI Core

The Rest PKI Core Docker image is checked periodically for known vulnerabilities using Docker Scout. This page reports the vulnerabilities found with medium or higher severity and the actions performed to mitigate.

Note

A vulnerability detection does not necessarily mean the application is vulnerable. Further investigation is required to determine whether a given vulnerability actually poses a threat to the application.

Our policy is to keep the application free of critical and high severity vulnerabilities and keep medium severities at a minimum. If a critical or high vulnerability cannot be fixed, further investigation must be performed and documented here to ensure it does not pose an actual threat to the application.

Vulnerability check 25.04

Period: between 2025-04-22 and 2025-04-23

Version checked: 2.5.0

Vulnerabilities found:

• Critical severity: 0
• High severity: 4
  • CVE-2024-0056
  • CVE-2025-27363
  • CVE-2024-32655
  • CVE-2023-2603
• Medium severity: 6
  • CVE-2025-1390
  • CVE-2025-3576
  • CVE-2022-41064
  • CVE-2024-12243
  • CVE-2024-12133
  • CVE-2023-4641

Steps taken to mitigate:

• Updated to ASP.NET Core 8.0
• Updated several dependencies
• Removed dependency on OS package libgdiplus

Vulnerabilities after mitigation:

• Critical severity: 0
• High severity: 0
• Medium severity: 1
  • CVE-2025-3576 (recently discovered, no fix available at the time)

Mitigated version: 3.0.0

See also

• Checking the version of Rest PKI Core
• Changelog