timberio/vector:0.50.0-debian

Base OS: debian 13.1 45 vulnerabilities fixed

Tag Override

Original tag 0.50.0-distroless-libc was overridden to 0.50.0-debian because the original image uses a distroless/scratch base that Copa cannot patch.

Patched Image

quay.io/verity/timberio/vector:0.50.0-debian-patched

Supply Chain

Full compliance details

Signed SLSA L3 SBOM Rekor

Verify this artifact

Cosign signature

cosign verify \
  --certificate-identity-regexp "https://github.com/descope/verity/.github/workflows/" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  quay.io/verity/timberio/vector:0.50.0-debian-patched

Build provenance

gh attestation verify \
  oci://quay.io/verity/timberio/vector:0.50.0-debian-patched \
  --owner descope

Pre-patch scan

Found 45 vulnerabilit ies in the original image. 45 fixed by Copa.

3CRITICAL6HIGH33MEDIUM3LOW

Vulnerability details

ID	Package	Installed	Fixed	Severity
CVE-2025-15467	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	CRITICAL
CVE-2025-15467	openssl	3.5.1-1	3.5.4-1~deb13u2	CRITICAL
CVE-2025-15467	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	CRITICAL
CVE-2025-69419	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	HIGH
CVE-2025-69421	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	HIGH
CVE-2025-69419	openssl	3.5.1-1	3.5.4-1~deb13u2	HIGH
CVE-2025-69421	openssl	3.5.1-1	3.5.4-1~deb13u2	HIGH
CVE-2025-69419	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	HIGH
CVE-2025-69421	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	HIGH
CVE-2025-11187	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-15468	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-15469	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-66199	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-68160	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-69418	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-69420	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-9230	libssl3t64	3.5.1-1	3.5.1-1+deb13u1	MEDIUM
CVE-2025-9231	libssl3t64	3.5.1-1	3.5.1-1+deb13u1	MEDIUM
CVE-2026-22795	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2026-22796	libssl3t64	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-11187	openssl	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-15468	openssl	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-15469	openssl	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-66199	openssl	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-68160	openssl	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-69418	openssl	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-69420	openssl	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-9230	openssl	3.5.1-1	3.5.1-1+deb13u1	MEDIUM
CVE-2025-9231	openssl	3.5.1-1	3.5.1-1+deb13u1	MEDIUM
CVE-2026-22795	openssl	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2026-22796	openssl	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-11187	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-15468	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-15469	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-66199	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-68160	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-69418	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-69420	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-9230	openssl-provider-legacy	3.5.1-1	3.5.1-1+deb13u1	MEDIUM
CVE-2025-9231	openssl-provider-legacy	3.5.1-1	3.5.1-1+deb13u1	MEDIUM
CVE-2026-22795	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2026-22796	openssl-provider-legacy	3.5.1-1	3.5.4-1~deb13u2	MEDIUM
CVE-2025-9232	libssl3t64	3.5.1-1	3.5.1-1+deb13u1	LOW
CVE-2025-9232	openssl	3.5.1-1	3.5.1-1+deb13u1	LOW
CVE-2025-9232	openssl-provider-legacy	3.5.1-1	3.5.1-1+deb13u1	LOW

Original image reference

timberio/vector:0.50.0-debian