See the full list of npm packages compromised in the "SHA1-Hulud npm supply chain incident – Nov 2025" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
| VULNERABILITY | AFFECTS | TYPE | PUBLISHED |
|---|---|---|---|
| prometheus-3.7<3.7.3-r2 | chainguard:latest | 6 Dec 2025 |
| rancher-agent-2.12<2.12.4-r1 | chainguard:latest | 6 Dec 2025 |
| rancher-agent-2.12<2.12.4-r1 | chainguard:latest | 6 Dec 2025 |
| rabbitmq-cluster-operator<2.17.2-r2 | chainguard:latest | 6 Dec 2025 |
| rabbitmq-cluster-operator<2.17.2-r2 | chainguard:latest | 6 Dec 2025 |
| q<0.19.11-r2 | chainguard:latest | 6 Dec 2025 |
| secrets-store-csi-driver-provider-aws<2.1.1-r2 | chainguard:latest | 5 Dec 2025 |
| secrets-store-csi-driver-provider-aws<2.1.1-r2 | chainguard:latest | 5 Dec 2025 |
| oras<1.3.0-r3 | chainguard:latest | 5 Dec 2025 |
| oras<1.3.0-r3 | chainguard:latest | 5 Dec 2025 |
| pulumi-language-dotnet<3.94.1-r1 | chainguard:latest | 5 Dec 2025 |
| pulumi-language-dotnet<3.94.1-r1 | chainguard:latest | 5 Dec 2025 |
| openbao-k8s<1.4.0-r42 | chainguard:latest | 5 Dec 2025 |
| openbao-k8s<1.4.0-r42 | chainguard:latest | 5 Dec 2025 |
| ratify<1.4.0-r8 | chainguard:latest | 5 Dec 2025 |
| ratify<1.4.0-r8 | chainguard:latest | 5 Dec 2025 |
| nri-nginx<3.6.3-r1 | chainguard:latest | 5 Dec 2025 |
| nri-nginx<3.6.3-r1 | chainguard:latest | 5 Dec 2025 |
| nri-mysql<1.18.1-r1 | chainguard:latest | 5 Dec 2025 |
| nri-mysql<1.18.1-r1 | chainguard:latest | 5 Dec 2025 |
| nuclei<3.6.0-r0 | chainguard:latest | 5 Dec 2025 |
| nuclei<3.6.0-r0 | chainguard:latest | 5 Dec 2025 |
| nri-kubernetes<3.50.2-r1 | chainguard:latest | 5 Dec 2025 |
| net-kourier-1.19<1.19.6-r1 | chainguard:latest | 5 Dec 2025 |
| podinfo<6.9.3-r1 | chainguard:latest | 5 Dec 2025 |
| nerdctl<2.2.0-r3 | chainguard:latest | 5 Dec 2025 |
| podinfo<6.9.3-r1 | chainguard:latest | 5 Dec 2025 |
| multus-cni<4.2.3-r1 | chainguard:latest | 5 Dec 2025 |
| newrelic-nri-statsd<2.12.0-r1 | chainguard:latest | 5 Dec 2025 |
| newrelic-k8s-metadata-injection<1.39.0-r1 | chainguard:latest | 5 Dec 2025 |