Security#
Supported Versions#
The following versions of OORT are actively supported for security updates:
Version |
Supported |
Security Support Until |
|---|---|---|
8.5 |
✅ Actively Supported |
31 Dec 2029 |
8.4 |
✅ Actively Supported |
31 Dec 2028 |
8.3 |
✅ Actively Supported |
31 Dec 2027 |
8.2 |
✅ Actively Supported |
31 Dec 2026 |
8.1 |
✅ Actively Supported |
31 Dec 2025 |
<= 8.0 |
❌ No longer supported |
End of Life |
Known Vulnerabilities#
8.5#
No known vulnerabilities found.
8.4#
| Vulnerability | Description |
|---|---|
| CVE-2025-45582 | Vulnerability : CVE-2025-45582 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.000400 EPSS Percentile : 0.120550 |
| CVE-2025-10966 | Vulnerability : CVE-2025-10966 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2&upstream=curl Affected range : <=8.14.1-r2 Fixed version : not fixed EPSS Score : 0.000170 EPSS Percentile : 0.032140 |
| CVE-2024-28863 | Vulnerability : CVE-2024-28863 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.002180 EPSS Percentile : 0.444210 |
8.3#
| Vulnerability | Description |
|---|---|
| CVE-2025-45582 | Vulnerability : CVE-2025-45582 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.000400 EPSS Percentile : 0.120550 |
| CVE-2025-10966 | Vulnerability : CVE-2025-10966 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2&upstream=curl Affected range : <=8.14.1-r2 Fixed version : not fixed EPSS Score : 0.000170 EPSS Percentile : 0.032140 |
| CVE-2024-28863 | Vulnerability : CVE-2024-28863 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.002180 EPSS Percentile : 0.444210 |
8.2#
| Vulnerability | Description |
|---|---|
| CVE-2025-45582 | Vulnerability : CVE-2025-45582 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.000400 EPSS Percentile : 0.120550 |
| CVE-2025-10966 | Vulnerability : CVE-2025-10966 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2&upstream=curl Affected range : <=8.14.1-r2 Fixed version : not fixed EPSS Score : 0.000170 EPSS Percentile : 0.032140 |
| CVE-2024-28863 | Vulnerability : CVE-2024-28863 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.002180 EPSS Percentile : 0.444210 |
8.1#
| Vulnerability | Description |
|---|---|
| CVE-2025-45582 | Vulnerability : CVE-2025-45582 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.000400 EPSS Percentile : 0.120550 |
| CVE-2025-10966 | Vulnerability : CVE-2025-10966 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2&upstream=curl Affected range : <=8.14.1-r2 Fixed version : not fixed EPSS Score : 0.000170 EPSS Percentile : 0.032140 |
| CVE-2024-28863 | Vulnerability : CVE-2024-28863 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.2 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.002180 EPSS Percentile : 0.444210 |
Reporting a Vulnerability#
If you discover a security vulnerability in OORT, please do not create a public issue. Instead, report it privately via email.
🔒 Security Contact: security@thecaliskan.com
We will review your report and respond within 48 hours. If the issue is confirmed as a valid vulnerability, we will work on a fix and provide an estimated timeline for resolution.
Security Fix Process#
We validate and confirm the vulnerability.
A fix is developed in a private branch.
The fix is tested and released in a patched version.
The reporter will be credited (if they choose).
The vulnerability details will be disclosed after a fix is released.
Responsible Disclosure#
Please allow us time to patch before publicly disclosing any vulnerabilities.
If you believe a security issue poses an immediate critical risk, please include [URGENT] in your email subject.
Thanks for helping us keep OORT secure! 🚀