Security#
Supported Versions#
The following versions of OORT are actively supported for security updates:
Version |
Supported |
Security Support Until |
|---|---|---|
8.5-rc |
❌ Not yet supported |
31 Dec 2029 |
8.4 |
✅ Actively Supported |
31 Dec 2028 |
8.3 |
✅ Actively Supported |
31 Dec 2027 |
8.2 |
✅ Actively Supported |
31 Dec 2026 |
8.1 |
✅ Actively Supported |
31 Dec 2025 |
<= 8.0 |
❌ No longer supported |
End of Life |
Known Vulnerabilities#
8.5-rc#
No known vulnerabilities found.
8.4#
| Vulnerability | Description |
|---|---|
| CVE-2024-58251 | Vulnerability : CVE-2024-58251 Severity : LOW Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1&upstream=busybox Affected range : <=1.37.0-r19 Fixed version : not fixed EPSS Score : 0.000310 EPSS Percentile : 0.074350 |
| CVE-2025-46394 | Vulnerability : CVE-2025-46394 Severity : LOW Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1&upstream=busybox Affected range : <=1.37.0-r19 Fixed version : not fixed EPSS Score : 0.000220 EPSS Percentile : 0.042370 |
| CVE-2025-45582 | Vulnerability : CVE-2025-45582 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.000420 EPSS Percentile : 0.121450 |
8.3#
| Vulnerability | Description |
|---|---|
| CVE-2024-58251 | Vulnerability : CVE-2024-58251 Severity : LOW Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1&upstream=busybox Affected range : <=1.37.0-r19 Fixed version : not fixed EPSS Score : 0.000310 EPSS Percentile : 0.074350 |
| CVE-2025-46394 | Vulnerability : CVE-2025-46394 Severity : LOW Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1&upstream=busybox Affected range : <=1.37.0-r19 Fixed version : not fixed EPSS Score : 0.000220 EPSS Percentile : 0.042370 |
| CVE-2025-45582 | Vulnerability : CVE-2025-45582 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.000420 EPSS Percentile : 0.121450 |
8.2#
| Vulnerability | Description |
|---|---|
| CVE-2024-58251 | Vulnerability : CVE-2024-58251 Severity : LOW Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1&upstream=busybox Affected range : <=1.37.0-r19 Fixed version : not fixed EPSS Score : 0.000310 EPSS Percentile : 0.074350 |
| CVE-2025-46394 | Vulnerability : CVE-2025-46394 Severity : LOW Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1&upstream=busybox Affected range : <=1.37.0-r19 Fixed version : not fixed EPSS Score : 0.000220 EPSS Percentile : 0.042370 |
| CVE-2025-45582 | Vulnerability : CVE-2025-45582 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.000420 EPSS Percentile : 0.121450 |
8.1#
| Vulnerability | Description |
|---|---|
| CVE-2024-58251 | Vulnerability : CVE-2024-58251 Severity : LOW Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1&upstream=busybox Affected range : <=1.37.0-r19 Fixed version : not fixed EPSS Score : 0.000310 EPSS Percentile : 0.074350 |
| CVE-2025-46394 | Vulnerability : CVE-2025-46394 Severity : LOW Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1&upstream=busybox Affected range : <=1.37.0-r19 Fixed version : not fixed EPSS Score : 0.000220 EPSS Percentile : 0.042370 |
| CVE-2025-45582 | Vulnerability : CVE-2025-45582 Severity : MEDIUM Package : pkg:apk/alpine/[email protected]?arch=x86_64&distro=alpine-3.22.1 Affected range : <=1.35-r3 Fixed version : not fixed EPSS Score : 0.000420 EPSS Percentile : 0.121450 |
Reporting a Vulnerability#
If you discover a security vulnerability in OORT, please do not create a public issue. Instead, report it privately via email.
🔒 Security Contact: security@thecaliskan.com
We will review your report and respond within 48 hours. If the issue is confirmed as a valid vulnerability, we will work on a fix and provide an estimated timeline for resolution.
Security Fix Process#
We validate and confirm the vulnerability.
A fix is developed in a private branch.
The fix is tested and released in a patched version.
The reporter will be credited (if they choose).
The vulnerability details will be disclosed after a fix is released.
Responsible Disclosure#
Please allow us time to patch before publicly disclosing any vulnerabilities.
If you believe a security issue poses an immediate critical risk, please include [URGENT] in your email subject.
Thanks for helping us keep OORT secure! 🚀