## Critical Go Vulnerability (CVE-2025-68121, CVSS 10.0) Found in `khairul169/garage-webui` Docker Image
A critical vulnerability with a maximum severity CVSS score of 10.0 has been identified in a widely used Docker image. The container `khairul169/garage-webui:latest` was built with an outdated version of the Go programming language, leaving it exposed to CVE-2025-68121, a flaw in the Go standard library. The vulnerability, published approximately two months ago, affects all Go versions prior to 1.24.13. The image's current build uses Go 1.23.12, placing it directly in the crosshairs of this critical security issue.

The vulnerability was detected via Docker Scout, a security scanning tool. Running a simple command (`docker scout cves khairul169/garage-webui:latest`) confirms the presence of the critical CVE. The affected component is the `golang/stdlib` package, a fundamental part of any Go application. While the Exploit Prediction Scoring System (EPSS) score is currently a low 0.044%, the maximum CVSS score indicates the potential for severe impact if exploited, demanding immediate attention from developers and system administrators using this image.

The fix is straightforward but mandatory: the Docker image must be rebuilt using Go version 1.24.13 or later. Failure to patch leaves any service or application relying on this container vulnerable. This incident highlights the persistent risk in software supply chains, where a single outdated build dependency can introduce a critical point of failure. Organizations using this image or similar Go-based containers are under pressure to audit their deployments and update base images to mitigate this severe risk.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: CVE-2025-68121, Go, Docker, Supply Chain Security, CVSS 10.0
- **Credibility**: unverified
- **Published**: 2026-04-19 23:22:37
- **ID**: 71453
- **URL**: https://whisperx.ai/en/intel/71453