Vulnerability Reportamazoncorretto:8

amazoncorretto:latestamazoncorretto:8u492-al2-genericamazoncorretto:8u492-al2amazoncorretto:8u492amazoncorretto:8-al2-jdkamazoncorretto:8-al2-generic-jdkamazoncorretto:8-al2-genericamazoncorretto:8-al2-fullamazoncorretto:8

DIGESTsha256:200af6d10d5a656a6bd997ac88bcd83be91f45f55d0b92656f57f0625f9ae25b

Executive Summary

SAFE

This base/runtime image is a clean foundation for building production images. It contains one low-severity post-exploit vulnerability (severity 2.78) that requires local access and poses no practical risk in typical deployments. The image is officially maintained and pinned by digest, guaranteeing consistency. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.

Threat Score

0/100

SAFE

Official Docker Hub image, pinned by digest (immutable), ensuring integrity.
Vulnerability scan shows 0 exposed vulnerabilities; only 1 post-exploit finding with max severity 2.78 (negligible).
High trust score (100) and popular (498 stars, >143M pulls).
Pre-calculated threat score is 0, indicating minimal risk.

Reputation

TRUSTED

Docker Official

OFFICIAL

Official Docker Hub Image
Pinned by digest (Immutable)

Vulnerabilities

Vulnerability Log

1 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-7598	LOW2.78	libssh2 1.4.3-12.amzn2.2.6 fixed in 1.4.3-12.amzn2.2.7	0.4% Theoretical Threat	Post-Exploit