Last scanned:
This base/runtime image is a clean foundation for building production images. It carries a small number of low-severity vulnerabilities (maximum severity 4.67) that do not represent a practical risk in a typical deployment. As a base image, these findings do not justify blocking its use, though periodic updates are recommended. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-7383 | MEDIUM4.67 | openssl-libs 1:1.0.2k-24.amzn2.0.20 fixed in 1:1.0.2k-24.amzn2.0.21 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-52858 | LOW3.98 | vim-minimal 2:9.0.2153-1.amzn2.0.6 fixed in 2:9.0.2153-1.amzn2.0.7 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-52860 | LOW3.98 | vim-minimal 2:9.0.2153-1.amzn2.0.6 fixed in 2:9.0.2153-1.amzn2.0.7 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | openssl-libs 1:1.0.2k-24.amzn2.0.20 fixed in 1:1.0.2k-24.amzn2.0.21 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-47167 | LOW2.7 | vim-minimal 2:9.0.2153-1.amzn2.0.6 fixed in 2:9.0.2153-1.amzn2.0.7 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-47162 | LOW2.69 | vim-minimal 2:9.0.2153-1.amzn2.0.6 fixed in 2:9.0.2153-1.amzn2.0.7 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-6019 | LOW1.87 | python 2.7.18-1.amzn2.0.19 fixed in 2.7.18-1.amzn2.0.20 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-9076 | LOW1.81 | openssl-libs 1:1.0.2k-24.amzn2.0.20 fixed in 1:1.0.2k-24.amzn2.0.21 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42766 | LOW1.62 | openssl-libs 1:1.0.2k-24.amzn2.0.20 fixed in 1:1.0.2k-24.amzn2.0.21 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-34180 | LOW1.53 | openssl-libs 1:1.0.2k-24.amzn2.0.20 fixed in 1:1.0.2k-24.amzn2.0.21 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-47162 | NONE0 | vim-data 2:9.0.2153-1.amzn2.0.6 fixed in 2:9.0.2153-1.amzn2.0.7 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-52858 | NONE0 | vim-data 2:9.0.2153-1.amzn2.0.6 fixed in 2:9.0.2153-1.amzn2.0.7 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-52860 | NONE0 | vim-data 2:9.0.2153-1.amzn2.0.6 fixed in 2:9.0.2153-1.amzn2.0.7 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-6019 | NONE0 | python-libs 2.7.18-1.amzn2.0.19 fixed in 2.7.18-1.amzn2.0.20 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2026-47167 | NONE0 | vim-data 2:9.0.2153-1.amzn2.0.6 fixed in 2:9.0.2153-1.amzn2.0.7 | 0.1% Theoretical Threat | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.