Vulnerability Reportamazonlinux:2023.11.20260514.0

amazonlinux:2023.11.20260514.0

DIGESTsha256:f03d3254192161691b72be58219022adc2036bd0933aa2b6f3b744f20b2bbe8c

Executive Summary

SAFE

This base/runtime image is a clean foundation for building production images. It has only 2 exposed vulnerabilities, all with negligible severity (none above 0.0), and the 10 post-exploit-only findings have a maximum severity of 2.7, posing no exploitable risk. The image is official and trusted, making it a safe choice for building your applications. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.

Threat Score

0/100

SAFE

Official Docker image, trusted publisher, pinned by digest.
Exposed vulnerabilities are none with severity >=6.0; only low-severity issues (max 0.0).
Post-exploit-only findings have max severity 2.7, no practical impact in base image.

Reputation

TRUSTED

Docker Official

OFFICIAL

Official Docker Hub Image
Pinned by digest (Immutable)

Vulnerabilities

Vulnerability Log

12 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-48863	LOW2.7	libsolv 0.7.22-1.amzn2023.0.2 fixed in 0.7.22-1.amzn2023.0.4	—	Post-Exploit
CVE-2026-48864	LOW2.39	libsolv 0.7.22-1.amzn2023.0.2 fixed in 0.7.22-1.amzn2023.0.4	0.2% Theoretical Threat	Post-Exploit
CVE-2026-33811	LOW2.29	libcap 2.73-1.amzn2023.0.6 fixed in 2.73-1.amzn2023.0.7	0.5% Theoretical Threat	Post-Exploit
CVE-2026-33814	LOW2.29	libcap 2.73-1.amzn2023.0.6 fixed in 2.73-1.amzn2023.0.7	0.6% Theoretical Threat	Post-Exploit
CVE-2026-39820	LOW2.29	libcap 2.73-1.amzn2023.0.6 fixed in 2.73-1.amzn2023.0.7	0.4% Theoretical Threat	Post-Exploit
CVE-2026-9149	LOW1.99	libsolv 0.7.22-1.amzn2023.0.2 fixed in 0.7.22-1.amzn2023.0.4	0.3% Theoretical Threat	Post-Exploit
CVE-2026-9150	LOW1.99	libsolv 0.7.22-1.amzn2023.0.2 fixed in 0.7.22-1.amzn2023.0.4	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6019	LOW1.87	python3 3.9.25-1.amzn2023.0.5 fixed in 3.9.25-1.amzn2023.0.6	0.2% Theoretical Threat	Post-Exploit
CVE-2026-6019	LOW1.87	python3-libs 3.9.25-1.amzn2023.0.5 fixed in 3.9.25-1.amzn2023.0.6	0.2% Theoretical Threat	Post-Exploit
CVE-2026-27142	LOW1.65	libcap 2.73-1.amzn2023.0.6 fixed in 2.73-1.amzn2023.0.7	0.3% Theoretical Threat	Post-Exploit
CVE-2026-39823	NONE0	libcap 2.73-1.amzn2023.0.6 fixed in 2.73-1.amzn2023.0.7	0.3% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	libcap 2.73-1.amzn2023.0.6 fixed in 2.73-1.amzn2023.0.7	0.6% Theoretical Threat	Not Applicable