Vulnerability Reportamazonlinux:2023.12.20260611.0

amazonlinux:2023.12.20260611.0
DIGESTsha256:32f61af6a24e178e8142fb7b0079f4af3a5cda6816cd53d2c611a921ef029ca0

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This base/runtime image is a clean foundation for building production images. It has 10 exposed vulnerabilities and 21 post-exploit findings, but all are low severity (max 5.35 and 2.92 respectively) and none require attention. Being an official Docker image pinned by digest provides strong supply chain security. No CVEs are cited because no findings meet the threshold for concern. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.

Vulnerabilities

Vulnerability Log

31 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-34181MEDIUM5.35
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45447LOW2.92
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-8643LOW2.8
python3-pip-wheel
21.3.1-2.amzn2023.0.19
fixed in 21.3.1-2.amzn2023.0.20
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-34183LOW2.29
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-34183LOW2.29
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-34182LOW2.26
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-34182LOW2.26
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-42764LOW1.81
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-42769LOW1.81
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42770LOW1.81
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-9076LOW1.81
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42764LOW1.81
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-42769LOW1.81
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42770LOW1.81
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-9076LOW1.81
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42766LOW1.62
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-42767LOW1.62
openssl-fips-provider-latest
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42766LOW1.62
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-42767LOW1.62
openssl-libs
1:3.5.5-1.amzn2023.0.4
fixed in 1:3.5.5-1.amzn2023.0.5
0.3%
Theoretical Threat
Post-Exploit

Want to check another image? Run a full scan with the Docker Security Scanner.