Vulnerability Reportanchore/syft:v1.45.1

anchore/syft:latestanchore/syft:v1.45.1

DIGESTsha256:c6d5719f48f5a5986acf2847eb1ed7c53176e712d5721fcd156184cfb262f6eb

Executive Summary

Threat ScoreSAFE• Threat score is 0, well within the SAFE band (0-24).• Only 3 low-severity vulnerabilities (max severity 0.0) with no exploitable impact.• Image is from a popular community (anchore) with 9.9M+ pulls and pinned by digest, ensuring immutability.• No exposed or post-exploit findings of any significance (empty findings lists).

0/100SAFE

ReputationPOPULAR COMMUNITY• High Reputation Community Image (9M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This image is safe for production use. The image has 3 low-severity vulnerabilities, but none exceed a severity of 0.0 and no exploitable paths exist. The image is from a trusted community source with high reputation and is pinned by digest, ensuring integrity. No further action is required.

Vulnerabilities

Vulnerability Log

3 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-42504	NONE0	stdlib v1.26.3 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.26.3 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.26.3 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable