Vulnerability Reportapache/apisix:dev-arm64

apache/apisix:dev-arm64

DIGESTsha256:e8df5b150b0f5b22f0e96dff8a50293538de110ce2961571d17854a81a49632f

Executive Summary

Threat ScoreDANGEROUS• 120 exposed vulnerabilities identified, including 11 with severity >= 7.0, indicating a large attack surface.• Multiple critical flaws in core libraries (libgcrypt, krb5, openldap) could lead to data exposure or denial of service.• CVE-2021-33560 (libgcrypt) allows side-channel attacks, exposing encrypted data.• CVE-2018-5709 (krb5) enables integrity compromise via integer overflow in Kerberos database dump.

98/100DANGEROUS

ReputationPOPULAR COMMUNITY• High Reputation Community Image (35M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could exploit CVE-2021-33560 to conduct side-channel attacks and extract sensitive encrypted data, or exploit CVE-2018-5709 to corrupt Kerberos database integrity. The image has 120 exposed vulnerabilities, many of which are remotely exploitable with high severity. No practical mitigations exist for these flaws without significant changes to the container's base image.

Vulnerabilities

Vulnerability Log

198 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2019-9192	HIGH7.5	libc-bin 2.31-13+deb11u14 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2019-9192	HIGH7.5	libc6 2.31-13+deb11u14 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2021-33560	HIGH7.5	libgcrypt20 1.8.7-6 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2018-6829	HIGH7.5	libgcrypt20 1.8.7-6 No fix yet	1.8% Low-Moderate Risk	Directly Exposed
CVE-2018-5709	HIGH7.5	libkrb5-3 1.18.3-6+deb11u8 No fix yet	2.1% Low-Moderate Risk	Directly Exposed
CVE-2018-5709	HIGH7.5	libkrb5support0 1.18.3-6+deb11u8 No fix yet	2.1% Low-Moderate Risk	Directly Exposed
CVE-2023-2953	HIGH7.5	libldap-2.4-2 2.4.57+dfsg-3+deb11u1 No fix yet	1.9% Low-Moderate Risk	Directly Exposed
CVE-2023-2953	HIGH7.5	libldap-common 2.4.57+dfsg-3+deb11u1 No fix yet	1.9% Low-Moderate Risk	Directly Exposed
CVE-2023-2953	HIGH7.5	libldap2-dev 2.4.57+dfsg-3+deb11u1 No fix yet	1.9% Low-Moderate Risk	Directly Exposed
CVE-2019-20838	HIGH7.5	libpcre3 2:8.39-13 No fix yet	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-4899	HIGH7.5	libzstd1 1.4.8+dfsg-2.1 No fix yet	1.6% Low-Moderate Risk	Directly Exposed
CVE-2022-41409	MEDIUM6.38	libpcre2-8-0 10.36-2+deb11u1 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2017-7245	MEDIUM6.24	libpcre3 2:8.39-13 No fix yet	2.2% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2017-7246	MEDIUM6.24	libpcre3 2:8.39-13 No fix yet	2.6% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-13529	MEDIUM6.1	libsystemd0 247.3-7+deb11u8 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2020-13529	MEDIUM6.1	libudev1 247.3-7+deb11u8 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2018-20796	MEDIUM6	libc-bin 2.31-13+deb11u14 No fix yet	5.8% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-20796	MEDIUM6	libc6 2.31-13+deb11u14 No fix yet	5.8% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2015-3276	MEDIUM6	libldap-2.4-2 2.4.57+dfsg-3+deb11u1 No fix yet	5.3% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2015-3276	MEDIUM6	libldap-common 2.4.57+dfsg-3+deb11u1 No fix yet	5.3% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2017-11164	MEDIUM6	libpcre3 2:8.39-13 No fix yet	3.1% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2023-4806	MEDIUM5.9	libc-bin 2.31-13+deb11u14 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2023-4813	MEDIUM5.9	libc-bin 2.31-13+deb11u14 No fix yet	1.7% Low-Moderate Risk	Directly Exposed
CVE-2023-4806	MEDIUM5.9	libc6 2.31-13+deb11u14 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2023-4813	MEDIUM5.9	libc6 2.31-13+deb11u14 No fix yet	1.7% Low-Moderate Risk	Directly Exposed
CVE-2024-2236	MEDIUM5.9	libgcrypt20 1.8.7-6 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libgssapi-krb5-2 1.18.3-6+deb11u8 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libk5crypto3 1.18.3-6+deb11u8 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libkrb5-3 1.18.3-6+deb11u8 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libkrb5support0 1.18.3-6+deb11u8 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2025-13151	MEDIUM5.9	libtasn1-6 4.16.0-2+deb11u2 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-22185	MEDIUM5.78	libldap-2.4-2 2.4.57+dfsg-3+deb11u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-22185	MEDIUM5.78	libldap-common 2.4.57+dfsg-3+deb11u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-22185	MEDIUM5.78	libldap2-dev 2.4.57+dfsg-3+deb11u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2011-3389	MEDIUM5.59	libgnutls30 3.7.1-5+deb11u10 No fix yet	73.3% Actively Exploited	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc-bin 2.31-13+deb11u14 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc6 2.31-13+deb11u14 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc-bin 2.31-13+deb11u14 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc-bin 2.31-13+deb11u14 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc6 2.31-13+deb11u14 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc6 2.31-13+deb11u14 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2015-9019	MEDIUM5.3	libxslt1.1 1.1.34-4+deb11u3 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid1 2.36.1-8+deb11u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount1 2.36.1-8+deb11u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libsmartcols1 2.36.1-8+deb11u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid1 2.36.1-8+deb11u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc-bin 2.31-13+deb11u14 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc6 2.31-13+deb11u14 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libgssapi-krb5-2 1.18.3-6+deb11u8 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libk5crypto3 1.18.3-6+deb11u8 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5-3 1.18.3-6+deb11u8 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5support0 1.18.3-6+deb11u8 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	libssl1.1 1.1.1w-0+deb11u7 fixed in 1.1.1w-0+deb11u8	0.3% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libblkid1 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libmount1 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2017-16231	MEDIUM4.67	libpcre3 2:8.39-13 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libsmartcols1 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	libssl1.1 1.1.1w-0+deb11u7 fixed in 1.1.1w-0+deb11u8	0.3% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libuuid1 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-10911	MEDIUM4.67	libxslt1.1 1.1.34-4+deb11u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib1g 1:1.2.11.dfsg-2+deb11u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libblkid1 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.2.5-2.1~deb11u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libmount1 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libsmartcols1 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	libssl1.1 1.1.1w-0+deb11u7 fixed in 1.1.1w-0+deb11u8	0.6% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libsystemd0 247.3-7+deb11u8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libsystemd0 247.3-7+deb11u8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libsystemd0 247.3-7+deb11u8 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libudev1 247.3-7+deb11u8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libudev1 247.3-7+deb11u8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libudev1 247.3-7+deb11u8 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libuuid1 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42250	MEDIUM4.25	libbz2-1.0 1.0.8-4 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc-bin 2.31-13+deb11u14 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc-bin 2.31-13+deb11u14 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc6 2.31-13+deb11u14 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc6 2.31-13+deb11u14 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libgssapi-krb5-2 1.18.3-6+deb11u8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libk5crypto3 1.18.3-6+deb11u8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libkrb5-3 1.18.3-6+deb11u8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libkrb5support0 1.18.3-6+deb11u8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libssl1.1 1.1.1w-0+deb11u7 fixed in 1.1.1w-0+deb11u8	0.5% Theoretical Threat	Directly Exposed
CVE-2020-15719	MEDIUM4.2	libldap-2.4-2 2.4.57+dfsg-3+deb11u1 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2020-15719	MEDIUM4.2	libldap-common 2.4.57+dfsg-3+deb11u1 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2020-15719	MEDIUM4.2	libldap2-dev 2.4.57+dfsg-3+deb11u1 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2023-4039	MEDIUM4.08	libgcc-s1 10.2.1-6 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2026-54411	MEDIUM4.08	libpam-modules 1.4.0-9+deb11u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-54411	MEDIUM4.08	libpam-modules-bin 1.4.0-9+deb11u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-54411	MEDIUM4.08	libpam-runtime 1.4.0-9+deb11u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-54411	MEDIUM4.08	libpam0g 1.4.0-9+deb11u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-4039	MEDIUM4.08	libstdc++6 10.2.1-6 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2019-8457	MEDIUM4.06	libdb5.3 5.3.28+dfsg1-0.8 No fix yet	45.4% High Exploitation Risk	Post-Exploit
CVE-2026-27456	MEDIUM4	libblkid1 2.36.1-8+deb11u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2017-14159	MEDIUM4	libldap-2.4-2 2.4.57+dfsg-3+deb11u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2017-14159	MEDIUM4	libldap-common 2.4.57+dfsg-3+deb11u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2017-14159	MEDIUM4	libldap2-dev 2.4.57+dfsg-3+deb11u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.36.1-8+deb11u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2024-10041	MEDIUM4	libpam-modules 1.4.0-9+deb11u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-10041	MEDIUM4	libpam-modules-bin 1.4.0-9+deb11u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-10041	MEDIUM4	libpam-runtime 1.4.0-9+deb11u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-10041	MEDIUM4	libpam0g 1.4.0-9+deb11u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols1 2.36.1-8+deb11u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.36.1-8+deb11u2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	MEDIUM4	libc-bin 2.31-13+deb11u14 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2010-4756	MEDIUM4	libc6 2.31-13+deb11u14 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2022-3715	LOW3.98	bash 5.1-2+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-69720	LOW3.98	ncurses-bin 6.2+20201114-2+deb11u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-48962	LOW3.98	perl-base 5.32.1-4+deb11u5 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW3.7	libapt-pkg6.0 2.2.4 No fix yet	1.2% Low-Moderate Risk	Directly Exposed
CVE-2005-2541	LOW3.6	tar 1.34+dfsg-1+deb11u1 No fix yet	4.0% Low-Moderate Risk	Post-Exploit
CVE-2019-1010022	LOW3.53	libc-bin 2.31-13+deb11u14 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2019-1010022	LOW3.53	libc6 2.31-13+deb11u14 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2023-45853	LOW3.53	zlib1g 1:1.2.11.dfsg-2+deb11u2 No fix yet	2.9% Low-Moderate Risk	Post-Exploit
CVE-2016-2781	LOW3.31	coreutils 8.32-4 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5958	LOW3.21	sed 4.7-1 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2019-1010023	LOW3.17	libc-bin 2.31-13+deb11u14 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2019-1010023	LOW3.17	libc6 2.31-13+deb11u14 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2025-14104	LOW3.11	bsdutils 1:2.36.1-8+deb11u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	mount 2.36.1-8+deb11u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.36.1-8+deb11u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl-base 5.32.1-4+deb11u5 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-45447	LOW2.92	libssl1.1 1.1.1w-0+deb11u7 fixed in 1.1.1w-0+deb11u8	1.4% Low-Moderate Risk	Post-Exploit
CVE-2023-31486	LOW2.92	perl-base 5.32.1-4+deb11u5 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2022-0563	LOW2.8	bsdutils 1:2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	mount 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 1.34+dfsg-1+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2013-4392	LOW2.8	libsystemd0 247.3-7+deb11u8 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd0 247.3-7+deb11u8 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libudev1 247.3-7+deb11u8 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libudev1 247.3-7+deb11u8 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42496	LOW2.78	perl-base 5.32.1-4+deb11u5 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2018-5709	LOW2.7	libgssapi-krb5-2 1.18.3-6+deb11u8 No fix yet	2.1% Low-Moderate Risk	Post-Exploit
CVE-2018-5709	LOW2.7	libk5crypto3 1.18.3-6+deb11u8 No fix yet	2.1% Low-Moderate Risk	Post-Exploit
CVE-2017-17740	LOW2.7	libldap-2.4-2 2.4.57+dfsg-3+deb11u1 No fix yet	7.0% Low-Moderate Risk	Post-Exploit
CVE-2017-17740	LOW2.7	libldap-common 2.4.57+dfsg-3+deb11u1 No fix yet	7.0% Low-Moderate Risk	Post-Exploit
CVE-2015-3276	LOW2.7	libldap2-dev 2.4.57+dfsg-3+deb11u1 No fix yet	5.3% Low-Moderate Risk	Post-Exploit
CVE-2017-17740	LOW2.7	libldap2-dev 2.4.57+dfsg-3+deb11u1 No fix yet	7.0% Low-Moderate Risk	Post-Exploit
CVE-2026-3184	LOW2.7	bsdutils 1:2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	mount 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-12087	LOW2.7	perl-base 5.32.1-4+deb11u5 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux 2.36.1-8+deb11u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-11731	LOW2.63	libxslt1.1 1.1.34-4+deb11u3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-48959	LOW2.55	perl-base 5.32.1-4+deb11u5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-48961	LOW2.55	perl-base 5.32.1-4+deb11u5 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	login 1:4.8.1-1+deb11u1 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	passwd 1:4.8.1-1+deb11u1 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.36.1-8+deb11u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2017-18018	LOW2.4	coreutils 8.32-4 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gpgv 2.2.27-2+deb11u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpgv 2.2.27-2+deb11u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2013-4235	LOW2.4	login 1:4.8.1-1+deb11u1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.36.1-8+deb11u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2013-4235	LOW2.4	passwd 1:4.8.1-1+deb11u1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.36.1-8+deb11u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-42497	LOW2.29	perl-base 5.32.1-4+deb11u5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-9538	LOW2.29	perl-base 5.32.1-4+deb11u5 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils 8.32-4 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW2.22	apt 2.2.4 No fix yet	1.2% Low-Moderate Risk	Post-Exploit
CVE-2023-50495	LOW1.99	ncurses-bin 6.2+20201114-2+deb11u2 No fix yet	1.0% Theoretical Threat	Post-Exploit
CVE-2025-15649	LOW1.99	perl-base 5.32.1-4+deb11u5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	login 1:4.8.1-1+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	passwd 1:4.8.1-1+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpgv 2.2.27-2+deb11u3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-6141	LOW1.68	ncurses-bin 6.2+20201114-2+deb11u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-base 5.32.1-4+deb11u5 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-69720	NONE0	libtinfo6 6.2+20201114-2+deb11u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-base 6.2+20201114-2+deb11u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libtinfo6 6.2+20201114-2+deb11u2 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-base 6.2+20201114-2+deb11u2 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-4039	NONE0	gcc-10-base 10.2.1-6 No fix yet	0.7% Theoretical Threat	Not Applicable
CVE-2023-4039	NONE0	gcc-9-base 9.3.0-22 No fix yet	0.7% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libtinfo6 6.2+20201114-2+deb11u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-base 6.2+20201114-2+deb11u2 No fix yet	0.2% Theoretical Threat	Not Applicable
TEMP-0841856-B18BAF	NONE0	bash 5.1-2+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	bsdutils 1:2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	bsdutils 1:2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2025-6297	NONE0	dpkg 1.20.13 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-53613	NONE0	libblkid1 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libblkid1 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libmount1 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libmount1 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libsmartcols1 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libsmartcols1 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2025-27587	NONE0	libssl1.1 1.1.1w-0+deb11u7 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-53613	NONE0	libuuid1 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libuuid1 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	login 1:4.8.1-1+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	mount 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	mount 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2025-27587	NONE0	openssl 1.1.1w-0+deb11u8 No fix yet	0.4% Theoretical Threat	Not Applicable
TEMP-0628843-DBAD28	NONE0	passwd 1:4.8.1-1+deb11u1 No fix yet	—	Not Applicable
CVE-2026-7010	NONE0	perl-base 5.32.1-4+deb11u5 No fix yet	0.2% Theoretical Threat	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysvinit-utils 2.96-7+deb11u1 No fix yet	—	Not Applicable
TEMP-0290435-0B57B5	NONE0	tar 1.34+dfsg-1+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	util-linux 2.36.1-8+deb11u2 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	util-linux 2.36.1-8+deb11u2 No fix yet	—	Not Applicable