Vulnerability Reportapache/hive:4.0.0

apache/hive:4.0.0

DIGESTsha256:c0b241c544d341c16a6d8cafcb801a071be9b02054a5add255e9a0e826095e88

Executive Summary

Threat ScoreDANGEROUS• Pre-calculated threat score is 100 (DANGEROUS).• Contains 661 vulnerabilities, including 231 with CVSS >= 7.0 and maximum severity 10.0.• Critical exposed surface: CVE-2025-30065 (RCE via Parquet file), CVE-2019-20445 (HTTP request smuggling in Netty), and CVE-2019-14379 (jackson-databind RCE).• Community image with low reputation and unverified status.

100/100DANGEROUS

ReputationCOMMUNITY• Community Image with low/unknown reputation• Pinned by digest (Immutable)

UNVERIFIED

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could achieve remote code execution by supplying a malicious Parquet file (CVE-2025-30065) or perform HTTP request smuggling (CVE-2019-20445), compromising the Hive service. The image is a community image with low reputation and lacks verification, further increasing risk. Immediate remediation or replacement is required.

Vulnerabilities

Vulnerability Log

809 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2025-30065	CRITICAL10	org.apache.parquet:parquet-avro 1.13.1 fixed in 1.15.1	37.8% High Exploitation Risk	Directly ExposedContext importance: HIGH
CVE-2019-20445	CRITICAL10	io.netty:netty 3.10.5.Final fixed in 4.0.0	13.5% High Exploitation Risk	Directly ExposedContext importance: HIGH
CVE-2019-20445	CRITICAL10	io.netty:netty 3.10.6.Final fixed in 4.0.0	13.5% High Exploitation Risk	Directly ExposedContext importance: HIGH
CVE-2019-1010022	CRITICAL9.8	libc-bin 2.31-13+deb11u3 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010022	CRITICAL9.8	libc6 2.31-13+deb11u3 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2023-45853	CRITICAL9.8	zlib1g 1:1.2.11.dfsg-2+deb11u1 No fix yet	2.9% Low-Moderate Risk	Directly Exposed
CVE-2017-15095	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2	8.4% Low-Moderate Risk	Directly Exposed
CVE-2018-11307	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.7.9.4, 2.8.11.2, 2.9.6	5.7% Low-Moderate Risk	Directly Exposed
CVE-2018-14719	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.7, 2.8.11.3, 2.7.9.5	9.7% Low-Moderate Risk	Directly Exposed
CVE-2019-14379	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6	8.0% Low-Moderate Risk	Directly Exposed
CVE-2019-16335	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10, 2.8.11.5, 2.6.7.3	4.9% Low-Moderate Risk	Directly Exposed
CVE-2019-16942	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3	5.7% Low-Moderate Risk	Directly Exposed
CVE-2019-16943	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3	4.9% Low-Moderate Risk	Directly Exposed
CVE-2019-17267	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10, 2.8.11.5	4.6% Low-Moderate Risk	Directly Exposed
CVE-2019-17531	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3	5.3% Low-Moderate Risk	Directly Exposed
CVE-2019-20330	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2	8.6% Low-Moderate Risk	Directly Exposed
CVE-2019-14892	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.6.7.3, 2.8.11.5, 2.9.10	5.4% Low-Moderate Risk	Directly Exposed
CVE-2018-11307	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.7.9.4, 2.8.11.2, 2.9.6	5.7% Low-Moderate Risk	Directly Exposed
CVE-2018-14719	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.7, 2.8.11.3, 2.7.9.5	9.7% Low-Moderate Risk	Directly Exposed
CVE-2018-14720	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.7, 2.8.11.3, 2.7.9.5	7.5% Low-Moderate Risk	Directly Exposed
CVE-2019-14379	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6	8.0% Low-Moderate Risk	Directly Exposed
CVE-2019-16335	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10, 2.8.11.5, 2.6.7.3	4.9% Low-Moderate Risk	Directly Exposed
CVE-2019-16942	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3	5.7% Low-Moderate Risk	Directly Exposed
CVE-2019-16943	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3	4.9% Low-Moderate Risk	Directly Exposed
CVE-2019-17267	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10, 2.8.11.5	4.6% Low-Moderate Risk	Directly Exposed
CVE-2019-17531	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3	5.3% Low-Moderate Risk	Directly Exposed
CVE-2019-20330	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2	8.6% Low-Moderate Risk	Directly Exposed
CVE-2020-9546	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4	4.6% Low-Moderate Risk	Directly Exposed
CVE-2019-14892	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.6.7.3, 2.8.11.5, 2.9.10	5.4% Low-Moderate Risk	Directly Exposed
CVE-2019-14893	CRITICAL9.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10	4.0% Low-Moderate Risk	Directly Exposed
CVE-2022-46337	CRITICAL9.8	org.apache.derby:derby 10.14.2.0 fixed in 10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0	1.4% Low-Moderate Risk	Directly Exposed
CVE-2019-10202	CRITICAL9.8	org.codehaus.jackson:jackson-mapper-asl 1.9.13 No fix yet	5.2% Low-Moderate Risk	Directly Exposed
CVE-2023-50387	CRITICAL9.75	libsystemd0 247.3-7 fixed in 247.3-7+deb11u6	100.0% Actively Exploited	Directly Exposed
CVE-2023-50868	CRITICAL9.75	libsystemd0 247.3-7 fixed in 247.3-7+deb11u6	82.8% Actively Exploited	Directly Exposed
CVE-2023-50387	CRITICAL9.75	libudev1 247.3-7 fixed in 247.3-7+deb11u6	100.0% Actively Exploited	Directly Exposed
CVE-2023-50868	CRITICAL9.75	libudev1 247.3-7 fixed in 247.3-7+deb11u6	82.8% Actively Exploited	Directly Exposed
CVE-2023-44487	CRITICAL9.75	org.eclipse.jetty.http2:http2-common 9.4.34.v20201102 fixed in 9.4.53, 10.0.17, 11.0.17	100.0% Actively Exploited	Directly Exposed
CVE-2023-0286	CRITICAL9.62	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u4	62.0% Actively Exploited	Directly Exposed
CVE-2020-35728	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	12.5% High Exploitation Risk	Directly Exposed
CVE-2020-36179	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	20.9% High Exploitation Risk	Directly Exposed
CVE-2020-36184	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	10.4% High Exploitation Risk	Directly Exposed
CVE-2020-36188	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	10.9% High Exploitation Risk	Directly Exposed
CVE-2020-35728	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8	12.5% High Exploitation Risk	Directly Exposed
CVE-2020-36179	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8, 2.6.7.5	20.9% High Exploitation Risk	Directly Exposed
CVE-2020-36184	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8	10.4% High Exploitation Risk	Directly Exposed
CVE-2020-36188	CRITICAL9.31	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8, 2.6.7.5	10.9% High Exploitation Risk	Directly Exposed
CVE-2024-37371	CRITICAL9.1	libgssapi-krb5-2 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u5	1.9% Low-Moderate Risk	Directly Exposed
CVE-2024-37371	CRITICAL9.1	libk5crypto3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u5	1.9% Low-Moderate Risk	Directly Exposed
CVE-2024-37371	CRITICAL9.1	libkrb5-3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u5	1.9% Low-Moderate Risk	Directly Exposed
CVE-2024-37371	CRITICAL9.1	libkrb5support0 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u5	1.9% Low-Moderate Risk	Directly Exposed
CVE-2022-1586	CRITICAL9.1	libpcre2-8-0 10.36-2 fixed in 10.36-2+deb11u1	3.0% Low-Moderate Risk	Directly Exposed
CVE-2022-1587	CRITICAL9.1	libpcre2-8-0 10.36-2 fixed in 10.36-2+deb11u1	2.4% Low-Moderate Risk	Directly Exposed
CVE-2021-46848	CRITICAL9.1	libtasn1-6 4.16.0-2 fixed in 4.16.0-2+deb11u1	2.1% Low-Moderate Risk	Directly Exposed
CVE-2019-20444	CRITICAL9.1	io.netty:netty 3.10.5.Final fixed in 4.0.0	8.7% Low-Moderate Risk	Directly Exposed
CVE-2019-20444	CRITICAL9.1	io.netty:netty 3.10.6.Final fixed in 4.0.0	8.7% Low-Moderate Risk	Directly Exposed
CVE-2023-44981	CRITICAL9.1	org.apache.zookeeper:zookeeper 3.6.3 fixed in 3.7.2, 3.8.3, 3.9.1	1.7% Low-Moderate Risk	Directly Exposed
CVE-2019-1010023	HIGH8.8	libc-bin 2.31-13+deb11u3 No fix yet	3.1% Low-Moderate Risk	Directly Exposed
CVE-2019-1010023	HIGH8.8	libc6 2.31-13+deb11u3 No fix yet	3.1% Low-Moderate Risk	Directly Exposed
CVE-2022-42898	HIGH8.8	libgssapi-krb5-2 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u3	6.4% Low-Moderate Risk	Directly Exposed
CVE-2022-42898	HIGH8.8	libk5crypto3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u3	6.4% Low-Moderate Risk	Directly Exposed
CVE-2022-42898	HIGH8.8	libkrb5-3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u3	6.4% Low-Moderate Risk	Directly Exposed
CVE-2022-42898	HIGH8.8	libkrb5support0 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u3	6.4% Low-Moderate Risk	Directly Exposed
CVE-2020-10673	HIGH8.8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.4, 2.6.7.4	8.0% Low-Moderate Risk	Directly Exposed
CVE-2020-10672	HIGH8.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4	3.0% Low-Moderate Risk	Directly Exposed
CVE-2020-10673	HIGH8.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4, 2.6.7.4	8.0% Low-Moderate Risk	Directly Exposed
CVE-2020-10968	HIGH8.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4	3.6% Low-Moderate Risk	Directly Exposed
CVE-2020-10969	HIGH8.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4	3.5% Low-Moderate Risk	Directly Exposed
CVE-2020-11111	HIGH8.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4	3.5% Low-Moderate Risk	Directly Exposed
CVE-2020-11112	HIGH8.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4	3.6% Low-Moderate Risk	Directly Exposed
CVE-2020-11113	HIGH8.8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4	6.2% Low-Moderate Risk	Directly Exposed
CVE-2025-48734	HIGH8.8	commons-beanutils:commons-beanutils 1.9.4 fixed in 1.11.0	1.5% Low-Moderate Risk	Directly Exposed
CVE-2024-47561	HIGH8.8	org.apache.avro:avro 1.11.3 fixed in 1.11.4	3.3% Low-Moderate Risk	Directly Exposed
CVE-2024-47561	HIGH8.8	org.apache.avro:avro 1.7.7 fixed in 1.11.4	3.3% Low-Moderate Risk	Directly Exposed
CVE-2022-36364	HIGH8.8	org.apache.calcite.avatica:avatica-core 1.12.0 fixed in 1.22.0	2.2% Low-Moderate Risk	Directly Exposed
CVE-2022-4450	HIGH8.62	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u4	20.4% High Exploitation Risk	Directly Exposed
CVE-2019-12086	HIGH8.62	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3	21.9% High Exploitation Risk	Directly Exposed
CVE-2019-14439	HIGH8.62	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3	10.8% High Exploitation Risk	Directly Exposed
CVE-2019-12086	HIGH8.62	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3	21.9% High Exploitation Risk	Directly Exposed
CVE-2019-14439	HIGH8.62	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3	10.8% High Exploitation Risk	Directly Exposed
CVE-2020-25649	HIGH8.62	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1	17.6% High Exploitation Risk	Directly Exposed
CVE-2019-10172	HIGH8.62	org.codehaus.jackson:jackson-mapper-asl 1.9.13 No fix yet	17.0% High Exploitation Risk	Directly Exposed
CVE-2021-33813	HIGH8.62	org.jdom:jdom2 2.0.6 fixed in 2.0.6.1	19.4% High Exploitation Risk	Directly Exposed
CVE-2026-45674	HIGH8.5	io.netty:netty-resolver-dns 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-47691	HIGH8.5	io.netty:netty-resolver-dns 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45674	HIGH8.5	io.netty:netty-resolver-dns 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-47691	HIGH8.5	io.netty:netty-resolver-dns 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2650	HIGH8.45	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u5	77.9% Actively Exploited	Directly Exposed
CVE-2021-36749	HIGH8.45	org.apache.druid:druid-core 0.17.1 fixed in 0.22.0	81.0% Actively Exploited	Directly Exposed
CVE-2026-42010	HIGH8.33	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.8% Theoretical Threat	Directly Exposed
CVE-2026-42581	HIGH8.33	io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42581	HIGH8.33	io.netty:netty-codec-http 4.1.86.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42581	HIGH8.33	io.netty:netty-codec-http 4.1.89.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-32988	HIGH8.2	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u8	1.2% Low-Moderate Risk	Directly Exposed
CVE-2026-45447	HIGH8.1	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u8	1.4% Low-Moderate Risk	Directly Exposed
CVE-2018-5968	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.8.11.1, 2.9.4, 2.7.9.5	7.0% Low-Moderate Risk	Directly Exposed
CVE-2020-10650	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.4	3.3% Low-Moderate Risk	Directly Exposed
CVE-2020-24616	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.6	9.3% Low-Moderate Risk	Directly Exposed
CVE-2020-24750	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.6.7.5, 2.9.10.6	7.3% Low-Moderate Risk	Directly Exposed
CVE-2020-35490	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	7.7% Low-Moderate Risk	Directly Exposed
CVE-2020-35491	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	9.5% Low-Moderate Risk	Directly Exposed
CVE-2020-36180	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	5.0% Low-Moderate Risk	Directly Exposed
CVE-2020-36181	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	5.0% Low-Moderate Risk	Directly Exposed
CVE-2020-36182	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	5.0% Low-Moderate Risk	Directly Exposed
CVE-2020-36183	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	4.9% Low-Moderate Risk	Directly Exposed
CVE-2020-36185	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	5.2% Low-Moderate Risk	Directly Exposed
CVE-2020-36186	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	5.2% Low-Moderate Risk	Directly Exposed
CVE-2020-36187	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8	5.2% Low-Moderate Risk	Directly Exposed
CVE-2020-36189	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.8, 2.6.7.5	4.9% Low-Moderate Risk	Directly Exposed
CVE-2021-20190	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.7, 2.6.7.5	7.5% Low-Moderate Risk	Directly Exposed
CVE-2020-10650	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4	3.3% Low-Moderate Risk	Directly Exposed
CVE-2020-11619	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4	3.6% Low-Moderate Risk	Directly Exposed
CVE-2020-11620	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4	5.6% Low-Moderate Risk	Directly Exposed
CVE-2020-14060	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.5	8.5% Low-Moderate Risk	Directly Exposed
CVE-2020-14061	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.5	4.4% Low-Moderate Risk	Directly Exposed
CVE-2020-14062	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.5	8.0% Low-Moderate Risk	Directly Exposed
CVE-2020-14195	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.5	4.5% Low-Moderate Risk	Directly Exposed
CVE-2020-24616	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.6	9.3% Low-Moderate Risk	Directly Exposed
CVE-2020-24750	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.6.7.5, 2.9.10.6	7.3% Low-Moderate Risk	Directly Exposed
CVE-2020-35490	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8	7.7% Low-Moderate Risk	Directly Exposed
CVE-2020-35491	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8	9.5% Low-Moderate Risk	Directly Exposed
CVE-2020-36180	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8, 2.6.7.5	5.0% Low-Moderate Risk	Directly Exposed
CVE-2020-36181	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8, 2.6.7.5	5.0% Low-Moderate Risk	Directly Exposed
CVE-2020-36182	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8, 2.6.7.5	5.0% Low-Moderate Risk	Directly Exposed
CVE-2020-36183	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8, 2.6.7.5	4.9% Low-Moderate Risk	Directly Exposed
CVE-2020-36185	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8	5.2% Low-Moderate Risk	Directly Exposed
CVE-2020-36186	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8	5.2% Low-Moderate Risk	Directly Exposed
CVE-2020-36187	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8	5.2% Low-Moderate Risk	Directly Exposed
CVE-2020-36189	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.8, 2.6.7.5	4.9% Low-Moderate Risk	Directly Exposed
CVE-2021-20190	HIGH8.1	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.7, 2.6.7.5	7.5% Low-Moderate Risk	Directly Exposed
CVE-2025-46762	HIGH8.1	org.apache.parquet:parquet-avro 1.13.1 fixed in 1.15.2	1.4% Low-Moderate Risk	Directly Exposed
CVE-2018-14721	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.7, 2.8.11.3, 2.7.9.5	10.5% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-8457	HIGH8	libdb5.3 5.3.28+dfsg1-0.8 No fix yet	45.4% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2022-37434	HIGH8	zlib1g 1:1.2.11.dfsg-2+deb11u1 fixed in 1:1.2.11.dfsg-2+deb11u2	15.9% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2017-17485	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.4, 2.8.11, 2.7.9.2	50.0% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2017-7525	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.6.7.1, 2.7.9.1, 2.8.9	37.9% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-14718	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3	12.7% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-19362	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3	10.6% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-7489	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5	20.5% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-14540	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10, 2.8.11.5, 2.6.7.3	10.7% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-8840	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3	26.6% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-9547	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7	18.7% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-9548	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7	18.3% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-14718	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3	12.7% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-19360	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.8, 2.8.11.3, 2.7.9.5	10.6% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-19361	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.7.9.5, 2.9.8, 2.8.11.3	10.6% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-19362	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3	10.6% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2018-7489	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5	20.5% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2019-14540	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10, 2.8.11.5, 2.6.7.3	10.7% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-8840	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3	26.6% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-9547	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7	18.7% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-9548	HIGH8	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7	18.3% High Exploitation Risk	Directly ExposedContext importance: MEDIUM
CVE-2024-2961	HIGH8	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u9	88.3% Actively Exploited	Directly ExposedContext importance: MEDIUM
CVE-2024-2961	HIGH8	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u9	88.3% Actively Exploited	Directly ExposedContext importance: MEDIUM
CVE-2022-1304	HIGH7.8	libcom-err2 1.46.2-2 fixed in 1.46.2-2+deb11u1	1.3% Low-Moderate Risk	Directly Exposed
CVE-2022-1304	HIGH7.8	libext2fs2 1.46.2-2 fixed in 1.46.2-2+deb11u1	1.3% Low-Moderate Risk	Directly Exposed
CVE-2017-7245	HIGH7.8	libpcre3 2:8.39-13 No fix yet	2.2% Low-Moderate Risk	Directly Exposed
CVE-2017-7246	HIGH7.8	libpcre3 2:8.39-13 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2022-1304	HIGH7.8	libss2 1.46.2-2 fixed in 1.46.2-2+deb11u1	1.3% Low-Moderate Risk	Directly Exposed
CVE-2026-33845	HIGH7.73	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42579	HIGH7.73	io.netty:netty-codec-dns 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42579	HIGH7.73	io.netty:netty-codec-dns 4.1.89.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42584	HIGH7.73	io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42584	HIGH7.73	io.netty:netty-codec-http 4.1.86.Final fixed in 4.2.13.Final, 4.1.133.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42584	HIGH7.73	io.netty:netty-codec-http 4.1.89.Final fixed in 4.2.13.Final, 4.1.133.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-2332	HIGH7.73	org.eclipse.jetty:jetty-http 9.4.45.v20220203 fixed in 12.1.7, 12.0.33	0.4% Theoretical Threat	Directly Exposed
CVE-2026-2332	HIGH7.73	org.eclipse.jetty:jetty-http 9.4.51.v20230217 fixed in 12.1.7, 12.0.33	0.4% Theoretical Threat	Directly Exposed
CVE-2023-0286	HIGH7.7	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u4	62.0% Actively Exploited	Directly ExposedContext importance: MEDIUM
CVE-2024-33599	HIGH7.6	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u10	1.3% Low-Moderate Risk	Directly Exposed
CVE-2024-33599	HIGH7.6	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u10	1.3% Low-Moderate Risk	Directly Exposed
CVE-2024-25638	HIGH7.57	dnsjava:dnsjava 2.1.7 fixed in 3.6.0	0.4% Theoretical Threat	Directly Exposed
CVE-2018-20796	HIGH7.5	libc-bin 2.31-13+deb11u3 No fix yet	5.8% Low-Moderate Risk	Directly Exposed
CVE-2019-9192	HIGH7.5	libc-bin 2.31-13+deb11u3 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2018-20796	HIGH7.5	libc6 2.31-13+deb11u3 No fix yet	5.8% Low-Moderate Risk	Directly Exposed
CVE-2019-9192	HIGH7.5	libc6 2.31-13+deb11u3 No fix yet	2.4% Low-Moderate Risk	Directly Exposed
CVE-2021-33560	HIGH7.5	libgcrypt20 1.8.7-6 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2018-6829	HIGH7.5	libgcrypt20 1.8.7-6 No fix yet	1.8% Low-Moderate Risk	Directly Exposed
CVE-2022-2509	HIGH7.5	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u2	1.5% Low-Moderate Risk	Directly Exposed
CVE-2024-0553	HIGH7.5	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u5	1.6% Low-Moderate Risk	Directly Exposed
CVE-2024-0567	HIGH7.5	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u5	1.4% Low-Moderate Risk	Directly Exposed
CVE-2018-5709	HIGH7.5	libgssapi-krb5-2 1.18.3-6+deb11u1 No fix yet	2.1% Low-Moderate Risk	Directly Exposed
CVE-2018-5709	HIGH7.5	libk5crypto3 1.18.3-6+deb11u1 No fix yet	2.1% Low-Moderate Risk	Directly Exposed
CVE-2018-5709	HIGH7.5	libkrb5-3 1.18.3-6+deb11u1 No fix yet	2.1% Low-Moderate Risk	Directly Exposed
CVE-2018-5709	HIGH7.5	libkrb5support0 1.18.3-6+deb11u1 No fix yet	2.1% Low-Moderate Risk	Directly Exposed
CVE-2017-11164	HIGH7.5	libpcre3 2:8.39-13 No fix yet	3.1% Low-Moderate Risk	Directly Exposed
CVE-2019-20838	HIGH7.5	libpcre3 2:8.39-13 No fix yet	2.8% Low-Moderate Risk	Directly Exposed
CVE-2023-0215	HIGH7.5	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u4	4.5% Low-Moderate Risk	Directly Exposed
CVE-2023-0464	HIGH7.5	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u5	3.7% Low-Moderate Risk	Directly Exposed
CVE-2021-46828	HIGH7.5	libtirpc-common 1.3.1-1 fixed in 1.3.1-1+deb11u1	2.1% Low-Moderate Risk	Directly Exposed
CVE-2021-46828	HIGH7.5	libtirpc3 1.3.1-1 fixed in 1.3.1-1+deb11u1	2.1% Low-Moderate Risk	Directly Exposed
CVE-2022-4899	HIGH7.5	libzstd1 1.4.8+dfsg-2.1 No fix yet	1.6% Low-Moderate Risk	Directly Exposed
CVE-2018-12022	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.7.9.4, 2.8.11.2, 2.9.6	7.3% Low-Moderate Risk	Directly Exposed
CVE-2020-36518	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.13.2.1, 2.12.6.1	4.9% Low-Moderate Risk	Directly Exposed
CVE-2022-42003	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.12.7.1, 2.13.4.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-42004	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.12.7.1, 2.13.4	2.7% Low-Moderate Risk	Directly Exposed
CVE-2018-12022	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.7.9.4, 2.8.11.2, 2.9.6	7.3% Low-Moderate Risk	Directly Exposed
CVE-2018-12023	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.7.9.4, 2.8.11.2, 2.9.6	8.9% Low-Moderate Risk	Directly Exposed
CVE-2020-36518	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.13.2.1, 2.12.6.1	4.9% Low-Moderate Risk	Directly Exposed
CVE-2022-42003	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.12.7.1, 2.13.4.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-42004	HIGH7.5	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.12.7.1, 2.13.4	2.7% Low-Moderate Risk	Directly Exposed
CVE-2024-7254	HIGH7.5	com.google.protobuf:protobuf-java 2.5.0 fixed in 3.25.5, 4.27.5, 4.28.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-3171	HIGH7.5	com.google.protobuf:protobuf-java 2.5.0 fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3	1.0% Low-Moderate Risk	Directly Exposed
CVE-2024-7254	HIGH7.5	com.google.protobuf:protobuf-java 3.11.3 fixed in 3.25.5, 4.27.5, 4.28.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-3171	HIGH7.5	com.google.protobuf:protobuf-java 3.11.3 fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3	1.0% Low-Moderate Risk	Directly Exposed
CVE-2024-7254	HIGH7.5	com.google.protobuf:protobuf-java 3.21.1 fixed in 3.25.5, 4.27.5, 4.28.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-3171	HIGH7.5	com.google.protobuf:protobuf-java 3.21.1 fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3	1.0% Low-Moderate Risk	Directly Exposed
CVE-2024-7254	HIGH7.5	com.google.protobuf:protobuf-java 3.24.4 fixed in 3.25.5, 4.27.5, 4.28.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2024-7254	HIGH7.5	com.google.protobuf:protobuf-java 3.3.0 fixed in 3.25.5, 4.27.5, 4.28.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-3171	HIGH7.5	com.google.protobuf:protobuf-java 3.3.0 fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3	1.0% Low-Moderate Risk	Directly Exposed
CVE-2024-7254	HIGH7.5	com.google.protobuf:protobuf-java 3.7.1 fixed in 3.25.5, 4.27.5, 4.28.2	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-3171	HIGH7.5	com.google.protobuf:protobuf-java 3.7.1 fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3	1.0% Low-Moderate Risk	Directly Exposed
CVE-2023-3635	HIGH7.5	com.squareup.okio:okio 2.8.0 fixed in 3.4.0, 1.17.6	1.1% Low-Moderate Risk	Directly Exposed
CVE-2021-37136	HIGH7.5	io.netty:netty 3.10.5.Final fixed in 4.0.0	5.7% Low-Moderate Risk	Directly Exposed
CVE-2021-37137	HIGH7.5	io.netty:netty 3.10.5.Final fixed in 4.0.0	6.3% Low-Moderate Risk	Directly Exposed
CVE-2021-37136	HIGH7.5	io.netty:netty 3.10.6.Final fixed in 4.0.0	5.7% Low-Moderate Risk	Directly Exposed
CVE-2021-37137	HIGH7.5	io.netty:netty 3.10.6.Final fixed in 4.0.0	6.3% Low-Moderate Risk	Directly Exposed
CVE-2022-41881	HIGH7.5	io.netty:netty-codec-haproxy 4.1.77.Final fixed in 4.1.86.Final	1.5% Low-Moderate Risk	Directly Exposed
CVE-2025-24970	HIGH7.5	io.netty:netty-handler 4.1.94.Final fixed in 4.1.118.Final	2.0% Low-Moderate Risk	Directly Exposed
CVE-2021-31684	HIGH7.5	net.minidev:json-smart 1.3.2 fixed in 1.3.3, 2.4.4	2.3% Low-Moderate Risk	Directly Exposed
CVE-2023-1370	HIGH7.5	net.minidev:json-smart 1.3.2 fixed in 2.4.9	1.1% Low-Moderate Risk	Directly Exposed
CVE-2023-39410	HIGH7.5	org.apache.avro:avro 1.7.7 fixed in 1.11.3	1.8% Low-Moderate Risk	Directly Exposed
CVE-2023-50298	HIGH7.5	org.apache.solr:solr-solrj 8.8.2 fixed in 9.4.1, 8.11.3	1.6% Low-Moderate Risk	Directly Exposed
CVE-2026-24308	HIGH7.5	org.apache.zookeeper:zookeeper 3.8.3 fixed in 3.9.5, 3.8.6	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-22201	HIGH7.5	org.eclipse.jetty.http2:http2-common 9.4.34.v20201102 fixed in 9.4.54, 10.0.20, 11.0.20	1.4% Low-Moderate Risk	Directly Exposed
CVE-2025-5115	HIGH7.5	org.eclipse.jetty.http2:http2-common 9.4.34.v20201102 fixed in 9.4.58, 10.0.26, 11.0.26	1.6% Low-Moderate Risk	Directly Exposed
CVE-2023-36478	HIGH7.5	org.eclipse.jetty.http2:http2-hpack 9.4.34.v20201102 fixed in 10.0.16, 11.0.16, 9.4.53	3.8% Low-Moderate Risk	Directly Exposed
CVE-2022-41404	HIGH7.5	org.ini4j:ini4j 0.5.4 No fix yet	1.3% Low-Moderate Risk	Directly Exposed
CVE-2023-34455	HIGH7.5	org.xerial.snappy:snappy-java 1.1.8.2 fixed in 1.1.10.1	1.8% Low-Moderate Risk	Directly Exposed
CVE-2023-43642	HIGH7.5	org.xerial.snappy:snappy-java 1.1.8.2 fixed in 1.1.10.4	1.0% Low-Moderate Risk	Directly Exposed
CVE-2023-34453	HIGH7.5	org.xerial.snappy:snappy-java 1.1.8.2 fixed in 1.1.10.1	1.7% Low-Moderate Risk	Directly Exposed
CVE-2023-34454	HIGH7.5	org.xerial.snappy:snappy-java 1.1.8.2 fixed in 1.1.10.1	1.5% Low-Moderate Risk	Directly Exposed
CVE-2023-0361	HIGH7.4	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u3	1.4% Low-Moderate Risk	Directly Exposed
CVE-2025-32990	MEDIUM6.97	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u8	0.7% Theoretical Threat	Directly Exposed
CVE-2026-42013	MEDIUM6.97	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.4% Theoretical Threat	Directly Exposed
CVE-2026-5260	MEDIUM6.97	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.7% Theoretical Threat	Directly Exposed
CVE-2026-0861	MEDIUM6.88	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u14	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0861	MEDIUM6.88	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u14	0.4% Theoretical Threat	Directly Exposed
CVE-2026-28387	MEDIUM6.88	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u7	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44249	MEDIUM6.88	io.netty:netty-handler 4.1.86.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-44249	MEDIUM6.88	io.netty:netty-handler 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-44249	MEDIUM6.88	io.netty:netty-handler 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2024-53990	MEDIUM6.88	org.asynchttpclient:async-http-client 2.12.3 fixed in 2.12.4, 3.0.1	0.6% Theoretical Threat	Directly Exposed
CVE-2024-53990	MEDIUM6.88	org.asynchttpclient:async-http-client 2.5.3 fixed in 2.12.4, 3.0.1	0.6% Theoretical Threat	Directly Exposed
CVE-2022-4304	MEDIUM6.79	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u4	16.2% High Exploitation Risk	Directly Exposed
CVE-2019-12384	MEDIUM6.79	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	45.2% High Exploitation Risk	Directly Exposed
CVE-2019-12814	MEDIUM6.79	com.fasterxml.jackson.core:jackson-databind 2.4.0 fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	11.0% High Exploitation Risk	Directly Exposed
CVE-2019-12384	MEDIUM6.79	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	45.2% High Exploitation Risk	Directly Exposed
CVE-2019-12814	MEDIUM6.79	com.fasterxml.jackson.core:jackson-databind 2.9.4 fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	11.0% High Exploitation Risk	Directly Exposed
CVE-2021-21295	MEDIUM6.79	io.netty:netty 3.10.5.Final fixed in 4.0.0	18.9% High Exploitation Risk	Directly Exposed
CVE-2021-21295	MEDIUM6.79	io.netty:netty 3.10.6.Final fixed in 4.0.0	18.9% High Exploitation Risk	Directly Exposed
CVE-2021-3999	MEDIUM6.63	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u4	0.7% Theoretical Threat	Directly Exposed
CVE-2021-3999	MEDIUM6.63	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u4	0.7% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	libsystemd0 247.3-7 fixed in 247.3-7+deb11u8	0.1% Theoretical Threat	Directly Exposed
CVE-2026-29111	MEDIUM6.63	libudev1 247.3-7 fixed in 247.3-7+deb11u8	0.1% Theoretical Threat	Directly Exposed
CVE-2023-36054	MEDIUM6.5	libgssapi-krb5-2 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u4	2.1% Low-Moderate Risk	Directly Exposed
CVE-2023-36054	MEDIUM6.5	libk5crypto3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u4	2.1% Low-Moderate Risk	Directly Exposed
CVE-2023-36054	MEDIUM6.5	libkrb5-3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u4	2.1% Low-Moderate Risk	Directly Exposed
CVE-2023-36054	MEDIUM6.5	libkrb5support0 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u4	2.1% Low-Moderate Risk	Directly Exposed
CVE-2021-43797	MEDIUM6.5	io.netty:netty 3.10.5.Final fixed in 4.0.0	2.7% Low-Moderate Risk	Directly Exposed
CVE-2021-43797	MEDIUM6.5	io.netty:netty 3.10.6.Final fixed in 4.0.0	2.7% Low-Moderate Risk	Directly Exposed
CVE-2023-34462	MEDIUM6.5	io.netty:netty-handler 4.1.86.Final fixed in 4.1.94.Final	2.5% Low-Moderate Risk	Directly Exposed
CVE-2023-34462	MEDIUM6.5	io.netty:netty-handler 4.1.89.Final fixed in 4.1.94.Final	2.5% Low-Moderate Risk	Directly Exposed
CVE-2021-26920	MEDIUM6.5	org.apache.druid:druid-core 0.17.1 fixed in 0.21.0	9.5% Low-Moderate Risk	Directly Exposed
CVE-2024-29857	MEDIUM6.5	org.bouncycastle:bcprov-jdk15on 1.68 fixed in 1.78	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-29857	MEDIUM6.5	org.bouncycastle:bcprov-jdk18on 1.77 fixed in 1.78	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-8184	MEDIUM6.5	org.eclipse.jetty:jetty-server 9.4.45.v20220203 fixed in 12.0.9, 10.0.24, 11.0.24, 9.4.56	1.0% Low-Moderate Risk	Directly Exposed
CVE-2024-8184	MEDIUM6.5	org.eclipse.jetty:jetty-server 9.4.51.v20230217 fixed in 12.0.9, 10.0.24, 11.0.24, 9.4.56	1.0% Low-Moderate Risk	Directly Exposed
CVE-2023-20863	MEDIUM6.5	org.springframework:spring-expression 5.3.21 fixed in 6.0.8, 5.3.27, 5.2.24.RELEASE	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-33846	MEDIUM6.38	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.9% Theoretical Threat	Directly Exposed
CVE-2026-42009	MEDIUM6.38	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.8% Theoretical Threat	Directly Exposed
CVE-2024-37370	MEDIUM6.38	libgssapi-krb5-2 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u5	0.7% Theoretical Threat	Directly Exposed
CVE-2024-37370	MEDIUM6.38	libk5crypto3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u5	0.7% Theoretical Threat	Directly Exposed
CVE-2024-37370	MEDIUM6.38	libkrb5-3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u5	0.7% Theoretical Threat	Directly Exposed
CVE-2024-37370	MEDIUM6.38	libkrb5support0 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u5	0.7% Theoretical Threat	Directly Exposed
CVE-2022-41409	MEDIUM6.38	libpcre2-8-0 10.36-2 No fix yet	1.0% Theoretical Threat	Directly Exposed
CVE-2025-69421	MEDIUM6.38	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.8% Theoretical Threat	Directly Exposed
CVE-2026-28388	MEDIUM6.38	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u7	0.9% Theoretical Threat	Directly Exposed
CVE-2026-28389	MEDIUM6.38	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u7	0.8% Theoretical Threat	Directly Exposed
CVE-2026-28390	MEDIUM6.38	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u7	0.8% Theoretical Threat	Directly Exposed
CVE-2023-34610	MEDIUM6.38	com.cedarsoftware:json-io 2.5.1 fixed in 4.14.1	0.8% Theoretical Threat	Directly Exposed
CVE-2025-52999	MEDIUM6.38	com.fasterxml.jackson.core:jackson-core 2.12.7 fixed in 2.15.0	0.6% Theoretical Threat	Directly Exposed
CVE-2025-52999	MEDIUM6.38	com.fasterxml.jackson.core:jackson-core 2.13.4 fixed in 2.15.0	0.6% Theoretical Threat	Directly Exposed
CVE-2025-52999	MEDIUM6.38	com.fasterxml.jackson.core:jackson-core 2.4.0 fixed in 2.15.0	0.6% Theoretical Threat	Directly Exposed
CVE-2025-52999	MEDIUM6.38	com.fasterxml.jackson.core:jackson-core 2.9.4 fixed in 2.15.0	0.6% Theoretical Threat	Directly Exposed
CVE-2022-3509	MEDIUM6.38	com.google.protobuf:protobuf-java 3.11.3 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7	0.6% Theoretical Threat	Directly Exposed
CVE-2022-3510	MEDIUM6.38	com.google.protobuf:protobuf-java 3.11.3 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7	0.5% Theoretical Threat	Directly Exposed
CVE-2022-3509	MEDIUM6.38	com.google.protobuf:protobuf-java 3.21.1 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7	0.6% Theoretical Threat	Directly Exposed
CVE-2022-3510	MEDIUM6.38	com.google.protobuf:protobuf-java 3.21.1 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7	0.5% Theoretical Threat	Directly Exposed
CVE-2022-3509	MEDIUM6.38	com.google.protobuf:protobuf-java 3.3.0 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7	0.6% Theoretical Threat	Directly Exposed
CVE-2022-3510	MEDIUM6.38	com.google.protobuf:protobuf-java 3.3.0 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7	0.5% Theoretical Threat	Directly Exposed
CVE-2022-3509	MEDIUM6.38	com.google.protobuf:protobuf-java 3.7.1 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7	0.6% Theoretical Threat	Directly Exposed
CVE-2022-3510	MEDIUM6.38	com.google.protobuf:protobuf-java 3.7.1 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7	0.5% Theoretical Threat	Directly Exposed
CVE-2023-52428	MEDIUM6.38	com.nimbusds:nimbus-jose-jwt 9.31 fixed in 9.37.2	0.8% Theoretical Threat	Directly Exposed
CVE-2023-52428	MEDIUM6.38	com.nimbusds:nimbus-jose-jwt 9.8.1 fixed in 9.37.2	0.8% Theoretical Threat	Directly Exposed
CVE-2025-67721	MEDIUM6.38	io.airlift:aircompressor 0.21 fixed in 2.0.3	0.4% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.grpc:grpc-netty-shaded 1.51.0 fixed in 1.75.0	0.9% Theoretical Threat	Directly Exposed
CVE-2023-1428	MEDIUM6.38	io.grpc:grpc-protobuf 1.51.0 fixed in 1.53.0	0.4% Theoretical Threat	Directly Exposed
CVE-2025-58057	MEDIUM6.38	io.netty:netty-codec 4.1.77.Final fixed in 4.1.125.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-58057	MEDIUM6.38	io.netty:netty-codec 4.1.86.Final fixed in 4.1.125.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-58057	MEDIUM6.38	io.netty:netty-codec 4.1.89.Final fixed in 4.1.125.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44893	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48059	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44893	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48059	MEDIUM6.38	io.netty:netty-codec-haproxy 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-33870	MEDIUM6.38	io.netty:netty-codec-http 4.1.77.Final fixed in 4.1.132.Final, 4.2.10.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42585	MEDIUM6.38	io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-58056	MEDIUM6.38	io.netty:netty-codec-http 4.1.77.Final fixed in 4.1.125.Final, 4.2.5.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-33870	MEDIUM6.38	io.netty:netty-codec-http 4.1.86.Final fixed in 4.1.132.Final, 4.2.10.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http 4.1.86.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42585	MEDIUM6.38	io.netty:netty-codec-http 4.1.86.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-58056	MEDIUM6.38	io.netty:netty-codec-http 4.1.86.Final fixed in 4.1.125.Final, 4.2.5.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-33870	MEDIUM6.38	io.netty:netty-codec-http 4.1.89.Final fixed in 4.1.132.Final, 4.2.10.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http 4.1.89.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-42585	MEDIUM6.38	io.netty:netty-codec-http 4.1.89.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-58056	MEDIUM6.38	io.netty:netty-codec-http 4.1.89.Final fixed in 4.1.125.Final, 4.2.5.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.netty:netty-codec-http2 4.1.77.Final fixed in 4.2.4.Final, 4.1.124.Final	0.9% Theoretical Threat	Directly Exposed
CVE-2026-33871	MEDIUM6.38	io.netty:netty-codec-http2 4.1.77.Final fixed in 4.1.132.Final, 4.2.11.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http2 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-48043	MEDIUM6.38	io.netty:netty-codec-http2 4.1.77.Final fixed in 4.1.135.Final, 4.2.15.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2025-55163	MEDIUM6.38	io.netty:netty-codec-http2 4.1.89.Final fixed in 4.2.4.Final, 4.1.124.Final	0.9% Theoretical Threat	Directly Exposed
CVE-2026-33871	MEDIUM6.38	io.netty:netty-codec-http2 4.1.89.Final fixed in 4.1.132.Final, 4.2.11.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42587	MEDIUM6.38	io.netty:netty-codec-http2 4.1.89.Final fixed in 4.2.13.Final, 4.1.133.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-48043	MEDIUM6.38	io.netty:netty-codec-http2 4.1.89.Final fixed in 4.1.135.Final, 4.2.15.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44248	MEDIUM6.38	io.netty:netty-codec-mqtt 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-44248	MEDIUM6.38	io.netty:netty-codec-mqtt 4.1.89.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-44250	MEDIUM6.38	io.netty:netty-codec-redis 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44890	MEDIUM6.38	io.netty:netty-codec-redis 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48006	MEDIUM6.38	io.netty:netty-codec-redis 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50011	MEDIUM6.38	io.netty:netty-codec-redis 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-44250	MEDIUM6.38	io.netty:netty-codec-redis 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-44890	MEDIUM6.38	io.netty:netty-codec-redis 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-48006	MEDIUM6.38	io.netty:netty-codec-redis 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50011	MEDIUM6.38	io.netty:netty-codec-redis 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-45416	MEDIUM6.38	io.netty:netty-handler 4.1.86.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50010	MEDIUM6.38	io.netty:netty-handler 4.1.86.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45416	MEDIUM6.38	io.netty:netty-handler 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50010	MEDIUM6.38	io.netty:netty-handler 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45416	MEDIUM6.38	io.netty:netty-handler 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-50010	MEDIUM6.38	io.netty:netty-handler 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42578	MEDIUM6.38	io.netty:netty-handler-proxy 4.1.77.Final fixed in 4.1.133.Final, 4.2.13.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42578	MEDIUM6.38	io.netty:netty-handler-proxy 4.1.89.Final fixed in 4.1.133.Final, 4.2.13.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-46340	MEDIUM6.38	io.netty:netty-transport-sctp 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2026-46340	MEDIUM6.38	io.netty:netty-transport-sctp 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.6% Theoretical Threat	Directly Exposed
CVE-2024-57699	MEDIUM6.38	net.minidev:json-smart 2.5.0 fixed in 2.5.2	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34479	MEDIUM6.38	org.apache.logging.log4j:log4j-1.2-api 2.18.0 fixed in 2.25.4	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34480	MEDIUM6.38	org.apache.logging.log4j:log4j-core 2.18.0 fixed in 2.25.4	0.9% Theoretical Threat	Directly Exposed
CVE-2026-5588	MEDIUM6.38	org.bouncycastle:bcpkix-jdk15on 1.68 fixed in 1.84	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5598	MEDIUM6.38	org.bouncycastle:bcprov-jdk18on 1.77 fixed in 1.84	0.5% Theoretical Threat	Directly Exposed
CVE-2024-30172	MEDIUM6.38	org.bouncycastle:bcprov-jdk18on 1.77 fixed in 1.78	0.8% Theoretical Threat	Directly Exposed
CVE-2025-66566	MEDIUM6.38	org.lz4:lz4-java 1.7.1 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2025-41249	MEDIUM6.38	org.springframework:spring-core 5.3.21 fixed in 6.2.11	0.5% Theoretical Threat	Directly Exposed
CVE-2024-21634	MEDIUM6.38	software.amazon.ion:ion-java 1.0.2 fixed in 1.10.5	0.8% Theoretical Threat	Directly Exposed
CVE-2026-3833	MEDIUM6.29	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42011	MEDIUM6.29	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.3% Theoretical Threat	Directly Exposed
CVE-2025-69419	MEDIUM6.29	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.4% Theoretical Threat	Directly Exposed
CVE-2026-24281	MEDIUM6.29	org.apache.zookeeper:zookeeper 3.8.3 fixed in 3.8.6, 3.9.5	0.3% Theoretical Threat	Directly Exposed
CVE-2026-43869	MEDIUM6.21	org.apache.thrift:libthrift 0.16.0 fixed in 0.23.0	0.3% Theoretical Threat	Directly Exposed
CVE-2024-13009	MEDIUM6.12	org.eclipse.jetty:jetty-server 9.4.45.v20220203 fixed in 9.4.57.v20241219	0.4% Theoretical Threat	Directly Exposed
CVE-2024-13009	MEDIUM6.12	org.eclipse.jetty:jetty-server 9.4.51.v20230217 fixed in 9.4.57.v20241219	0.4% Theoretical Threat	Directly Exposed
CVE-2020-13529	MEDIUM6.1	libsystemd0 247.3-7 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2020-13529	MEDIUM6.1	libudev1 247.3-7 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2026-42012	MEDIUM6.03	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.3% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 16.0.1 fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 22.0 fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 27.0-jre fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 28.2-jre fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2023-2976	MEDIUM6.03	com.google.guava:guava 30.1.1-jre fixed in 32.0.0-android	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42586	MEDIUM6.03	io.netty:netty-codec-redis 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42586	MEDIUM6.03	io.netty:netty-codec-redis 4.1.89.Final fixed in 4.2.13.Final, 4.1.133.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-4802	MEDIUM5.95	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u13	0.4% Theoretical Threat	Directly Exposed
CVE-2025-4802	MEDIUM5.95	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u13	0.4% Theoretical Threat	Directly Exposed
CVE-2023-4806	MEDIUM5.9	libc-bin 2.31-13+deb11u3 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2023-4813	MEDIUM5.9	libc-bin 2.31-13+deb11u3 No fix yet	1.7% Low-Moderate Risk	Directly Exposed
CVE-2023-4806	MEDIUM5.9	libc6 2.31-13+deb11u3 No fix yet	1.4% Low-Moderate Risk	Directly Exposed
CVE-2023-4813	MEDIUM5.9	libc6 2.31-13+deb11u3 No fix yet	1.7% Low-Moderate Risk	Directly Exposed
CVE-2024-2236	MEDIUM5.9	libgcrypt20 1.8.7-6 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2023-5981	MEDIUM5.9	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u4	1.3% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libgssapi-krb5-2 1.18.3-6+deb11u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libk5crypto3 1.18.3-6+deb11u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libkrb5-3 1.18.3-6+deb11u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-26461	MEDIUM5.9	libkrb5support0 1.18.3-6+deb11u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-5535	MEDIUM5.9	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	5.6% Low-Moderate Risk	Directly Exposed
CVE-2025-13151	MEDIUM5.9	libtasn1-6 4.16.0-2 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2018-10237	MEDIUM5.9	com.google.guava:guava 16.0.1 fixed in 24.1.1-android	5.1% Low-Moderate Risk	Directly Exposed
CVE-2018-10237	MEDIUM5.9	com.google.guava:guava 22.0 fixed in 24.1.1-android	5.1% Low-Moderate Risk	Directly Exposed
CVE-2021-21409	MEDIUM5.9	io.netty:netty 3.10.5.Final fixed in 4.0.0	4.9% Low-Moderate Risk	Directly Exposed
CVE-2021-21409	MEDIUM5.9	io.netty:netty 3.10.6.Final fixed in 4.0.0	4.9% Low-Moderate Risk	Directly Exposed
CVE-2021-38153	MEDIUM5.9	org.apache.kafka:kafka-clients 2.5.0 fixed in 2.6.3, 2.7.2, 2.8.1	5.8% Low-Moderate Risk	Directly Exposed
CVE-2026-45673	MEDIUM5.78	io.netty:netty-resolver-dns 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-45673	MEDIUM5.78	io.netty:netty-resolver-dns 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-35554	MEDIUM5.78	org.apache.kafka:kafka-clients 2.8.2 fixed in 3.9.2, 4.0.2, 4.1.2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-40490	MEDIUM5.78	org.asynchttpclient:async-http-client 2.12.3 fixed in 3.0.9, 2.14.5	0.3% Theoretical Threat	Directly Exposed
CVE-2026-40490	MEDIUM5.78	org.asynchttpclient:async-http-client 2.5.3 fixed in 3.0.9, 2.14.5	0.3% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	libsystemd0 247.3-7 fixed in 247.3-7+deb11u8	0.1% Theoretical Threat	Directly Exposed
CVE-2026-4105	MEDIUM5.7	libudev1 247.3-7 fixed in 247.3-7+deb11u8	0.1% Theoretical Threat	Directly Exposed
CVE-2026-42014	MEDIUM5.61	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.2% Theoretical Threat	Directly Exposed
CVE-2024-23944	MEDIUM5.61	org.apache.zookeeper:zookeeper 3.6.3 fixed in 3.8.4, 3.9.2	0.2% Theoretical Threat	Directly Exposed
CVE-2024-23944	MEDIUM5.61	org.apache.zookeeper:zookeeper 3.8.3 fixed in 3.8.4, 3.9.2	0.2% Theoretical Threat	Directly Exposed
CVE-2025-9230	MEDIUM5.6	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u4	1.8% Low-Moderate Risk	Directly Exposed
CVE-2024-4741	MEDIUM5.6	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	2.9% Low-Moderate Risk	Directly Exposed
CVE-2011-3389	MEDIUM5.59	libgnutls30 3.7.1-5+deb11u1 No fix yet	73.3% Actively Exploited	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc-bin 2.31-13+deb11u3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc6 2.31-13+deb11u3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-6395	MEDIUM5.52	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u8	0.6% Theoretical Threat	Directly Exposed
CVE-2025-24528	MEDIUM5.52	libgssapi-krb5-2 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u6	0.6% Theoretical Threat	Directly Exposed
CVE-2025-24528	MEDIUM5.52	libk5crypto3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u6	0.6% Theoretical Threat	Directly Exposed
CVE-2025-24528	MEDIUM5.52	libkrb5-3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u6	0.6% Theoretical Threat	Directly Exposed
CVE-2025-24528	MEDIUM5.52	libkrb5support0 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u6	0.6% Theoretical Threat	Directly Exposed
CVE-2025-67735	MEDIUM5.52	io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.8.Final, 4.1.129.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-41417	MEDIUM5.52	io.netty:netty-codec-http 4.1.77.Final fixed in 4.1.133.Final, 4.2.13.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42580	MEDIUM5.52	io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-67735	MEDIUM5.52	io.netty:netty-codec-http 4.1.86.Final fixed in 4.2.8.Final, 4.1.129.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-41417	MEDIUM5.52	io.netty:netty-codec-http 4.1.86.Final fixed in 4.1.133.Final, 4.2.13.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42580	MEDIUM5.52	io.netty:netty-codec-http 4.1.86.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-67735	MEDIUM5.52	io.netty:netty-codec-http 4.1.89.Final fixed in 4.2.8.Final, 4.1.129.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-41417	MEDIUM5.52	io.netty:netty-codec-http 4.1.89.Final fixed in 4.1.133.Final, 4.2.13.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42580	MEDIUM5.52	io.netty:netty-codec-http 4.1.89.Final fixed in 4.2.13.Final, 4.1.133.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0636	MEDIUM5.52	org.bouncycastle:bcprov-jdk18on 1.77 fixed in 1.84	0.5% Theoretical Threat	Directly Exposed
CVE-2025-11143	MEDIUM5.52	org.eclipse.jetty:jetty-http 9.4.45.v20220203 fixed in 12.0.31, 12.1.5	0.2% Theoretical Threat	Directly Exposed
CVE-2025-11143	MEDIUM5.52	org.eclipse.jetty:jetty-http 9.4.51.v20230217 fixed in 12.0.31, 12.1.5	0.2% Theoretical Threat	Directly Exposed
CVE-2025-12183	MEDIUM5.52	org.lz4:lz4-java 1.7.1 fixed in 1.8.1	0.7% Theoretical Threat	Directly Exposed
CVE-2026-40458	MEDIUM5.52	org.pac4j:pac4j-core 4.5.5 fixed in 5.7.10, 6.4.1	0.2% Theoretical Threat	Directly Exposed
CVE-2023-20861	MEDIUM5.52	org.springframework:spring-expression 5.3.21 fixed in 6.0.7, 5.3.26, 5.2.23.RELEASE	1.0% Theoretical Threat	Directly Exposed
CVE-2024-0727	MEDIUM5.5	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	3.2% Low-Moderate Risk	Directly Exposed
CVE-2021-22569	MEDIUM5.5	com.google.protobuf:protobuf-java 2.5.0 fixed in 3.16.1, 3.18.2, 3.19.2	1.7% Low-Moderate Risk	Directly Exposed
CVE-2021-22569	MEDIUM5.5	com.google.protobuf:protobuf-java 3.11.3 fixed in 3.16.1, 3.18.2, 3.19.2	1.7% Low-Moderate Risk	Directly Exposed
CVE-2021-22569	MEDIUM5.5	com.google.protobuf:protobuf-java 3.3.0 fixed in 3.16.1, 3.18.2, 3.19.2	1.7% Low-Moderate Risk	Directly Exposed
CVE-2021-22569	MEDIUM5.5	com.google.protobuf:protobuf-java 3.7.1 fixed in 3.16.1, 3.18.2, 3.19.2	1.7% Low-Moderate Risk	Directly Exposed
CVE-2021-21290	MEDIUM5.5	io.netty:netty 3.10.5.Final fixed in 4.0.0	1.8% Low-Moderate Risk	Directly Exposed
CVE-2021-21290	MEDIUM5.5	io.netty:netty 3.10.6.Final fixed in 4.0.0	1.8% Low-Moderate Risk	Directly Exposed
CVE-2026-40225	MEDIUM5.44	libsystemd0 247.3-7 fixed in 247.3-7+deb11u8	0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libsystemd0 247.3-7 fixed in 247.3-7+deb11u8	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40225	MEDIUM5.44	libudev1 247.3-7 fixed in 247.3-7+deb11u8	0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libudev1 247.3-7 fixed in 247.3-7+deb11u8	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-33600	MEDIUM5.3	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u10	1.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc-bin 2.31-13+deb11u3 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc-bin 2.31-13+deb11u3 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2024-33600	MEDIUM5.3	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u10	1.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc6 2.31-13+deb11u3 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc6 2.31-13+deb11u3 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2024-12243	MEDIUM5.3	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u7	1.2% Low-Moderate Risk	Directly Exposed
CVE-2022-2097	MEDIUM5.3	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u4	2.0% Low-Moderate Risk	Directly Exposed
CVE-2023-0465	MEDIUM5.3	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u5	1.6% Low-Moderate Risk	Directly Exposed
CVE-2023-0466	MEDIUM5.3	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u5	1.6% Low-Moderate Risk	Directly Exposed
CVE-2023-3446	MEDIUM5.3	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1v-0~deb11u1	5.5% Low-Moderate Risk	Directly Exposed
CVE-2023-3817	MEDIUM5.3	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1v-0~deb11u1	2.6% Low-Moderate Risk	Directly Exposed
CVE-2023-5678	MEDIUM5.3	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	4.5% Low-Moderate Risk	Directly Exposed
CVE-2024-12133	MEDIUM5.3	libtasn1-6 4.16.0-2 fixed in 4.16.0-2+deb11u2	1.0% Low-Moderate Risk	Directly Exposed
CVE-2024-29025	MEDIUM5.3	io.netty:netty-codec-http 4.1.77.Final fixed in 4.1.108.Final	1.4% Low-Moderate Risk	Directly Exposed
CVE-2024-29025	MEDIUM5.3	io.netty:netty-codec-http 4.1.86.Final fixed in 4.1.108.Final	1.4% Low-Moderate Risk	Directly Exposed
CVE-2024-29025	MEDIUM5.3	io.netty:netty-codec-http 4.1.89.Final fixed in 4.1.108.Final	1.4% Low-Moderate Risk	Directly Exposed
CVE-2025-59419	MEDIUM5.3	io.netty:netty-codec-smtp 4.1.77.Final fixed in 4.2.7.Final, 4.1.128.Final	1.6% Low-Moderate Risk	Directly Exposed
CVE-2025-59419	MEDIUM5.3	io.netty:netty-codec-smtp 4.1.89.Final fixed in 4.2.7.Final, 4.1.128.Final	1.6% Low-Moderate Risk	Directly Exposed
CVE-2025-27553	MEDIUM5.3	org.apache.commons:commons-vfs2 2.3 fixed in 2.10.0	1.2% Low-Moderate Risk	Directly Exposed
CVE-2020-13956	MEDIUM5.3	org.apache.httpcomponents:httpclient 4.5.2 fixed in 4.5.13, 5.0.3	8.7% Low-Moderate Risk	Directly Exposed
CVE-2024-31141	MEDIUM5.3	org.apache.kafka:kafka-clients 2.5.0 fixed in 3.7.1	1.1% Low-Moderate Risk	Directly Exposed
CVE-2024-31141	MEDIUM5.3	org.apache.kafka:kafka-clients 2.8.2 fixed in 3.7.1	1.1% Low-Moderate Risk	Directly Exposed
CVE-2023-40167	MEDIUM5.3	org.eclipse.jetty:jetty-http 9.4.45.v20220203 fixed in 9.4.52, 10.0.16, 11.0.16, 12.0.1	1.1% Low-Moderate Risk	Directly Exposed
CVE-2023-40167	MEDIUM5.3	org.eclipse.jetty:jetty-http 9.4.51.v20230217 fixed in 9.4.52, 10.0.16, 11.0.16, 12.0.1	1.1% Low-Moderate Risk	Directly Exposed
CVE-2023-26048	MEDIUM5.3	org.eclipse.jetty:jetty-server 9.4.45.v20220203 fixed in 9.4.51.v20230217, 10.0.14, 11.0.14	3.3% Low-Moderate Risk	Directly Exposed
CVE-2023-26049	MEDIUM5.3	org.eclipse.jetty:jetty-server 9.4.45.v20220203 fixed in 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0	1.3% Low-Moderate Risk	Directly Exposed
CVE-2021-28170	MEDIUM5.3	org.glassfish:javax.el 3.0.0 No fix yet	2.1% Low-Moderate Risk	Directly Exposed
CVE-2020-29582	MEDIUM5.3	org.jetbrains.kotlin:kotlin-stdlib 1.4.10 fixed in 1.4.21	2.6% Low-Moderate Risk	Directly Exposed
CVE-2022-24329	MEDIUM5.3	org.jetbrains.kotlin:kotlin-stdlib 1.4.10 fixed in 1.6.0	2.2% Low-Moderate Risk	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid1 2.36.1-8+deb11u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount1 2.36.1-8+deb11u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libsmartcols1 2.36.1-8+deb11u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid1 2.36.1-8+deb11u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc-bin 2.31-13+deb11u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-15281	MEDIUM5.02	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u14	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc6 2.31-13+deb11u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-15281	MEDIUM5.02	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u14	0.3% Theoretical Threat	Directly Exposed
CVE-2025-3576	MEDIUM5.02	libgssapi-krb5-2 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u7	0.3% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libgssapi-krb5-2 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libgssapi-krb5-2 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u8	0.5% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libgssapi-krb5-2 1.18.3-6+deb11u1 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2025-3576	MEDIUM5.02	libk5crypto3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u7	0.3% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libk5crypto3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libk5crypto3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u8	0.5% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libk5crypto3 1.18.3-6+deb11u1 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2025-3576	MEDIUM5.02	libkrb5-3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u7	0.3% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libkrb5-3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libkrb5-3 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u8	0.5% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5-3 1.18.3-6+deb11u1 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2025-3576	MEDIUM5.02	libkrb5support0 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u7	0.3% Theoretical Threat	Directly Exposed
CVE-2026-40355	MEDIUM5.02	libkrb5support0 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40356	MEDIUM5.02	libkrb5support0 1.18.3-6+deb11u1 fixed in 1.18.3-6+deb11u8	0.5% Theoretical Threat	Directly Exposed
CVE-2024-26458	MEDIUM5.02	libkrb5support0 1.18.3-6+deb11u1 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2025-69420	MEDIUM5.02	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.8% Theoretical Threat	Directly Exposed
CVE-2026-22796	MEDIUM5.02	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.5% Theoretical Threat	Directly Exposed
CVE-2026-9076	MEDIUM5.02	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u8	0.3% Theoretical Threat	Directly Exposed
CVE-2023-7008	MEDIUM5.02	libsystemd0 247.3-7 fixed in 247.3-7+deb11u6	0.8% Theoretical Threat	Directly Exposed
CVE-2023-7008	MEDIUM5.02	libudev1 247.3-7 fixed in 247.3-7+deb11u6	0.8% Theoretical Threat	Directly Exposed
CVE-2026-34477	MEDIUM5.02	org.apache.logging.log4j:log4j-core 2.18.0 fixed in 2.25.4	0.4% Theoretical Threat	Directly Exposed
CVE-2024-30171	MEDIUM5.02	org.bouncycastle:bcprov-jdk15on 1.68 fixed in 1.78	0.9% Theoretical Threat	Directly Exposed
CVE-2024-30171	MEDIUM5.02	org.bouncycastle:bcprov-jdk18on 1.77 fixed in 1.78	0.9% Theoretical Threat	Directly Exposed
CVE-2024-38808	MEDIUM5.02	org.springframework:spring-expression 5.3.21 fixed in 5.3.39	0.5% Theoretical Threat	Directly Exposed
CVE-2025-53864	MEDIUM4.93	com.nimbusds:nimbus-jose-jwt 9.31 fixed in 10.0.2, 9.37.4	0.8% Theoretical Threat	Directly Exposed
CVE-2025-53864	MEDIUM4.93	com.nimbusds:nimbus-jose-jwt 9.8.1 fixed in 10.0.2, 9.37.4	0.8% Theoretical Threat	Directly Exposed
CVE-2024-2511	MEDIUM4.81	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	54.0% Actively Exploited	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libblkid1 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2025-0395	MEDIUM4.67	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u12	0.3% Theoretical Threat	Directly Exposed
CVE-2025-0395	MEDIUM4.67	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u12	0.3% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libmount1 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2017-16231	MEDIUM4.67	libpcre3 2:8.39-13 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libsmartcols1 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-22795	MEDIUM4.67	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.1% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u8	0.3% Theoretical Threat	Directly Exposed
CVE-2022-3821	MEDIUM4.67	libsystemd0 247.3-7 fixed in 247.3-7+deb11u2	0.4% Theoretical Threat	Directly Exposed
CVE-2022-4415	MEDIUM4.67	libsystemd0 247.3-7 fixed in 247.3-7+deb11u2	0.9% Theoretical Threat	Directly Exposed
CVE-2022-3821	MEDIUM4.67	libudev1 247.3-7 fixed in 247.3-7+deb11u2	0.4% Theoretical Threat	Directly Exposed
CVE-2022-4415	MEDIUM4.67	libudev1 247.3-7 fixed in 247.3-7+deb11u2	0.9% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libuuid1 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib1g 1:1.2.11.dfsg-2+deb11u1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2024-47535	MEDIUM4.67	io.netty:netty-common 4.1.77.Final fixed in 4.1.115.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-25193	MEDIUM4.67	io.netty:netty-common 4.1.77.Final fixed in 4.1.118.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2024-47535	MEDIUM4.67	io.netty:netty-common 4.1.86.Final fixed in 4.1.115.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-25193	MEDIUM4.67	io.netty:netty-common 4.1.86.Final fixed in 4.1.118.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2024-47535	MEDIUM4.67	io.netty:netty-common 4.1.89.Final fixed in 4.1.115.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2025-25193	MEDIUM4.67	io.netty:netty-common 4.1.89.Final fixed in 4.1.118.Final	0.4% Theoretical Threat	Directly Exposed
CVE-2024-25710	MEDIUM4.67	org.apache.commons:commons-compress 1.21 fixed in 1.26.0	0.4% Theoretical Threat	Directly Exposed
CVE-2024-26308	MEDIUM4.67	org.apache.commons:commons-compress 1.21 fixed in 1.26.0	0.9% Theoretical Threat	Directly Exposed
CVE-2023-42503	MEDIUM4.67	org.apache.commons:commons-compress 1.23.0 fixed in 1.24.0	0.5% Theoretical Threat	Directly Exposed
CVE-2024-25710	MEDIUM4.67	org.apache.commons:commons-compress 1.23.0 fixed in 1.26.0	0.4% Theoretical Threat	Directly Exposed
CVE-2024-26308	MEDIUM4.67	org.apache.commons:commons-compress 1.23.0 fixed in 1.26.0	0.9% Theoretical Threat	Directly Exposed
CVE-2023-33202	MEDIUM4.67	org.bouncycastle:bcprov-jdk15on 1.68 fixed in 1.70	0.9% Theoretical Threat	Directly Exposed
CVE-2026-42496	MEDIUM4.64	perl-base 5.32.1-4+deb11u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2023-0215	MEDIUM4.5	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u4	4.5% Low-Moderate Risk	Post-Exploit
CVE-2023-0464	MEDIUM4.5	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u5	3.7% Low-Moderate Risk	Post-Exploit
CVE-2026-3184	MEDIUM4.5	libblkid1 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0915	MEDIUM4.5	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u14	0.6% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u14	0.4% Theoretical Threat	Directly Exposed
CVE-2026-0915	MEDIUM4.5	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u14	0.6% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u14	0.4% Theoretical Threat	Directly Exposed
CVE-2024-28834	MEDIUM4.5	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u6	0.7% Theoretical Threat	Directly Exposed
CVE-2025-14831	MEDIUM4.5	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u9	0.6% Theoretical Threat	Directly Exposed
CVE-2026-42015	MEDIUM4.5	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u10	0.7% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.2.5-2.1~deb11u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libmount1 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libsmartcols1 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42766	MEDIUM4.5	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u8	0.6% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libsystemd0 247.3-7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libsystemd0 247.3-7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libsystemd0 247.3-7 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libudev1 247.3-7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libudev1 247.3-7 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libudev1 247.3-7 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libuuid1 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-50020	MEDIUM4.5	io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-50020	MEDIUM4.5	io.netty:netty-codec-http 4.1.86.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-50020	MEDIUM4.5	io.netty:netty-codec-http 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-47244	MEDIUM4.5	io.netty:netty-codec-http2 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50560	MEDIUM4.5	io.netty:netty-codec-http2 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2026-47244	MEDIUM4.5	io.netty:netty-codec-http2 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.5% Theoretical Threat	Directly Exposed
CVE-2026-50560	MEDIUM4.5	io.netty:netty-codec-http2 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.3% Theoretical Threat	Directly Exposed
CVE-2025-8916	MEDIUM4.5	org.bouncycastle:bcpkix-jdk15on 1.68 fixed in 1.79	0.4% Theoretical Threat	Directly Exposed
CVE-2023-33201	MEDIUM4.5	org.bouncycastle:bcprov-jdk15on 1.68 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2024-34447	MEDIUM4.5	org.bouncycastle:bcprov-jdk15on 1.68 fixed in 1.78	0.8% Theoretical Threat	Directly Exposed
CVE-2024-34447	MEDIUM4.5	org.bouncycastle:bcprov-jdk18on 1.77 fixed in 1.78	0.8% Theoretical Threat	Directly Exposed
CVE-2025-8885	MEDIUM4.5	org.bouncycastle:bcprov-jdk18on 1.77 fixed in 1.78	0.5% Theoretical Threat	Directly Exposed
CVE-2024-6763	MEDIUM4.5	org.eclipse.jetty:jetty-http 9.4.45.v20220203 fixed in 12.0.12	1.0% Theoretical Threat	Directly Exposed
CVE-2024-6763	MEDIUM4.5	org.eclipse.jetty:jetty-http 9.4.51.v20230217 fixed in 12.0.12	1.0% Theoretical Threat	Directly Exposed
CVE-2024-38820	MEDIUM4.5	org.springframework:spring-context 5.3.21 fixed in 6.1.14	0.6% Theoretical Threat	Directly Exposed
CVE-2024-28085	MEDIUM4.4	libblkid1 2.36.1-8+deb11u1 fixed in 2.36.1-8+deb11u2	2.2% Low-Moderate Risk	Directly Exposed
CVE-2024-28085	MEDIUM4.4	libmount1 2.36.1-8+deb11u1 fixed in 2.36.1-8+deb11u2	2.2% Low-Moderate Risk	Directly Exposed
CVE-2024-28085	MEDIUM4.4	libsmartcols1 2.36.1-8+deb11u1 fixed in 2.36.1-8+deb11u2	2.2% Low-Moderate Risk	Directly Exposed
CVE-2024-28085	MEDIUM4.4	libuuid1 2.36.1-8+deb11u1 fixed in 2.36.1-8+deb11u2	2.2% Low-Moderate Risk	Directly Exposed
CVE-2024-29131	MEDIUM4.4	org.apache.commons:commons-configuration2 2.8.0 fixed in 2.10.1	2.1% Low-Moderate Risk	Directly Exposed
CVE-2024-29133	MEDIUM4.4	org.apache.commons:commons-configuration2 2.8.0 fixed in 2.10.1	1.7% Low-Moderate Risk	Directly Exposed
CVE-2024-47554	MEDIUM4.3	commons-io:commons-io 2.12.0 fixed in 2.14.0	1.2% Low-Moderate Risk	Directly Exposed
CVE-2024-47554	MEDIUM4.3	commons-io:commons-io 2.8.0 fixed in 2.14.0	1.2% Low-Moderate Risk	Directly Exposed
CVE-2026-42250	MEDIUM4.25	libbz2-1.0 1.0.8-4 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc-bin 2.31-13+deb11u3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc-bin 2.31-13+deb11u3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc6 2.31-13+deb11u3 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc6 2.31-13+deb11u3 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-28835	MEDIUM4.25	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u6	0.4% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libgssapi-krb5-2 1.18.3-6+deb11u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libk5crypto3 1.18.3-6+deb11u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libkrb5-3 1.18.3-6+deb11u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-11850	MEDIUM4.25	libkrb5support0 1.18.3-6+deb11u1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u8	0.5% Theoretical Threat	Directly Exposed
CVE-2026-28387	MEDIUM4.13	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u7	0.6% Theoretical Threat	Post-Exploit
CVE-2023-4039	MEDIUM4.08	gcc-10-base 10.2.1-6 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2023-4039	MEDIUM4.08	gcc-9-base 9.3.0-22 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2023-4039	MEDIUM4.08	libgcc-s1 10.2.1-6 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2023-4039	MEDIUM4.08	libstdc++6 10.2.1-6 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2025-68161	MEDIUM4.08	org.apache.logging.log4j:log4j-core 2.18.0 fixed in 2.25.3	0.7% Theoretical Threat	Directly Exposed
CVE-2022-4304	MEDIUM4.07	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u4	16.2% High Exploitation Risk	Post-Exploit
CVE-2026-27456	MEDIUM4	libblkid1 2.36.1-8+deb11u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.36.1-8+deb11u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols1 2.36.1-8+deb11u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2024-13176	MEDIUM4	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u3	0.6% Theoretical Threat	Directly Exposed
CVE-2025-68160	MEDIUM4	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.2% Theoretical Threat	Directly Exposed
CVE-2025-4598	MEDIUM4	libsystemd0 247.3-7 fixed in 247.3-7+deb11u7	0.6% Theoretical Threat	Directly Exposed
CVE-2025-4598	MEDIUM4	libudev1 247.3-7 fixed in 247.3-7+deb11u7	0.6% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.36.1-8+deb11u1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	MEDIUM4	libc-bin 2.31-13+deb11u3 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2024-33601	MEDIUM4	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u10	1.1% Low-Moderate Risk	Directly Exposed
CVE-2010-4756	MEDIUM4	libc6 2.31-13+deb11u3 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2024-33601	MEDIUM4	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u10	1.1% Low-Moderate Risk	Directly Exposed
CVE-2022-3715	LOW3.98	bash 5.1-2+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2020-16156	LOW3.98	perl-base 5.32.1-4+deb11u2 fixed in 5.32.1-4+deb11u4	0.8% Theoretical Threat	Post-Exploit
CVE-2023-47038	LOW3.98	perl-base 5.32.1-4+deb11u2 fixed in 5.32.1-4+deb11u3	0.8% Theoretical Threat	Post-Exploit
CVE-2026-48962	LOW3.98	perl-base 5.32.1-4+deb11u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69421	LOW3.82	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.8% Theoretical Threat	Post-Exploit
CVE-2026-28388	LOW3.82	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u7	0.9% Theoretical Threat	Post-Exploit
CVE-2026-28389	LOW3.82	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u7	0.8% Theoretical Threat	Post-Exploit
CVE-2026-28390	LOW3.82	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u7	0.8% Theoretical Threat	Post-Exploit
CVE-2026-42497	LOW3.82	perl-base 5.32.1-4+deb11u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-9538	LOW3.82	perl-base 5.32.1-4+deb11u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-69419	LOW3.77	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.4% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW3.7	libapt-pkg6.0 2.2.4 No fix yet	1.2% Low-Moderate Risk	Directly Exposed
CVE-2024-9143	LOW3.7	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	6.0% Low-Moderate Risk	Directly Exposed
CVE-2025-48924	LOW3.7	org.apache.commons:commons-lang3 3.12.0 fixed in 3.18.0	2.2% Low-Moderate Risk	Directly Exposed
CVE-2023-4911	LOW3.65	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u7	78.6% Actively Exploited	Post-Exploit
CVE-2023-4911	LOW3.65	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u7	78.6% Actively Exploited	Post-Exploit
CVE-2005-2541	LOW3.6	tar 1.34+dfsg-1 No fix yet	4.0% Low-Moderate Risk	Post-Exploit
CVE-2025-68973	LOW3.57	gpgv 2.2.27-2+deb11u2 fixed in 2.2.27-2+deb11u3	0.1% Theoretical Threat	Post-Exploit
CVE-2025-8058	LOW3.57	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u14	0.2% Theoretical Threat	Directly Exposed
CVE-2025-8058	LOW3.57	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u14	0.2% Theoretical Threat	Directly Exposed
CVE-2024-5535	LOW3.54	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	5.6% Low-Moderate Risk	Post-Exploit
CVE-2024-33602	LOW3.4	libc-bin 2.31-13+deb11u3 fixed in 2.31-13+deb11u10	0.4% Theoretical Threat	Directly Exposed
CVE-2024-33602	LOW3.4	libc6 2.31-13+deb11u3 fixed in 2.31-13+deb11u10	0.4% Theoretical Threat	Directly Exposed
CVE-2025-9820	LOW3.4	libgnutls30 3.7.1-5+deb11u1 fixed in 3.7.1-5+deb11u9	0.2% Theoretical Threat	Directly Exposed
CVE-2025-69418	LOW3.4	libssl1.1 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.1% Theoretical Threat	Directly Exposed
CVE-2025-49128	LOW3.4	com.fasterxml.jackson.core:jackson-core 2.12.7 fixed in 2.13.0	0.3% Theoretical Threat	Directly Exposed
CVE-2025-49128	LOW3.4	com.fasterxml.jackson.core:jackson-core 2.4.0 fixed in 2.13.0	0.3% Theoretical Threat	Directly Exposed
CVE-2025-49128	LOW3.4	com.fasterxml.jackson.core:jackson-core 2.9.4 fixed in 2.13.0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-epoll 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-epoll 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-epoll 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-kqueue 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45536	LOW3.4	io.netty:netty-transport-native-kqueue 4.1.89.Final fixed in 4.2.15.Final, 4.1.135.Final	0.2% Theoretical Threat	Directly Exposed
CVE-2025-9230	LOW3.36	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u4	1.8% Low-Moderate Risk	Post-Exploit
CVE-2024-4741	LOW3.36	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	2.9% Low-Moderate Risk	Post-Exploit
CVE-2016-2781	LOW3.31	coreutils 8.32-4+b1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-15649	LOW3.31	perl-base 5.32.1-4+deb11u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2024-0727	LOW3.3	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	3.2% Low-Moderate Risk	Post-Exploit
CVE-2022-48303	LOW3.3	tar 1.34+dfsg-1 fixed in 1.34+dfsg-1+deb11u1	4.5% Low-Moderate Risk	Post-Exploit
CVE-2026-5958	LOW3.21	sed 4.7-1 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2022-2097	LOW3.18	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u4	2.0% Low-Moderate Risk	Post-Exploit
CVE-2023-0465	LOW3.18	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u5	1.6% Low-Moderate Risk	Post-Exploit
CVE-2023-0466	LOW3.18	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u5	1.6% Low-Moderate Risk	Post-Exploit
CVE-2023-3446	LOW3.18	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1v-0~deb11u1	5.5% Low-Moderate Risk	Post-Exploit
CVE-2023-3817	LOW3.18	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1v-0~deb11u1	2.6% Low-Moderate Risk	Post-Exploit
CVE-2023-5678	LOW3.18	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	4.5% Low-Moderate Risk	Post-Exploit
CVE-2025-14104	LOW3.11	bsdutils 1:2.36.1-8+deb11u1 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	mount 2.36.1-8+deb11u1 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.36.1-8+deb11u1 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2022-4450	LOW3.1	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u4	20.4% High Exploitation Risk	Post-Exploit
CVE-2023-2650	LOW3.04	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1n-0+deb11u5	77.9% Actively Exploited	Post-Exploit
CVE-2025-69420	LOW3.01	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.8% Theoretical Threat	Post-Exploit
CVE-2026-22796	LOW3.01	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.5% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW3.01	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u8	0.3% Theoretical Threat	Post-Exploit
CVE-2025-40909	LOW3.01	perl-base 5.32.1-4+deb11u2 fixed in 5.32.1-4+deb11u5	0.4% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl-base 5.32.1-4+deb11u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-45447	LOW2.92	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u8	1.4% Low-Moderate Risk	Post-Exploit
CVE-2023-31484	LOW2.92	perl-base 5.32.1-4+deb11u2 fixed in 5.32.1-4+deb11u4	1.6% Low-Moderate Risk	Post-Exploit
CVE-2023-31486	LOW2.92	perl-base 5.32.1-4+deb11u2 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2024-2511	LOW2.89	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	54.0% Actively Exploited	Post-Exploit
CVE-2022-1304	LOW2.81	e2fsprogs 1.46.2-2 fixed in 1.46.2-2+deb11u1	1.3% Low-Moderate Risk	Post-Exploit
CVE-2022-1304	LOW2.81	logsave 1.46.2-2 fixed in 1.46.2-2+deb11u1	1.3% Low-Moderate Risk	Post-Exploit
CVE-2022-0563	LOW2.8	bsdutils 1:2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2023-4641	LOW2.8	login 1:4.8.1-1 fixed in 1:4.8.1-1+deb11u1	0.3% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	mount 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-22795	LOW2.8	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.1% Theoretical Threat	Post-Exploit
CVE-2026-7383	LOW2.8	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u8	0.3% Theoretical Threat	Post-Exploit
CVE-2023-4641	LOW2.8	passwd 1:4.8.1-1 fixed in 1:4.8.1-1+deb11u1	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 1.34+dfsg-1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2023-4016	LOW2.8	libprocps8 2:3.3.17-5 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2021-36084	LOW2.8	libsepol1 3.1-1 fixed in 3.1-1+deb11u1	0.5% Theoretical Threat	Directly Exposed
CVE-2021-36085	LOW2.8	libsepol1 3.1-1 fixed in 3.1-1+deb11u1	0.5% Theoretical Threat	Directly Exposed
CVE-2021-36086	LOW2.8	libsepol1 3.1-1 fixed in 3.1-1+deb11u1	0.6% Theoretical Threat	Directly Exposed
CVE-2021-36087	LOW2.8	libsepol1 3.1-1 fixed in 3.1-1+deb11u1	0.5% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libsystemd0 247.3-7 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd0 247.3-7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2013-4392	LOW2.8	libudev1 247.3-7 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libudev1 247.3-7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 16.0.1 fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 22.0 fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 27.0-jre fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 28.2-jre fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2020-8908	LOW2.8	com.google.guava:guava 30.1.1-jre fixed in 32.0.0-android	1.0% Theoretical Threat	Directly Exposed
CVE-2026-3184	LOW2.7	bsdutils 1:2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	mount 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-42766	LOW2.7	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u8	0.6% Theoretical Threat	Post-Exploit
CVE-2026-12087	LOW2.7	perl-base 5.32.1-4+deb11u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux 2.36.1-8+deb11u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-28085	LOW2.64	bsdutils 1:2.36.1-8+deb11u1 fixed in 2.36.1-8+deb11u2	2.2% Low-Moderate Risk	Post-Exploit
CVE-2024-28085	LOW2.64	mount 2.36.1-8+deb11u1 fixed in 2.36.1-8+deb11u2	2.2% Low-Moderate Risk	Post-Exploit
CVE-2024-28085	LOW2.64	util-linux 2.36.1-8+deb11u1 fixed in 2.36.1-8+deb11u2	2.2% Low-Moderate Risk	Post-Exploit
CVE-2026-34180	LOW2.55	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u8	0.5% Theoretical Threat	Post-Exploit
CVE-2026-48959	LOW2.55	perl-base 5.32.1-4+deb11u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-48961	LOW2.55	perl-base 5.32.1-4+deb11u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	login 1:4.8.1-1 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	passwd 1:4.8.1-1 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.36.1-8+deb11u1 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2017-18018	LOW2.4	coreutils 8.32-4+b1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gpgv 2.2.27-2+deb11u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpgv 2.2.27-2+deb11u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2013-4235	LOW2.4	login 1:4.8.1-1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.36.1-8+deb11u1 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2024-13176	LOW2.4	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u3	0.6% Theoretical Threat	Post-Exploit
CVE-2025-68160	LOW2.4	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.2% Theoretical Threat	Post-Exploit
CVE-2013-4235	LOW2.4	passwd 1:4.8.1-1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.36.1-8+deb11u1 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2022-2047	LOW2.29	org.eclipse.jetty:jetty-http 9.4.45.v20220203 fixed in 9.4.47, 10.0.10, 11.0.10	0.9% Theoretical Threat	Directly Exposed
CVE-2025-5278	LOW2.24	coreutils 8.32-4+b1 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW2.22	apt 2.2.4 No fix yet	1.2% Low-Moderate Risk	Post-Exploit
CVE-2024-9143	LOW2.22	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u2	6.0% Low-Moderate Risk	Post-Exploit
CVE-2025-69418	LOW2.04	openssl 1.1.1n-0+deb11u3 fixed in 1.1.1w-0+deb11u5	0.1% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	login 1:4.8.1-1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	passwd 1:4.8.1-1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpgv 2.2.27-2+deb11u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2023-29383	LOW1.68	login 1:4.8.1-1 fixed in 1:4.8.1-1+deb11u1	0.4% Theoretical Threat	Post-Exploit
CVE-2023-29383	LOW1.68	passwd 1:4.8.1-1 fixed in 1:4.8.1-1+deb11u1	0.4% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-base 5.32.1-4+deb11u2 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2023-4016	LOW1.68	procps 2:3.3.17-5 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2023-39804	LOW1.68	tar 1.34+dfsg-1 fixed in 1.34+dfsg-1+deb11u1	0.3% Theoretical Threat	Post-Exploit
CVE-2025-69720	NONE0	libncurses6 6.2+20201114-2+deb11u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libncursesw6 6.2+20201114-2+deb11u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-6020	NONE0	libpam-modules 1.4.0-9+deb11u1 fixed in 1.4.0-9+deb11u2	0.4% Theoretical Threat	Not Applicable
CVE-2025-6020	NONE0	libpam-modules-bin 1.4.0-9+deb11u1 fixed in 1.4.0-9+deb11u2	0.4% Theoretical Threat	Not Applicable
CVE-2025-6020	NONE0	libpam-runtime 1.4.0-9+deb11u1 fixed in 1.4.0-9+deb11u2	0.4% Theoretical Threat	Not Applicable
CVE-2025-6020	NONE0	libpam0g 1.4.0-9+deb11u1 fixed in 1.4.0-9+deb11u2	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libtinfo6 6.2+20201114-2+deb11u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2023-29491	NONE0	ncurses-base 6.2+20201114-2 fixed in 6.2+20201114-2+deb11u2	0.9% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-base 6.2+20201114-2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2023-29491	NONE0	ncurses-bin 6.2+20201114-2 fixed in 6.2+20201114-2+deb11u2	0.9% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-bin 6.2+20201114-2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2022-29458	NONE0	ncurses-base 6.2+20201114-2 fixed in 6.2+20201114-2+deb11u1	1.3% Low-Moderate Risk	Not Applicable
CVE-2022-29458	NONE0	ncurses-bin 6.2+20201114-2 fixed in 6.2+20201114-2+deb11u1	1.3% Low-Moderate Risk	Not Applicable
CVE-2023-50495	NONE0	libncurses6 6.2+20201114-2+deb11u2 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libncursesw6 6.2+20201114-2+deb11u2 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libtinfo6 6.2+20201114-2+deb11u2 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-base 6.2+20201114-2 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-bin 6.2+20201114-2 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2024-22365	NONE0	libpam-modules 1.4.0-9+deb11u1 fixed in 1.4.0-9+deb11u2	0.5% Theoretical Threat	Not Applicable
CVE-2024-22365	NONE0	libpam-modules-bin 1.4.0-9+deb11u1 fixed in 1.4.0-9+deb11u2	0.5% Theoretical Threat	Not Applicable
CVE-2024-22365	NONE0	libpam-runtime 1.4.0-9+deb11u1 fixed in 1.4.0-9+deb11u2	0.5% Theoretical Threat	Not Applicable
CVE-2024-22365	NONE0	libpam0g 1.4.0-9+deb11u1 fixed in 1.4.0-9+deb11u2	0.5% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-modules 1.4.0-9+deb11u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-modules-bin 1.4.0-9+deb11u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-runtime 1.4.0-9+deb11u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam0g 1.4.0-9+deb11u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-modules 1.4.0-9+deb11u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-modules-bin 1.4.0-9+deb11u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-runtime 1.4.0-9+deb11u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam0g 1.4.0-9+deb11u1 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2025-48924	NONE0	commons-lang:commons-lang 2.6 No fix yet	2.2% Low-Moderate Risk	Not Applicable
CVE-2025-6141	NONE0	libncurses6 6.2+20201114-2+deb11u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libncursesw6 6.2+20201114-2+deb11u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libtinfo6 6.2+20201114-2+deb11u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-base 6.2+20201114-2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-bin 6.2+20201114-2 No fix yet	0.2% Theoretical Threat	Not Applicable
TEMP-0841856-B18BAF	NONE0	bash 5.1-2+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	bsdutils 1:2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	bsdutils 1:2.36.1-8+deb11u1 No fix yet	—	Not Applicable
DLA-4485-1	NONE0	ca-certificates 20210119 fixed in 20230311+deb12u1~deb11u1	—	Not Applicable
CVE-2025-6297	NONE0	dpkg 1.20.11 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-53613	NONE0	libblkid1 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libblkid1 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libmount1 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libmount1 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	libsmartcols1 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libsmartcols1 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2025-27587	NONE0	libssl1.1 1.1.1n-0+deb11u3 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2026-53613	NONE0	libuuid1 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	libuuid1 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	login 1:4.8.1-1 No fix yet	—	Not Applicable
CVE-2026-53613	NONE0	mount 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	mount 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2025-27587	NONE0	openssl 1.1.1n-0+deb11u3 No fix yet	0.4% Theoretical Threat	Not Applicable
TEMP-0628843-DBAD28	NONE0	passwd 1:4.8.1-1 No fix yet	—	Not Applicable
CVE-2026-7010	NONE0	perl-base 5.32.1-4+deb11u2 No fix yet	0.2% Theoretical Threat	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysvinit-utils 2.96-7+deb11u1 No fix yet	—	Not Applicable
TEMP-0290435-0B57B5	NONE0	tar 1.34+dfsg-1 No fix yet	—	Not Applicable
DLA-3972-1	NONE0	tzdata 2021a-1+deb11u4 fixed in 2024b-0+deb11u1	—	Not Applicable
DLA-4085-1	NONE0	tzdata 2021a-1+deb11u4 fixed in 2025a-0+deb11u1	—	Not Applicable
DLA-4105-1	NONE0	tzdata 2021a-1+deb11u4 fixed in 2025b-0+deb11u1	—	Not Applicable
DLA-4403-1	NONE0	tzdata 2021a-1+deb11u4 fixed in 2025b-0+deb11u2	—	Not Applicable
DLA-4569-1	NONE0	tzdata 2021a-1+deb11u4 fixed in 2026b-0+deb11u1	—	Not Applicable
CVE-2026-53613	NONE0	util-linux 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
CVE-2026-53615	NONE0	util-linux 2.36.1-8+deb11u1 No fix yet	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.12.7 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.13.4 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.16.1 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.4.0 fixed in 2.21.1, 2.18.6	—	Not Applicable
GHSA-72hv-8253-57qq	NONE0	com.fasterxml.jackson.core:jackson-core 2.9.4 fixed in 2.21.1, 2.18.6	—	Not Applicable
CVE-2024-36114	NONE0	io.airlift:aircompressor 0.21 fixed in 0.27	0.5% Theoretical Threat	Not Applicable
CVE-2026-42583	NONE0	io.netty:netty-codec 4.1.77.Final fixed in 4.1.133.Final	0.4% Theoretical Threat	Not Applicable
CVE-2026-42583	NONE0	io.netty:netty-codec 4.1.86.Final fixed in 4.1.133.Final	0.4% Theoretical Threat	Not Applicable
CVE-2026-42583	NONE0	io.netty:netty-codec 4.1.89.Final fixed in 4.1.133.Final	0.4% Theoretical Threat	Not Applicable
GHSA-xpw8-rcwv-8f8p	NONE0	io.netty:netty-codec-http2 4.1.77.Final fixed in 4.1.100.Final	—	Not Applicable
GHSA-xpw8-rcwv-8f8p	NONE0	io.netty:netty-codec-http2 4.1.89.Final fixed in 4.1.100.Final	—	Not Applicable
CVE-2026-45205	NONE0	org.apache.commons:commons-configuration2 2.8.0 fixed in 2.15.0	0.5% Theoretical Threat	Not Applicable
CVE-2025-30474	NONE0	org.apache.commons:commons-vfs2 2.3 fixed in 2.10.0	0.7% Theoretical Threat	Not Applicable
CVE-2024-23454	NONE0	org.apache.hadoop:hadoop-common 3.3.6 fixed in 3.4.0	0.4% Theoretical Threat	Not Applicable
CVE-2025-27821	NONE0	org.apache.hadoop:hadoop-hdfs-native-client 3.3.6 fixed in 3.4.2	0.8% Theoretical Threat	Not Applicable
CVE-2024-29869	NONE0	org.apache.hive:hive-exec 4.0.0 fixed in 4.0.1	0.3% Theoretical Threat	Not Applicable
CVE-2026-33558	NONE0	org.apache.kafka:kafka-clients 2.5.0 fixed in 3.9.2, 4.0.1	0.5% Theoretical Threat	Not Applicable
CVE-2026-33558	NONE0	org.apache.kafka:kafka-clients 2.8.2 fixed in 3.9.2, 4.0.1	0.5% Theoretical Threat	Not Applicable
CVE-2026-45300	NONE0	org.asynchttpclient:async-http-client 2.12.3 fixed in 3.0.10, 2.15.0	0.3% Theoretical Threat	Not Applicable
CVE-2026-45300	NONE0	org.asynchttpclient:async-http-client 2.5.3 fixed in 3.0.10, 2.15.0	0.3% Theoretical Threat	Not Applicable
GHSA-58qw-p7qm-5rvh	NONE0	org.eclipse.jetty:jetty-xml 9.4.45.v20220203 fixed in 10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823	—	Not Applicable
GHSA-58qw-p7qm-5rvh	NONE0	org.eclipse.jetty:jetty-xml 9.4.51.v20230217 fixed in 10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823	—	Not Applicable
CVE-2025-22233	NONE0	org.springframework:spring-context 5.3.21 fixed in 6.2.7, 6.1.20	0.3% Theoretical Threat	Not Applicable