This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could exploit vulnerabilities in OpenSSL (CVE-2026-28387) or libexpat (CVE-2026-25210) to achieve remote code execution or denial of service, though many require specific conditions like non-default DANE TLSA configurations or local access. Disabling the untgz utility removes CVE-2026-22184, and restricting DTLS exposure mitigates CVE-2026-33846. Note that CVE-2026-28387 only applies to clients using DANE TLSA with both PKIX and DANE-TA usages, which is uncommon.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-28387 | MEDIUM6.88 | libssl3 3.5.2-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-25210 | MEDIUM6.63 | libexpat 2.7.1-r0 fixed in 2.7.4-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22801 | MEDIUM6.63 | libpng 1.6.47-r0 fixed in 1.6.54-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-40200 | MEDIUM6.63 | musl 1.2.5-r10 fixed in 1.2.5-r12 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-22184 | MEDIUM6.63 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-33636 | MEDIUM6.46 | libpng 1.6.47-r0 fixed in 1.6.56-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33846 | MEDIUM6.38 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-42009 | MEDIUM6.38 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-69421 | MEDIUM6.38 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28388 | MEDIUM6.38 | libcrypto3 3.5.2-r0 fixed in 3.5.6-r0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-28389 | MEDIUM6.38 | libcrypto3 3.5.2-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | libcrypto3 3.5.2-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34183 | MEDIUM6.38 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-69421 | MEDIUM6.38 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28388 | MEDIUM6.38 | libssl3 3.5.2-r0 fixed in 3.5.6-r0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-28389 | MEDIUM6.38 | libssl3 3.5.2-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | libssl3 3.5.2-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34183 | MEDIUM6.38 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34479 | MEDIUM6.38 | org.apache.logging.log4j:log4j-1.2-api 2.24.3 fixed in 2.25.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34478 | MEDIUM6.38 | org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.4 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34480 | MEDIUM6.38 | org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.4 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2024-29371 | MEDIUM6.38 | org.bitbucket.b_c:jose4j 0.9.4 fixed in 0.9.6 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-1605 | MEDIUM6.38 | org.eclipse.jetty:jetty-server 12.0.15 fixed in 12.1.6, 12.0.32 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-66566 | MEDIUM6.38 | org.lz4:lz4-java 1.8.0 No fix yet | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-3833 | MEDIUM6.29 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42011 | MEDIUM6.29 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-12383 | MEDIUM6.29 | org.glassfish.jersey.core:jersey-client 3.1.9 fixed in 2.46, 3.0.17, 3.1.10 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42012 | MEDIUM6.03 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-64720 | MEDIUM6.03 | libpng 1.6.47-r0 fixed in 1.6.51-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-65018 | MEDIUM6.03 | libpng 1.6.47-r0 fixed in 1.6.51-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-66293 | MEDIUM6.03 | libpng 1.6.47-r0 fixed in 1.6.53-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-22695 | MEDIUM6.03 | libpng 1.6.47-r0 fixed in 1.6.54-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-9231 | MEDIUM5.9 | libcrypto3 3.5.2-r0 fixed in 3.5.4-r0 | 2.3% Low-Moderate Risk | Directly Exposed |
| CVE-2025-9231 | MEDIUM5.9 | libssl3 3.5.2-r0 fixed in 3.5.4-r0 | 2.3% Low-Moderate Risk | Directly Exposed |
| CVE-2025-13151 | MEDIUM5.9 | libtasn1 4.20.0-r0 fixed in 4.21.0-r0 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-35554 | MEDIUM5.78 | org.apache.kafka:kafka-clients 4.0.1 fixed in 3.9.2, 4.0.2, 4.1.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42014 | MEDIUM5.61 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-9230 | MEDIUM5.6 | libcrypto3 3.5.2-r0 fixed in 3.5.4-r0 | 1.8% Low-Moderate Risk | Directly Exposed |
| CVE-2025-9230 | MEDIUM5.6 | libssl3 3.5.2-r0 fixed in 3.5.4-r0 | 1.8% Low-Moderate Risk | Directly Exposed |
| CVE-2025-6395 | MEDIUM5.52 | gnutls 3.8.8-r0 fixed in 3.8.12-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | libcrypto3 3.5.2-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | libssl3 3.5.2-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-11143 | MEDIUM5.52 | org.eclipse.jetty:jetty-http 12.0.15 fixed in 12.0.31, 12.1.5 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-12183 | MEDIUM5.52 | org.lz4:lz4-java 1.8.0 fixed in 1.8.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-12243 | MEDIUM5.3 | gnutls 3.8.8-r0 fixed in 3.8.12-r0 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-32989 | MEDIUM5.3 | gnutls 3.8.8-r0 fixed in 3.8.12-r0 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-59375 | MEDIUM5.3 | libexpat 2.7.1-r0 fixed in 2.7.2-r0 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-11187 | MEDIUM5.18 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-64506 | MEDIUM5.18 | libpng 1.6.47-r0 fixed in 1.6.51-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-11187 | MEDIUM5.18 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libcrypto3 3.5.2-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libssl3 3.5.2-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34477 | MEDIUM5.02 | org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-15469 | MEDIUM4.67 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-32776 | MEDIUM4.67 | libexpat 2.7.1-r0 fixed in 2.7.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-32777 | MEDIUM4.67 | libexpat 2.7.1-r0 fixed in 2.7.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-32778 | MEDIUM4.67 | libexpat 2.7.1-r0 fixed in 2.7.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-15469 | MEDIUM4.67 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-6042 | MEDIUM4.67 | musl 1.2.5-r10 fixed in 1.2.5-r11 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27171 | MEDIUM4.67 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-14831 | MEDIUM4.5 | gnutls 3.8.8-r0 fixed in 3.8.12-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42015 | MEDIUM4.5 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-68161 | MEDIUM4.08 | org.apache.logging.log4j:log4j-core 2.24.3 fixed in 2.25.3 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15467 | MEDIUM4.06 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 48.7% High Exploitation Risk | Post-Exploit |
| CVE-2025-15467 | MEDIUM4.06 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 48.7% High Exploitation Risk | Post-Exploit |
| CVE-2025-15467 | MEDIUM4.06 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 48.7% High Exploitation Risk | Post-Exploit |
| CVE-2025-68160 | MEDIUM4 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-68160 | MEDIUM4 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40200 | LOW3.98 | musl-utils 1.2.5-r10 fixed in 1.2.5-r12 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-69419 | LOW3.77 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-34182 | LOW3.77 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-64505 | LOW3.74 | libpng 1.6.47-r0 fixed in 1.6.51-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-34757 | LOW3.74 | libpng 1.6.47-r0 fixed in 1.6.57-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-68973 | LOW3.57 | gnupg 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gnupg-dirmngr 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gnupg-gpgconf 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gnupg-keyboxd 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gnupg-utils 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gnupg-wks-client 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gpg 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gpg-agent 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gpg-wks-server 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gpgsm 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68973 | LOW3.57 | gpgv 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-9231 | LOW3.54 | openssl 3.5.2-r0 fixed in 3.5.4-r0 | 2.3% Low-Moderate Risk | Post-Exploit |
| CVE-2025-9820 | LOW3.4 | gnutls 3.8.8-r0 fixed in 3.8.12-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW3.4 | libcrypto3 3.5.2-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW3.4 | libssl3 3.5.2-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-9230 | LOW3.36 | openssl 3.5.2-r0 fixed in 3.5.4-r0 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2026-2673 | LOW3.31 | openssl 3.5.2-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-34181 | LOW3.21 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-42768 | LOW3.21 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-3832 | LOW3.15 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-5419 | LOW3.15 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-11187 | LOW3.11 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-9232 | LOW3.1 | libcrypto3 3.5.2-r0 fixed in 3.5.4-r0 | 2.0% Low-Moderate Risk | Directly Exposed |
| CVE-2025-9232 | LOW3.1 | libssl3 3.5.2-r0 fixed in 3.5.4-r0 | 2.0% Low-Moderate Risk | Directly Exposed |
| CVE-2026-31790 | LOW3.01 | openssl 3.5.2-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Post-Exploit |
| CVE-2026-42764 | LOW3.01 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2025-15468 | LOW3.01 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2025-66199 | LOW3.01 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-69420 | LOW3.01 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-22796 | LOW3.01 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-42769 | LOW3.01 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42770 | LOW3.01 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-9076 | LOW3.01 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42010 | LOW3 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | libcrypto3 3.5.2-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | libssl3 3.5.2-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | openssl 3.5.2-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-32988 | LOW2.95 | gnutls 3.8.8-r0 fixed in 3.8.12-r0 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2026-6042 | LOW2.8 | musl-utils 1.2.5-r10 fixed in 1.2.5-r11 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-15469 | LOW2.8 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-22795 | LOW2.8 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-7383 | LOW2.8 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-33845 | LOW2.78 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libcrypto3 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libssl3 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-2332 | LOW2.78 | org.eclipse.jetty:jetty-http 12.0.15 fixed in 12.1.7, 12.0.33 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-1584 | LOW2.7 | gnutls 3.8.8-r0 fixed in 3.8.12-r0 | 1.3% Low-Moderate Risk | Post-Exploit |
| CVE-2026-33416 | LOW2.7 | libpng 1.6.47-r0 fixed in 1.6.56-r0 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-42766 | LOW2.7 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-42767 | LOW2.7 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-67030 | LOW2.69 | org.codehaus.plexus:plexus-utils 3.5.1 fixed in 4.0.3, 3.6.1 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-34180 | LOW2.55 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-32990 | LOW2.51 | gnutls 3.8.8-r0 fixed in 3.8.12-r0 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-42013 | LOW2.51 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-5260 | LOW2.51 | gnutls 3.8.8-r0 fixed in 3.8.13-r0 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | libcrypto3 3.5.2-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-25646 | LOW2.48 | libpng 1.6.47-r0 fixed in 1.6.55-r0 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | openssl 3.5.2-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gnupg 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gnupg-dirmngr 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gnupg-gpgconf 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gnupg-keyboxd 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gnupg-utils 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gnupg-wks-client 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gpg 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gpg-agent 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gpg-wks-server 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gpgsm 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68972 | LOW2.4 | gpgv 2.4.7-r0 fixed in 2.4.9-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68160 | LOW2.4 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-69421 | LOW2.29 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28388 | LOW2.29 | openssl 3.5.2-r0 fixed in 3.5.6-r0 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW2.29 | openssl 3.5.2-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28390 | LOW2.29 | openssl 3.5.2-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-34183 | LOW2.29 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-24515 | LOW2.12 | libexpat 2.7.1-r0 fixed in 2.7.4-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW2.04 | openssl 3.5.2-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-45446 | LOW1.89 | openssl 3.5.2-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-9232 | LOW1.86 | openssl 3.5.2-r0 fixed in 3.5.4-r0 | 2.0% Low-Moderate Risk | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | busybox 1.37.0-r19 fixed in 1.37.0-r20 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | busybox-binsh 1.37.0-r19 fixed in 1.37.0-r20 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | ssl_client 1.37.0-r19 fixed in 1.37.0-r20 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2024-58251 | NONE0 | busybox 1.37.0-r19 fixed in 1.37.0-r20 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2024-58251 | NONE0 | busybox-binsh 1.37.0-r19 fixed in 1.37.0-r20 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2024-58251 | NONE0 | ssl_client 1.37.0-r19 fixed in 1.37.0-r20 | 0.2% Theoretical Threat | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.16.2 fixed in 2.21.1, 2.18.6 | — | Not Applicable |