Vulnerability Reportapache/rocketmq:5.3.0

apache/rocketmq:5.3.0
DIGESTsha256:434d8398f99628790f0253fafb40c245c2b5bea7d38dae0c83c66155b1c670f1

Executive Summary

Threat Score
100/100DANGEROUS
Reputation
RELIABLE

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could cause denial of service via HTTP/2 rapid stream reset (CVE-2023-44487) or memory leak (CVE-2025-31650), and potentially achieve remote code execution via Commons BeanUtils (CVE-2025-48734). Disabling HTTP/2 support would fully mitigate the most severe DoS vulnerabilities. Upgrading the Tomcat and Commons BeanUtils packages to patched versions is strongly advised.

Vulnerabilities

Vulnerability Log

346 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2023-44487CRITICAL9.75
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.0-M12, 10.1.14, 9.0.81, 8.5.94
100.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2025-31650CRITICAL9.75
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.104, 10.1.40, 11.0.6
66.4%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2025-48734HIGH8.8
commons-beanutils:commons-beanutils
1.9.4
fixed in 1.11.0
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2019-17563HIGH8.62
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 7.0.99, 8.5.50, 9.0.30
10.7%
High Exploitation Risk
Directly Exposed
CVE-2020-11996HIGH8.62
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 10.0.0-M5, 9.0.35, 8.5.55
26.7%
High Exploitation Risk
Directly Exposed
CVE-2021-25122HIGH8.62
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 10.0.2, 9.0.43, 8.5.63
18.1%
High Exploitation Risk
Directly Exposed
CVE-2024-24549HIGH8.62
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 8.5.99, 9.0.86, 10.1.19, 11.0.0-M17
23.1%
High Exploitation Risk
Directly Exposed
CVE-2026-42010HIGH8.33
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-31789HIGH8.33
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-46983HIGH8.33
com.alipay.sofa:hessian
3.3.6
fixed in 3.5.5
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-32988HIGH8.2
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.4
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-5318HIGH8.1
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.1
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2025-5987HIGH8.1
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.1
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2026-45447HIGH8.1
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-1938HIGH8
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.31, 8.5.51, 7.0.100
99.3%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2025-24813HIGH8
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.3, 10.1.35, 9.0.99
99.9%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2025-31651HIGH7.84
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.104, 10.1.40, 11.0.6
4.2%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2024-6119HIGH7.8
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.4
66.6%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2025-55752HIGH7.8
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.11, 10.1.45, 9.0.109
74.0%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2026-33845HIGH7.73
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45445HIGH7.73
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-66614HIGH7.73
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.15, 10.1.50, 9.0.113
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-45490HIGH7.5
libexpat1
2.6.1-2build1
fixed in 2.6.1-2ubuntu0.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-8176HIGH7.5
libexpat1
2.6.1-2build1
fixed in 2.6.1-2ubuntu0.3
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2026-33416HIGH7.5
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.6
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
3.20.1
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-3171HIGH7.5
com.google.protobuf:protobuf-java
3.20.1
fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-3635HIGH7.5
com.squareup.okio:okio
3.2.0
fixed in 3.4.0, 1.17.6
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-41881HIGH7.5
io.netty:netty-codec-haproxy
4.1.79.Final
fixed in 4.1.86.Final
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-42252HIGH7.5
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 8.5.83, 9.0.68, 10.0.27, 10.1.1
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-46589HIGH7.5
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.0-M11, 10.1.16, 9.0.83, 8.5.96
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-34750HIGH7.5
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.0-M21, 10.1.25, 9.0.90
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2025-5372HIGH7.48
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-50379HIGH7.45
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.2, 10.1.34, 9.0.98
41.8%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2024-37371HIGH7.28
libgssapi-krb5-2
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.1
1.9%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2024-37371HIGH7.28
libk5crypto3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.1
1.9%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2024-37371HIGH7.28
libkrb5-3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.1
1.9%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2024-37371HIGH7.28
libkrb5support0
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.1
1.9%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-9484HIGH7.28
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 10.0.0-M5, 9.0.35, 8.5.55, 7.0.104
56.6%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2019-12418HIGH7
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 7.0.99, 8.5.49, 9.0.29
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-25329HIGH7
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 10.0.2, 9.0.41, 8.5.61, 7.0.108
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2025-32990MEDIUM6.97
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-42013MEDIUM6.97
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-5260MEDIUM6.97
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-0966MEDIUM6.97
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-48988MEDIUM6.89
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.8, 10.1.42, 9.0.106
53.2%
Actively Exploited
Directly Exposed
CVE-2026-0861MEDIUM6.88
libc-bin
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0861MEDIUM6.88
libc6
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-25646MEDIUM6.88
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.5
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28387MEDIUM6.88
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2021-24122MEDIUM6.79
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 10.0.0-M10, 9.0.40, 8.5.60, 7.0.107
22.9%
High Exploitation Risk
Directly Exposed
CVE-2026-25210MEDIUM6.63
libexpat1
2.6.1-2build1
fixed in 2.6.1-2ubuntu0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-6020MEDIUM6.63
libpam-modules
1.5.3-5ubuntu5.1
fixed in 1.5.3-5ubuntu5.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-6020MEDIUM6.63
libpam-modules-bin
1.5.3-5ubuntu5.1
fixed in 1.5.3-5ubuntu5.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-6020MEDIUM6.63
libpam-runtime
1.5.3-5ubuntu5.1
fixed in 1.5.3-5ubuntu5.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-6020MEDIUM6.63
libpam0g
1.5.3-5ubuntu5.1
fixed in 1.5.3-5ubuntu5.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-22801MEDIUM6.63
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.3
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-29111MEDIUM6.63
libsystemd0
255.4-1ubuntu8.1
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-29111MEDIUM6.63
libudev1
255.4-1ubuntu8.1
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-46701MEDIUM6.5
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.105, 10.1.41, 11.0.7
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2024-29857MEDIUM6.5
org.bouncycastle:bcprov-jdk15on
1.69
fixed in 1.78
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-33636MEDIUM6.46
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.6
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-41989MEDIUM6.38
libgcrypt20
1.10.3-2build1
fixed in 1.10.3-2ubuntu0.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-33846MEDIUM6.38
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-42009MEDIUM6.38
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libgssapi-krb5-2
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libk5crypto3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libkrb5-3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libkrb5support0
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-31115MEDIUM6.38
liblzma5
5.6.1+really5.4.5-1
fixed in 5.6.1+really5.4.5-1ubuntu0.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-27135MEDIUM6.38
libnghttp2-14
1.59.0-1ubuntu0.1
fixed in 1.59.0-1ubuntu0.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-3731MEDIUM6.38
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-69421MEDIUM6.38
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-6378MEDIUM6.38
ch.qos.logback:logback-classic
1.3.5
fixed in 1.3.12, 1.4.12, 1.2.13
0.9%
Theoretical Threat
Directly Exposed
CVE-2023-6378MEDIUM6.38
ch.qos.logback:logback-core
1.3.5
fixed in 1.3.12, 1.4.12, 1.2.13
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-3509MEDIUM6.38
com.google.protobuf:protobuf-java
3.20.1
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-3510MEDIUM6.38
com.google.protobuf:protobuf-java
3.20.1
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-55163MEDIUM6.38
io.grpc:grpc-netty-shaded
1.53.0
fixed in 1.75.0
0.9%
Theoretical Threat
Directly Exposed
CVE-2023-32731MEDIUM6.38
io.grpc:grpc-protobuf
1.53.0
fixed in 1.53.1, 1.54.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-44893MEDIUM6.38
io.netty:netty-codec-haproxy
4.1.79.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-48059MEDIUM6.38
io.netty:netty-codec-haproxy
4.1.79.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45292MEDIUM6.38
io.opentelemetry:opentelemetry-api
1.29.0
fixed in 1.62.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5588MEDIUM6.38
org.bouncycastle:bcpkix-jdk15on
1.69
fixed in 1.84
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-66566MEDIUM6.38
org.lz4:lz4-java
1.8.0
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-3833MEDIUM6.29
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42011MEDIUM6.29
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-10963MEDIUM6.29
libpam-modules
1.5.3-5ubuntu5.1
fixed in 1.5.3-5ubuntu5.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-10963MEDIUM6.29
libpam-modules-bin
1.5.3-5ubuntu5.1
fixed in 1.5.3-5ubuntu5.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-10963MEDIUM6.29
libpam-runtime
1.5.3-5ubuntu5.1
fixed in 1.5.3-5ubuntu5.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-10963MEDIUM6.29
libpam0g
1.5.3-5ubuntu5.1
fixed in 1.5.3-5ubuntu5.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-43869MEDIUM6.21
org.apache.thrift:libthrift
0.14.1
fixed in 0.23.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41293MEDIUM6.21
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.118, 10.1.55, 11.0.22
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-41080MEDIUM6.1
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 8.5.93, 9.0.80, 10.1.13, 11.0.0-M11
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-21733MEDIUM6.09
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 8.5.64
14.3%
High Exploitation Risk
Directly Exposed
CVE-2026-42012MEDIUM6.03
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-64720MEDIUM6.03
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-65018MEDIUM6.03
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-66293MEDIUM6.03
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-22695MEDIUM6.03
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4878MEDIUM5.95
libcap2
1:2.66-5ubuntu2
fixed in 1:2.66-5ubuntu2.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-50602MEDIUM5.9
libexpat1
2.6.1-2build1
fixed in 2.6.1-2ubuntu0.2
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-2236MEDIUM5.9
libgcrypt20
1.10.3-2build1
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libgssapi-krb5-2
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libk5crypto3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libkrb5-3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libkrb5support0
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-5535MEDIUM5.9
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.2
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2025-13151MEDIUM5.9
libtasn1-6
4.19.0-3build1
fixed in 4.19.0-3ubuntu0.24.04.2
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-45491MEDIUM5.88
libexpat1
2.6.1-2build1
fixed in 2.6.1-2ubuntu0.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-45492MEDIUM5.88
libexpat1
2.6.1-2build1
fixed in 2.6.1-2ubuntu0.1
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2026-42014MEDIUM5.61
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9230MEDIUM5.6
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.6
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2024-4741MEDIUM5.6
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.2
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2026-4437MEDIUM5.52
libc-bin
2.39-0ubuntu8.2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
libc-bin
2.39-0ubuntu8.2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
libc6
2.39-0ubuntu8.2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
libc6
2.39-0ubuntu8.2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-6395MEDIUM5.52
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libgssapi-krb5-2
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libk5crypto3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libkrb5-3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libkrb5support0
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-5351MEDIUM5.52
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-43512MEDIUM5.52
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.118, 10.1.55, 11.0.22
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42498MEDIUM5.52
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.118, 10.1.55, 11.0.22
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-12183MEDIUM5.52
org.lz4:lz4-java
1.8.0
fixed in 1.8.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-40225MEDIUM5.44
libsystemd0
255.4-1ubuntu8.1
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40226MEDIUM5.44
libsystemd0
255.4-1ubuntu8.1
fixed in 255.4-1ubuntu8.16
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40225MEDIUM5.44
libudev1
255.4-1ubuntu8.1
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40226MEDIUM5.44
libudev1
255.4-1ubuntu8.1
fixed in 255.4-1ubuntu8.16
<0.1%
Theoretical Threat
Directly Exposed
CVE-2025-11226MEDIUM5.44
ch.qos.logback:logback-core
1.3.5
fixed in 1.5.19, 1.3.16
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-0964MEDIUM5.35
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-12243MEDIUM5.3
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-32989MEDIUM5.3
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.4
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-4603MEDIUM5.3
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.2
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-12133MEDIUM5.3
libtasn1-6
4.19.0-3build1
fixed in 4.19.0-3ubuntu0.24.04.1
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-53506MEDIUM5.3
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.107, 10.1.43, 11.0.9
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2023-42795MEDIUM5.3
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 10.1.14, 9.0.81, 8.5.94, 11.0.0-M12
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-45648MEDIUM5.3
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.0-M12, 10.1.14, 9.0.81, 8.5.94
5.8%
Low-Moderate Risk
Directly Exposed
CVE-2025-61795MEDIUM5.3
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.12, 10.1.47, 9.0.110
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-28162MEDIUM5.27
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.4
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-1390MEDIUM5.18
libcap2
1:2.66-5ubuntu2
fixed in 1:2.66-5ubuntu2.2
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-64506MEDIUM5.18
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.1
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-15281MEDIUM5.02
libc-bin
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
libc-bin
2.39-0ubuntu8.2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15281MEDIUM5.02
libc6
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
libc6
2.39-0ubuntu8.2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libgssapi-krb5-2
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libgssapi-krb5-2
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libk5crypto3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libk5crypto3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libkrb5-3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libkrb5-3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libkrb5support0
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libkrb5support0
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-30171MEDIUM5.02
org.bouncycastle:bcprov-jdk15on
1.69
fixed in 1.78
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-2511MEDIUM4.81
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.2
54.0%
Actively Exploited
Directly Exposed
CVE-2020-1935MEDIUM4.8
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 7.0.100, 8.5.51, 9.0.31
9.4%
Low-Moderate Risk
Directly Exposed
CVE-2025-5702MEDIUM4.76
libc-bin
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-5702MEDIUM4.76
libc6
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-0395MEDIUM4.67
libc-bin
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.4
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-0395MEDIUM4.67
libc6
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.4
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-66382MEDIUM4.67
libexpat1
2.6.1-2build1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-26462MEDIUM4.67
libgssapi-krb5-2
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-26462MEDIUM4.67
libk5crypto3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-26462MEDIUM4.67
libkrb5-3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-26462MEDIUM4.67
libkrb5support0
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0967MEDIUM4.67
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-12798MEDIUM4.67
ch.qos.logback:logback-core
1.3.5
fixed in 1.5.13, 1.3.15
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-33202MEDIUM4.67
org.bouncycastle:bcprov-jdk15on
1.69
fixed in 1.70
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-43515MEDIUM4.59
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.118, 10.1.55, 11.0.22
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0915MEDIUM4.5
libc-bin
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc-bin
2.39-0ubuntu8.2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0915MEDIUM4.5
libc6
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc6
2.39-0ubuntu8.2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-23865MEDIUM4.5
libfreetype6
2.13.2+dfsg-1build3
fixed in 2.13.2+dfsg-1ubuntu0.1
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-14831MEDIUM4.5
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.5
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42015MEDIUM4.5
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
liblzma5
5.6.1+really5.4.5-1
fixed in 5.6.1+really5.4.5-1ubuntu0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-32732MEDIUM4.5
io.grpc:grpc-protobuf
1.53.0
fixed in 1.53.1, 1.54.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-8916MEDIUM4.5
org.bouncycastle:bcpkix-jdk15on
1.69
fixed in 1.79
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-33201MEDIUM4.5
org.bouncycastle:bcprov-jdk15on
1.69
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-34447MEDIUM4.5
org.bouncycastle:bcprov-jdk15on
1.69
fixed in 1.78
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-47554MEDIUM4.3
commons-io:commons-io
2.7
fixed in 2.14.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-28164MEDIUM4.25
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.4
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-1225MEDIUM4.25
ch.qos.logback:logback-core
1.3.5
fixed in 1.5.25
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
48.7%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
48.7%
High Exploitation Risk
Post-Exploit
CVE-2026-27456MEDIUM4
libblkid1
2.39.3-9ubuntu6
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.39.3-9ubuntu6
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.39.3-9ubuntu6
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-8114MEDIUM4
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-13176MEDIUM4
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.5
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-4598MEDIUM4
libsystemd0
255.4-1ubuntu8.1
fixed in 255.4-1ubuntu8.8
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-4598MEDIUM4
libudev1
255.4-1ubuntu8.1
fixed in 255.4-1ubuntu8.8
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.39.3-9ubuntu6
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2024-9681LOW3.9
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.5
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2024-9681LOW3.9
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.5
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-5773LOW3.82
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6276LOW3.82
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-5773LOW3.82
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6276LOW3.82
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW3.82
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW3.82
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW3.82
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW3.82
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-4877LOW3.82
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34182LOW3.77
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69419LOW3.77
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-64505LOW3.74
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34757LOW3.74
libpng16-16t64
1.6.43-5build1
fixed in 1.6.43-5ubuntu0.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-3596LOW3.73
libgssapi-krb5-2
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.3
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-3596LOW3.73
libk5crypto3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.3
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-3596LOW3.73
libkrb5-3
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.3
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-3596LOW3.73
libkrb5support0
1.20.1-6ubuntu2
fixed in 1.20.1-6ubuntu2.3
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-56406LOW3.72
perl-base
5.38.2-3.2build2
fixed in 5.38.2-3.2ubuntu0.1
0.5%
Theoretical Threat
Post-Exploit
CVE-2024-9143LOW3.7
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.5
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.12.0
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-52520LOW3.7
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.9, 10.1.43, 9.0.107
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-49125LOW3.7
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.8, 10.1.42, 9.0.106
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-31879LOW3.66
wget
1.21.4-1ubuntu4.1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-24880LOW3.65
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.116, 10.1.52, 11.0.20
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-25854LOW3.65
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.116, 10.1.53, 11.0.20
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-68973LOW3.57
gpgv
2.4.4-2ubuntu17
fixed in 2.4.4-2ubuntu17.4
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-8058LOW3.57
libc-bin
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-8058LOW3.57
libc6
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-11053LOW3.54
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.6
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-11053LOW3.54
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.6
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-5535LOW3.54
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.2
5.6%
Low-Moderate Risk
Post-Exploit
CVE-2024-6119LOW3.51
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.4
66.6%
Actively Exploited
Post-Exploit
CVE-2026-1965LOW3.47
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-14819LOW3.47
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-1965LOW3.47
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-14819LOW3.47
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-4438LOW3.4
libc-bin
2.39-0ubuntu8.2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.39-0ubuntu8.2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9820LOW3.4
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-9230LOW3.36
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.6
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2024-4741LOW3.36
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.2
2.9%
Low-Moderate Risk
Post-Exploit
CVE-2024-8096LOW3.31
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.4
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-5545LOW3.31
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6429LOW3.31
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-14524LOW3.31
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-3784LOW3.31
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2024-8096LOW3.31
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.4
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-5545LOW3.31
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6429LOW3.31
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-14524LOW3.31
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-3784LOW3.31
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-5958LOW3.21
sed
4.9-2build1
fixed in 4.9-2ubuntu0.24.04.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-4603LOW3.18
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.2
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-3832LOW3.15
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5419LOW3.15
libgnutls30t64
3.8.3-1.1ubuntu3.1
fixed in 3.8.3-1.1ubuntu3.6
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libssl3t64
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-24733LOW3.15
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 11.0.15, 10.1.50, 9.0.113
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-43514LOW3.15
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.118, 10.1.55, 11.0.22
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-4878LOW3.06
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-31790LOW3.01
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
1.0%
Theoretical Threat
Post-Exploit
CVE-2025-69420LOW3.01
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-22796LOW3.01
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-42770LOW3.01
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-9076LOW3.01
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-40909LOW3.01
perl-base
5.38.2-3.2build2
fixed in 5.38.2-3.2ubuntu0.2
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-45447LOW2.92
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-3783LOW2.91
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-3783LOW2.91
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2024-2511LOW2.89
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.2
54.0%
Actively Exploited
Post-Exploit
CVE-2025-45582LOW2.86
tar
1.35+dfsg-3build1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-22795LOW2.8
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-7383LOW2.8
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-0965LOW2.8
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libsystemd0
255.4-1ubuntu8.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libudev1
255.4-1ubuntu8.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-12801LOW2.8
ch.qos.logback:logback-core
1.3.5
fixed in 1.5.13, 1.3.15
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45445LOW2.78
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6253LOW2.7
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-7168LOW2.7
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-4873LOW2.7
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6253LOW2.7
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-7168LOW2.7
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-4873LOW2.7
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.9
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42766LOW2.7
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-42767LOW2.7
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2024-7264LOW2.69
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.2
16.2%
High Exploitation Risk
Post-Exploit
CVE-2024-7264LOW2.69
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.2
16.2%
High Exploitation Risk
Post-Exploit
CVE-2026-0968LOW2.63
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-8277LOW2.63
libssh-4
0.10.6-2build2
fixed in 0.10.6-2ubuntu0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34180LOW2.55
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-15079LOW2.48
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-15079LOW2.48
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.9
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-14017LOW2.45
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-10148LOW2.45
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-14017LOW2.45
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-10148LOW2.45
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.39.3-9ubuntu6
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-15224LOW2.4
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-30258LOW2.4
gpgv
2.4.4-2ubuntu17
fixed in 2.4.4-2ubuntu17.2
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-15224LOW2.4
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.7
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.39.3-9ubuntu6
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-13176LOW2.4
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.5
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-68160LOW2.4
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.39.3-9ubuntu6
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-9143LOW2.22
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.5
6.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-24515LOW2.12
libexpat1
2.6.1-2build1
fixed in 2.6.1-2ubuntu0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW2.04
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.7
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-45446LOW1.89
openssl
3.0.13-0ubuntu3.1
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
login
1:4.13+dfsg1-4ubuntu3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.13+dfsg1-4ubuntu3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-0861NONE0
locales
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.7
0.4%
Theoretical Threat
Not Applicable
CVE-2026-4437NONE0
locales
2.39-0ubuntu8.2
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-6238NONE0
locales
2.39-0ubuntu8.2
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2025-15281NONE0
locales
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.7
0.3%
Theoretical Threat
Not Applicable
CVE-2026-5435NONE0
locales
2.39-0ubuntu8.2
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2025-5702NONE0
locales
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.5
0.2%
Theoretical Threat
Not Applicable
CVE-2025-0395NONE0
locales
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.4
0.3%
Theoretical Threat
Not Applicable
CVE-2026-0915NONE0
locales
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.7
0.6%
Theoretical Threat
Not Applicable
CVE-2026-4046NONE0
locales
2.39-0ubuntu8.2
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2025-8058NONE0
locales
2.39-0ubuntu8.2
fixed in 2.39-0ubuntu8.6
0.2%
Theoretical Threat
Not Applicable
CVE-2026-4438NONE0
locales
2.39-0ubuntu8.2
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2025-48924NONE0
commons-lang:commons-lang
2.6
No fix yet
2.2%
Low-Moderate Risk
Not Applicable
CVE-2025-0167NONE0
curl
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.8
0.6%
Theoretical Threat
Not Applicable
CVE-2026-2219NONE0
dpkg
1.22.6ubuntu6
fixed in 1.22.6ubuntu6.6
0.4%
Theoretical Threat
Not Applicable
CVE-2025-6297NONE0
dpkg
1.22.6ubuntu6
fixed in 1.22.6ubuntu6.5
0.3%
Theoretical Threat
Not Applicable
CVE-2025-0167NONE0
libcurl4t64
8.5.0-2ubuntu10.1
fixed in 8.5.0-2ubuntu10.8
0.6%
Theoretical Threat
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.15.2
fixed in 2.21.1, 2.18.6
Not Applicable
CVE-2026-41284NONE0
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.118, 10.1.55, 11.0.22
0.8%
Theoretical Threat
Not Applicable
CVE-2026-43513NONE0
org.apache.tomcat.embed:tomcat-embed-core
8.5.46
fixed in 9.0.118, 10.1.55, 11.0.22
0.5%
Theoretical Threat
Not Applicable