Vulnerability Reportcalico/node:v3.33.0-0.dev-866-gf868484449e7-ppc64le

calico/node:v3.33.0-0.dev-866-gf868484449e7-ppc64le

DIGESTsha256:ab0d5ffa582ee5ad4cc4d78c1d2758c5b095550d77777a76d7d68d7d4e49e2d1

Executive Summary

Threat ScoreSAFE• Threat score is 0, indicating no significant risk from known vulnerabilities.• All 24 exposed vulnerabilities have severity below 6.0 (max 5.7), and all 13 post-exploit vulnerabilities are below 3.0 (max 3.0).• Image is from a highly reputable community publisher (Calico) with over 1.7B pulls and pinned by digest for immutability.

0/100SAFE

ReputationPOPULAR COMMUNITY• High Reputation Community Image (1719M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This base/runtime image is a clean foundation for building production images. While it contains 24 exposed and 13 post-exploit vulnerabilities, all are low severity (maximum 5.7 for exposed, 3.0 for post-exploit) and pose negligible practical risk. The image is from a trusted source and used as a building block, not a deployable service. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.

Vulnerabilities

Vulnerability Log

39 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-4105	MEDIUM5.7	systemd-libs 252-67.el9_8.2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-28387	MEDIUM5.5	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.6% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-5958	MEDIUM5.35	sed 4.8-10.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-28388	MEDIUM5.1	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.9% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2024-41996	MEDIUM4.72	openssl-libs 1:3.5.5-4.el9_8 No fix yet	1.1% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2025-1371	MEDIUM4.67	elfutils-libelf 0.194-1.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1377	MEDIUM4.67	elfutils-libelf 0.194-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libgcc 11.5.0-14.el9 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgcc 11.5.0-14.el9 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib 1.2.11-40.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM4.42	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42250	MEDIUM4.25	bzip2-libs 1.0.8-11.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc 2.34-270.el9_8 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-common 2.34-270.el9_8 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-common 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-minimal-langpack 2.34-270.el9_8 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-minimal-langpack 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1376	MEDIUM4	elfutils-libelf 0.194-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-13176	MEDIUM4	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2025-5278	LOW3.74	coreutils-single 8.32-40.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2024-25260	LOW3.4	elfutils-libelf 0.194-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-9232	LOW3.1	openssl-libs 1:3.5.5-4.el9_8 No fix yet	2.0% Low-Moderate Risk	Directly Exposed
CVE-2026-31789	LOW3	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.37.4-25.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux-core 2.37.4-25.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-28389	LOW2.29	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.8% Theoretical Threat	Post-Exploit
CVE-2022-41409	LOW2.29	pcre2 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Post-Exploit
CVE-2022-41409	LOW2.29	pcre2-syntax 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Post-Exploit
CVE-2026-6238	LOW1.99	glibc 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6238	LOW1.99	glibc-common 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6238	LOW1.99	glibc-minimal-langpack 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5435	LOW1.81	glibc 2.34-270.el9_8 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-5435	LOW1.81	glibc-common 2.34-270.el9_8 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-5435	LOW1.81	glibc-minimal-langpack 2.34-270.el9_8 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-34743	LOW1.62	xz-libs 5.2.5-8.el9_0 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-11961	LOW1.61	libpcap 14:1.10.0-4.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-50495	NONE0	ncurses-base 6.2-12.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-libs 6.2-12.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable