Vulnerability Reportcalico/node:v3.33.0-0.dev-866-gf868484449e7-s390x

calico/node:v3.33.0-0.dev-866-gf868484449e7-s390x

DIGESTsha256:f31520e2c3b20b33cef2c7cb93d3eff83de7b6692f00a83364fb4600e82ae012

Executive Summary

Threat ScoreSAFE• High trust: POPULAR COMMUNITY image with 1.7B+ pulls, pinned by digest• No critical or high-severity vulnerabilities (max exposed CVSS 5.7, max post-exploit CVSS 3.21)• No exposed or post-exploit findings with CVSS >= 6.0

0/100SAFE

ReputationPOPULAR COMMUNITY• High Reputation Community Image (1719M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This base/runtime image is a clean foundation for building production images. It includes 22 exposed and 15 post-exploit vulnerabilities, but all are low severity (max CVSS 5.7). None pose a practical risk in typical deployments, making it suitable as a base without remediation. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.

Vulnerabilities

Vulnerability Log

39 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-4105	MEDIUM5.7	systemd-libs 252-67.el9_8.2 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-28387	MEDIUM5.5	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.6% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-28388	MEDIUM5.1	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.9% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2024-41996	MEDIUM4.72	openssl-libs 1:3.5.5-4.el9_8 No fix yet	1.1% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2025-1371	MEDIUM4.67	elfutils-libelf 0.194-1.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-1377	MEDIUM4.67	elfutils-libelf 0.194-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2021-46195	MEDIUM4.67	libgcc 11.5.0-14.el9 No fix yet	0.8% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgcc 11.5.0-14.el9 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib 1.2.11-40.el9 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-2673	MEDIUM4.42	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42250	MEDIUM4.25	bzip2-libs 1.0.8-11.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc 2.34-270.el9_8 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-common 2.34-270.el9_8 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-common 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	glibc-minimal-langpack 2.34-270.el9_8 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	glibc-minimal-langpack 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2025-1376	MEDIUM4	elfutils-libelf 0.194-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-13176	MEDIUM4	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.6% Theoretical Threat	Directly Exposed
CVE-2024-25260	LOW3.4	elfutils-libelf 0.194-1.el9 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-5958	LOW3.21	sed 4.8-10.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2025-9232	LOW3.1	openssl-libs 1:3.5.5-4.el9_8 No fix yet	2.0% Low-Moderate Risk	Directly Exposed
CVE-2026-31789	LOW3	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.37.4-25.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux-core 2.37.4-25.el9 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-28389	LOW2.29	openssl-libs 1:3.5.5-4.el9_8 No fix yet	0.8% Theoretical Threat	Post-Exploit
CVE-2022-41409	LOW2.29	pcre2 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Post-Exploit
CVE-2022-41409	LOW2.29	pcre2-syntax 10.40-6.el9 No fix yet	1.0% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils-single 8.32-40.el9 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-6238	LOW1.99	glibc 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6238	LOW1.99	glibc-common 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6238	LOW1.99	glibc-minimal-langpack 2.34-270.el9_8 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-5435	LOW1.81	glibc 2.34-270.el9_8 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-5435	LOW1.81	glibc-common 2.34-270.el9_8 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-5435	LOW1.81	glibc-minimal-langpack 2.34-270.el9_8 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-34743	LOW1.62	xz-libs 5.2.5-8.el9_0 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-11961	LOW1.61	libpcap 14:1.10.0-4.el9 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2023-50495	NONE0	ncurses-base 6.2-12.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-libs 6.2-12.20210508.el9 No fix yet	1.0% Theoretical Threat	Not Applicable