Vulnerability Reportdebian:bookworm-20260623

debian:bookworm-20260623debian:12.14
DIGESTsha256:30482e873082e906a4908c10529180aefb6f77620aea7404b909829fadc5d168

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This base/runtime image is a clean foundation for building production images. It does contain 67 low-severity vulnerabilities (max CVSS 5.4) and 74 post-install findings of negligible risk, but none pose a practical threat in a typical deployment context. The image is officially maintained and digest-pinned, ensuring supply chain integrity and reproducibility. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.

Vulnerabilities

Vulnerability Log

155 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-54370MEDIUM5.35
libacl1
2.3.1-3
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-54371MEDIUM5.35
libattr1
1:2.5.1-4
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2019-1010025MEDIUM5.3
libc-bin
2.36-9+deb12u14
No fix yet
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-1010025MEDIUM5.3
libc6
2.36-9+deb12u14
No fix yet
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-13757MEDIUM5.27
libp11-kit0
0.24.1-2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libblkid1
2.38.1-5+deb12u3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libmount1
2.38.1-5+deb12u3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libsmartcols1
2.38.1-5+deb12u3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libuuid1
2.38.1-5+deb12u3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
libc-bin
2.36-9+deb12u14
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
libc6
2.36-9+deb12u14
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2022-27943MEDIUM4.67
gcc-12-base
12.2.0-14+deb12u1
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
libblkid1
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-27943MEDIUM4.67
libgcc-s1
12.2.0-14+deb12u1
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
libmount1
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
libsmartcols1
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-27943MEDIUM4.67
libstdc++6
12.2.0-14+deb12u1
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
libuuid1
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.2.13.dfsg-1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libblkid1
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-3184MEDIUM4.5
libblkid1
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
liblzma5
5.4.1-1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libmount1
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-3184MEDIUM4.5
libmount1
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libsmartcols1
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-3184MEDIUM4.5
libsmartcols1
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-31437MEDIUM4.5
libsystemd0
252.39-1~deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-31438MEDIUM4.5
libsystemd0
252.39-1~deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-31439MEDIUM4.5
libsystemd0
252.39-1~deb12u2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-31437MEDIUM4.5
libudev1
252.39-1~deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-31438MEDIUM4.5
libudev1
252.39-1~deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-31439MEDIUM4.5
libudev1
252.39-1~deb12u2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libuuid1
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-3184MEDIUM4.5
libuuid1
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42250MEDIUM4.25
libbz2-1.0
1.0.8-5+b1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
libc-bin
2.36-9+deb12u14
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
libc-bin
2.36-9+deb12u14
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
libc6
2.36-9+deb12u14
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
libc6
2.36-9+deb12u14
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-54411MEDIUM4.08
libpam-modules
1.5.2-6+deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-54411MEDIUM4.08
libpam-modules-bin
1.5.2-6+deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-54411MEDIUM4.08
libpam-runtime
1.5.2-6+deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-54411MEDIUM4.08
libpam0g
1.5.2-6+deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libblkid1
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2024-10041MEDIUM4
libpam-modules
1.5.2-6+deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-10041MEDIUM4
libpam-modules-bin
1.5.2-6+deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-10041MEDIUM4
libpam-runtime
1.5.2-6+deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-10041MEDIUM4
libpam0g
1.5.2-6+deb12u2
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2010-4756MEDIUM4
libc-bin
2.36-9+deb12u14
No fix yet
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2010-4756MEDIUM4
libc6
2.36-9+deb12u14
No fix yet
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2026-48962LOW3.98
perl-base
5.36.0-7+deb12u3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2011-3374LOW3.7
libapt-pkg6.0
2.6.1
No fix yet
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2005-2541LOW3.6
tar
1.34+dfsg-1.2+deb12u1
No fix yet
4.0%
Low-Moderate Risk
Post-Exploit
CVE-2019-1010022LOW3.53
libc-bin
2.36-9+deb12u14
No fix yet
3.2%
Low-Moderate Risk
Post-Exploit
CVE-2019-1010022LOW3.53
libc6
2.36-9+deb12u14
No fix yet
3.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-45853LOW3.53
zlib1g
1:1.2.13.dfsg-1
No fix yet
2.9%
Low-Moderate Risk
Post-Exploit
CVE-2016-2781LOW3.31
coreutils
9.1-1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2019-1010023LOW3.17
libc-bin
2.36-9+deb12u14
No fix yet
3.1%
Low-Moderate Risk
Post-Exploit
CVE-2019-1010023LOW3.17
libc6
2.36-9+deb12u14
No fix yet
3.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-14104LOW3.11
bsdutils
1:2.38.1-5+deb12u3
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-14104LOW3.11
mount
2.38.1-5+deb12u3
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-14104LOW3.11
util-linux
2.38.1-5+deb12u3
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-14104LOW3.11
util-linux-extra
2.38.1-5+deb12u3
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-8376LOW3
perl-base
5.36.0-7+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-31486LOW2.92
perl-base
5.36.0-7+deb12u3
No fix yet
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2022-0563LOW2.8
bsdutils
1:2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2022-0563LOW2.8
mount
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5704LOW2.8
tar
1.34+dfsg-1.2+deb12u1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2022-0563LOW2.8
util-linux
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2022-0563LOW2.8
util-linux-extra
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2013-4392LOW2.8
libsystemd0
252.39-1~deb12u2
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libsystemd0
252.39-1~deb12u2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-6141LOW2.8
libtinfo6
6.4-4
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2013-4392LOW2.8
libudev1
252.39-1~deb12u2
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libudev1
252.39-1~deb12u2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42496LOW2.78
perl-base
5.36.0-7+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2018-20796LOW2.7
libc-bin
2.36-9+deb12u14
No fix yet
5.8%
Low-Moderate Risk
Post-Exploit
CVE-2019-9192LOW2.7
libc-bin
2.36-9+deb12u14
No fix yet
2.4%
Low-Moderate Risk
Post-Exploit
CVE-2018-20796LOW2.7
libc6
2.36-9+deb12u14
No fix yet
5.8%
Low-Moderate Risk
Post-Exploit
CVE-2019-9192LOW2.7
libc6
2.36-9+deb12u14
No fix yet
2.4%
Low-Moderate Risk
Post-Exploit
CVE-2018-6829LOW2.7
libgcrypt20
1.10.1-3+deb12u1
No fix yet
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2026-13595LOW2.7
bsdutils
1:2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
bsdutils
1:2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-13595LOW2.7
mount
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
mount
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-12087LOW2.7
perl-base
5.36.0-7+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-13595LOW2.7
util-linux
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
util-linux
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-13595LOW2.7
util-linux-extra
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
util-linux-extra
2.38.1-5+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-48959LOW2.55
perl-base
5.36.0-7+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-48961LOW2.55
perl-base
5.36.0-7+deb12u3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2007-5686LOW2.5
passwd
1:4.13+dfsg1-1+deb12u2
No fix yet
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2017-18018LOW2.4
coreutils
9.1-1
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-41991LOW2.4
gzip
1.12-1
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux-extra
2.38.1-5+deb12u3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69720LOW2.39
libtinfo6
6.4-4
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-41992LOW2.29
gzip
1.12-1
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42497LOW2.29
perl-base
5.36.0-7+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-9538LOW2.29
perl-base
5.36.0-7+deb12u3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-5278LOW2.24
coreutils
9.1-1
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2011-3374LOW2.22
apt
2.6.1
No fix yet
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2026-54369LOW2.17
libacl1
2.3.1-3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-2236LOW2.12
libgcrypt20
1.10.1-3+deb12u1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-13151LOW2.12
libtasn1-6
4.19.0-2+deb12u1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2011-3389LOW2.01
libgnutls30
3.7.9-2+deb12u7
No fix yet
73.3%
Actively Exploited
Post-Exploit
CVE-2026-6238LOW1.99
libc-bin
2.36-9+deb12u14
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc6
2.36-9+deb12u14
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2023-50495LOW1.99
libtinfo6
6.4-4
No fix yet
1.0%
Theoretical Threat
Post-Exploit
CVE-2025-15649LOW1.99
perl-base
5.36.0-7+deb12u3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2019-1010024LOW1.91
libc-bin
2.36-9+deb12u14
No fix yet
3.2%
Low-Moderate Risk
Post-Exploit
CVE-2019-1010024LOW1.91
libc6
2.36-9+deb12u14
No fix yet
3.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.13+dfsg1-1+deb12u2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2011-4116LOW1.68
perl-base
5.36.0-7+deb12u3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-69720NONE0
ncurses-base
6.4-4
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-bin
6.4-4
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2023-50495NONE0
ncurses-base
6.4-4
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2023-50495NONE0
ncurses-bin
6.4-4
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2007-5686NONE0
login
1:4.13+dfsg1-1+deb12u2
No fix yet
0.9%
Theoretical Threat
Not Applicable
CVE-2025-30258NONE0
gpgv
2.2.40-1.1+deb12u2
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2025-68972NONE0
gpgv
2.2.40-1.1+deb12u2
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2024-56433NONE0
login
1:4.13+dfsg1-1+deb12u2
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2022-3219NONE0
gpgv
2.2.40-1.1+deb12u2
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2025-6141NONE0
ncurses-base
6.4-4
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2025-6141NONE0
ncurses-bin
6.4-4
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-57062NONE0
gpgv
2.2.40-1.1+deb12u2
No fix yet
0.1%
Theoretical Threat
Not Applicable
TEMP-0841856-B18BAFNONE0
bash
5.2.15-2+b13
No fix yet
Not Applicable
CVE-2026-53615NONE0
bsdutils
1:2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53613NONE0
bsdutils
1:2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53615NONE0
libblkid1
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53613NONE0
libblkid1
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53615NONE0
libmount1
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53613NONE0
libmount1
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53615NONE0
libsmartcols1
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53613NONE0
libsmartcols1
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53615NONE0
libuuid1
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53613NONE0
libuuid1
2.38.1-5+deb12u3
No fix yet
Not Applicable
TEMP-0628843-DBAD28NONE0
login
1:4.13+dfsg1-1+deb12u2
No fix yet
Not Applicable
CVE-2026-53615NONE0
mount
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53613NONE0
mount
2.38.1-5+deb12u3
No fix yet
Not Applicable
TEMP-0628843-DBAD28NONE0
passwd
1:4.13+dfsg1-1+deb12u2
No fix yet
Not Applicable
CVE-2026-7010NONE0
perl-base
5.36.0-7+deb12u3
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-7017NONE0
perl-base
5.36.0-7+deb12u3
No fix yet
Not Applicable
TEMP-0517018-A83CE6NONE0
sysvinit-utils
3.06-4
No fix yet
Not Applicable
TEMP-0290435-0B57B5NONE0
tar
1.34+dfsg-1.2+deb12u1
No fix yet
Not Applicable
CVE-2026-53615NONE0
util-linux
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53613NONE0
util-linux
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53615NONE0
util-linux-extra
2.38.1-5+deb12u3
No fix yet
Not Applicable
CVE-2026-53613NONE0
util-linux-extra
2.38.1-5+deb12u3
No fix yet
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.