Vulnerability Reportdpage/pgadmin4:9.13

dpage/pgadmin4:9.13.0dpage/pgadmin4:9.13dpage/pgadmin4:2026-03-03-1
DIGESTsha256:d243a4bcc02d2ee6b447c601692813531d2d0fbca18b583d9f7f9658da835d81

Executive Summary

Threat Score
50/100CAUTION
Reputation
RELIABLE

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. The image contains 68 known vulnerabilities, with 10 at medium-high severity (max 6.66). Notable issues include CVE-2026-39892 (buffer overflow in cryptography) and CVE-2026-41205 (path traversal in Mako), which require specific conditions (e.g., attacker-controlled template input or cryptographic operations) to be exploitable. Remediating these and other high-severity CVEs by upgrading affected packages is recommended to reduce the attack surface.

Vulnerabilities

Vulnerability Log

89 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-39892MEDIUM6.66
cryptography
46.0.5
fixed in 46.0.7
0.5%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-34183MEDIUM6.38
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34183MEDIUM6.38
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-41205MEDIUM6.38
Mako
1.3.10
fixed in 1.3.11
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-32597MEDIUM6.38
PyJWT
2.11.0
fixed in 2.12.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40192MEDIUM6.38
pillow
12.1.1
fixed in 12.2.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-30922MEDIUM6.38
pyasn1
0.6.2
fixed in 0.6.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-44432MEDIUM6.38
urllib3
2.6.3
fixed in 2.7.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-48526MEDIUM6.29
PyJWT
2.11.0
fixed in 2.13.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27962MEDIUM6.18
Authlib
1.6.8
fixed in 1.6.9
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4878MEDIUM5.95
libcap
2.77-r0
fixed in 2.78-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4878MEDIUM5.95
libcap2
2.77-r0
fixed in 2.78-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-28490MEDIUM5.52
Authlib
1.6.8
fixed in 1.6.9
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42311MEDIUM5.3
pillow
12.1.1
fixed in 12.2.0
0.1%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28498MEDIUM5.1
Authlib
1.6.8
fixed in 1.6.9
0.2%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-31790MEDIUM5.02
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.5.5-r0
fixed in 3.5.6-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-44307MEDIUM5.02
Mako
1.3.10
fixed in 1.3.12
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-48524MEDIUM5.02
PyJWT
2.11.0
fixed in 2.13.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-31789MEDIUM5
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-31789MEDIUM5
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r21
fixed in 1.2.5-r22
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42308MEDIUM4.67
pillow
12.1.1
fixed in 12.2.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42309MEDIUM4.67
pillow
12.1.1
fixed in 12.2.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42310MEDIUM4.67
pillow
12.1.1
fixed in 12.2.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-25645MEDIUM4.67
requests
2.32.5
fixed in 2.33.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-41425MEDIUM4.59
Authlib
1.6.8
fixed in 1.6.11
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-48523MEDIUM4.59
PyJWT
2.11.0
fixed in 2.13.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
xz-libs
5.8.2-r0
fixed in 5.8.3-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-48525MEDIUM4.5
PyJWT
2.11.0
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34073MEDIUM4.5
cryptography
46.0.5
fixed in 46.0.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45409MEDIUM4.5
idna
3.11
fixed in 3.15
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-44431MEDIUM4.5
urllib3
2.6.3
fixed in 2.7.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid
2.41.2-r0
fixed in 2.41.4-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40200LOW3.98
musl
1.2.5-r21
fixed in 1.2.5-r23
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40200LOW3.98
musl-utils
1.2.5-r21
fixed in 1.2.5-r23
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-4878LOW3.57
libcap-getcap
2.77-r0
fixed in 2.78-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-4878LOW3.57
libcap-setcap
2.77-r0
fixed in 2.78-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-4878LOW3.57
libcap-utils
2.77-r0
fixed in 2.78-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-48522LOW3.57
PyJWT
2.11.0
fixed in 2.13.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-6357LOW2.96
pip
25.3
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-45447LOW2.92
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
libssl3
3.5.5-r0
fixed in 3.5.7-r0
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-44405LOW2.89
paramiko
3.5.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-6042LOW2.8
musl-utils
1.2.5-r21
fixed in 1.2.5-r22
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-4539LOW2.8
Pygments
2.19.2
fixed in 2.20.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45445LOW2.78
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-3219LOW2.55
pip
25.3
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-22184LOW2.39
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW2.29
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW2.29
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-1703LOW1.99
pip
25.3
fixed in 26.0
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-41479NONE0
Authlib
1.6.8
fixed in 1.6.10, 1.7.1
Not Applicable
CVE-2026-44681NONE0
Authlib
1.6.8
fixed in 1.7.1, 1.6.12
0.2%
Theoretical Threat
Not Applicable
GHSA-537c-gmf6-5ccfNONE0
cryptography
46.0.5
fixed in 48.0.1
Not Applicable