Vulnerability Reportdrupal:10.6.13-php8.3-fpm-alpine

drupal:10.6.13-php8.3-fpm-alpine
DIGESTsha256:61e117c9c36768ab71978583cb0a1f1258082702709addc2f8ee8f0ac9791866

Executive Summary

Last scanned:

Threat Score
25/100NEEDS ATTENTION
Reputation
TRUSTED

This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. It contains one moderate-severity vulnerability (CVE-2026-33630, severity 6.0) in the c-ares DNS resolution library. An attacker with control over a DNS server could trigger a use-after-free, causing a denial of service (crash or memory corruption) of the Drupal application. Applying the latest security updates for c-ares fully eliminates this risk. No post-exploit vulnerabilities were found.

Vulnerabilities

Vulnerability Log

1 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-33630MEDIUM6
c-ares
1.34.6-r0
fixed in 1.34.8-r0
Directly ExposedContext importance: MEDIUM

Want to check another image? Run a full scan with the Docker Security Scanner.