Last scanned:
This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. It contains one moderate-severity vulnerability (CVE-2026-33630, severity 6.0) in the c-ares DNS resolution library. An attacker with control over a DNS server could trigger a use-after-free, causing a denial of service (crash or memory corruption) of the Drupal application. Applying the latest security updates for c-ares fully eliminates this risk. No post-exploit vulnerabilities were found.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-33630 | MEDIUM6 | c-ares 1.34.6-r0 fixed in 1.34.8-r0 | — | Directly ExposedContext importance: MEDIUM |
Want to check another image? Run a full scan with the Docker Security Scanner.