Last scanned:
This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. The image has one medium-severity exposed vulnerability (CVE-2026-33630) that could lead to a denial of service via crafted DNS responses, but exploitation requires a malicious DNS server or man-in-the-middle position. All 16 post-exploit-only findings are low severity (up to 2.7). Updating the c-ares package would fully mitigate this vulnerability.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-33630 | MEDIUM6 | c-ares 1.34.6-r0 fixed in 1.34.8-r0 | — | Directly ExposedContext importance: MEDIUM |
| CVE-2026-4873 | LOW2.7 | curl 8.19.0-r0 fixed in 8.20.0-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6253 | LOW2.7 | curl 8.19.0-r0 fixed in 8.20.0-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-7009 | LOW2.7 | curl 8.19.0-r0 fixed in 8.20.0-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-7168 | LOW2.7 | curl 8.19.0-r0 fixed in 8.20.0-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-4873 | LOW2.7 | libcurl 8.19.0-r0 fixed in 8.20.0-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6253 | LOW2.7 | libcurl 8.19.0-r0 fixed in 8.20.0-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-7009 | LOW2.7 | libcurl 8.19.0-r0 fixed in 8.20.0-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-7168 | LOW2.7 | libcurl 8.19.0-r0 fixed in 8.20.0-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-5773 | LOW2.29 | curl 8.19.0-r0 fixed in 8.20.0-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-6276 | LOW2.29 | curl 8.19.0-r0 fixed in 8.20.0-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-5773 | LOW2.29 | libcurl 8.19.0-r0 fixed in 8.20.0-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-6276 | LOW2.29 | libcurl 8.19.0-r0 fixed in 8.20.0-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-5545 | LOW1.99 | curl 8.19.0-r0 fixed in 8.20.0-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6429 | LOW1.99 | curl 8.19.0-r0 fixed in 8.20.0-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-5545 | LOW1.99 | libcurl 8.19.0-r0 fixed in 8.20.0-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6429 | LOW1.99 | libcurl 8.19.0-r0 fixed in 8.20.0-r0 | 0.5% Theoretical Threat | Post-Exploit |
Want to check another image? Run a full scan with the Docker Security Scanner.