Vulnerability Reporteclipse-temurin:21.0.11_10-jre

eclipse-temurin:21.0.11_10-jre
DIGESTsha256:0e9bce1bf5edd280a5778fef32fcc91eddc69bad98a0b1b2bafecdbed1f4272f

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This base/runtime image is a clean foundation for building production images. It contains 37 low-severity vulnerabilities on the exposed surface (max CVSS 5.27) and 22 low-severity post-exploit vulnerabilities (max CVSS 2.7), but none pose a significant risk in typical development or runtime environments. The image is officially published by Docker, pinned by digest, and highly trusted, making it an excellent choice for building secure applications. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.

Vulnerabilities

Vulnerability Log

80 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-13757MEDIUM5.27
libp11-kit0
0.26.2-2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit
0.26.2-2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit-modules
0.26.2-2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-66382MEDIUM4.67
libexpat1
2.7.4-1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-35373MEDIUM4.67
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.3.dfsg+really1.3.1-1ubuntu3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM4.42
libc-bin
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4437MEDIUM4.42
libc-gconv-modules-extra
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4437MEDIUM4.42
libc6
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-27456MEDIUM4
libblkid1
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc-bin
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc-gconv-modules-extra
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libsystemd0
259.5-0ubuntu3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libudev1
259.5-0ubuntu3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-3184LOW2.7
bsdutils
1:2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
mount
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
util-linux
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2021-31879LOW2.2
wget
1.25.0-2ubuntu4.2
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2024-2236LOW2.12
libgcrypt20
1.12.0-2ubuntu1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-6238LOW1.99
libc-bin
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc-gconv-modules-extra
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc6
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.17.4-2ubuntu3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc-bin
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc-gconv-modules-extra
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc6
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW1.62
libblkid1
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-4046LOW1.62
libc-bin
2.43-2ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-4046LOW1.62
libc-gconv-modules-extra
2.43-2ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-4046LOW1.62
libc6
2.43-2ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW1.62
libmount1
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW1.62
libsmartcols1
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW1.62
libuuid1
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-39821NONE0
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.5%
Theoretical Threat
Not Applicable
CVE-2026-25681NONE0
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.2%
Theoretical Threat
Not Applicable
CVE-2026-27136NONE0
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.2%
Theoretical Threat
Not Applicable
CVE-2026-39822NONE0
stdlib
v1.26.4
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.2%
Theoretical Threat
Not Applicable
CVE-2026-33814NONE0
golang.org/x/net
v0.40.0
fixed in 0.53.0
0.8%
Theoretical Threat
Not Applicable
CVE-2026-4437NONE0
locales
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-6238NONE0
locales
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-25680NONE0
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.2%
Theoretical Threat
Not Applicable
CVE-2026-42502NONE0
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.2%
Theoretical Threat
Not Applicable
CVE-2026-5435NONE0
locales
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-42506NONE0
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.2%
Theoretical Threat
Not Applicable
CVE-2026-4046NONE0
locales
2.43-2ubuntu2
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2026-3184NONE0
login
1:4.16.0-2+really2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2025-47911NONE0
golang.org/x/net
v0.40.0
fixed in 0.45.0
0.5%
Theoretical Threat
Not Applicable
CVE-2025-58190NONE0
golang.org/x/net
v0.40.0
fixed in 0.45.0
0.5%
Theoretical Threat
Not Applicable
CVE-2026-42505NONE0
stdlib
v1.26.4
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-27456NONE0
login
1:4.16.0-2+really2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-4438NONE0
locales
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2024-56433NONE0
login.defs
1:4.17.4-2ubuntu3
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2026-35341NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-35344NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35345NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-35348NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35350NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35351NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35352NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35354NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-35357NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-35359NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35360NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35363NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-35364NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-35367NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35368NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35370NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35371NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35374NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-35377NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-46600NONE0
golang.org/x/net
v0.40.0
fixed in 0.56.0
Not Applicable
CVE-2026-39824NONE0
golang.org/x/sys
v0.33.0
fixed in 0.44.0
0.1%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.