Vulnerability Reporteclipse-temurin:25.0.3_9-jdk-resolute

eclipse-temurin:25.0.3_9-jdk-resolute
DIGESTsha256:201fbb8886b2d273218aa3a192f0afbf7b5ff65ee8cc6ef47f5dce2171f013ea

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This base/runtime image is a clean foundation for building production images. While the image contains 26 exposed and 53 post-exploit-only vulnerabilities, all are low severity (none above 5.5) and do not pose immediate risk. The image is officially published, widely used, and pinned by digest, ensuring a reliable starting point for secure development. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.

Vulnerabilities

Vulnerability Log

87 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2017-13716MEDIUM5.5
libbinutils
2.46-3ubuntu2
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libctf-nobfd0
2.46-3ubuntu2
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libctf0
2.46-3ubuntu2
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libgprofng0
2.46-3ubuntu2
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libsframe3
2.46-3ubuntu2
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2026-13757MEDIUM5.27
libp11-kit0
0.26.2-2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit-modules
0.26.2-2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-66382MEDIUM4.67
libexpat1
2.7.4-1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.3.dfsg+really1.3.1-1ubuntu3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc-bin
2.43-2ubuntu2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc-gconv-modules-extra
2.43-2ubuntu2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc6
2.43-2ubuntu2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3184MEDIUM4.5
libmount1
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3184MEDIUM4.5
libsmartcols1
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3184MEDIUM4.5
libuuid1
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libblkid1
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc-bin
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc-gconv-modules-extra
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2017-13716LOW3.3
binutils
2.46-3ubuntu2
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2017-13716LOW3.3
binutils-common
2.46-3ubuntu2
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2017-13716LOW3.3
binutils-x86-64-linux-gnu
2.46-3ubuntu2
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-13757LOW3.16
p11-kit
0.26.2-2
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-35373LOW2.8
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-40228LOW2.8
libsystemd0
259.5-0ubuntu3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libudev1
259.5-0ubuntu3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-3184LOW2.7
bsdutils
1:2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
login
1:4.16.0-2+really2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
mount
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
util-linux
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-39821LOW2.51
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-25681LOW2.48
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-27136LOW2.48
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
login
1:4.16.0-2+really2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.41.3-3ubuntu2
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-33814LOW2.29
golang.org/x/net
v0.40.0
fixed in 0.53.0
0.8%
Theoretical Threat
Post-Exploit
CVE-2024-2236LOW2.12
libgcrypt20
1.12.0-2ubuntu1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-4437LOW1.99
libc-bin
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc-bin
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-4437LOW1.99
libc-gconv-modules-extra
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc-gconv-modules-extra
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-4437LOW1.99
libc6
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc6
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-25680LOW1.99
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-42502LOW1.87
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.17.4-2ubuntu3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc-bin
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc-gconv-modules-extra
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc6
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-42506LOW1.65
golang.org/x/net
v0.40.0
fixed in 0.55.0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW1.62
libblkid1
2.41.3-3ubuntu2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-47911LOW1.62
golang.org/x/net
v0.40.0
fixed in 0.45.0
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-58190LOW1.62
golang.org/x/net
v0.40.0
fixed in 0.45.0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-39822NONE0
stdlib
v1.26.4
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.2%
Theoretical Threat
Not Applicable
CVE-2026-4437NONE0
locales
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-6238NONE0
locales
2.43-2ubuntu2
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-5435NONE0
locales
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-4046NONE0
locales
2.43-2ubuntu2
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42505NONE0
stdlib
v1.26.4
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-4438NONE0
locales
2.43-2ubuntu2
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2024-56433NONE0
login.defs
1:4.17.4-2ubuntu3
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2026-35341NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-35344NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35345NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-35348NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35350NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35351NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35352NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35354NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-35357NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-35359NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35360NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35363NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-35364NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-35367NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35368NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35370NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35371NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-35374NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-35377NONE0
rust-coreutils
0.8.0-0ubuntu3
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-46600NONE0
golang.org/x/net
v0.40.0
fixed in 0.56.0
Not Applicable
CVE-2026-39824NONE0
golang.org/x/sys
v0.33.0
fixed in 0.44.0
0.1%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.