Last scanned:
This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could exploit HTTP request smuggling (CVE-2026-42581) to bypass security controls or poison downstream proxies, while XXE vulnerabilities (CVE-2025-66516) could allow reading sensitive data or making requests to internal services if the ingest-attachment plugin is enabled. Disabling the ingest-attachment plugin fully eliminates the Tika XXE risk, and the glibc nscd vulnerability (CVE-2024-33599) only applies if nscd is running, but the Netty issue is unconditionally exposed. The image contains 157 total vulnerabilities, 19 rated high or critical, making it unsuitable for any production deployment.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-42581 | HIGH8.33 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.6% Theoretical Threat | Directly ExposedContext importance: HIGH |
| CVE-2025-66516 | HIGH8 | org.apache.tika:tika-core 2.7.0 fixed in 3.2.2 | 79.8% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2025-66516 | HIGH8 | org.apache.tika:tika-parser-pdf-module 2.7.0 fixed in 3.2.2 | 79.8% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2024-33599 | HIGH7.6 | libc-bin 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.16 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33599 | HIGH7.6 | libc6 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.16 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2025-54988 | HIGH7.52 | org.apache.tika:tika-parser-pdf-module 2.7.0 fixed in 3.2.2 | 3.0% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2024-0553 | HIGH7.5 | libgnutls30 3.6.13-2ubuntu1.8 fixed in 3.6.13-2ubuntu1.10 | 1.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-2953 | HIGH7.5 | libldap-2.4-2 2.4.49+dfsg-2ubuntu1.9 fixed in 2.4.49+dfsg-2ubuntu1.10 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2023-2953 | HIGH7.5 | libldap-common 2.4.49+dfsg-2ubuntu1.9 fixed in 2.4.49+dfsg-2ubuntu1.10 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2024-7254 | HIGH7.5 | com.google.protobuf:protobuf-java 3.21.9 fixed in 3.25.5, 4.27.5, 4.28.2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2026-33871 | HIGH7.5 | io.netty:netty-codec-http2 4.1.94.Final fixed in 4.1.132.Final, 4.2.11.Final | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2025-24970 | HIGH7.5 | io.netty:netty-handler 4.1.94.Final fixed in 4.1.118.Final | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-34062 | HIGH7.5 | io.projectreactor.netty:reactor-netty-http 1.0.24 fixed in 1.1.13, 1.0.39 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-1370 | HIGH7.5 | net.minidev:json-smart 2.4.8 fixed in 2.4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-7104 | HIGH7.3 | libsqlite3-0 3.31.1-4ubuntu0.5 fixed in 3.31.1-4ubuntu0.6 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-37371 | HIGH7.28 | libgssapi-krb5-2 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2024-37371 | HIGH7.28 | libk5crypto3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2024-37371 | HIGH7.28 | libkrb5-3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2024-37371 | HIGH7.28 | libkrb5support0 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2024-28182 | MEDIUM6.89 | libnghttp2-14 1.40.0-1ubuntu0.1 fixed in 1.40.0-1ubuntu0.3 | 85.0% Actively Exploited | Directly Exposed |
| CVE-2026-54512 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.13.4.2 fixed in 2.18.8, 3.1.4, 2.21.4 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-54513 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.13.4.2 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-54512 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 2.18.8, 3.1.4, 2.21.4 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-54513 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-44249 | MEDIUM6.88 | io.netty:netty-handler 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libgssapi-krb5-2 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libk5crypto3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libkrb5-3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libkrb5support0 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-44483 | MEDIUM6.5 | org.apache.santuario:xmlsec 2.3.2 fixed in 2.3.4, 2.2.6, 3.0.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-29857 | MEDIUM6.5 | org.bouncycastle:bc-fips 1.0.2 fixed in 1.0.2.5 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libgssapi-krb5-2 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libk5crypto3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libkrb5-3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libkrb5support0 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-52999 | MEDIUM6.38 | com.fasterxml.jackson.core:jackson-core 2.13.4 fixed in 2.15.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-50193 | MEDIUM6.38 | com.fasterxml.jackson.core:jackson-databind 2.13.4.2 fixed in 2.14.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2023-52428 | MEDIUM6.38 | com.nimbusds:nimbus-jose-jwt 9.23 fixed in 9.37.2 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-7962 | MEDIUM6.38 | com.sun.mail:jakarta.mail 1.6.3 fixed in 1.6.8, 2.0.2 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-7962 | MEDIUM6.38 | com.sun.mail:jakarta.mail 1.6.4 fixed in 1.6.8, 2.0.2 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-42583 | MEDIUM6.38 | io.netty:netty-codec 4.1.94.Final fixed in 4.1.133.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-58057 | MEDIUM6.38 | io.netty:netty-codec 4.1.94.Final fixed in 4.1.125.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33870 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.1.132.Final, 4.2.10.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42587 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-42585 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-58056 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.1.125.Final, 4.2.5.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-55163 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.94.Final fixed in 4.2.4.Final, 4.1.124.Final | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42587 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-48043 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.94.Final fixed in 4.1.135.Final, 4.2.15.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-45416 | MEDIUM6.38 | io.netty:netty-handler 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-50010 | MEDIUM6.38 | io.netty:netty-handler 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42578 | MEDIUM6.38 | io.netty:netty-handler-proxy 4.1.94.Final fixed in 4.1.133.Final, 4.2.13.Final | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-45292 | MEDIUM6.38 | io.opentelemetry:opentelemetry-api 1.17.0 fixed in 1.62.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2023-34054 | MEDIUM6.38 | io.projectreactor.netty:reactor-netty-core 1.0.24 fixed in 1.1.13, 1.0.39 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-34479 | MEDIUM6.38 | org.apache.logging.log4j:log4j-1.2-api 2.19.0 fixed in 2.25.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34480 | MEDIUM6.38 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.4 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-34480 | MEDIUM6.38 | org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.4 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-5588 | MEDIUM6.38 | org.bouncycastle:bcpkix-jdk15on 1.64 fixed in 1.84 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-23444 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.11.0 fixed in 8.13.0, 7.17.23 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-23450 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.11.0 fixed in 7.17.19, 8.13.0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2024-43709 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.11.0 fixed in 7.17.21, 8.13.3 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2024-52979 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.11.0 fixed in 7.17.25, 8.16.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-52981 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.11.0 fixed in 7.17.24, 8.15.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-66566 | MEDIUM6.38 | org.lz4:lz4-java 1.8.0 No fix yet | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-37731 | MEDIUM6.29 | org.elasticsearch:elasticsearch 8.11.0 fixed in 8.19.8, 9.1.8, 9.2.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-4802 | MEDIUM5.95 | libc-bin 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.18 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-4802 | MEDIUM5.95 | libc6 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.18 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2023-4806 | MEDIUM5.9 | libc-bin 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.14 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2023-4813 | MEDIUM5.9 | libc-bin 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.14 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-4806 | MEDIUM5.9 | libc6 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.14 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2023-4813 | MEDIUM5.9 | libc6 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.14 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-5981 | MEDIUM5.9 | libgnutls30 3.6.13-2ubuntu1.8 fixed in 3.6.13-2ubuntu1.9 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libgssapi-krb5-2 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libk5crypto3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libkrb5-3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libkrb5support0 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-5535 | MEDIUM5.9 | libssl1.1 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.23 | 5.6% Low-Moderate Risk | Directly Exposed |
| CVE-2020-15522 | MEDIUM5.9 | org.bouncycastle:bc-fips 1.0.2 fixed in 1.0.2.1 | 1.5% Low-Moderate Risk | Directly Exposed |
| CVE-2026-45673 | MEDIUM5.78 | io.netty:netty-resolver-dns 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-4741 | MEDIUM5.6 | libssl1.1 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.23 | 2.9% Low-Moderate Risk | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libgssapi-krb5-2 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libk5crypto3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libkrb5-3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libkrb5support0 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-67735 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.8.Final, 4.1.129.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-41417 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.1.133.Final, 4.2.13.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42580 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-68384 | MEDIUM5.52 | org.elasticsearch.plugin:x-pack-security 8.11.0 fixed in 8.19.9, 9.1.9, 9.2.3 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2023-49921 | MEDIUM5.52 | org.elasticsearch:elasticsearch 8.11.0 fixed in 7.17.16, 8.11.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-23451 | MEDIUM5.52 | org.elasticsearch:elasticsearch 8.11.0 fixed in 8.13.0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-12183 | MEDIUM5.52 | org.lz4:lz4-java 1.8.0 fixed in 1.8.1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2024-0727 | MEDIUM5.5 | libssl1.1 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.21 | 3.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33600 | MEDIUM5.3 | libc-bin 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.16 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33600 | MEDIUM5.3 | libc6 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.16 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-12243 | MEDIUM5.3 | libgnutls30 3.6.13-2ubuntu1.8 fixed in 3.6.13-2ubuntu1.12 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-6918 | MEDIUM5.3 | libssh-4 0.9.3-2ubuntu2.3 fixed in 0.9.3-2ubuntu2.5 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2023-5678 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.21 | 4.5% Low-Moderate Risk | Directly Exposed |
| CVE-2024-12133 | MEDIUM5.3 | libtasn1-6 4.16.0-2 fixed in 4.16.0-2ubuntu0.1 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-29025 | MEDIUM5.3 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.1.108.Final | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2024-21742 | MEDIUM5.3 | org.apache.james:apache-mime4j-core 0.8.9 fixed in 0.8.10 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2025-22227 | MEDIUM5.18 | io.projectreactor.netty:reactor-netty-http 1.0.24 fixed in 1.3.0-M5, 1.2.8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libgssapi-krb5-2 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libgssapi-krb5-2 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libk5crypto3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libk5crypto3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libkrb5-3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libkrb5-3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libkrb5support0 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libkrb5support0 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34477 | MEDIUM5.02 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34477 | MEDIUM5.02 | org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-53864 | MEDIUM4.93 | com.nimbusds:nimbus-jose-jwt 9.23 fixed in 10.0.2, 9.37.4 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-37727 | MEDIUM4.84 | org.elasticsearch:elasticsearch 8.11.0 fixed in 8.18.8, 8.19.5, 9.0.8, 9.1.5 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-2511 | MEDIUM4.81 | libssl1.1 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.23 | 54.0% Actively Exploited | Directly Exposed |
| CVE-2025-0395 | MEDIUM4.67 | libc-bin 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.17 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-0395 | MEDIUM4.67 | libc6 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.17 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-29088 | MEDIUM4.67 | libsqlite3-0 3.31.1-4ubuntu0.5 fixed in 3.31.1-4ubuntu0.7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-47535 | MEDIUM4.67 | io.netty:netty-common 4.1.94.Final fixed in 4.1.115.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-25193 | MEDIUM4.67 | io.netty:netty-common 4.1.94.Final fixed in 4.1.118.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-25710 | MEDIUM4.67 | org.apache.commons:commons-compress 1.24.0 fixed in 1.26.0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-26308 | MEDIUM4.67 | org.apache.commons:commons-compress 1.24.0 fixed in 1.26.0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45146 | MEDIUM4.67 | org.bouncycastle:bc-fips 1.0.2 fixed in 1.0.2.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-28834 | MEDIUM4.5 | libgnutls30 3.6.13-2ubuntu1.8 fixed in 3.6.13-2ubuntu1.11 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-54514 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.13.4.2 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-54515 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.13.4.2 fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-54514 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-54515 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-50020 | MEDIUM4.5 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-47244 | MEDIUM4.5 | io.netty:netty-codec-http2 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-50560 | MEDIUM4.5 | io.netty:netty-codec-http2 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-8885 | MEDIUM4.5 | org.bouncycastle:bc-fips 1.0.2 fixed in 1.0.2.6, 2.0.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-8916 | MEDIUM4.5 | org.bouncycastle:bcpkix-jdk15on 1.64 fixed in 1.79 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-23449 | MEDIUM4.5 | org.elasticsearch:elasticsearch 8.11.0 fixed in 8.11.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libblkid1 2.34-0.1ubuntu9.4 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libfdisk1 2.34-0.1ubuntu9.4 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libmount1 2.34-0.1ubuntu9.4 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libsmartcols1 2.34-0.1ubuntu9.4 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libuuid1 2.34-0.1ubuntu9.4 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-31672 | MEDIUM4.4 | org.apache.poi:poi-ooxml 5.2.3 fixed in 5.4.0 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2024-47554 | MEDIUM4.3 | commons-io:commons-io 2.11.0 fixed in 2.14.0 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-68390 | MEDIUM4.17 | org.elasticsearch.plugin:x-pack-core 8.11.0 fixed in 8.19.8, 9.1.8, 9.2.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-2961 | MEDIUM4.12 | libc-bin 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.15 | 88.3% Actively Exploited | Post-Exploit |
| CVE-2024-2961 | MEDIUM4.12 | libc6 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.15 | 88.3% Actively Exploited | Post-Exploit |
| CVE-2026-45674 | MEDIUM4.08 | io.netty:netty-resolver-dns 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.2% Theoretical Threat | Post-ExploitContext importance: MEDIUM |
| CVE-2026-47691 | MEDIUM4.08 | io.netty:netty-resolver-dns 4.1.94.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Post-ExploitContext importance: MEDIUM |
| CVE-2023-6004 | MEDIUM4.08 | libssh-4 0.9.3-2ubuntu2.3 fixed in 0.9.3-2ubuntu2.5 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-68161 | MEDIUM4.08 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.3 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-68161 | MEDIUM4.08 | org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.3 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2024-13176 | MEDIUM4 | libssl1.1 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.24 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2024-33601 | MEDIUM4 | libc-bin 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.16 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33601 | MEDIUM4 | libc6 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.16 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-47038 | LOW3.98 | perl-base 5.30.0-9ubuntu0.4 fixed in 5.30.0-9ubuntu0.5 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2024-3596 | LOW3.73 | libgssapi-krb5-2 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-3596 | LOW3.73 | libk5crypto3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-3596 | LOW3.73 | libkrb5-3 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-3596 | LOW3.73 | libkrb5support0 1.17-6ubuntu4.3 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2026-42579 | LOW3.71 | io.netty:netty-codec-dns 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final | 1.0% Theoretical Threat | Post-ExploitContext importance: MEDIUM |
| CVE-2026-42584 | LOW3.71 | io.netty:netty-codec-http 4.1.94.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.8% Theoretical Threat | Post-ExploitContext importance: MEDIUM |
| CVE-2024-9143 | LOW3.7 | libssl1.1 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.24 | 6.0% Low-Moderate Risk | Directly Exposed |
| CVE-2025-48924 | LOW3.7 | org.apache.commons:commons-lang3 3.12.0 fixed in 3.18.0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-48924 | LOW3.7 | org.apache.commons:commons-lang3 3.9 fixed in 3.18.0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-44487 | LOW3.51 | libnghttp2-14 1.40.0-1ubuntu0.1 fixed in 1.40.0-1ubuntu0.2 | 100.0% Actively Exploited | Post-Exploit |
| CVE-2024-33602 | LOW3.4 | libc-bin 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.16 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-33602 | LOW3.4 | libc6 2.31-0ubuntu9.12 fixed in 2.31-0ubuntu9.16 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-8096 | LOW3.31 | curl 7.68.0-1ubuntu2.20 fixed in 7.68.0-1ubuntu2.24 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2024-8096 | LOW3.31 | libcurl4 7.68.0-1ubuntu2.20 fixed in 7.68.0-1ubuntu2.24 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2024-0727 | LOW3.3 | openssl 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.21 | 3.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-5678 | LOW3.18 | openssl 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.21 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2024-2398 | LOW3.1 | curl 7.68.0-1ubuntu2.20 fixed in 7.68.0-1ubuntu2.22 | 36.1% High Exploitation Risk | Post-Exploit |
| CVE-2024-2398 | LOW3.1 | libcurl4 7.68.0-1ubuntu2.20 fixed in 7.68.0-1ubuntu2.22 | 36.1% High Exploitation Risk | Post-Exploit |
| CVE-2024-2511 | LOW2.89 | openssl 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.23 | 54.0% Actively Exploited | Post-Exploit |
| CVE-2023-4641 | LOW2.8 | login 1:4.8.1-1ubuntu5.20.04.4 fixed in 1:4.8.1-1ubuntu5.20.04.5 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2023-4641 | LOW2.8 | passwd 1:4.8.1-1ubuntu5.20.04.4 fixed in 1:4.8.1-1ubuntu5.20.04.5 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2023-4016 | LOW2.8 | libprocps8 2:3.3.16-1ubuntu2.3 fixed in 2:3.3.16-1ubuntu2.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2023-48795 | LOW2.76 | libssh-4 0.9.3-2ubuntu2.3 fixed in 0.9.3-2ubuntu2.4 | 93.3% Actively Exploited | Post-Exploit |
| CVE-2024-7264 | LOW2.69 | curl 7.68.0-1ubuntu2.20 fixed in 7.68.0-1ubuntu2.23 | 17.3% High Exploitation Risk | Post-Exploit |
| CVE-2024-7264 | LOW2.69 | libcurl4 7.68.0-1ubuntu2.20 fixed in 7.68.0-1ubuntu2.23 | 17.3% High Exploitation Risk | Post-Exploit |
| CVE-2024-28085 | LOW2.64 | bsdutils 1:2.34-0.1ubuntu9.4 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28085 | LOW2.64 | fdisk 2.34-0.1ubuntu9.4 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28085 | LOW2.64 | mount 2.34-0.1ubuntu9.4 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28085 | LOW2.64 | util-linux 2.34-0.1ubuntu9.4 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2025-30258 | LOW2.4 | gpgv 2.2.19-3ubuntu2.2 fixed in 2.2.19-3ubuntu2.4 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2024-13176 | LOW2.4 | openssl 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.24 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2023-46218 | LOW2.34 | curl 7.68.0-1ubuntu2.20 fixed in 7.68.0-1ubuntu2.21 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2023-46218 | LOW2.34 | libcurl4 7.68.0-1ubuntu2.20 fixed in 7.68.0-1ubuntu2.21 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2024-9143 | LOW2.22 | openssl 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.24 | 6.0% Low-Moderate Risk | Post-Exploit |
| CVE-2024-11053 | LOW2.12 | curl 7.68.0-1ubuntu2.20 fixed in 7.68.0-1ubuntu2.25 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2024-11053 | LOW2.12 | libcurl4 7.68.0-1ubuntu2.20 fixed in 7.68.0-1ubuntu2.25 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2024-5535 | LOW2.12 | openssl 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.23 | 5.6% Low-Moderate Risk | Post-Exploit |
| CVE-2024-4741 | LOW2.02 | openssl 1.1.1f-1ubuntu2.20 fixed in 1.1.1f-1ubuntu2.23 | 2.9% Low-Moderate Risk | Post-Exploit |
| CVE-2023-4016 | LOW1.68 | procps 2:3.3.16-1ubuntu2.3 fixed in 2:3.3.16-1ubuntu2.4 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2023-39804 | LOW1.68 | tar 1.30+dfsg-7ubuntu0.20.04.3 fixed in 1.30+dfsg-7ubuntu0.20.04.4 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2024-22365 | NONE0 | libpam-modules 1.3.1-5ubuntu4.6 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam-modules-bin 1.3.1-5ubuntu4.6 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam-runtime 1.3.1-5ubuntu4.6 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam0g 1.3.1-5ubuntu4.6 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.13.4 fixed in 2.21.1, 2.18.6 | — | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.15.0 fixed in 2.21.1, 2.18.6 | — | Not Applicable |
| GHSA-xpw8-rcwv-8f8p | NONE0 | io.netty:netty-codec-http2 4.1.94.Final fixed in 4.1.100.Final | — | Not Applicable |
| CVE-2024-52980 | NONE0 | org.elasticsearch:elasticsearch 8.11.0 fixed in 8.15.1 | 0.5% Theoretical Threat | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.