Vulnerability Reportelasticsearch:8.17.8

elasticsearch:8.17.8
DIGESTsha256:ab053097e6e6debe7916ecd40d4c2f84f2f869d061eaeaed12bea6bd24142eec

Executive Summary

Last scanned:

Threat Score
74/100CAUTION
Reputation
TRUSTED

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could exploit the Netty HTTP request smuggling vulnerability (CVE-2026-42581) to bypass security controls or poison caches, potentially leading to unauthorized access to Elasticsearch data. Disabling the Ingest Attachment processor would eliminate the Tika XXE vulnerabilities (CVE-2025-66516, CVE-2025-54988). Note that the Tika vulnerabilities only apply if the ingest attachment pipeline is configured. While the image is official and trusted, the high number of exposed vulnerabilities, especially those with network reachability, makes it unsuitable for production without immediate patching.

Vulnerabilities

Vulnerability Log

246 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.6%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2025-66516HIGH8
org.apache.tika:tika-core
2.9.2
fixed in 3.2.2
79.8%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2025-66516HIGH8
org.apache.tika:tika-parser-pdf-module
2.9.2
fixed in 3.2.2
79.8%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2025-54988HIGH7.52
org.apache.tika:tika-parser-pdf-module
2.9.2
fixed in 3.2.2
3.0%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-5260MEDIUM6.97
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-0861MEDIUM6.88
libc-bin
2.39-0ubuntu8.5
fixed in 2.39-0ubuntu8.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0861MEDIUM6.88
libc6
2.39-0ubuntu8.5
fixed in 2.39-0ubuntu8.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-28387MEDIUM6.88
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54512MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 3.1.4, 2.21.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54513MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 2.21.4, 3.1.4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-29111MEDIUM6.63
libsystemd0
255.4-1ubuntu8.10
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-29111MEDIUM6.63
libudev1
255.4-1ubuntu8.10
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-41989MEDIUM6.38
libgcrypt20
1.10.3-2build1
fixed in 1.10.3-2ubuntu0.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27135MEDIUM6.38
libnghttp2-14
1.59.0-1ubuntu0.2
fixed in 1.59.0-1ubuntu0.3
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-3731MEDIUM6.38
libssh-4
0.10.6-2ubuntu0.1
fixed in 0.10.6-2ubuntu0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-69421MEDIUM6.38
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-7962MEDIUM6.38
com.sun.mail:jakarta.mail
1.6.3
fixed in 1.6.8, 2.0.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-7962MEDIUM6.38
com.sun.mail:jakarta.mail
1.6.4
fixed in 1.6.8, 2.0.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-42583MEDIUM6.38
io.netty:netty-codec
4.1.118.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58057MEDIUM6.38
io.netty:netty-codec
4.1.118.Final
fixed in 4.1.125.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.1.132.Final, 4.2.10.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-58056MEDIUM6.38
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.1.125.Final, 4.2.5.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-55163MEDIUM6.38
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.2.4.Final, 4.1.124.Final
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-48043MEDIUM6.38
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.1.135.Final, 4.2.15.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42578MEDIUM6.38
io.netty:netty-handler-proxy
4.1.118.Final
fixed in 4.1.133.Final, 4.2.13.Final
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-45292MEDIUM6.38
io.opentelemetry:opentelemetry-api
1.31.0
fixed in 1.62.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34479MEDIUM6.38
org.apache.logging.log4j:log4j-1.2-api
2.19.0
fixed in 2.25.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-5588MEDIUM6.38
org.bouncycastle:bcpkix-jdk18on
1.78.1
fixed in 1.84
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-14813MEDIUM6.38
org.bouncycastle:bcprov-jdk18on
1.78.1
fixed in 1.80.2, 1.81.1, 1.84
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-66566MEDIUM6.38
org.lz4:lz4-java
1.8.0
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-3833MEDIUM6.29
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42011MEDIUM6.29
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-37731MEDIUM6.29
org.elasticsearch:elasticsearch
8.17.8
fixed in 8.19.8, 9.1.8, 9.2.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42012MEDIUM6.03
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33871MEDIUM6
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.1.132.Final, 4.2.11.Final
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-4878MEDIUM5.95
libcap2
1:2.66-5ubuntu2.2
fixed in 1:2.66-5ubuntu2.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-2236MEDIUM5.9
libgcrypt20
1.10.3-2build1
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2025-13151MEDIUM5.9
libtasn1-6
4.19.0-3ubuntu0.24.04.1
fixed in 4.19.0-3ubuntu0.24.04.2
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-45673MEDIUM5.78
io.netty:netty-resolver-dns
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42014MEDIUM5.61
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-9230MEDIUM5.6
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.6
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2026-42013MEDIUM5.58
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4437MEDIUM5.52
libc-bin
2.39-0ubuntu8.5
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
libc-bin
2.39-0ubuntu8.5
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
libc6
2.39-0ubuntu8.5
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
libc6
2.39-0ubuntu8.5
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-67735MEDIUM5.52
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.8.Final, 4.1.129.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0636MEDIUM5.52
org.bouncycastle:bcprov-jdk18on
1.78.1
fixed in 1.84
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-68384MEDIUM5.52
org.elasticsearch.plugin:x-pack-security
8.17.8
fixed in 8.19.9, 9.1.9, 9.2.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-12183MEDIUM5.52
org.lz4:lz4-java
1.8.0
fixed in 1.8.1
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-40225MEDIUM5.44
libsystemd0
255.4-1ubuntu8.10
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40226MEDIUM5.44
libsystemd0
255.4-1ubuntu8.10
fixed in 255.4-1ubuntu8.16
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40225MEDIUM5.44
libudev1
255.4-1ubuntu8.10
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40226MEDIUM5.44
libudev1
255.4-1ubuntu8.10
fixed in 255.4-1ubuntu8.16
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-0964MEDIUM5.35
libssh-4
0.10.6-2ubuntu0.1
fixed in 0.10.6-2ubuntu0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
libp11-kit0
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit-modules
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-22227MEDIUM5.18
io.projectreactor.netty:reactor-netty-http
1.0.45
fixed in 1.3.0-M5, 1.2.8
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-15281MEDIUM5.02
libc-bin
2.39-0ubuntu8.5
fixed in 2.39-0ubuntu8.7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
libc-bin
2.39-0ubuntu8.5
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15281MEDIUM5.02
libc6
2.39-0ubuntu8.5
fixed in 2.39-0ubuntu8.7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
libc6
2.39-0ubuntu8.5
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-37727MEDIUM4.84
org.elasticsearch:elasticsearch
8.17.8
fixed in 8.18.8, 8.19.5, 9.0.8, 9.1.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-0967MEDIUM4.67
libssh-4
0.10.6-2ubuntu0.1
fixed in 0.10.6-2ubuntu0.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.3.dfsg-3.1ubuntu2.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-0915MEDIUM4.5
libc-bin
2.39-0ubuntu8.5
fixed in 2.39-0ubuntu8.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc-bin
2.39-0ubuntu8.5
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0915MEDIUM4.5
libc6
2.39-0ubuntu8.5
fixed in 2.39-0ubuntu8.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc6
2.39-0ubuntu8.5
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-14831MEDIUM4.5
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.5
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42015MEDIUM4.5
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
liblzma5
5.6.1+really5.4.5-1ubuntu0.2
fixed in 5.6.1+really5.4.5-1ubuntu0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-54514MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 2.21.4, 3.1.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-54515MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-47244MEDIUM4.5
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50560MEDIUM4.5
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-8885MEDIUM4.5
org.bouncycastle:bc-fips
1.0.2.5
fixed in 1.0.2.6, 2.0.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-8916MEDIUM4.5
org.bouncycastle:bcpkix-jdk18on
1.78.1
fixed in 1.79
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-31672MEDIUM4.4
org.apache.poi:poi-ooxml
5.2.5
fixed in 5.4.0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-68390MEDIUM4.17
org.elasticsearch.plugin:x-pack-core
8.17.8
fixed in 8.19.8, 9.1.8, 9.2.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-8286MEDIUM4.13
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-15079MEDIUM4.13
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-8286MEDIUM4.13
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-28387MEDIUM4.13
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
47.6%
High Exploitation Risk
Post-Exploit
CVE-2026-27456MEDIUM4
libblkid1
2.39.3-9ubuntu6.3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.39.3-9ubuntu6.3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.39.3-9ubuntu6.3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-8114MEDIUM4
libssh-4
0.10.6-2ubuntu0.1
fixed in 0.10.6-2ubuntu0.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.39.3-9ubuntu6.3
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69720LOW3.98
ncurses-bin
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-8927LOW3.82
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-5773LOW3.82
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-6276LOW3.82
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-41992LOW3.82
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-8927LOW3.82
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-5773LOW3.82
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-6276LOW3.82
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW3.82
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW3.82
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW3.82
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-9547LOW3.77
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-9547LOW3.77
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-34182LOW3.77
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69419LOW3.77
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.14.0
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.9
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-68973LOW3.57
gpgv
2.4.4-2ubuntu17.3
fixed in 2.4.4-2ubuntu17.4
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-8058LOW3.57
libc-bin
2.39-0ubuntu8.5
fixed in 2.39-0ubuntu8.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-8058LOW3.57
libc6
2.39-0ubuntu8.5
fixed in 2.39-0ubuntu8.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42010LOW3.53
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-1965LOW3.47
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-14819LOW3.47
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-1965LOW3.47
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-14819LOW3.47
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-4438LOW3.4
libc-bin
2.39-0ubuntu8.5
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.39-0ubuntu8.5
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9820LOW3.4
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-9230LOW3.36
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.6
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-5545LOW3.31
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6429LOW3.31
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-14524LOW3.31
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-3784LOW3.31
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-8924LOW3.31
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-5545LOW3.31
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6429LOW3.31
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-14524LOW3.31
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-3784LOW3.31
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-8924LOW3.31
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-5958LOW3.21
sed
4.9-2build1
fixed in 4.9-2ubuntu0.24.04.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-13757LOW3.16
p11-kit
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3832LOW3.15
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-5419LOW3.15
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45674LOW3.06
io.netty:netty-resolver-dns
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-47691LOW3.06
io.netty:netty-resolver-dns
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-31790LOW3.01
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
1.0%
Theoretical Threat
Post-Exploit
CVE-2025-69420LOW3.01
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-22796LOW3.01
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-42770LOW3.01
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-9076LOW3.01
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-40909LOW3.01
perl-base
5.38.2-3.2ubuntu0.1
fixed in 5.38.2-3.2ubuntu0.2
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-8376LOW3
perl-base
5.38.2-3.2ubuntu0.1
fixed in 5.38.2-3.2ubuntu0.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-8925LOW2.92
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-8925LOW2.92
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-3783LOW2.91
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-3783LOW2.91
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-45582LOW2.86
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.2
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-22795LOW2.8
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-7383LOW2.8
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5704LOW2.8
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-0965LOW2.8
libssh-4
0.10.6-2ubuntu0.1
fixed in 0.10.6-2ubuntu0.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libsystemd0
255.4-1ubuntu8.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libudev1
255.4-1ubuntu8.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-33845LOW2.78
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42496LOW2.78
perl-base
5.38.2-3.2ubuntu0.1
fixed in 5.38.2-3.2ubuntu0.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-42579LOW2.78
io.netty:netty-codec-dns
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
1.0%
Theoretical Threat
Post-Exploit
CVE-2026-42584LOW2.78
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-33846LOW2.7
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2026-42009LOW2.7
libgnutls30t64
3.8.3-1.1ubuntu3.4
fixed in 3.8.3-1.1ubuntu3.6
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2026-28388LOW2.7
libssl3t64
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-28388LOW2.7
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.9
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-6253LOW2.7
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-7168LOW2.7
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-4873LOW2.7
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6253LOW2.7
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-7168LOW2.7
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-4873LOW2.7
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.9
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42766LOW2.7
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-42767LOW2.7
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-0968LOW2.63
libssh-4
0.10.6-2ubuntu0.1
fixed in 0.10.6-2ubuntu0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-8277LOW2.63
libssh-4
0.10.6-2ubuntu0.1
fixed in 0.10.6-2ubuntu0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34180LOW2.55
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-0966LOW2.51
libssh-4
0.10.6-2ubuntu0.1
fixed in 0.10.6-2ubuntu0.3
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-15079LOW2.48
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-14017LOW2.45
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-10148LOW2.45
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-14017LOW2.45
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-10148LOW2.45
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.39.3-9ubuntu6.3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-15224LOW2.4
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-10536LOW2.4
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.11
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-41991LOW2.4
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-15224LOW2.4
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.7
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-10536LOW2.4
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.11
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.39.3-9ubuntu6.3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-68160LOW2.4
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.39.3-9ubuntu6.3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69418LOW2.04
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.7
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-45446LOW1.89
openssl
3.0.13-0ubuntu3.5
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
login
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69720NONE0
libncursesw6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
libtinfo6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-base
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2024-10963NONE0
libpam-modules
1.5.3-5ubuntu5.4
fixed in 1.5.3-5ubuntu5.5
0.8%
Theoretical Threat
Not Applicable
CVE-2024-10963NONE0
libpam-modules-bin
1.5.3-5ubuntu5.4
fixed in 1.5.3-5ubuntu5.5
0.8%
Theoretical Threat
Not Applicable
CVE-2024-10963NONE0
libpam-runtime
1.5.3-5ubuntu5.4
fixed in 1.5.3-5ubuntu5.5
0.8%
Theoretical Threat
Not Applicable
CVE-2024-10963NONE0
libpam0g
1.5.3-5ubuntu5.4
fixed in 1.5.3-5ubuntu5.5
0.8%
Theoretical Threat
Not Applicable
CVE-2025-0167NONE0
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.8
0.7%
Theoretical Threat
Not Applicable
CVE-2026-8458NONE0
curl
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
0.5%
Theoretical Threat
Not Applicable
CVE-2026-2219NONE0
dpkg
1.22.6ubuntu6.1
fixed in 1.22.6ubuntu6.6
0.4%
Theoretical Threat
Not Applicable
CVE-2025-6297NONE0
dpkg
1.22.6ubuntu6.1
fixed in 1.22.6ubuntu6.5
0.3%
Theoretical Threat
Not Applicable
CVE-2025-0167NONE0
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.8
0.7%
Theoretical Threat
Not Applicable
CVE-2026-8458NONE0
libcurl4t64
8.5.0-2ubuntu10.6
fixed in 8.5.0-2ubuntu10.10
0.5%
Theoretical Threat
Not Applicable
CVE-2026-58055NONE0
libnghttp2-14
1.59.0-1ubuntu0.2
fixed in 1.59.0-1ubuntu0.4
0.2%
Theoretical Threat
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.15.0
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.17.2
fixed in 2.21.1, 2.18.6
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.