Last scanned:
This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could exploit the Netty HTTP request smuggling vulnerability (CVE-2026-42581) to bypass security controls or poison caches, potentially leading to unauthorized access to Elasticsearch data. Disabling the Ingest Attachment processor would eliminate the Tika XXE vulnerabilities (CVE-2025-66516, CVE-2025-54988). Note that the Tika vulnerabilities only apply if the ingest attachment pipeline is configured. While the image is official and trusted, the high number of exposed vulnerabilities, especially those with network reachability, makes it unsuitable for production without immediate patching.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-42581 | HIGH8.33 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.6% Theoretical Threat | Directly ExposedContext importance: HIGH |
| CVE-2025-66516 | HIGH8 | org.apache.tika:tika-core 2.9.2 fixed in 3.2.2 | 79.8% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2025-66516 | HIGH8 | org.apache.tika:tika-parser-pdf-module 2.9.2 fixed in 3.2.2 | 79.8% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2025-54988 | HIGH7.52 | org.apache.tika:tika-parser-pdf-module 2.9.2 fixed in 3.2.2 | 3.0% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2026-5260 | MEDIUM6.97 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-0861 | MEDIUM6.88 | libc-bin 2.39-0ubuntu8.5 fixed in 2.39-0ubuntu8.7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-0861 | MEDIUM6.88 | libc6 2.39-0ubuntu8.5 fixed in 2.39-0ubuntu8.7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-28387 | MEDIUM6.88 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-54512 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 2.18.8, 3.1.4, 2.21.4 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-54513 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-44249 | MEDIUM6.88 | io.netty:netty-handler 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-29111 | MEDIUM6.63 | libsystemd0 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.14 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-29111 | MEDIUM6.63 | libudev1 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.14 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-41989 | MEDIUM6.38 | libgcrypt20 1.10.3-2build1 fixed in 1.10.3-2ubuntu0.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27135 | MEDIUM6.38 | libnghttp2-14 1.59.0-1ubuntu0.2 fixed in 1.59.0-1ubuntu0.3 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-3731 | MEDIUM6.38 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.4 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-69421 | MEDIUM6.38 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28389 | MEDIUM6.38 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-7962 | MEDIUM6.38 | com.sun.mail:jakarta.mail 1.6.3 fixed in 1.6.8, 2.0.2 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-7962 | MEDIUM6.38 | com.sun.mail:jakarta.mail 1.6.4 fixed in 1.6.8, 2.0.2 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-42583 | MEDIUM6.38 | io.netty:netty-codec 4.1.118.Final fixed in 4.1.133.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-58057 | MEDIUM6.38 | io.netty:netty-codec 4.1.118.Final fixed in 4.1.125.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33870 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.1.132.Final, 4.2.10.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42587 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-42585 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-58056 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.1.125.Final, 4.2.5.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-55163 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.2.4.Final, 4.1.124.Final | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42587 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-48043 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.1.135.Final, 4.2.15.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-45416 | MEDIUM6.38 | io.netty:netty-handler 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-50010 | MEDIUM6.38 | io.netty:netty-handler 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42578 | MEDIUM6.38 | io.netty:netty-handler-proxy 4.1.118.Final fixed in 4.1.133.Final, 4.2.13.Final | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-45292 | MEDIUM6.38 | io.opentelemetry:opentelemetry-api 1.31.0 fixed in 1.62.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34479 | MEDIUM6.38 | org.apache.logging.log4j:log4j-1.2-api 2.19.0 fixed in 2.25.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34480 | MEDIUM6.38 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.4 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-34480 | MEDIUM6.38 | org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.4 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-5588 | MEDIUM6.38 | org.bouncycastle:bcpkix-jdk18on 1.78.1 fixed in 1.84 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-14813 | MEDIUM6.38 | org.bouncycastle:bcprov-jdk18on 1.78.1 fixed in 1.80.2, 1.81.1, 1.84 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-66566 | MEDIUM6.38 | org.lz4:lz4-java 1.8.0 No fix yet | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-3833 | MEDIUM6.29 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42011 | MEDIUM6.29 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-37731 | MEDIUM6.29 | org.elasticsearch:elasticsearch 8.17.8 fixed in 8.19.8, 9.1.8, 9.2.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42012 | MEDIUM6.03 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-33871 | MEDIUM6 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.1.132.Final, 4.2.11.Final | 1.1% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2026-4878 | MEDIUM5.95 | libcap2 1:2.66-5ubuntu2.2 fixed in 1:2.66-5ubuntu2.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-2236 | MEDIUM5.9 | libgcrypt20 1.10.3-2build1 No fix yet | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2025-13151 | MEDIUM5.9 | libtasn1-6 4.19.0-3ubuntu0.24.04.1 fixed in 4.19.0-3ubuntu0.24.04.2 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-45673 | MEDIUM5.78 | io.netty:netty-resolver-dns 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42014 | MEDIUM5.61 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-9230 | MEDIUM5.6 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.6 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2026-42013 | MEDIUM5.58 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.4% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-4437 | MEDIUM5.52 | libc-bin 2.39-0ubuntu8.5 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-6238 | MEDIUM5.52 | libc-bin 2.39-0ubuntu8.5 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-4437 | MEDIUM5.52 | libc6 2.39-0ubuntu8.5 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-6238 | MEDIUM5.52 | libc6 2.39-0ubuntu8.5 No fix yet | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-67735 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.8.Final, 4.1.129.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-41417 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.1.133.Final, 4.2.13.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42580 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-0636 | MEDIUM5.52 | org.bouncycastle:bcprov-jdk18on 1.78.1 fixed in 1.84 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-68384 | MEDIUM5.52 | org.elasticsearch.plugin:x-pack-security 8.17.8 fixed in 8.19.9, 9.1.9, 9.2.3 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-12183 | MEDIUM5.52 | org.lz4:lz4-java 1.8.0 fixed in 1.8.1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-40225 | MEDIUM5.44 | libsystemd0 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.14 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-40226 | MEDIUM5.44 | libsystemd0 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.16 | <0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-40225 | MEDIUM5.44 | libudev1 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.14 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-40226 | MEDIUM5.44 | libudev1 255.4-1ubuntu8.10 fixed in 255.4-1ubuntu8.16 | <0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-0964 | MEDIUM5.35 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-13757 | MEDIUM5.27 | libp11-kit0 0.25.3-4ubuntu2.1 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-13757 | MEDIUM5.27 | p11-kit-modules 0.25.3-4ubuntu2.1 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-22227 | MEDIUM5.18 | io.projectreactor.netty:reactor-netty-http 1.0.45 fixed in 1.3.0-M5, 1.2.8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-15281 | MEDIUM5.02 | libc-bin 2.39-0ubuntu8.5 fixed in 2.39-0ubuntu8.7 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | libc-bin 2.39-0ubuntu8.5 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-15281 | MEDIUM5.02 | libc6 2.39-0ubuntu8.5 fixed in 2.39-0ubuntu8.7 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-5435 | MEDIUM5.02 | libc6 2.39-0ubuntu8.5 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34477 | MEDIUM5.02 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34477 | MEDIUM5.02 | org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-37727 | MEDIUM4.84 | org.elasticsearch:elasticsearch 8.17.8 fixed in 8.18.8, 8.19.5, 9.0.8, 9.1.5 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-0967 | MEDIUM4.67 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-27171 | MEDIUM4.67 | zlib1g 1:1.3.dfsg-3.1ubuntu2.1 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-0915 | MEDIUM4.5 | libc-bin 2.39-0ubuntu8.5 fixed in 2.39-0ubuntu8.7 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc-bin 2.39-0ubuntu8.5 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-0915 | MEDIUM4.5 | libc6 2.39-0ubuntu8.5 fixed in 2.39-0ubuntu8.7 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-4046 | MEDIUM4.5 | libc6 2.39-0ubuntu8.5 No fix yet | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-14831 | MEDIUM4.5 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.5 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42015 | MEDIUM4.5 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-34743 | MEDIUM4.5 | liblzma5 5.6.1+really5.4.5-1ubuntu0.2 fixed in 5.6.1+really5.4.5-1ubuntu0.3 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-54514 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-54515 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.15.0 fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-50020 | MEDIUM4.5 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-47244 | MEDIUM4.5 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-50560 | MEDIUM4.5 | io.netty:netty-codec-http2 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-8885 | MEDIUM4.5 | org.bouncycastle:bc-fips 1.0.2.5 fixed in 1.0.2.6, 2.0.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-8916 | MEDIUM4.5 | org.bouncycastle:bcpkix-jdk18on 1.78.1 fixed in 1.79 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-31672 | MEDIUM4.4 | org.apache.poi:poi-ooxml 5.2.5 fixed in 5.4.0 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-68390 | MEDIUM4.17 | org.elasticsearch.plugin:x-pack-core 8.17.8 fixed in 8.19.8, 9.1.8, 9.2.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-8286 | MEDIUM4.13 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-15079 | MEDIUM4.13 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-8286 | MEDIUM4.13 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | MEDIUM4.13 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-68161 | MEDIUM4.08 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.3 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-68161 | MEDIUM4.08 | org.apache.logging.log4j:log4j-core 2.19.0 fixed in 2.25.3 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15467 | MEDIUM4.06 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2025-15467 | MEDIUM4.06 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2026-27456 | MEDIUM4 | libblkid1 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libmount1 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libsmartcols1 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-8114 | MEDIUM4 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-68160 | MEDIUM4 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27456 | MEDIUM4 | libuuid1 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-69720 | LOW3.98 | ncurses-bin 6.4+20240113-1ubuntu2 fixed in 6.4+20240113-1ubuntu2.1 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-8927 | LOW3.82 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-5773 | LOW3.82 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-6276 | LOW3.82 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-41992 | LOW3.82 | gzip 1.12-1ubuntu3.1 fixed in 1.12-1ubuntu3.2 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-8927 | LOW3.82 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-5773 | LOW3.82 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-6276 | LOW3.82 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-69421 | LOW3.82 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW3.82 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28390 | LOW3.82 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-9547 | LOW3.77 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-9547 | LOW3.77 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-34182 | LOW3.77 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-69419 | LOW3.77 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-48924 | LOW3.7 | org.apache.commons:commons-lang3 3.14.0 fixed in 3.18.0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-48924 | LOW3.7 | org.apache.commons:commons-lang3 3.9 fixed in 3.18.0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-68973 | LOW3.57 | gpgv 2.4.4-2ubuntu17.3 fixed in 2.4.4-2ubuntu17.4 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-8058 | LOW3.57 | libc-bin 2.39-0ubuntu8.5 fixed in 2.39-0ubuntu8.6 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-8058 | LOW3.57 | libc6 2.39-0ubuntu8.5 fixed in 2.39-0ubuntu8.6 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42010 | LOW3.53 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-1965 | LOW3.47 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-14819 | LOW3.47 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-1965 | LOW3.47 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-14819 | LOW3.47 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2026-4438 | LOW3.4 | libc-bin 2.39-0ubuntu8.5 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-4438 | LOW3.4 | libc6 2.39-0ubuntu8.5 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-9820 | LOW3.4 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.5 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW3.4 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-9230 | LOW3.36 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.6 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-5545 | LOW3.31 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6429 | LOW3.31 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-14524 | LOW3.31 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-3784 | LOW3.31 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-8924 | LOW3.31 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-5545 | LOW3.31 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-6429 | LOW3.31 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-14524 | LOW3.31 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-3784 | LOW3.31 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-8924 | LOW3.31 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-5958 | LOW3.21 | sed 4.9-2build1 fixed in 4.9-2ubuntu0.24.04.1 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-13757 | LOW3.16 | p11-kit 0.25.3-4ubuntu2.1 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-3832 | LOW3.15 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-5419 | LOW3.15 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-45674 | LOW3.06 | io.netty:netty-resolver-dns 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-47691 | LOW3.06 | io.netty:netty-resolver-dns 4.1.118.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-31790 | LOW3.01 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 1.0% Theoretical Threat | Post-Exploit |
| CVE-2025-69420 | LOW3.01 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-22796 | LOW3.01 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-42770 | LOW3.01 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-9076 | LOW3.01 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-40909 | LOW3.01 | perl-base 5.38.2-3.2ubuntu0.1 fixed in 5.38.2-3.2ubuntu0.2 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-8376 | LOW3 | perl-base 5.38.2-3.2ubuntu0.1 fixed in 5.38.2-3.2ubuntu0.3 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-8925 | LOW2.92 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-8925 | LOW2.92 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-3783 | LOW2.91 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-3783 | LOW2.91 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-45582 | LOW2.86 | tar 1.35+dfsg-3build1 fixed in 1.35+dfsg-3ubuntu0.2 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-22795 | LOW2.8 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-7383 | LOW2.8 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-5704 | LOW2.8 | tar 1.35+dfsg-3build1 fixed in 1.35+dfsg-3ubuntu0.1 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-0965 | LOW2.8 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40228 | LOW2.8 | libsystemd0 255.4-1ubuntu8.10 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40228 | LOW2.8 | libudev1 255.4-1ubuntu8.10 No fix yet | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-33845 | LOW2.78 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42496 | LOW2.78 | perl-base 5.38.2-3.2ubuntu0.1 fixed in 5.38.2-3.2ubuntu0.3 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-42579 | LOW2.78 | io.netty:netty-codec-dns 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 1.0% Theoretical Threat | Post-Exploit |
| CVE-2026-42584 | LOW2.78 | io.netty:netty-codec-http 4.1.118.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-33846 | LOW2.7 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 1.3% Low-Moderate Risk | Post-Exploit |
| CVE-2026-42009 | LOW2.7 | libgnutls30t64 3.8.3-1.1ubuntu3.4 fixed in 3.8.3-1.1ubuntu3.6 | 1.3% Low-Moderate Risk | Post-Exploit |
| CVE-2026-28388 | LOW2.7 | libssl3t64 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-28388 | LOW2.7 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.9 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-6253 | LOW2.7 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-7168 | LOW2.7 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-4873 | LOW2.7 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-6253 | LOW2.7 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-7168 | LOW2.7 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-4873 | LOW2.7 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.9 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-42766 | LOW2.7 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-42767 | LOW2.7 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-0968 | LOW2.63 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-8277 | LOW2.63 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | LOW2.55 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-0966 | LOW2.51 | libssh-4 0.10.6-2ubuntu0.1 fixed in 0.10.6-2ubuntu0.3 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2025-15079 | LOW2.48 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-14017 | LOW2.45 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-10148 | LOW2.45 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-14017 | LOW2.45 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-10148 | LOW2.45 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | bsdutils 1:2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-15224 | LOW2.4 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-10536 | LOW2.4 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.11 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-41991 | LOW2.4 | gzip 1.12-1ubuntu3.1 fixed in 1.12-1ubuntu3.2 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-15224 | LOW2.4 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.7 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-10536 | LOW2.4 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.11 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | mount 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-68160 | LOW2.4 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-27456 | LOW2.4 | util-linux 2.39.3-9ubuntu6.3 No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-69418 | LOW2.04 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.7 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-45446 | LOW1.89 | openssl 3.0.13-0ubuntu3.5 fixed in 3.0.13-0ubuntu3.11 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2024-56433 | LOW1.84 | login 1:4.13+dfsg1-4ubuntu3.2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2024-56433 | LOW1.84 | passwd 1:4.13+dfsg1-4ubuntu3.2 No fix yet | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-69720 | NONE0 | libncursesw6 6.4+20240113-1ubuntu2 fixed in 6.4+20240113-1ubuntu2.1 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2025-69720 | NONE0 | libtinfo6 6.4+20240113-1ubuntu2 fixed in 6.4+20240113-1ubuntu2.1 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2025-69720 | NONE0 | ncurses-base 6.4+20240113-1ubuntu2 fixed in 6.4+20240113-1ubuntu2.1 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2024-10963 | NONE0 | libpam-modules 1.5.3-5ubuntu5.4 fixed in 1.5.3-5ubuntu5.5 | 0.8% Theoretical Threat | Not Applicable |
| CVE-2024-10963 | NONE0 | libpam-modules-bin 1.5.3-5ubuntu5.4 fixed in 1.5.3-5ubuntu5.5 | 0.8% Theoretical Threat | Not Applicable |
| CVE-2024-10963 | NONE0 | libpam-runtime 1.5.3-5ubuntu5.4 fixed in 1.5.3-5ubuntu5.5 | 0.8% Theoretical Threat | Not Applicable |
| CVE-2024-10963 | NONE0 | libpam0g 1.5.3-5ubuntu5.4 fixed in 1.5.3-5ubuntu5.5 | 0.8% Theoretical Threat | Not Applicable |
| CVE-2025-0167 | NONE0 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.7% Theoretical Threat | Not Applicable |
| CVE-2026-8458 | NONE0 | curl 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2026-2219 | NONE0 | dpkg 1.22.6ubuntu6.1 fixed in 1.22.6ubuntu6.6 | 0.4% Theoretical Threat | Not Applicable |
| CVE-2025-6297 | NONE0 | dpkg 1.22.6ubuntu6.1 fixed in 1.22.6ubuntu6.5 | 0.3% Theoretical Threat | Not Applicable |
| CVE-2025-0167 | NONE0 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.8 | 0.7% Theoretical Threat | Not Applicable |
| CVE-2026-8458 | NONE0 | libcurl4t64 8.5.0-2ubuntu10.6 fixed in 8.5.0-2ubuntu10.10 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2026-58055 | NONE0 | libnghttp2-14 1.59.0-1ubuntu0.2 fixed in 1.59.0-1ubuntu0.4 | 0.2% Theoretical Threat | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.15.0 fixed in 2.21.1, 2.18.6 | — | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.17.2 fixed in 2.21.1, 2.18.6 | — | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.