Vulnerability Reportelasticsearch:8.5.1

elasticsearch:8.5.1
DIGESTsha256:42b0e010a68cdbf951f273a4cc2320924d0873a6e13da7988c362f2f2e619f26

Executive Summary

Last scanned:

Threat Score
100/100DANGEROUS
Reputation
TRUSTED

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker can exploit unauthenticated XXE (CVE-2025-66516) in Apache Tika to read sensitive files or perform SSRF, and trigger denial of service via the search API (CVE-2023-31419). Disabling the ingest-attachment plugin would remove the Tika attack surface, but the stack overflow remains exposed to any network client. Without immediate remediation, the service is highly likely to be compromised.

Vulnerabilities

Vulnerability Log

377 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2025-66516CRITICAL10
org.apache.tika:tika-core
2.4.0
fixed in 3.2.2
79.8%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2025-66516CRITICAL10
org.apache.tika:tika-parser-pdf-module
2.4.0
fixed in 3.2.2
79.8%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2023-31419CRITICAL9.75
org.elasticsearch:elasticsearch
8.5.1
fixed in 7.17.13, 8.9.1
60.7%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2023-0286CRITICAL9.62
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.17
59.5%
Actively Exploited
Directly Exposed
CVE-2025-54988CRITICAL9.4
org.apache.tika:tika-parser-pdf-module
2.4.0
fixed in 3.2.2
3.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libasn1-8-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.2
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libgssapi3-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libhcrypto4-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libheimbase1-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libheimntlm0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libhx509-5-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.2
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libkrb5-26-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.2
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.2
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libroken18-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libwind0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-36222HIGH8.62
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.3
10.3%
High Exploitation Risk
Directly Exposed
CVE-2021-36222HIGH8.62
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.3
10.3%
High Exploitation Risk
Directly Exposed
CVE-2021-36222HIGH8.62
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.3
10.3%
High Exploitation Risk
Directly Exposed
CVE-2021-36222HIGH8.62
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.3
10.3%
High Exploitation Risk
Directly Exposed
CVE-2022-4450HIGH8.62
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.17
20.4%
High Exploitation Risk
Directly Exposed
CVE-2022-40152HIGH8.62
com.fasterxml.woodstox:woodstox-core
6.2.7
fixed in 6.4.0, 5.4.0
19.7%
High Exploitation Risk
Directly Exposed
CVE-2021-40690HIGH8.62
org.apache.santuario:xmlsec
2.1.4
fixed in 2.2.3, 2.1.7
10.4%
High Exploitation Risk
Directly Exposed
CVE-2026-45674HIGH8.5
io.netty:netty-resolver-dns
4.1.77.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-47691HIGH8.5
io.netty:netty-resolver-dns
4.1.77.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-2650HIGH8.45
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.19
73.5%
Actively Exploited
Directly Exposed
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-2961HIGH8
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.15
88.3%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2024-2961HIGH8
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.15
88.3%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2023-44487HIGH7.8
libnghttp2-14
1.40.0-1build1
fixed in 1.40.0-1ubuntu0.2
100.0%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2026-42579HIGH7.73
io.netty:netty-codec-dns
4.1.77.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-42584HIGH7.73
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.7%
Theoretical Threat
Directly Exposed
CVE-2023-48795HIGH7.67
libssh-4
0.9.3-2ubuntu2.2
fixed in 0.9.3-2ubuntu2.4
93.3%
Actively Exploited
Directly Exposed
CVE-2024-33599HIGH7.6
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-33599HIGH7.6
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-44758HIGH7.5
libasn1-8-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-0553HIGH7.5
libgnutls30
3.6.13-2ubuntu1.7
fixed in 3.6.13-2ubuntu1.10
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2021-44758HIGH7.5
libgssapi3-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-44758HIGH7.5
libhcrypto4-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-44758HIGH7.5
libheimbase1-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-44758HIGH7.5
libheimntlm0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-44758HIGH7.5
libhx509-5-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-44758HIGH7.5
libkrb5-26-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-2953HIGH7.5
libldap-2.4-2
2.4.49+dfsg-2ubuntu1.9
fixed in 2.4.49+dfsg-2ubuntu1.10
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2023-2953HIGH7.5
libldap-common
2.4.49+dfsg-2ubuntu1.9
fixed in 2.4.49+dfsg-2ubuntu1.10
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-11080HIGH7.5
libnghttp2-14
1.40.0-1build1
fixed in 1.40.0-1ubuntu0.1
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-44758HIGH7.5
libroken18-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-0215HIGH7.5
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.17
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-0464HIGH7.5
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.18
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-44758HIGH7.5
libwind0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.13.1
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.13.1
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.13.1
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.13.2.2
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.13.2.2
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.13.3
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.13.3
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
3.16.1
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-3171HIGH7.5
com.google.protobuf:protobuf-java
3.16.1
fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
3.21.1
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-3171HIGH7.5
com.google.protobuf:protobuf-java
3.21.1
fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-33871HIGH7.5
io.netty:netty-codec-http2
4.1.77.Final
fixed in 4.1.132.Final, 4.2.11.Final
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-34062HIGH7.5
io.projectreactor.netty:reactor-netty-http
1.0.15
fixed in 1.1.13, 1.0.39
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-31684HIGH7.5
net.minidev:json-smart
1.3.2
fixed in 1.3.3, 2.4.4
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-1370HIGH7.5
net.minidev:json-smart
1.3.2
fixed in 2.4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-31684HIGH7.5
net.minidev:json-smart
2.4.2
fixed in 1.3.3, 2.4.4
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-1370HIGH7.5
net.minidev:json-smart
2.4.2
fixed in 2.4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-31418HIGH7.5
org.elasticsearch:elasticsearch
8.5.1
fixed in 7.17.13, 8.9.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-0361HIGH7.4
libgnutls30
3.6.13-2ubuntu1.7
fixed in 3.6.13-2ubuntu1.8
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-7104HIGH7.3
libsqlite3-0
3.31.1-4ubuntu0.5
fixed in 3.31.1-4ubuntu0.6
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28182MEDIUM6.89
libnghttp2-14
1.40.0-1build1
fixed in 1.40.0-1ubuntu0.3
85.0%
Actively Exploited
Directly Exposed
CVE-2026-54512MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.13.1
fixed in 2.18.8, 3.1.4, 2.21.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54513MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.13.1
fixed in 2.18.8, 2.21.4, 3.1.4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-54512MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.13.2.2
fixed in 2.18.8, 3.1.4, 2.21.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54513MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.13.2.2
fixed in 2.18.8, 2.21.4, 3.1.4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-54512MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.13.3
fixed in 2.18.8, 3.1.4, 2.21.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54513MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.13.3
fixed in 2.18.8, 2.21.4, 3.1.4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.1.77.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-4304MEDIUM6.79
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.17
16.2%
High Exploitation Risk
Directly Exposed
CVE-2022-3437MEDIUM6.5
libasn1-8-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37750MEDIUM6.5
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.3
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-36054MEDIUM6.5
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-3437MEDIUM6.5
libgssapi3-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-3437MEDIUM6.5
libhcrypto4-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-3437MEDIUM6.5
libheimbase1-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-3437MEDIUM6.5
libheimntlm0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-3437MEDIUM6.5
libhx509-5-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37750MEDIUM6.5
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.3
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-36054MEDIUM6.5
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-3437MEDIUM6.5
libkrb5-26-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37750MEDIUM6.5
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.3
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-36054MEDIUM6.5
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-37750MEDIUM6.5
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.3
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-36054MEDIUM6.5
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-3437MEDIUM6.5
libroken18-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-1667MEDIUM6.5
libssh-4
0.9.3-2ubuntu2.2
fixed in 0.9.3-2ubuntu2.3
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-2283MEDIUM6.5
libssh-4
0.9.3-2ubuntu2.2
fixed in 0.9.3-2ubuntu2.3
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-3437MEDIUM6.5
libwind0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-34462MEDIUM6.5
io.netty:netty-handler
4.1.77.Final
fixed in 4.1.94.Final
2.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-44483MEDIUM6.5
org.apache.santuario:xmlsec
2.1.4
fixed in 2.3.4, 2.2.6, 3.0.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-29857MEDIUM6.5
org.bouncycastle:bc-fips
1.0.2
fixed in 1.0.2.5
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-23491MEDIUM6.38
ca-certificates
20211016~20.04.1
fixed in 20211016ubuntu0.20.04.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-41916MEDIUM6.38
libasn1-8-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45142MEDIUM6.38
libasn1-8-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2022-41916MEDIUM6.38
libgssapi3-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45142MEDIUM6.38
libgssapi3-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-41916MEDIUM6.38
libhcrypto4-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45142MEDIUM6.38
libhcrypto4-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-41916MEDIUM6.38
libheimbase1-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45142MEDIUM6.38
libheimbase1-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-41916MEDIUM6.38
libheimntlm0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45142MEDIUM6.38
libheimntlm0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-41916MEDIUM6.38
libhx509-5-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45142MEDIUM6.38
libhx509-5-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2022-41916MEDIUM6.38
libkrb5-26-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45142MEDIUM6.38
libkrb5-26-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2022-41916MEDIUM6.38
libroken18-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45142MEDIUM6.38
libroken18-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-41916MEDIUM6.38
libwind0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45142MEDIUM6.38
libwind0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.13.1
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.13.2
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.13.3
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-50193MEDIUM6.38
com.fasterxml.jackson.core:jackson-databind
2.13.1
fixed in 2.14.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-50193MEDIUM6.38
com.fasterxml.jackson.core:jackson-databind
2.13.2.2
fixed in 2.14.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-50193MEDIUM6.38
com.fasterxml.jackson.core:jackson-databind
2.13.3
fixed in 2.14.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-3509MEDIUM6.38
com.google.protobuf:protobuf-java
3.16.1
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-3510MEDIUM6.38
com.google.protobuf:protobuf-java
3.16.1
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-3509MEDIUM6.38
com.google.protobuf:protobuf-java
3.21.1
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-3510MEDIUM6.38
com.google.protobuf:protobuf-java
3.21.1
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-52428MEDIUM6.38
com.nimbusds:nimbus-jose-jwt
9.8.1
fixed in 9.37.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-7962MEDIUM6.38
com.sun.mail:jakarta.mail
1.6.3
fixed in 1.6.8, 2.0.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-7962MEDIUM6.38
com.sun.mail:jakarta.mail
1.6.4
fixed in 1.6.8, 2.0.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-42583MEDIUM6.38
io.netty:netty-codec
4.1.77.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58057MEDIUM6.38
io.netty:netty-codec
4.1.77.Final
fixed in 4.1.125.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.1.132.Final, 4.2.10.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-58056MEDIUM6.38
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.1.125.Final, 4.2.5.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-55163MEDIUM6.38
io.netty:netty-codec-http2
4.1.77.Final
fixed in 4.2.4.Final, 4.1.124.Final
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http2
4.1.77.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-48043MEDIUM6.38
io.netty:netty-codec-http2
4.1.77.Final
fixed in 4.1.135.Final, 4.2.15.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.77.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.77.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42578MEDIUM6.38
io.netty:netty-handler-proxy
4.1.77.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-45292MEDIUM6.38
io.opentelemetry:opentelemetry-api
1.17.0
fixed in 1.62.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-34054MEDIUM6.38
io.projectreactor.netty:reactor-netty-core
1.0.15
fixed in 1.1.13, 1.0.39
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-34479MEDIUM6.38
org.apache.logging.log4j:log4j-1.2-api
2.18.0
fixed in 2.25.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.18.0
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-5588MEDIUM6.38
org.bouncycastle:bcpkix-jdk15on
1.64
fixed in 1.84
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-46673MEDIUM6.38
org.elasticsearch:elasticsearch
8.5.1
fixed in 7.17.14, 8.10.3
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-23444MEDIUM6.38
org.elasticsearch:elasticsearch
8.5.1
fixed in 8.13.0, 7.17.23
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-23450MEDIUM6.38
org.elasticsearch:elasticsearch
8.5.1
fixed in 7.17.19, 8.13.0
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-43709MEDIUM6.38
org.elasticsearch:elasticsearch
8.5.1
fixed in 7.17.21, 8.13.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-52979MEDIUM6.38
org.elasticsearch:elasticsearch
8.5.1
fixed in 7.17.25, 8.16.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-52981MEDIUM6.38
org.elasticsearch:elasticsearch
8.5.1
fixed in 7.17.24, 8.15.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-66566MEDIUM6.38
org.lz4:lz4-java
1.8.0
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-37731MEDIUM6.29
org.elasticsearch:elasticsearch
8.5.1
fixed in 8.19.8, 9.1.8, 9.2.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
27.1-jre
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
28.2-jre
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
30.1.1-jre
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-4802MEDIUM5.95
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.18
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-4802MEDIUM5.95
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.18
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-4806MEDIUM5.9
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.14
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-4813MEDIUM5.9
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.14
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-4806MEDIUM5.9
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.14
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-4813MEDIUM5.9
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.14
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-5981MEDIUM5.9
libgnutls30
3.6.13-2ubuntu1.7
fixed in 3.6.13-2ubuntu1.9
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-5535MEDIUM5.9
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.23
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-15522MEDIUM5.9
org.bouncycastle:bc-fips
1.0.2
fixed in 1.0.2.1
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2026-45673MEDIUM5.78
io.netty:netty-resolver-dns
4.1.77.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-4741MEDIUM5.6
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.23
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2025-24528MEDIUM5.52
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-67735MEDIUM5.52
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.2.8.Final, 4.1.129.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-68384MEDIUM5.52
org.elasticsearch.plugin:x-pack-security
8.5.1
fixed in 8.19.9, 9.1.9, 9.2.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-49921MEDIUM5.52
org.elasticsearch:elasticsearch
8.5.1
fixed in 7.17.16, 8.11.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-12183MEDIUM5.52
org.lz4:lz4-java
1.8.0
fixed in 1.8.1
0.6%
Theoretical Threat
Directly Exposed
CVE-2021-29425MEDIUM5.52
commons-io:commons-io
2.5
fixed in 2.7
10.6%
High Exploitation Risk
Directly Exposed
CVE-2024-0727MEDIUM5.5
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.21
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-33600MEDIUM5.3
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-33600MEDIUM5.3
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-12243MEDIUM5.3
libgnutls30
3.6.13-2ubuntu1.7
fixed in 3.6.13-2ubuntu1.12
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-6918MEDIUM5.3
libssh-4
0.9.3-2ubuntu2.2
fixed in 0.9.3-2ubuntu2.5
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-0465MEDIUM5.3
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.18
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-0466MEDIUM5.3
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.18
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-3446MEDIUM5.3
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.20
5.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-3817MEDIUM5.3
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.20
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-5678MEDIUM5.3
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.21
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-12133MEDIUM5.3
libtasn1-6
4.16.0-2
fixed in 4.16.0-2ubuntu0.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-29025MEDIUM5.3
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.1.108.Final
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-21742MEDIUM5.3
org.apache.james:apache-mime4j-core
0.8.5
fixed in 0.8.10
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2025-22227MEDIUM5.18
io.projectreactor.netty:reactor-netty-http
1.0.15
fixed in 1.3.0-M5, 1.2.8
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.18.0
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-53864MEDIUM4.93
com.nimbusds:nimbus-jose-jwt
9.8.1
fixed in 10.0.2, 9.37.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-37727MEDIUM4.84
org.elasticsearch:elasticsearch
8.5.1
fixed in 8.18.8, 8.19.5, 9.0.8, 9.1.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-2511MEDIUM4.81
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.23
54.0%
Actively Exploited
Directly Exposed
CVE-2025-0395MEDIUM4.67
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.17
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-0395MEDIUM4.67
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.17
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-29088MEDIUM4.67
libsqlite3-0
3.31.1-4ubuntu0.5
fixed in 3.31.1-4ubuntu0.7
0.2%
Theoretical Threat
Directly Exposed
CVE-2022-3821MEDIUM4.67
libsystemd0
245.4-4ubuntu3.18
fixed in 245.4-4ubuntu3.20
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-4415MEDIUM4.67
libsystemd0
245.4-4ubuntu3.18
fixed in 245.4-4ubuntu3.20
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-47535MEDIUM4.67
io.netty:netty-common
4.1.77.Final
fixed in 4.1.115.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-25193MEDIUM4.67
io.netty:netty-common
4.1.77.Final
fixed in 4.1.118.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-25710MEDIUM4.67
org.apache.commons:commons-compress
1.21
fixed in 1.26.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-26308MEDIUM4.67
org.apache.commons:commons-compress
1.21
fixed in 1.26.0
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45146MEDIUM4.67
org.bouncycastle:bc-fips
1.0.2
fixed in 1.0.2.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-1471MEDIUM4.58
org.yaml:snakeyaml
1.33
fixed in 2.0
99.6%
Actively Exploited
Post-Exploit
CVE-2023-0215MEDIUM4.5
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.17
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-0464MEDIUM4.5
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.18
3.7%
Low-Moderate Risk
Post-Exploit
CVE-2024-28834MEDIUM4.5
libgnutls30
3.6.13-2ubuntu1.7
fixed in 3.6.13-2ubuntu1.11
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-54514MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.13.1
fixed in 2.18.8, 2.21.4, 3.1.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-54515MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.13.1
fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-54514MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.13.2.2
fixed in 2.18.8, 2.21.4, 3.1.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-54515MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.13.2.2
fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-54514MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.13.3
fixed in 2.18.8, 2.21.4, 3.1.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-54515MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.13.3
fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.1.77.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-47244MEDIUM4.5
io.netty:netty-codec-http2
4.1.77.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50560MEDIUM4.5
io.netty:netty-codec-http2
4.1.77.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-8885MEDIUM4.5
org.bouncycastle:bc-fips
1.0.2
fixed in 1.0.2.6, 2.0.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-8916MEDIUM4.5
org.bouncycastle:bcpkix-jdk15on
1.64
fixed in 1.79
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-23449MEDIUM4.5
org.elasticsearch:elasticsearch
8.5.1
fixed in 8.11.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-7264MEDIUM4.48
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.23
17.3%
High Exploitation Risk
Post-Exploit
CVE-2024-7264MEDIUM4.48
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.23
17.3%
High Exploitation Risk
Post-Exploit
CVE-2024-28085MEDIUM4.4
libblkid1
2.34-0.1ubuntu9.3
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libfdisk1
2.34-0.1ubuntu9.3
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libmount1
2.34-0.1ubuntu9.3
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libsmartcols1
2.34-0.1ubuntu9.3
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libuuid1
2.34-0.1ubuntu9.3
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-31672MEDIUM4.4
org.apache.poi:poi-ooxml
5.2.2
fixed in 5.4.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-47554MEDIUM4.3
commons-io:commons-io
2.11.0
fixed in 2.14.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-47554MEDIUM4.3
commons-io:commons-io
2.5
fixed in 2.14.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-68390MEDIUM4.17
org.elasticsearch.plugin:x-pack-core
8.5.1
fixed in 8.19.8, 9.1.8, 9.2.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-6004MEDIUM4.08
libssh-4
0.9.3-2ubuntu2.2
fixed in 0.9.3-2ubuntu2.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.18.0
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2022-4304MEDIUM4.07
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.17
16.2%
High Exploitation Risk
Post-Exploit
CVE-2024-13176MEDIUM4
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.24
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-33601MEDIUM4
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-33601MEDIUM4
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-47038LOW3.98
perl-base
5.30.0-9ubuntu0.3
fixed in 5.30.0-9ubuntu0.5
0.8%
Theoretical Threat
Post-Exploit
CVE-2023-23916LOW3.9
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.16
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-46218LOW3.9
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.21
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-23916LOW3.9
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.16
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-46218LOW3.9
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.21
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-31417LOW3.74
org.elasticsearch:elasticsearch
8.5.1
fixed in 7.17.13, 8.9.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-3596LOW3.73
libgssapi-krb5-2
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-3596LOW3.73
libk5crypto3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-3596LOW3.73
libkrb5-3
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-3596LOW3.73
libkrb5support0
1.17-6ubuntu4.1
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-9143LOW3.7
libssl1.1
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.24
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.9
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-31684LOW3.65
io.projectreactor.netty:reactor-netty-http
1.0.15
fixed in 1.0.24
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-43552LOW3.54
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.15
2.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-27535LOW3.54
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.18
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-27536LOW3.54
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.18
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-28321LOW3.54
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.19
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2024-11053LOW3.54
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.25
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2022-43552LOW3.54
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.15
2.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-27535LOW3.54
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.18
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-27536LOW3.54
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.18
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-28321LOW3.54
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.19
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2024-11053LOW3.54
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.25
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-5535LOW3.54
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.23
5.6%
Low-Moderate Risk
Post-Exploit
CVE-2022-44640LOW3.53
libasn1-8-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2022-44640LOW3.53
libgssapi3-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2022-44640LOW3.53
libhcrypto4-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2022-44640LOW3.53
libheimbase1-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2022-44640LOW3.53
libheimntlm0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2022-44640LOW3.53
libhx509-5-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2022-44640LOW3.53
libkrb5-26-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2022-44640LOW3.53
libroken18-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2022-44640LOW3.53
libwind0-heimdal
7.7.0+dfsg-1ubuntu1.1
fixed in 7.7.0+dfsg-1ubuntu1.3
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2023-0286LOW3.46
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.17
59.5%
Actively Exploited
Post-Exploit
CVE-2024-33602LOW3.4
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-33602LOW3.4
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-4741LOW3.36
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.23
2.9%
Low-Moderate Risk
Post-Exploit
CVE-2024-8096LOW3.31
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.24
0.7%
Theoretical Threat
Post-Exploit
CVE-2024-8096LOW3.31
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.24
0.7%
Theoretical Threat
Post-Exploit
CVE-2023-27538LOW3.3
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.18
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-27538LOW3.3
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.18
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-0727LOW3.3
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.21
3.2%
Low-Moderate Risk
Post-Exploit
CVE-2022-48303LOW3.3
tar
1.30+dfsg-7ubuntu0.20.04.2
fixed in 1.30+dfsg-7ubuntu0.20.04.3
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-0465LOW3.18
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.18
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-0466LOW3.18
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.18
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-3446LOW3.18
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.20
5.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-3817LOW3.18
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.20
2.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-5678LOW3.18
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.21
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-27533LOW3.17
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.18
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2023-27534LOW3.17
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.18
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-27533LOW3.17
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.18
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2023-27534LOW3.17
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.18
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-2398LOW3.1
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.22
36.1%
High Exploitation Risk
Post-Exploit
CVE-2024-2398LOW3.1
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.22
36.1%
High Exploitation Risk
Post-Exploit
CVE-2022-4450LOW3.1
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.17
20.4%
High Exploitation Risk
Post-Exploit
CVE-2023-2650LOW3.04
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.19
73.5%
Actively Exploited
Post-Exploit
CVE-2023-31484LOW2.92
perl-base
5.30.0-9ubuntu0.3
fixed in 5.30.0-9ubuntu0.4
1.5%
Low-Moderate Risk
Post-Exploit
CVE-2024-2511LOW2.89
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.23
54.0%
Actively Exploited
Post-Exploit
CVE-2023-4641LOW2.8
passwd
1:4.8.1-1ubuntu5.20.04.2
fixed in 1:4.8.1-1ubuntu5.20.04.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2023-4016LOW2.8
libprocps8
2:3.3.16-1ubuntu2.3
fixed in 2:3.3.16-1ubuntu2.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
27.1-jre
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
28.2-jre
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
30.1.1-jre
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2024-28085LOW2.64
bsdutils
1:2.34-0.1ubuntu9.3
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
fdisk
2.34-0.1ubuntu9.3
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
mount
2.34-0.1ubuntu9.3
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
util-linux
2.34-0.1ubuntu9.3
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2025-30258LOW2.4
gpgv
2.2.19-3ubuntu2.2
fixed in 2.2.19-3ubuntu2.4
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-13176LOW2.4
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.24
0.6%
Theoretical Threat
Post-Exploit
CVE-2023-28322LOW2.22
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.19
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-38546LOW2.22
curl
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.20
6.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-28322LOW2.22
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.19
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-38546LOW2.22
libcurl4
7.68.0-1ubuntu2.14
fixed in 7.68.0-1ubuntu2.20
6.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-9143LOW2.22
openssl
1.1.1f-1ubuntu2.16
fixed in 1.1.1f-1ubuntu2.24
6.0%
Low-Moderate Risk
Post-Exploit
CVE-2023-4016LOW1.68
procps
2:3.3.16-1ubuntu2.3
fixed in 2:3.3.16-1ubuntu2.4
0.2%
Theoretical Threat
Post-Exploit
CVE-2023-39804LOW1.68
tar
1.30+dfsg-7ubuntu0.20.04.2
fixed in 1.30+dfsg-7ubuntu0.20.04.4
0.3%
Theoretical Threat
Post-Exploit
CVE-2022-30187LOW1.61
com.azure:azure-storage-blob
12.16.0
fixed in 12.18.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-28321NONE0
libpam-modules
1.3.1-5ubuntu4.3
fixed in 1.3.1-5ubuntu4.4
1.2%
Low-Moderate Risk
Not Applicable
CVE-2022-28321NONE0
libpam-modules-bin
1.3.1-5ubuntu4.3
fixed in 1.3.1-5ubuntu4.4
1.2%
Low-Moderate Risk
Not Applicable
CVE-2022-28321NONE0
libpam-runtime
1.3.1-5ubuntu4.3
fixed in 1.3.1-5ubuntu4.4
1.2%
Low-Moderate Risk
Not Applicable
CVE-2022-28321NONE0
libpam0g
1.3.1-5ubuntu4.3
fixed in 1.3.1-5ubuntu4.4
1.2%
Low-Moderate Risk
Not Applicable
CVE-2021-39537NONE0
libncurses6
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
3.0%
Low-Moderate Risk
Not Applicable
CVE-2021-39537NONE0
libncursesw6
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
3.0%
Low-Moderate Risk
Not Applicable
CVE-2021-39537NONE0
libtinfo6
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
3.0%
Low-Moderate Risk
Not Applicable
CVE-2021-39537NONE0
ncurses-base
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
3.0%
Low-Moderate Risk
Not Applicable
CVE-2021-39537NONE0
ncurses-bin
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
3.0%
Low-Moderate Risk
Not Applicable
CVE-2023-29491NONE0
libncurses6
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
0.9%
Theoretical Threat
Not Applicable
CVE-2023-29491NONE0
libncursesw6
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
0.9%
Theoretical Threat
Not Applicable
CVE-2023-29491NONE0
libtinfo6
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
0.9%
Theoretical Threat
Not Applicable
CVE-2023-29491NONE0
ncurses-base
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
0.9%
Theoretical Threat
Not Applicable
CVE-2023-29491NONE0
ncurses-bin
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
0.9%
Theoretical Threat
Not Applicable
CVE-2022-29458NONE0
libncurses6
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
1.3%
Low-Moderate Risk
Not Applicable
CVE-2022-29458NONE0
libncursesw6
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
1.3%
Low-Moderate Risk
Not Applicable
CVE-2022-29458NONE0
libtinfo6
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
1.3%
Low-Moderate Risk
Not Applicable
CVE-2022-29458NONE0
ncurses-base
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
1.3%
Low-Moderate Risk
Not Applicable
CVE-2022-29458NONE0
ncurses-bin
6.2-0ubuntu2
fixed in 6.2-0ubuntu2.1
1.3%
Low-Moderate Risk
Not Applicable
CVE-2024-22365NONE0
libpam-modules
1.3.1-5ubuntu4.3
fixed in 1.3.1-5ubuntu4.7
0.5%
Theoretical Threat
Not Applicable
CVE-2024-22365NONE0
libpam-modules-bin
1.3.1-5ubuntu4.3
fixed in 1.3.1-5ubuntu4.7
0.5%
Theoretical Threat
Not Applicable
CVE-2024-22365NONE0
libpam-runtime
1.3.1-5ubuntu4.3
fixed in 1.3.1-5ubuntu4.7
0.5%
Theoretical Threat
Not Applicable
CVE-2024-22365NONE0
libpam0g
1.3.1-5ubuntu4.3
fixed in 1.3.1-5ubuntu4.7
0.5%
Theoretical Threat
Not Applicable
CVE-2022-3821NONE0
libudev1
245.4-4ubuntu3.18
fixed in 245.4-4ubuntu3.20
0.4%
Theoretical Threat
Not Applicable
CVE-2022-4415NONE0
libudev1
245.4-4ubuntu3.18
fixed in 245.4-4ubuntu3.20
0.9%
Theoretical Threat
Not Applicable
CVE-2023-4641NONE0
login
1:4.8.1-1ubuntu5.20.04.2
fixed in 1:4.8.1-1ubuntu5.20.04.5
0.3%
Theoretical Threat
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.13.1
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.13.2
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.13.3
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-xpw8-rcwv-8f8pNONE0
io.netty:netty-codec-http2
4.1.77.Final
fixed in 4.1.100.Final
Not Applicable
CVE-2024-52980NONE0
org.elasticsearch:elasticsearch
8.5.1
fixed in 8.15.1
0.5%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.