Last scanned:
This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could achieve remote code execution via XXE in Tika (CVE-2025-66516) or cause denial of service via HTTP/2 rapid reset (CVE-2023-44487) and the Elasticsearch search API. Disabling the ingest attachment processor fully eliminates the XXE vulnerability, but the sheer volume of high-severity issues (76 with CVSS >= 7.0) makes this image unsafe without comprehensive remediation. Many of these vulnerabilities are remotely exploitable with no authentication required.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2025-66516 | CRITICAL10 | org.apache.tika:tika-core 2.4.0 fixed in 3.2.2 | 79.8% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2025-66516 | CRITICAL10 | org.apache.tika:tika-parser-pdf-module 2.4.0 fixed in 3.2.2 | 79.8% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2023-44487 | CRITICAL9.75 | libnghttp2-14 1.40.0-1build1 fixed in 1.40.0-1ubuntu0.2 | 100.0% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2023-31419 | CRITICAL9.75 | org.elasticsearch:elasticsearch 8.5.2 fixed in 7.17.13, 8.9.1 | 60.7% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2023-0286 | CRITICAL9.62 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 59.5% Actively Exploited | Directly Exposed |
| CVE-2025-54988 | CRITICAL9.4 | org.apache.tika:tika-parser-pdf-module 2.4.0 fixed in 3.2.2 | 3.0% Low-Moderate Risk | Directly Exposed |
| CVE-2024-37371 | CRITICAL9.1 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2024-37371 | CRITICAL9.1 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2024-37371 | CRITICAL9.1 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2024-37371 | CRITICAL9.1 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.2 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.2 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.2 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.2 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2021-36222 | HIGH8.62 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 10.3% High Exploitation Risk | Directly Exposed |
| CVE-2021-36222 | HIGH8.62 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 10.3% High Exploitation Risk | Directly Exposed |
| CVE-2021-36222 | HIGH8.62 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 10.3% High Exploitation Risk | Directly Exposed |
| CVE-2021-36222 | HIGH8.62 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 10.3% High Exploitation Risk | Directly Exposed |
| CVE-2022-4450 | HIGH8.62 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 20.4% High Exploitation Risk | Directly Exposed |
| CVE-2022-40152 | HIGH8.62 | com.fasterxml.woodstox:woodstox-core 6.2.7 fixed in 6.4.0, 5.4.0 | 19.7% High Exploitation Risk | Directly Exposed |
| CVE-2021-40690 | HIGH8.62 | org.apache.santuario:xmlsec 2.1.4 fixed in 2.2.3, 2.1.7 | 10.4% High Exploitation Risk | Directly Exposed |
| CVE-2026-45674 | HIGH8.5 | io.netty:netty-resolver-dns 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-47691 | HIGH8.5 | io.netty:netty-resolver-dns 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2023-2650 | HIGH8.45 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.19 | 73.5% Actively Exploited | Directly Exposed |
| CVE-2026-42581 | HIGH8.33 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2024-2961 | HIGH8 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.15 | 88.3% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2024-2961 | HIGH8 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.15 | 88.3% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2026-42579 | HIGH7.73 | io.netty:netty-codec-dns 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42584 | HIGH7.73 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2023-48795 | HIGH7.67 | libssh-4 0.9.3-2ubuntu2.2 fixed in 0.9.3-2ubuntu2.4 | 93.3% Actively Exploited | Directly Exposed |
| CVE-2024-33599 | HIGH7.6 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33599 | HIGH7.6 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-0553 | HIGH7.5 | libgnutls30 3.6.13-2ubuntu1.7 fixed in 3.6.13-2ubuntu1.10 | 1.6% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-2953 | HIGH7.5 | libldap-2.4-2 2.4.49+dfsg-2ubuntu1.9 fixed in 2.4.49+dfsg-2ubuntu1.10 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2023-2953 | HIGH7.5 | libldap-common 2.4.49+dfsg-2ubuntu1.9 fixed in 2.4.49+dfsg-2ubuntu1.10 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2020-11080 | HIGH7.5 | libnghttp2-14 1.40.0-1build1 fixed in 1.40.0-1ubuntu0.1 | 5.3% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0215 | HIGH7.5 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 4.5% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0464 | HIGH7.5 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2020-36518 | HIGH7.5 | com.fasterxml.jackson.core:jackson-databind 2.13.1 fixed in 2.13.2.1, 2.12.6.1 | 4.9% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42003 | HIGH7.5 | com.fasterxml.jackson.core:jackson-databind 2.13.1 fixed in 2.12.7.1, 2.13.4.2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42004 | HIGH7.5 | com.fasterxml.jackson.core:jackson-databind 2.13.1 fixed in 2.12.7.1, 2.13.4 | 2.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42003 | HIGH7.5 | com.fasterxml.jackson.core:jackson-databind 2.13.2.2 fixed in 2.12.7.1, 2.13.4.2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42004 | HIGH7.5 | com.fasterxml.jackson.core:jackson-databind 2.13.2.2 fixed in 2.12.7.1, 2.13.4 | 2.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42003 | HIGH7.5 | com.fasterxml.jackson.core:jackson-databind 2.13.3 fixed in 2.12.7.1, 2.13.4.2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42004 | HIGH7.5 | com.fasterxml.jackson.core:jackson-databind 2.13.3 fixed in 2.12.7.1, 2.13.4 | 2.7% Low-Moderate Risk | Directly Exposed |
| CVE-2024-7254 | HIGH7.5 | com.google.protobuf:protobuf-java 3.16.1 fixed in 3.25.5, 4.27.5, 4.28.2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3171 | HIGH7.5 | com.google.protobuf:protobuf-java 3.16.1 fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3 | 1.0% Low-Moderate Risk | Directly Exposed |
| CVE-2024-7254 | HIGH7.5 | com.google.protobuf:protobuf-java 3.21.1 fixed in 3.25.5, 4.27.5, 4.28.2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3171 | HIGH7.5 | com.google.protobuf:protobuf-java 3.21.1 fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3 | 1.0% Low-Moderate Risk | Directly Exposed |
| CVE-2026-33871 | HIGH7.5 | io.netty:netty-codec-http2 4.1.77.Final fixed in 4.1.132.Final, 4.2.11.Final | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-34062 | HIGH7.5 | io.projectreactor.netty:reactor-netty-http 1.0.15 fixed in 1.1.13, 1.0.39 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2021-31684 | HIGH7.5 | net.minidev:json-smart 1.3.2 fixed in 1.3.3, 2.4.4 | 2.3% Low-Moderate Risk | Directly Exposed |
| CVE-2023-1370 | HIGH7.5 | net.minidev:json-smart 1.3.2 fixed in 2.4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2021-31684 | HIGH7.5 | net.minidev:json-smart 2.4.2 fixed in 1.3.3, 2.4.4 | 2.3% Low-Moderate Risk | Directly Exposed |
| CVE-2023-1370 | HIGH7.5 | net.minidev:json-smart 2.4.2 fixed in 2.4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-31418 | HIGH7.5 | org.elasticsearch:elasticsearch 8.5.2 fixed in 7.17.13, 8.9.0 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0361 | HIGH7.4 | libgnutls30 3.6.13-2ubuntu1.7 fixed in 3.6.13-2ubuntu1.8 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2023-7104 | HIGH7.3 | libsqlite3-0 3.31.1-4ubuntu0.5 fixed in 3.31.1-4ubuntu0.6 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28182 | MEDIUM6.89 | libnghttp2-14 1.40.0-1build1 fixed in 1.40.0-1ubuntu0.3 | 85.0% Actively Exploited | Directly Exposed |
| CVE-2026-54512 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.13.1 fixed in 2.18.8, 3.1.4, 2.21.4 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-54513 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.13.1 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-54512 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.13.2.2 fixed in 2.18.8, 3.1.4, 2.21.4 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-54513 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.13.2.2 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-54512 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.13.3 fixed in 2.18.8, 3.1.4, 2.21.4 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-54513 | MEDIUM6.88 | com.fasterxml.jackson.core:jackson-databind 2.13.3 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-44249 | MEDIUM6.88 | io.netty:netty-handler 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2022-4304 | MEDIUM6.79 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 16.2% High Exploitation Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2021-37750 | MEDIUM6.5 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2021-37750 | MEDIUM6.5 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2021-37750 | MEDIUM6.5 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2021-37750 | MEDIUM6.5 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-1667 | MEDIUM6.5 | libssh-4 0.9.3-2ubuntu2.2 fixed in 0.9.3-2ubuntu2.3 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2023-2283 | MEDIUM6.5 | libssh-4 0.9.3-2ubuntu2.2 fixed in 0.9.3-2ubuntu2.3 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-34462 | MEDIUM6.5 | io.netty:netty-handler 4.1.77.Final fixed in 4.1.94.Final | 2.5% Low-Moderate Risk | Directly Exposed |
| CVE-2023-44483 | MEDIUM6.5 | org.apache.santuario:xmlsec 2.1.4 fixed in 2.3.4, 2.2.6, 3.0.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-29857 | MEDIUM6.5 | org.bouncycastle:bc-fips 1.0.2 fixed in 1.0.2.5 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-52999 | MEDIUM6.38 | com.fasterxml.jackson.core:jackson-core 2.13.1 fixed in 2.15.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-52999 | MEDIUM6.38 | com.fasterxml.jackson.core:jackson-core 2.13.2 fixed in 2.15.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-52999 | MEDIUM6.38 | com.fasterxml.jackson.core:jackson-core 2.13.3 fixed in 2.15.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-50193 | MEDIUM6.38 | com.fasterxml.jackson.core:jackson-databind 2.13.1 fixed in 2.14.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-50193 | MEDIUM6.38 | com.fasterxml.jackson.core:jackson-databind 2.13.2.2 fixed in 2.14.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-50193 | MEDIUM6.38 | com.fasterxml.jackson.core:jackson-databind 2.13.3 fixed in 2.14.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2022-3509 | MEDIUM6.38 | com.google.protobuf:protobuf-java 3.16.1 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2022-3510 | MEDIUM6.38 | com.google.protobuf:protobuf-java 3.16.1 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-3509 | MEDIUM6.38 | com.google.protobuf:protobuf-java 3.21.1 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2022-3510 | MEDIUM6.38 | com.google.protobuf:protobuf-java 3.21.1 fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2023-52428 | MEDIUM6.38 | com.nimbusds:nimbus-jose-jwt 9.8.1 fixed in 9.37.2 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-7962 | MEDIUM6.38 | com.sun.mail:jakarta.mail 1.6.3 fixed in 1.6.8, 2.0.2 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-7962 | MEDIUM6.38 | com.sun.mail:jakarta.mail 1.6.4 fixed in 1.6.8, 2.0.2 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-42583 | MEDIUM6.38 | io.netty:netty-codec 4.1.77.Final fixed in 4.1.133.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-58057 | MEDIUM6.38 | io.netty:netty-codec 4.1.77.Final fixed in 4.1.125.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33870 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.1.132.Final, 4.2.10.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42587 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-42585 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-58056 | MEDIUM6.38 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.1.125.Final, 4.2.5.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-55163 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.77.Final fixed in 4.2.4.Final, 4.1.124.Final | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42587 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-48043 | MEDIUM6.38 | io.netty:netty-codec-http2 4.1.77.Final fixed in 4.1.135.Final, 4.2.15.Final | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-45416 | MEDIUM6.38 | io.netty:netty-handler 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-50010 | MEDIUM6.38 | io.netty:netty-handler 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42578 | MEDIUM6.38 | io.netty:netty-handler-proxy 4.1.77.Final fixed in 4.1.133.Final, 4.2.13.Final | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-45292 | MEDIUM6.38 | io.opentelemetry:opentelemetry-api 1.17.0 fixed in 1.62.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2023-34054 | MEDIUM6.38 | io.projectreactor.netty:reactor-netty-core 1.0.15 fixed in 1.1.13, 1.0.39 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-34479 | MEDIUM6.38 | org.apache.logging.log4j:log4j-1.2-api 2.18.0 fixed in 2.25.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34480 | MEDIUM6.38 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.4 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-34480 | MEDIUM6.38 | org.apache.logging.log4j:log4j-core 2.18.0 fixed in 2.25.4 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-5588 | MEDIUM6.38 | org.bouncycastle:bcpkix-jdk15on 1.64 fixed in 1.84 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2023-46673 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.5.2 fixed in 7.17.14, 8.10.3 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2024-23444 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.5.2 fixed in 8.13.0, 7.17.23 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-23450 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.5.2 fixed in 7.17.19, 8.13.0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2024-43709 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.5.2 fixed in 7.17.21, 8.13.3 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2024-52979 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.5.2 fixed in 7.17.25, 8.16.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-52981 | MEDIUM6.38 | org.elasticsearch:elasticsearch 8.5.2 fixed in 7.17.24, 8.15.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-66566 | MEDIUM6.38 | org.lz4:lz4-java 1.8.0 No fix yet | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-37731 | MEDIUM6.29 | org.elasticsearch:elasticsearch 8.5.2 fixed in 8.19.8, 9.1.8, 9.2.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2023-2976 | MEDIUM6.03 | com.google.guava:guava 27.1-jre fixed in 32.0.0-android | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2023-2976 | MEDIUM6.03 | com.google.guava:guava 28.2-jre fixed in 32.0.0-android | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2023-2976 | MEDIUM6.03 | com.google.guava:guava 30.1.1-jre fixed in 32.0.0-android | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-4802 | MEDIUM5.95 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.18 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-4802 | MEDIUM5.95 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.18 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2023-4806 | MEDIUM5.9 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.14 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2023-4813 | MEDIUM5.9 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.14 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-4806 | MEDIUM5.9 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.14 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2023-4813 | MEDIUM5.9 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.14 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-5981 | MEDIUM5.9 | libgnutls30 3.6.13-2ubuntu1.7 fixed in 3.6.13-2ubuntu1.9 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-5535 | MEDIUM5.9 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 5.6% Low-Moderate Risk | Directly Exposed |
| CVE-2020-15522 | MEDIUM5.9 | org.bouncycastle:bc-fips 1.0.2 fixed in 1.0.2.1 | 1.5% Low-Moderate Risk | Directly Exposed |
| CVE-2026-45673 | MEDIUM5.78 | io.netty:netty-resolver-dns 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-4741 | MEDIUM5.6 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 2.9% Low-Moderate Risk | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-67735 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.8.Final, 4.1.129.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-41417 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.1.133.Final, 4.2.13.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42580 | MEDIUM5.52 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.13.Final, 4.1.133.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-68384 | MEDIUM5.52 | org.elasticsearch.plugin:x-pack-security 8.5.2 fixed in 8.19.9, 9.1.9, 9.2.3 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2023-49921 | MEDIUM5.52 | org.elasticsearch:elasticsearch 8.5.2 fixed in 7.17.16, 8.11.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-12183 | MEDIUM5.52 | org.lz4:lz4-java 1.8.0 fixed in 1.8.1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2021-29425 | MEDIUM5.52 | commons-io:commons-io 2.5 fixed in 2.7 | 10.6% High Exploitation Risk | Directly Exposed |
| CVE-2024-0727 | MEDIUM5.5 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.21 | 3.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33600 | MEDIUM5.3 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33600 | MEDIUM5.3 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-12243 | MEDIUM5.3 | libgnutls30 3.6.13-2ubuntu1.7 fixed in 3.6.13-2ubuntu1.12 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-6918 | MEDIUM5.3 | libssh-4 0.9.3-2ubuntu2.2 fixed in 0.9.3-2ubuntu2.5 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0465 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 1.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0466 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 1.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-3446 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.20 | 5.5% Low-Moderate Risk | Directly Exposed |
| CVE-2023-3817 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.20 | 2.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-5678 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.21 | 4.5% Low-Moderate Risk | Directly Exposed |
| CVE-2024-12133 | MEDIUM5.3 | libtasn1-6 4.16.0-2 fixed in 4.16.0-2ubuntu0.1 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-29025 | MEDIUM5.3 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.1.108.Final | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2024-21742 | MEDIUM5.3 | org.apache.james:apache-mime4j-core 0.8.5 fixed in 0.8.10 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2025-22227 | MEDIUM5.18 | io.projectreactor.netty:reactor-netty-http 1.0.15 fixed in 1.3.0-M5, 1.2.8 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34477 | MEDIUM5.02 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34477 | MEDIUM5.02 | org.apache.logging.log4j:log4j-core 2.18.0 fixed in 2.25.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-53864 | MEDIUM4.93 | com.nimbusds:nimbus-jose-jwt 9.8.1 fixed in 10.0.2, 9.37.4 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-37727 | MEDIUM4.84 | org.elasticsearch:elasticsearch 8.5.2 fixed in 8.18.8, 8.19.5, 9.0.8, 9.1.5 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-2511 | MEDIUM4.81 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 54.0% Actively Exploited | Directly Exposed |
| CVE-2025-0395 | MEDIUM4.67 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.17 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-0395 | MEDIUM4.67 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.17 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-29088 | MEDIUM4.67 | libsqlite3-0 3.31.1-4ubuntu0.5 fixed in 3.31.1-4ubuntu0.7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2022-3821 | MEDIUM4.67 | libsystemd0 245.4-4ubuntu3.18 fixed in 245.4-4ubuntu3.20 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2022-4415 | MEDIUM4.67 | libsystemd0 245.4-4ubuntu3.18 fixed in 245.4-4ubuntu3.20 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-3821 | MEDIUM4.67 | libudev1 245.4-4ubuntu3.18 fixed in 245.4-4ubuntu3.20 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2022-4415 | MEDIUM4.67 | libudev1 245.4-4ubuntu3.18 fixed in 245.4-4ubuntu3.20 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2024-47535 | MEDIUM4.67 | io.netty:netty-common 4.1.77.Final fixed in 4.1.115.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-25193 | MEDIUM4.67 | io.netty:netty-common 4.1.77.Final fixed in 4.1.118.Final | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-25710 | MEDIUM4.67 | org.apache.commons:commons-compress 1.21 fixed in 1.26.0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-26308 | MEDIUM4.67 | org.apache.commons:commons-compress 1.21 fixed in 1.26.0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45146 | MEDIUM4.67 | org.bouncycastle:bc-fips 1.0.2 fixed in 1.0.2.4 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2022-1471 | MEDIUM4.58 | org.yaml:snakeyaml 1.33 fixed in 2.0 | 99.6% Actively Exploited | Post-Exploit |
| CVE-2023-0215 | MEDIUM4.5 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-0464 | MEDIUM4.5 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 3.7% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28834 | MEDIUM4.5 | libgnutls30 3.6.13-2ubuntu1.7 fixed in 3.6.13-2ubuntu1.11 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-54514 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.13.1 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-54515 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.13.1 fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-54514 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.13.2.2 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-54515 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.13.2.2 fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-54514 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.13.3 fixed in 2.18.8, 2.21.4, 3.1.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-54515 | MEDIUM4.5 | com.fasterxml.jackson.core:jackson-databind 2.13.3 fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-50020 | MEDIUM4.5 | io.netty:netty-codec-http 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-47244 | MEDIUM4.5 | io.netty:netty-codec-http2 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-50560 | MEDIUM4.5 | io.netty:netty-codec-http2 4.1.77.Final fixed in 4.2.15.Final, 4.1.135.Final | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-8885 | MEDIUM4.5 | org.bouncycastle:bc-fips 1.0.2 fixed in 1.0.2.6, 2.0.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-8916 | MEDIUM4.5 | org.bouncycastle:bcpkix-jdk15on 1.64 fixed in 1.79 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-23449 | MEDIUM4.5 | org.elasticsearch:elasticsearch 8.5.2 fixed in 8.11.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2024-7264 | MEDIUM4.48 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.23 | 17.3% High Exploitation Risk | Post-Exploit |
| CVE-2024-7264 | MEDIUM4.48 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.23 | 17.3% High Exploitation Risk | Post-Exploit |
| CVE-2024-28085 | MEDIUM4.4 | libblkid1 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libfdisk1 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libmount1 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libsmartcols1 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libuuid1 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-31672 | MEDIUM4.4 | org.apache.poi:poi-ooxml 5.2.2 fixed in 5.4.0 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2024-47554 | MEDIUM4.3 | commons-io:commons-io 2.11.0 fixed in 2.14.0 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-47554 | MEDIUM4.3 | commons-io:commons-io 2.5 fixed in 2.14.0 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-68390 | MEDIUM4.17 | org.elasticsearch.plugin:x-pack-core 8.5.2 fixed in 8.19.8, 9.1.8, 9.2.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2023-6004 | MEDIUM4.08 | libssh-4 0.9.3-2ubuntu2.2 fixed in 0.9.3-2ubuntu2.5 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-68161 | MEDIUM4.08 | org.apache.logging.log4j:log4j-core 2.12.4 fixed in 2.25.3 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-68161 | MEDIUM4.08 | org.apache.logging.log4j:log4j-core 2.18.0 fixed in 2.25.3 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2022-4304 | MEDIUM4.07 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 16.2% High Exploitation Risk | Post-Exploit |
| CVE-2024-13176 | MEDIUM4 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.24 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2024-33601 | MEDIUM4 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33601 | MEDIUM4 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-47038 | LOW3.98 | perl-base 5.30.0-9ubuntu0.3 fixed in 5.30.0-9ubuntu0.5 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2023-23916 | LOW3.9 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.16 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2023-46218 | LOW3.9 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.21 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2023-23916 | LOW3.9 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.16 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2023-46218 | LOW3.9 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.21 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2023-31417 | LOW3.74 | org.elasticsearch:elasticsearch 8.5.2 fixed in 7.17.13, 8.9.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-3596 | LOW3.73 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-3596 | LOW3.73 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-3596 | LOW3.73 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-3596 | LOW3.73 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-9143 | LOW3.7 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.24 | 6.0% Low-Moderate Risk | Directly Exposed |
| CVE-2025-48924 | LOW3.7 | org.apache.commons:commons-lang3 3.9 fixed in 3.18.0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2022-31684 | LOW3.65 | io.projectreactor.netty:reactor-netty-http 1.0.15 fixed in 1.0.24 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2022-43552 | LOW3.54 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.15 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27535 | LOW3.54 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27536 | LOW3.54 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-28321 | LOW3.54 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.19 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2024-11053 | LOW3.54 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.25 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2022-43552 | LOW3.54 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.15 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27535 | LOW3.54 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27536 | LOW3.54 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-28321 | LOW3.54 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.19 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2024-11053 | LOW3.54 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.25 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2024-5535 | LOW3.54 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 5.6% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2023-0286 | LOW3.46 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 59.5% Actively Exploited | Post-Exploit |
| CVE-2024-33602 | LOW3.4 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-33602 | LOW3.4 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-4741 | LOW3.36 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 2.9% Low-Moderate Risk | Post-Exploit |
| CVE-2024-8096 | LOW3.31 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.24 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2024-8096 | LOW3.31 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.24 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2023-27538 | LOW3.3 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27538 | LOW3.3 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-0727 | LOW3.3 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.21 | 3.2% Low-Moderate Risk | Post-Exploit |
| CVE-2022-48303 | LOW3.3 | tar 1.30+dfsg-7ubuntu0.20.04.2 fixed in 1.30+dfsg-7ubuntu0.20.04.3 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-0465 | LOW3.18 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-0466 | LOW3.18 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-3446 | LOW3.18 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.20 | 5.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-3817 | LOW3.18 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.20 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-5678 | LOW3.18 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.21 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27533 | LOW3.17 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 2.0% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27534 | LOW3.17 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27533 | LOW3.17 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 2.0% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27534 | LOW3.17 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-2398 | LOW3.1 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.22 | 36.1% High Exploitation Risk | Post-Exploit |
| CVE-2024-2398 | LOW3.1 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.22 | 36.1% High Exploitation Risk | Post-Exploit |
| CVE-2022-4450 | LOW3.1 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 20.4% High Exploitation Risk | Post-Exploit |
| CVE-2023-2650 | LOW3.04 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.19 | 73.5% Actively Exploited | Post-Exploit |
| CVE-2023-31484 | LOW2.92 | perl-base 5.30.0-9ubuntu0.3 fixed in 5.30.0-9ubuntu0.4 | 1.5% Low-Moderate Risk | Post-Exploit |
| CVE-2024-2511 | LOW2.89 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 54.0% Actively Exploited | Post-Exploit |
| CVE-2023-4641 | LOW2.8 | login 1:4.8.1-1ubuntu5.20.04.2 fixed in 1:4.8.1-1ubuntu5.20.04.5 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2023-4641 | LOW2.8 | passwd 1:4.8.1-1ubuntu5.20.04.2 fixed in 1:4.8.1-1ubuntu5.20.04.5 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2023-4016 | LOW2.8 | libprocps8 2:3.3.16-1ubuntu2.3 fixed in 2:3.3.16-1ubuntu2.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2020-8908 | LOW2.8 | com.google.guava:guava 27.1-jre fixed in 32.0.0-android | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2020-8908 | LOW2.8 | com.google.guava:guava 28.2-jre fixed in 32.0.0-android | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2020-8908 | LOW2.8 | com.google.guava:guava 30.1.1-jre fixed in 32.0.0-android | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2024-28085 | LOW2.64 | bsdutils 1:2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28085 | LOW2.64 | fdisk 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28085 | LOW2.64 | mount 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28085 | LOW2.64 | util-linux 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2025-30258 | LOW2.4 | gpgv 2.2.19-3ubuntu2.2 fixed in 2.2.19-3ubuntu2.4 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2024-13176 | LOW2.4 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.24 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2023-28322 | LOW2.22 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.19 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-38546 | LOW2.22 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.20 | 6.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-28322 | LOW2.22 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.19 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-38546 | LOW2.22 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.20 | 6.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-9143 | LOW2.22 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.24 | 6.0% Low-Moderate Risk | Post-Exploit |
| CVE-2023-4016 | LOW1.68 | procps 2:3.3.16-1ubuntu2.3 fixed in 2:3.3.16-1ubuntu2.4 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2023-39804 | LOW1.68 | tar 1.30+dfsg-7ubuntu0.20.04.2 fixed in 1.30+dfsg-7ubuntu0.20.04.4 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2022-30187 | LOW1.61 | com.azure:azure-storage-blob 12.16.0 fixed in 12.18.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-28321 | NONE0 | libpam-modules 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.4 | 1.2% Low-Moderate Risk | Not Applicable |
| CVE-2022-28321 | NONE0 | libpam-modules-bin 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.4 | 1.2% Low-Moderate Risk | Not Applicable |
| CVE-2022-28321 | NONE0 | libpam-runtime 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.4 | 1.2% Low-Moderate Risk | Not Applicable |
| CVE-2022-28321 | NONE0 | libpam0g 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.4 | 1.2% Low-Moderate Risk | Not Applicable |
| CVE-2021-39537 | NONE0 | libncurses6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 3.0% Low-Moderate Risk | Not Applicable |
| CVE-2021-39537 | NONE0 | libncursesw6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 3.0% Low-Moderate Risk | Not Applicable |
| CVE-2021-39537 | NONE0 | libtinfo6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 3.0% Low-Moderate Risk | Not Applicable |
| CVE-2021-39537 | NONE0 | ncurses-base 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 3.0% Low-Moderate Risk | Not Applicable |
| CVE-2021-39537 | NONE0 | ncurses-bin 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 3.0% Low-Moderate Risk | Not Applicable |
| CVE-2023-29491 | NONE0 | libncurses6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 0.9% Theoretical Threat | Not Applicable |
| CVE-2023-29491 | NONE0 | libncursesw6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 0.9% Theoretical Threat | Not Applicable |
| CVE-2023-29491 | NONE0 | libtinfo6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 0.9% Theoretical Threat | Not Applicable |
| CVE-2023-29491 | NONE0 | ncurses-base 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 0.9% Theoretical Threat | Not Applicable |
| CVE-2023-29491 | NONE0 | ncurses-bin 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 0.9% Theoretical Threat | Not Applicable |
| CVE-2022-23491 | NONE0 | ca-certificates 20211016~20.04.1 fixed in 20211016ubuntu0.20.04.1 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2022-29458 | NONE0 | libncurses6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2022-29458 | NONE0 | libncursesw6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2022-29458 | NONE0 | libtinfo6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2022-29458 | NONE0 | ncurses-base 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2022-29458 | NONE0 | ncurses-bin 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam-modules 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam-modules-bin 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam-runtime 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam0g 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.13.1 fixed in 2.21.1, 2.18.6 | — | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.13.2 fixed in 2.21.1, 2.18.6 | — | Not Applicable |
| GHSA-72hv-8253-57qq | NONE0 | com.fasterxml.jackson.core:jackson-core 2.13.3 fixed in 2.21.1, 2.18.6 | — | Not Applicable |
| GHSA-xpw8-rcwv-8f8p | NONE0 | io.netty:netty-codec-http2 4.1.77.Final fixed in 4.1.100.Final | — | Not Applicable |
| CVE-2024-52980 | NONE0 | org.elasticsearch:elasticsearch 8.5.2 fixed in 8.15.1 | 0.5% Theoretical Threat | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.