Vulnerability Reportelasticsearch:8.9.2

elasticsearch:8.9.2
DIGESTsha256:38082e945768e8e98fc0d828c810baf0b63d58ddc9059db2a62e4c293e44e817

Executive Summary

Last scanned:

Threat Score
100/100DANGEROUS
Reputation
TRUSTED

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could exploit CVE-2025-66516 (XXE in Apache Tika) to exfiltrate sensitive data or perform server-side request forgery, and CVE-2024-2961 (glibc iconv RCE) to execute arbitrary code via malicious encoding, leading to full container compromise and potential lateral movement.

Vulnerabilities

Vulnerability Log

211 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2025-66516CRITICAL10
org.apache.tika:tika-core
2.7.0
fixed in 3.2.2
79.8%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2025-66516CRITICAL10
org.apache.tika:tika-parser-pdf-module
2.7.0
fixed in 3.2.2
79.8%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2024-2961CRITICAL10
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.15
88.3%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2024-2961CRITICAL10
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.15
88.3%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2023-44487CRITICAL9.75
libnghttp2-14
1.40.0-1ubuntu0.1
fixed in 1.40.0-1ubuntu0.2
100.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2025-54988CRITICAL9.4
org.apache.tika:tika-parser-pdf-module
2.7.0
fixed in 3.2.2
3.0%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2026-45674HIGH8.5
io.netty:netty-resolver-dns
4.1.94.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-47691HIGH8.5
io.netty:netty-resolver-dns
4.1.94.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.6%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-42584HIGH7.73
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.8%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2024-33599HIGH7.6
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-33599HIGH7.6
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-0553HIGH7.5
libgnutls30
3.6.13-2ubuntu1.8
fixed in 3.6.13-2ubuntu1.10
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-2953HIGH7.5
libldap-2.4-2
2.4.49+dfsg-2ubuntu1.9
fixed in 2.4.49+dfsg-2ubuntu1.10
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2023-2953HIGH7.5
libldap-common
2.4.49+dfsg-2ubuntu1.9
fixed in 2.4.49+dfsg-2ubuntu1.10
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
3.21.9
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2026-33871HIGH7.5
io.netty:netty-codec-http2
4.1.94.Final
fixed in 4.1.132.Final, 4.2.11.Final
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2025-24970HIGH7.5
io.netty:netty-handler
4.1.94.Final
fixed in 4.1.118.Final
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-34062HIGH7.5
io.projectreactor.netty:reactor-netty-http
1.0.24
fixed in 1.1.13, 1.0.39
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-1370HIGH7.5
net.minidev:json-smart
2.4.8
fixed in 2.4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-7104HIGH7.3
libsqlite3-0
3.31.1-4ubuntu0.5
fixed in 3.31.1-4ubuntu0.6
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371HIGH7.28
libgssapi-krb5-2
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2024-37371HIGH7.28
libk5crypto3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2024-37371HIGH7.28
libkrb5-3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2024-37371HIGH7.28
libkrb5support0
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2024-28182MEDIUM6.89
libnghttp2-14
1.40.0-1ubuntu0.1
fixed in 1.40.0-1ubuntu0.3
85.0%
Actively Exploited
Directly Exposed
CVE-2026-54512MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.13.4.2
fixed in 2.18.8, 3.1.4, 2.21.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54513MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.13.4.2
fixed in 2.18.8, 2.21.4, 3.1.4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-54512MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 3.1.4, 2.21.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54513MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 2.21.4, 3.1.4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.1.94.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-36054MEDIUM6.5
libgssapi-krb5-2
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-36054MEDIUM6.5
libk5crypto3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-36054MEDIUM6.5
libkrb5-3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-36054MEDIUM6.5
libkrb5support0
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-44483MEDIUM6.5
org.apache.santuario:xmlsec
2.1.8
fixed in 2.3.4, 2.2.6, 3.0.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-29857MEDIUM6.5
org.bouncycastle:bc-fips
1.0.2
fixed in 1.0.2.5
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-37370MEDIUM6.38
libgssapi-krb5-2
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libk5crypto3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libkrb5-3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libkrb5support0
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.13.4
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-50193MEDIUM6.38
com.fasterxml.jackson.core:jackson-databind
2.13.4.2
fixed in 2.14.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-52428MEDIUM6.38
com.nimbusds:nimbus-jose-jwt
9.23
fixed in 9.37.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-7962MEDIUM6.38
com.sun.mail:jakarta.mail
1.6.3
fixed in 1.6.8, 2.0.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-7962MEDIUM6.38
com.sun.mail:jakarta.mail
1.6.4
fixed in 1.6.8, 2.0.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-42583MEDIUM6.38
io.netty:netty-codec
4.1.94.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58057MEDIUM6.38
io.netty:netty-codec
4.1.94.Final
fixed in 4.1.125.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.1.132.Final, 4.2.10.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-58056MEDIUM6.38
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.1.125.Final, 4.2.5.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-55163MEDIUM6.38
io.netty:netty-codec-http2
4.1.94.Final
fixed in 4.2.4.Final, 4.1.124.Final
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http2
4.1.94.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-48043MEDIUM6.38
io.netty:netty-codec-http2
4.1.94.Final
fixed in 4.1.135.Final, 4.2.15.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.94.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.94.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42578MEDIUM6.38
io.netty:netty-handler-proxy
4.1.94.Final
fixed in 4.1.133.Final, 4.2.13.Final
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-45292MEDIUM6.38
io.opentelemetry:opentelemetry-api
1.17.0
fixed in 1.62.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-34054MEDIUM6.38
io.projectreactor.netty:reactor-netty-core
1.0.24
fixed in 1.1.13, 1.0.39
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-34479MEDIUM6.38
org.apache.logging.log4j:log4j-1.2-api
2.19.0
fixed in 2.25.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-5588MEDIUM6.38
org.bouncycastle:bcpkix-jdk15on
1.64
fixed in 1.84
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-46673MEDIUM6.38
org.elasticsearch:elasticsearch
8.9.2
fixed in 7.17.14, 8.10.3
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-23444MEDIUM6.38
org.elasticsearch:elasticsearch
8.9.2
fixed in 8.13.0, 7.17.23
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-23450MEDIUM6.38
org.elasticsearch:elasticsearch
8.9.2
fixed in 7.17.19, 8.13.0
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-43709MEDIUM6.38
org.elasticsearch:elasticsearch
8.9.2
fixed in 7.17.21, 8.13.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-52979MEDIUM6.38
org.elasticsearch:elasticsearch
8.9.2
fixed in 7.17.25, 8.16.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-52981MEDIUM6.38
org.elasticsearch:elasticsearch
8.9.2
fixed in 7.17.24, 8.15.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-66566MEDIUM6.38
org.lz4:lz4-java
1.8.0
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-37731MEDIUM6.29
org.elasticsearch:elasticsearch
8.9.2
fixed in 8.19.8, 9.1.8, 9.2.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42579MEDIUM6.18
io.netty:netty-codec-dns
4.1.94.Final
fixed in 4.2.13.Final, 4.1.133.Final
1.0%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
28.2-jre
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
31.1-jre
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-4802MEDIUM5.95
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.18
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-4802MEDIUM5.95
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.18
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-4806MEDIUM5.9
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.14
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-4813MEDIUM5.9
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.14
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-4806MEDIUM5.9
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.14
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-4813MEDIUM5.9
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.14
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-5981MEDIUM5.9
libgnutls30
3.6.13-2ubuntu1.8
fixed in 3.6.13-2ubuntu1.9
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libgssapi-krb5-2
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libk5crypto3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libkrb5-3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libkrb5support0
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-5535MEDIUM5.9
libssl1.1
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.23
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-15522MEDIUM5.9
org.bouncycastle:bc-fips
1.0.2
fixed in 1.0.2.1
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2026-45673MEDIUM5.78
io.netty:netty-resolver-dns
4.1.94.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-4741MEDIUM5.6
libssl1.1
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.23
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2025-24528MEDIUM5.52
libgssapi-krb5-2
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libk5crypto3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libkrb5-3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libkrb5support0
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-67735MEDIUM5.52
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.2.8.Final, 4.1.129.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-68384MEDIUM5.52
org.elasticsearch.plugin:x-pack-security
8.9.2
fixed in 8.19.9, 9.1.9, 9.2.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-49921MEDIUM5.52
org.elasticsearch:elasticsearch
8.9.2
fixed in 7.17.16, 8.11.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-12183MEDIUM5.52
org.lz4:lz4-java
1.8.0
fixed in 1.8.1
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-0727MEDIUM5.5
libssl1.1
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.21
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-33600MEDIUM5.3
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-33600MEDIUM5.3
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-12243MEDIUM5.3
libgnutls30
3.6.13-2ubuntu1.8
fixed in 3.6.13-2ubuntu1.12
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-6918MEDIUM5.3
libssh-4
0.9.3-2ubuntu2.3
fixed in 0.9.3-2ubuntu2.5
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-3446MEDIUM5.3
libssl1.1
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.20
5.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-3817MEDIUM5.3
libssl1.1
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.20
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-5678MEDIUM5.3
libssl1.1
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.21
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-12133MEDIUM5.3
libtasn1-6
4.16.0-2
fixed in 4.16.0-2ubuntu0.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-29025MEDIUM5.3
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.1.108.Final
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-21742MEDIUM5.3
org.apache.james:apache-mime4j-core
0.8.9
fixed in 0.8.10
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2025-22227MEDIUM5.18
io.projectreactor.netty:reactor-netty-http
1.0.24
fixed in 1.3.0-M5, 1.2.8
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libgssapi-krb5-2
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libgssapi-krb5-2
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libk5crypto3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libk5crypto3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libkrb5-3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libkrb5-3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libkrb5support0
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libkrb5support0
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-53864MEDIUM4.93
com.nimbusds:nimbus-jose-jwt
9.23
fixed in 10.0.2, 9.37.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-37727MEDIUM4.84
org.elasticsearch:elasticsearch
8.9.2
fixed in 8.18.8, 8.19.5, 9.0.8, 9.1.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-2511MEDIUM4.81
libssl1.1
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.23
54.0%
Actively Exploited
Directly Exposed
CVE-2025-0395MEDIUM4.67
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.17
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-0395MEDIUM4.67
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.17
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-22365MEDIUM4.67
libpam-modules
1.3.1-5ubuntu4.6
fixed in 1.3.1-5ubuntu4.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-22365MEDIUM4.67
libpam-modules-bin
1.3.1-5ubuntu4.6
fixed in 1.3.1-5ubuntu4.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-22365MEDIUM4.67
libpam-runtime
1.3.1-5ubuntu4.6
fixed in 1.3.1-5ubuntu4.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-22365MEDIUM4.67
libpam0g
1.3.1-5ubuntu4.6
fixed in 1.3.1-5ubuntu4.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-29088MEDIUM4.67
libsqlite3-0
3.31.1-4ubuntu0.5
fixed in 3.31.1-4ubuntu0.7
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-47535MEDIUM4.67
io.netty:netty-common
4.1.94.Final
fixed in 4.1.115.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-25193MEDIUM4.67
io.netty:netty-common
4.1.94.Final
fixed in 4.1.118.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-42503MEDIUM4.67
org.apache.commons:commons-compress
1.22
fixed in 1.24.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-25710MEDIUM4.67
org.apache.commons:commons-compress
1.22
fixed in 1.26.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-26308MEDIUM4.67
org.apache.commons:commons-compress
1.22
fixed in 1.26.0
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-45146MEDIUM4.67
org.bouncycastle:bc-fips
1.0.2
fixed in 1.0.2.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-28834MEDIUM4.5
libgnutls30
3.6.13-2ubuntu1.8
fixed in 3.6.13-2ubuntu1.11
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-54514MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.13.4.2
fixed in 2.18.8, 2.21.4, 3.1.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-54515MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.13.4.2
fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-54514MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 2.21.4, 3.1.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-54515MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.1.94.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-47244MEDIUM4.5
io.netty:netty-codec-http2
4.1.94.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50560MEDIUM4.5
io.netty:netty-codec-http2
4.1.94.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-8885MEDIUM4.5
org.bouncycastle:bc-fips
1.0.2
fixed in 1.0.2.6, 2.0.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-8916MEDIUM4.5
org.bouncycastle:bcpkix-jdk15on
1.64
fixed in 1.79
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-23449MEDIUM4.5
org.elasticsearch:elasticsearch
8.9.2
fixed in 8.11.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-28085MEDIUM4.4
libblkid1
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libfdisk1
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libmount1
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libsmartcols1
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libuuid1
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-31672MEDIUM4.4
org.apache.poi:poi-ooxml
5.2.3
fixed in 5.4.0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-47554MEDIUM4.3
commons-io:commons-io
2.11.0
fixed in 2.14.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-68390MEDIUM4.17
org.elasticsearch.plugin:x-pack-core
8.9.2
fixed in 8.19.8, 9.1.8, 9.2.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-6004MEDIUM4.08
libssh-4
0.9.3-2ubuntu2.3
fixed in 0.9.3-2ubuntu2.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-13176MEDIUM4
libssl1.1
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.24
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-33601MEDIUM4
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-33601MEDIUM4
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-47038LOW3.98
perl-base
5.30.0-9ubuntu0.4
fixed in 5.30.0-9ubuntu0.5
0.8%
Theoretical Threat
Post-Exploit
CVE-2024-3596LOW3.73
libgssapi-krb5-2
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-3596LOW3.73
libk5crypto3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-3596LOW3.73
libkrb5-3
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-3596LOW3.73
libkrb5support0
1.17-6ubuntu4.3
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Post-Exploit
CVE-2024-9143LOW3.7
libssl1.1
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.24
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.12.0
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.9
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-33602LOW3.4
libc-bin
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-33602LOW3.4
libc6
2.31-0ubuntu9.9
fixed in 2.31-0ubuntu9.16
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-8096LOW3.31
curl
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.24
0.7%
Theoretical Threat
Post-Exploit
CVE-2024-8096LOW3.31
libcurl4
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.24
0.7%
Theoretical Threat
Post-Exploit
CVE-2024-0727LOW3.3
openssl
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.21
3.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-3446LOW3.18
openssl
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.20
5.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-3817LOW3.18
openssl
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.20
2.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-5678LOW3.18
openssl
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.21
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2024-2398LOW3.1
curl
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.22
36.1%
High Exploitation Risk
Post-Exploit
CVE-2024-2398LOW3.1
libcurl4
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.22
36.1%
High Exploitation Risk
Post-Exploit
CVE-2024-2511LOW2.89
openssl
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.23
54.0%
Actively Exploited
Post-Exploit
CVE-2023-4641LOW2.8
login
1:4.8.1-1ubuntu5.20.04.4
fixed in 1:4.8.1-1ubuntu5.20.04.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2023-4641LOW2.8
passwd
1:4.8.1-1ubuntu5.20.04.4
fixed in 1:4.8.1-1ubuntu5.20.04.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2023-4016LOW2.8
libprocps8
2:3.3.16-1ubuntu2.3
fixed in 2:3.3.16-1ubuntu2.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
28.2-jre
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
31.1-jre
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2023-48795LOW2.76
libssh-4
0.9.3-2ubuntu2.3
fixed in 0.9.3-2ubuntu2.4
93.3%
Actively Exploited
Post-Exploit
CVE-2024-7264LOW2.69
curl
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.23
17.3%
High Exploitation Risk
Post-Exploit
CVE-2024-7264LOW2.69
libcurl4
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.23
17.3%
High Exploitation Risk
Post-Exploit
CVE-2024-28085LOW2.64
bsdutils
1:2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
fdisk
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
mount
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
util-linux
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2025-30258LOW2.4
gpgv
2.2.19-3ubuntu2.2
fixed in 2.2.19-3ubuntu2.4
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-13176LOW2.4
openssl
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.24
0.6%
Theoretical Threat
Post-Exploit
CVE-2023-46218LOW2.34
curl
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.21
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-46218LOW2.34
libcurl4
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.21
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2023-38546LOW2.22
curl
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.20
6.2%
Low-Moderate Risk
Post-Exploit
CVE-2023-38546LOW2.22
libcurl4
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.20
6.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-9143LOW2.22
openssl
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.24
6.0%
Low-Moderate Risk
Post-Exploit
CVE-2024-11053LOW2.12
curl
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.25
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-11053LOW2.12
libcurl4
7.68.0-1ubuntu2.19
fixed in 7.68.0-1ubuntu2.25
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-5535LOW2.12
openssl
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.23
5.6%
Low-Moderate Risk
Post-Exploit
CVE-2024-4741LOW2.02
openssl
1.1.1f-1ubuntu2.19
fixed in 1.1.1f-1ubuntu2.23
2.9%
Low-Moderate Risk
Post-Exploit
CVE-2023-4016LOW1.68
procps
2:3.3.16-1ubuntu2.3
fixed in 2:3.3.16-1ubuntu2.4
0.2%
Theoretical Threat
Post-Exploit
CVE-2023-39804LOW1.68
tar
1.30+dfsg-7ubuntu0.20.04.3
fixed in 1.30+dfsg-7ubuntu0.20.04.4
0.3%
Theoretical Threat
Post-Exploit
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.13.4
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.15.0
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-xpw8-rcwv-8f8pNONE0
io.netty:netty-codec-http2
4.1.94.Final
fixed in 4.1.100.Final
Not Applicable
CVE-2024-52980NONE0
org.elasticsearch:elasticsearch
8.9.2
fixed in 8.15.1
0.5%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.