Vulnerability Reportelasticsearch:9.0.2

elasticsearch:9.0.2
DIGESTsha256:12829bb0fa8b3c6b65928868d2af0fbe67bf74aa6b92b14eca87957e9f554136

Executive Summary

Last scanned:

Threat Score
74/100CAUTION
Reputation
TRUSTED

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could achieve data exfiltration via XXE in the Tika PDF parser or redirect cluster traffic via DNS cache poisoning. Disabling the ingest attachment plugin would eliminate the Tika XXE risk. Note that CVE-2025-66516 only applies if the ingest attachment plugin is enabled. Immediate remediation (upgrading Tika and Netty) is strongly advised.

Vulnerabilities

Vulnerability Log

326 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2025-66516CRITICAL10
org.apache.tika:tika-core
2.9.3
fixed in 3.2.2
79.8%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2025-66516CRITICAL10
org.apache.tika:tika-parser-pdf-module
2.9.3
fixed in 3.2.2
79.8%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2025-54988CRITICAL9.4
org.apache.tika:tika-parser-pdf-module
2.9.3
fixed in 3.2.2
3.0%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2026-45674HIGH8.5
io.netty:netty-resolver-dns
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-47691HIGH8.5
io.netty:netty-resolver-dns
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.6%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-58016HIGH7.73
glib2
2.68.4-16.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42579HIGH7.73
io.netty:netty-codec-dns
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-33846HIGH7.5
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-42009HIGH7.5
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-5121HIGH7.5
libarchive
3.5.3-5.el9_6
fixed in 3.5.3-9.el9_7
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2025-6021HIGH7.5
libxml2
2.9.13-9.el9_6
fixed in 2.9.13-10.el9_6
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2025-27113HIGH7.5
libxml2
2.9.13-9.el9_6
No fix yet
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-2100HIGH7.5
p11-kit
0.25.3-3.el9_5
fixed in 0.26.2-1.el9
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-2100HIGH7.5
p11-kit-trust
0.25.3-3.el9_5
fixed in 0.26.2-1.el9
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-33871HIGH7.5
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.1.132.Final, 4.2.11.Final
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-58014HIGH7.31
glib2
2.68.4-16.el9
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49796HIGH7.28
libxml2
2.9.13-9.el9_6
fixed in 2.9.13-10.el9_6
1.4%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2024-52533HIGH7
glib2
2.68.4-16.el9
fixed in 2.68.4-16.el9_6.2
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-58010MEDIUM6.97
glib2
2.68.4-16.el9
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-58012MEDIUM6.97
glib2
2.68.4-16.el9
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-58013MEDIUM6.97
glib2
2.68.4-16.el9
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-32990MEDIUM6.97
gnutls
3.8.3-6.el9
fixed in 3.8.3-6.el9_6.2
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-42013MEDIUM6.97
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-5260MEDIUM6.97
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-0861MEDIUM6.88
glibc
2.34-168.el9_6.20
fixed in 2.34-231.el9_7.10
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-28387MEDIUM6.88
openssl-libs
1:3.2.2-6.el9_5.1
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54512MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 3.1.4, 2.21.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54513MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 2.21.4, 3.1.4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-6653MEDIUM6.66
libxml2
2.9.13-9.el9_6
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2025-5914MEDIUM6.63
libarchive
3.5.3-5.el9_6
fixed in 3.5.3-6.el9_6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-48864MEDIUM6.63
libsolv
0.7.24-3.el9
fixed in 0.7.24-6.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-7425MEDIUM6.63
libxml2
2.9.13-9.el9_6
fixed in 2.9.13-11.el9_6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-11979MEDIUM6.63
libxml2
2.9.13-9.el9_6
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-29111MEDIUM6.63
systemd-libs
252-51.el9_6.1
fixed in 252-67.el9_8.2
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-13601MEDIUM6.54
glib2
2.68.4-16.el9
fixed in 2.68.4-18.el9_7.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-58011MEDIUM6.38
glib2
2.68.4-16.el9
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-58015MEDIUM6.38
glib2
2.68.4-16.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-32636MEDIUM6.38
glib2
2.68.4-16.el9
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-40355MEDIUM6.38
krb5-libs
1.21.1-8.el9_6
fixed in 1.21.1-10.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40356MEDIUM6.38
krb5-libs
1.21.1-8.el9_6
fixed in 1.21.1-10.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-4111MEDIUM6.38
libarchive
3.5.3-5.el9_6
fixed in 3.5.3-7.el9_7
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-4424MEDIUM6.38
libarchive
3.5.3-5.el9_6
fixed in 3.5.3-9.el9_7
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-14164MEDIUM6.38
libarchive
3.5.3-5.el9_6
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-41989MEDIUM6.38
libgcrypt
1.10.0-11.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27135MEDIUM6.38
libnghttp2
1.43.0-6.el9
fixed in 1.43.0-6.el9_7.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-32414MEDIUM6.38
libxml2
2.9.13-9.el9_6
fixed in 2.9.13-12.el9_6
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-32415MEDIUM6.38
libxml2
2.9.13-9.el9_6
fixed in 2.9.13-12.el9_6
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-6732MEDIUM6.38
libxml2
2.9.13-9.el9_6
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-3.el9_8
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34183MEDIUM6.38
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-69421MEDIUM6.38
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
openssl-libs
1:3.2.2-6.el9_5.1
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
openssl-libs
1:3.2.2-6.el9_5.1
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2022-41409MEDIUM6.38
pcre2
10.40-6.el9
No fix yet
1.0%
Theoretical Threat
Directly Exposed
CVE-2022-41409MEDIUM6.38
pcre2-syntax
10.40-6.el9
No fix yet
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-7962MEDIUM6.38
com.sun.mail:jakarta.mail
1.6.3
fixed in 1.6.8, 2.0.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-7962MEDIUM6.38
com.sun.mail:jakarta.mail
1.6.4
fixed in 1.6.8, 2.0.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-42583MEDIUM6.38
io.netty:netty-codec
4.1.118.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58057MEDIUM6.38
io.netty:netty-codec
4.1.118.Final
fixed in 4.1.125.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.1.132.Final, 4.2.10.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-58056MEDIUM6.38
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.1.125.Final, 4.2.5.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-55163MEDIUM6.38
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.2.4.Final, 4.1.124.Final
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-48043MEDIUM6.38
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.1.135.Final, 4.2.15.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42578MEDIUM6.38
io.netty:netty-handler-proxy
4.1.118.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-45292MEDIUM6.38
io.opentelemetry:opentelemetry-api
1.31.0
fixed in 1.62.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34479MEDIUM6.38
org.apache.logging.log4j:log4j-1.2-api
2.19.0
fixed in 2.25.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-5588MEDIUM6.38
org.bouncycastle:bcpkix-jdk18on
1.78.1
fixed in 1.84
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-14813MEDIUM6.38
org.bouncycastle:bcprov-jdk18on
1.78.1
fixed in 1.80.2, 1.81.1, 1.84
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-66566MEDIUM6.38
org.lz4:lz4-java
1.8.0
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-3833MEDIUM6.29
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42011MEDIUM6.29
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-37731MEDIUM6.29
org.elasticsearch:elasticsearch
9.0.2
fixed in 8.19.8, 9.1.8, 9.2.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-49794MEDIUM6.18
libxml2
2.9.13-9.el9_6
fixed in 2.9.13-10.el9_6
0.7%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-42012MEDIUM6.03
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-54369MEDIUM6.03
libacl
2.3.1-4.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4878MEDIUM5.95
libcap
2.48-9.el9_2
fixed in 2.48-10.el9_8.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-44604MEDIUM5.95
rpm-libs
4.16.1.3-37.el9
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-13151MEDIUM5.9
libtasn1
4.16.0-9.el9
fixed in 4.16.0-10.el9_8
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-41996MEDIUM5.9
openssl-libs
1:3.2.2-6.el9_5.1
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-22185MEDIUM5.78
openldap
2.6.8-4.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-45673MEDIUM5.78
io.netty:netty-resolver-dns
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4105MEDIUM5.7
systemd-libs
252-51.el9_6.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42014MEDIUM5.61
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-5915MEDIUM5.61
libarchive
3.5.3-5.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-5918MEDIUM5.61
libarchive
3.5.3-5.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-9230MEDIUM5.6
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-4.el9_7
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2025-14512MEDIUM5.52
glib2
2.68.4-16.el9
fixed in 2.68.4-19.el9_8.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
glibc
2.34-168.el9_6.20
fixed in 2.34-270.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
glibc
2.34-168.el9_6.20
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
glibc-common
2.34-168.el9_6.20
fixed in 2.34-270.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
glibc-common
2.34-168.el9_6.20
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
glibc-minimal-langpack
2.34-168.el9_6.20
fixed in 2.34-270.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
glibc-minimal-langpack
2.34-168.el9_6.20
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-6395MEDIUM5.52
gnutls
3.8.3-6.el9
fixed in 3.8.3-6.el9_6.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4426MEDIUM5.52
libarchive
3.5.3-5.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9149MEDIUM5.52
libsolv
0.7.24-3.el9
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9150MEDIUM5.52
libsolv
0.7.24-3.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-45322MEDIUM5.52
libxml2
2.9.13-9.el9_6
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
openssl-fips-provider
3.0.7-6.el9_5
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
openssl-fips-provider-so
3.0.7-6.el9_5
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
openssl-libs
1:3.2.2-6.el9_5.1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-67735MEDIUM5.52
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.8.Final, 4.1.129.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0636MEDIUM5.52
org.bouncycastle:bcprov-jdk18on
1.78.1
fixed in 1.84
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-68384MEDIUM5.52
org.elasticsearch.plugin:x-pack-security
9.0.2
fixed in 8.19.9, 9.1.9, 9.2.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-12183MEDIUM5.52
org.lz4:lz4-java
1.8.0
fixed in 1.8.1
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-34459MEDIUM5.5
libxml2
2.9.13-9.el9_6
fixed in 2.9.13-14.el9_8.1
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-44605MEDIUM5.5
rpm-libs
4.16.1.3-37.el9
No fix yet
Directly Exposed
CVE-2026-54370MEDIUM5.35
libacl
2.3.1-4.el9
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-54371MEDIUM5.35
libattr
2.5.1-3.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-32989MEDIUM5.3
gnutls
3.8.3-6.el9
fixed in 3.8.3-6.el9_6.2
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-1757MEDIUM5.27
libxml2
2.9.13-9.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit
0.25.3-3.el9_5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit-trust
0.25.3-3.el9_5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libblkid
2.37.4-21.el9
fixed in 2.37.4-21.el9_7
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libmount
2.37.4-21.el9
fixed in 2.37.4-21.el9_7
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libsmartcols
2.37.4-21.el9
fixed in 2.37.4-21.el9_7
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libuuid
2.37.4-21.el9
fixed in 2.37.4-21.el9_7
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-11187MEDIUM5.18
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-22227MEDIUM5.18
io.projectreactor.netty:reactor-netty-http
1.0.45
fixed in 1.3.0-M5, 1.2.8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
glibc
2.34-168.el9_6.20
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15281MEDIUM5.02
glibc
2.34-168.el9_6.20
fixed in 2.34-231.el9_7.10
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
glibc-common
2.34-168.el9_6.20
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
glibc-minimal-langpack
2.34-168.el9_6.20
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-0990MEDIUM5.02
libxml2
2.9.13-9.el9_6
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-fips-provider
3.0.7-6.el9_5
fixed in 3.0.7-11.el9_8
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-fips-provider-so
3.0.7-6.el9_5
fixed in 3.0.7-11.el9_8
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-2.el9_8
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-37727MEDIUM4.84
org.elasticsearch:elasticsearch
9.0.2
fixed in 8.18.8, 8.19.5, 9.0.8, 9.1.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-5916MEDIUM4.76
libarchive
3.5.3-5.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-60753MEDIUM4.67
libarchive
3.5.3-5.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5745MEDIUM4.67
libarchive
3.5.3-5.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-1632MEDIUM4.67
libarchive
3.5.3-5.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2021-46195MEDIUM4.67
libgcc
11.5.0-5.el9_5
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2022-27943MEDIUM4.67
libgcc
11.5.0-5.el9_5
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2021-46195MEDIUM4.67
libstdc++
11.5.0-5.el9_5
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2022-27943MEDIUM4.67
libstdc++
11.5.0-5.el9_5
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-9714MEDIUM4.67
libxml2
2.9.13-9.el9_6
fixed in 2.9.13-14.el9_7
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-15469MEDIUM4.67
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-0232MEDIUM4.67
sqlite-libs
3.34.1-7.el9_3
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.2.11-40.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-1489MEDIUM4.59
glib2
2.68.4-16.el9
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-0915MEDIUM4.5
glibc
2.34-168.el9_6.20
fixed in 2.34-231.el9_7.10
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc
2.34-168.el9_6.20
fixed in 2.34-270.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc-common
2.34-168.el9_6.20
fixed in 2.34-270.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc-minimal-langpack
2.34-168.el9_6.20
fixed in 2.34-270.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-14831MEDIUM4.5
gnutls
3.8.3-6.el9
fixed in 3.8.3-10.el9_7
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42015MEDIUM4.5
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
0.7%
Theoretical Threat
Directly Exposed
CVE-2023-30571MEDIUM4.5
libarchive
3.5.3-5.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libblkid
2.37.4-21.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libmount
2.37.4-21.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libsmartcols
2.37.4-21.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libuuid
2.37.4-21.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
xz-libs
5.2.5-8.el9_0
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-54514MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 2.21.4, 3.1.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-54515MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-47244MEDIUM4.5
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50560MEDIUM4.5
io.netty:netty-codec-http2
4.1.118.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-8885MEDIUM4.5
org.bouncycastle:bc-fips
1.0.2.5
fixed in 1.0.2.6, 2.0.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-8916MEDIUM4.5
org.bouncycastle:bcpkix-jdk18on
1.78.1
fixed in 1.79
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42250MEDIUM4.25
bzip2-libs
1.0.8-10.el9_5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
glibc
2.34-168.el9_6.20
fixed in 2.34-272.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
glibc
2.34-168.el9_6.20
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
glibc-common
2.34-168.el9_6.20
fixed in 2.34-272.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
glibc-common
2.34-168.el9_6.20
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
glibc-minimal-langpack
2.34-168.el9_6.20
fixed in 2.34-272.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
glibc-minimal-langpack
2.34-168.el9_6.20
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-11850MEDIUM4.25
krb5-libs
1.21.1-8.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-5917MEDIUM4.25
libarchive
3.5.3-5.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-68390MEDIUM4.17
org.elasticsearch.plugin:x-pack-core
9.0.2
fixed in 8.19.8, 9.1.8, 9.2.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-4373MEDIUM4.08
glib2
2.68.4-16.el9
fixed in 2.68.4-16.el9_6.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.12.4
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
47.6%
High Exploitation Risk
Post-Exploit
CVE-2026-27456MEDIUM4
libblkid
2.37.4-21.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount
2.37.4-21.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols
2.37.4-21.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid
2.37.4-21.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2024-13176MEDIUM4
openssl-libs
1:3.2.2-6.el9_5.1
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-4598MEDIUM4
systemd-libs
252-51.el9_6.1
fixed in 252-55.el9_7.7
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-11856LOW3.9
curl-minimal
7.76.1-31.el9
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2024-9681LOW3.9
curl-minimal
7.76.1-31.el9
No fix yet
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-11856LOW3.9
libcurl-minimal
7.76.1-31.el9
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2024-9681LOW3.9
libcurl-minimal
7.76.1-31.el9
No fix yet
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-11586LOW3.82
curl-minimal
7.76.1-31.el9
No fix yet
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-12064LOW3.82
curl-minimal
7.76.1-31.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-5773LOW3.82
curl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-6276LOW3.82
curl-minimal
7.76.1-31.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-11586LOW3.82
libcurl-minimal
7.76.1-31.el9
No fix yet
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-12064LOW3.82
libcurl-minimal
7.76.1-31.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-5773LOW3.82
libcurl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-6276LOW3.82
libcurl-minimal
7.76.1-31.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-9547LOW3.77
curl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-9547LOW3.77
libcurl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.17.0
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.9
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-4156LOW3.62
gawk
5.1.0-6.el9
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-6965LOW3.61
sqlite-libs
3.34.1-7.el9_3
fixed in 3.34.1-9.el9_7
73.5%
Actively Exploited
Post-Exploit
CVE-2025-68973LOW3.57
gnupg2
2.3.3-4.el9
fixed in 2.3.3-5.el9_7
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-44604LOW3.57
rpm
4.16.1.3-37.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-1484LOW3.57
glib2
2.68.4-16.el9
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-8058LOW3.57
glibc
2.34-168.el9_6.20
fixed in 2.34-168.el9_6.23
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-8058LOW3.57
glibc-common
2.34-168.el9_6.20
fixed in 2.34-168.el9_6.23
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-8058LOW3.57
glibc-minimal-langpack
2.34-168.el9_6.20
fixed in 2.34-168.el9_6.23
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-11053LOW3.54
curl-minimal
7.76.1-31.el9
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-11053LOW3.54
libcurl-minimal
7.76.1-31.el9
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-42010LOW3.53
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-13034LOW3.47
curl-minimal
7.76.1-31.el9
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-1965LOW3.47
curl-minimal
7.76.1-31.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-13034LOW3.47
libcurl-minimal
7.76.1-31.el9
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-1965LOW3.47
libcurl-minimal
7.76.1-31.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-4438LOW3.4
glibc
2.34-168.el9_6.20
fixed in 2.34-270.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
glibc-common
2.34-168.el9_6.20
fixed in 2.34-270.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
glibc-minimal-langpack
2.34-168.el9_6.20
fixed in 2.34-270.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9820LOW3.4
gnutls
3.8.3-6.el9
fixed in 3.8.3-10.el9_7
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.1-7.el9_7
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-3784LOW3.31
curl-minimal
7.76.1-31.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-5545LOW3.31
curl-minimal
7.76.1-31.el9
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6429LOW3.31
curl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-8924LOW3.31
curl-minimal
7.76.1-31.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-14524LOW3.31
curl-minimal
7.76.1-31.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-3784LOW3.31
libcurl-minimal
7.76.1-31.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-5545LOW3.31
libcurl-minimal
7.76.1-31.el9
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6429LOW3.31
libcurl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-8924LOW3.31
libcurl-minimal
7.76.1-31.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-14524LOW3.31
libcurl-minimal
7.76.1-31.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-58058LOW3.31
nmap-ncat
3:7.92-3.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-15028LOW3.31
libarchive
3.5.3-5.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-44605LOW3.3
rpm
4.16.1.3-37.el9
No fix yet
Post-Exploit
CVE-2022-0529LOW3.3
unzip
6.0-58.el9_5
No fix yet
2.4%
Low-Moderate Risk
Post-Exploit
CVE-2022-0530LOW3.3
unzip
6.0-58.el9_5
No fix yet
2.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-3805LOW3.21
curl-minimal
7.76.1-31.el9
No fix yet
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-3805LOW3.21
libcurl-minimal
7.76.1-31.el9
No fix yet
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-5958LOW3.21
sed
4.8-9.el9
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-9086LOW3.18
curl-minimal
7.76.1-31.el9
fixed in 7.76.1-35.el9_7.3
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2025-9086LOW3.18
libcurl-minimal
7.76.1-31.el9
fixed in 7.76.1-35.el9_7.3
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2025-3360LOW3.15
glib2
2.68.4-16.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-7039LOW3.15
glib2
2.68.4-16.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0988LOW3.15
glib2
2.68.4-16.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3832LOW3.15
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-5419LOW3.15
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0989LOW3.15
libxml2
2.9.13-9.el9_6
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9232LOW3.1
openssl-libs
1:3.2.2-6.el9_5.1
No fix yet
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-14087LOW3
glib2
2.68.4-16.el9
fixed in 2.68.4-19.el9_8.1
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
openssl-libs
1:3.2.2-6.el9_5.1
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-32988LOW2.95
gnutls
3.8.3-6.el9
fixed in 3.8.3-6.el9_6.2
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2026-8925LOW2.92
curl-minimal
7.76.1-31.el9
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-8925LOW2.92
libcurl-minimal
7.76.1-31.el9
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-3783LOW2.91
curl-minimal
7.76.1-31.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-3783LOW2.91
libcurl-minimal
7.76.1-31.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-24883LOW2.8
gnupg2
2.3.3-4.el9
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-41990LOW2.8
libgcrypt
1.10.0-11.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-70873LOW2.8
sqlite-libs
3.34.1-7.el9_3
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-33845LOW2.78
gnutls
3.8.3-6.el9
fixed in 3.8.10-4.el9_8
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
openssl-libs
1:3.2.2-6.el9_5.1
fixed in 1:3.5.5-4.el9_8
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42584LOW2.78
io.netty:netty-codec-http
4.1.118.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-11352LOW2.7
curl-minimal
7.76.1-31.el9
No fix yet
1.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-11352LOW2.7
libcurl-minimal
7.76.1-31.el9
No fix yet
1.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-4873LOW2.7
curl-minimal
7.76.1-31.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6253LOW2.7
curl-minimal
7.76.1-31.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-7168LOW2.7
curl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-4873LOW2.7
libcurl-minimal
7.76.1-31.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6253LOW2.7
libcurl-minimal
7.76.1-31.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-7168LOW2.7
libcurl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2024-7264LOW2.69
curl-minimal
7.76.1-31.el9
No fix yet
17.3%
High Exploitation Risk
Post-Exploit
CVE-2024-7264LOW2.69
libcurl-minimal
7.76.1-31.el9
No fix yet
17.3%
High Exploitation Risk
Post-Exploit
CVE-2026-8286LOW2.48
curl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-15079LOW2.48
curl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-8286LOW2.48
libcurl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-15079LOW2.48
libcurl-minimal
7.76.1-31.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-0992LOW2.46
libxml2
2.9.13-9.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-14017LOW2.45
curl-minimal
7.76.1-31.el9
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-8926LOW2.45
curl-minimal
7.76.1-31.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-14017LOW2.45
libcurl-minimal
7.76.1-31.el9
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-8926LOW2.45
libcurl-minimal
7.76.1-31.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-15224LOW2.4
curl-minimal
7.76.1-31.el9
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-68972LOW2.4
gnupg2
2.3.3-4.el9
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-30258LOW2.4
gnupg2
2.3.3-4.el9
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-15224LOW2.4
libcurl-minimal
7.76.1-31.el9
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-1485LOW2.38
glib2
2.68.4-16.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-5278LOW2.24
coreutils-single
8.32-39.el9
fixed in 8.32-41.el9_8
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-6170LOW2.12
libxml2
2.9.13-9.el9_6
fixed in 2.9.13-14.el9_8.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-56433LOW1.84
shadow-utils
2:4.9-12.el9
fixed in 2:4.9-15.el9
0.4%
Theoretical Threat
Post-Exploit
CVE-2022-3219LOW1.68
gnupg2
2.3.3-4.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2021-4217LOW1.68
unzip
6.0-58.el9_5
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-11961LOW1.61
libpcap
14:1.10.0-4.el9
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-57062LOW1.48
gnupg2
2.3.3-4.el9
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2022-29458NONE0
ncurses-base
6.2-10.20210508.el9
fixed in 6.2-10.20210508.el9_6.2
1.3%
Low-Moderate Risk
Not Applicable
CVE-2022-29458NONE0
ncurses-libs
6.2-10.20210508.el9
fixed in 6.2-10.20210508.el9_6.2
1.3%
Low-Moderate Risk
Not Applicable
CVE-2023-50495NONE0
ncurses-base
6.2-10.20210508.el9
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2023-50495NONE0
ncurses-libs
6.2-10.20210508.el9
No fix yet
1.0%
Theoretical Threat
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.15.0
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.17.2
fixed in 2.21.1, 2.18.6
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.