Vulnerability Reportelasticsearch:9.3.0

elasticsearch:9.3.0
DIGESTsha256:d6dbcf006047aafb87719e6e0b673c2067a760c902bd207059e84b27b22e2bb2

Executive Summary

Last scanned:

Threat Score
100/100DANGEROUS
Reputation
TRUSTED

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could exploit CVE-2026-42581 to perform HTTP request smuggling, bypassing security controls and potentially gaining unauthorized access, or use CVE-2026-33871 to cause a denial of service with minimal bandwidth. The image contains 192 vulnerabilities, and several high-severity issues are remotely exploitable without authentication. Although an official Docker image, the elevated threat score mandates rejection for any production use.

Vulnerabilities

Vulnerability Log

264 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.1.130.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.6%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-42010HIGH7.84
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-33871HIGH7.5
io.netty:netty-codec-http2
4.1.130.Final
fixed in 4.1.132.Final, 4.2.11.Final
1.1%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2026-58014HIGH7.31
glib2
2.68.4-18.el9_7.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-58010MEDIUM6.97
glib2
2.68.4-18.el9_7.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-58012MEDIUM6.97
glib2
2.68.4-18.el9_7.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-58013MEDIUM6.97
glib2
2.68.4-18.el9_7.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42013MEDIUM6.97
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-5260MEDIUM6.97
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-28387MEDIUM6.88
openssl-libs
1:3.5.1-7.el9_7
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54512MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 3.1.4, 2.21.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-54513MEDIUM6.88
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 2.21.4, 3.1.4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.1.130.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45674MEDIUM6.8
io.netty:netty-resolver-dns
4.1.130.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-47691MEDIUM6.8
io.netty:netty-resolver-dns
4.1.130.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-48864MEDIUM6.63
libsolv
0.7.24-3.el9
fixed in 0.7.24-6.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-11979MEDIUM6.63
libxml2
2.9.13-14.el9_7
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-29111MEDIUM6.63
systemd-libs
252-55.el9_7.7
fixed in 252-67.el9_8.2
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-58011MEDIUM6.38
glib2
2.68.4-18.el9_7.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-58015MEDIUM6.38
glib2
2.68.4-18.el9_7.1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-32636MEDIUM6.38
glib2
2.68.4-18.el9_7.1
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-40355MEDIUM6.38
krb5-libs
1.21.1-8.el9_6
fixed in 1.21.1-10.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40356MEDIUM6.38
krb5-libs
1.21.1-8.el9_6
fixed in 1.21.1-10.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-4111MEDIUM6.38
libarchive
3.5.3-6.el9_6
fixed in 3.5.3-7.el9_7
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-4424MEDIUM6.38
libarchive
3.5.3-6.el9_6
fixed in 3.5.3-9.el9_7
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-14164MEDIUM6.38
libarchive
3.5.3-6.el9_6
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-41989MEDIUM6.38
libgcrypt
1.10.0-11.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27135MEDIUM6.38
libnghttp2
1.43.0-6.el9
fixed in 1.43.0-6.el9_7.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-6732MEDIUM6.38
libxml2
2.9.13-14.el9_7
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-3.el9_8
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34183MEDIUM6.38
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
openssl-libs
1:3.5.1-7.el9_7
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
openssl-libs
1:3.5.1-7.el9_7
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2022-41409MEDIUM6.38
pcre2
10.40-6.el9
No fix yet
1.0%
Theoretical Threat
Directly Exposed
CVE-2022-41409MEDIUM6.38
pcre2-syntax
10.40-6.el9
No fix yet
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42583MEDIUM6.38
io.netty:netty-codec
4.1.130.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.1.130.Final
fixed in 4.1.132.Final, 4.2.10.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.1.130.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.1.130.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http2
4.1.130.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-48043MEDIUM6.38
io.netty:netty-codec-http2
4.1.130.Final
fixed in 4.1.135.Final, 4.2.15.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.130.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.130.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42578MEDIUM6.38
io.netty:netty-handler-proxy
4.1.130.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-45292MEDIUM6.38
io.opentelemetry:opentelemetry-api
1.31.0
fixed in 1.62.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-45292MEDIUM6.38
io.opentelemetry:opentelemetry-api
1.47.0
fixed in 1.62.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34479MEDIUM6.38
org.apache.logging.log4j:log4j-1.2-api
2.19.0
fixed in 2.25.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-34478MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.25.0
fixed in 2.25.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.25.0
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-5588MEDIUM6.38
org.bouncycastle:bcpkix-jdk18on
1.79
fixed in 1.84
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-14813MEDIUM6.38
org.bouncycastle:bcprov-jdk18on
1.79
fixed in 1.80.2, 1.81.1, 1.84
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-3833MEDIUM6.29
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42011MEDIUM6.29
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42579MEDIUM6.18
io.netty:netty-codec-dns
4.1.130.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-42584MEDIUM6.18
io.netty:netty-codec-http
4.1.130.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.7%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-42012MEDIUM6.03
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-54369MEDIUM6.03
libacl
2.3.1-4.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4878MEDIUM5.95
libcap
2.48-10.el9
fixed in 2.48-10.el9_8.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-44604MEDIUM5.95
rpm-libs
4.16.1.3-39.el9
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-13151MEDIUM5.9
libtasn1
4.16.0-9.el9
fixed in 4.16.0-10.el9_8
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-41996MEDIUM5.9
openssl-libs
1:3.5.1-7.el9_7
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-22185MEDIUM5.78
openldap
2.6.8-4.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-45673MEDIUM5.78
io.netty:netty-resolver-dns
4.1.130.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4105MEDIUM5.7
systemd-libs
252-55.el9_7.7
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42014MEDIUM5.61
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-5915MEDIUM5.61
libarchive
3.5.3-6.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-5918MEDIUM5.61
libarchive
3.5.3-6.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-14512MEDIUM5.52
glib2
2.68.4-18.el9_7.1
fixed in 2.68.4-19.el9_8.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
glibc
2.34-231.el9_7.10
fixed in 2.34-270.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
glibc
2.34-231.el9_7.10
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
glibc-common
2.34-231.el9_7.10
fixed in 2.34-270.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
glibc-common
2.34-231.el9_7.10
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
glibc-minimal-langpack
2.34-231.el9_7.10
fixed in 2.34-270.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
glibc-minimal-langpack
2.34-231.el9_7.10
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4426MEDIUM5.52
libarchive
3.5.3-6.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9149MEDIUM5.52
libsolv
0.7.24-3.el9
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9150MEDIUM5.52
libsolv
0.7.24-3.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-45322MEDIUM5.52
libxml2
2.9.13-14.el9_7
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
openssl-fips-provider
3.0.7-8.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
openssl-fips-provider-so
3.0.7-8.el9
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
openssl-libs
1:3.5.1-7.el9_7
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.1.130.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.1.130.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0636MEDIUM5.52
org.bouncycastle:bcprov-jdk18on
1.79
fixed in 1.84
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-34459MEDIUM5.5
libxml2
2.9.13-14.el9_7
fixed in 2.9.13-14.el9_8.1
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-44605MEDIUM5.5
rpm-libs
4.16.1.3-39.el9
No fix yet
Directly Exposed
CVE-2026-54370MEDIUM5.35
libacl
2.3.1-4.el9
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-54371MEDIUM5.35
libattr
2.5.1-3.el9
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-1757MEDIUM5.27
libxml2
2.9.13-14.el9_7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit
0.25.3-3.el9_5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit-trust
0.25.3-3.el9_5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-22227MEDIUM5.18
io.projectreactor.netty:reactor-netty-http
1.0.45
fixed in 1.3.0-M5, 1.2.8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
glibc
2.34-231.el9_7.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
glibc-common
2.34-231.el9_7.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
glibc-minimal-langpack
2.34-231.el9_7.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-0990MEDIUM5.02
libxml2
2.9.13-14.el9_7
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-fips-provider
3.0.7-8.el9
fixed in 3.0.7-11.el9_8
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-fips-provider-so
3.0.7-8.el9
fixed in 3.0.7-11.el9_8
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-2.el9_8
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.25.0
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-14087MEDIUM5
glib2
2.68.4-18.el9_7.1
fixed in 2.68.4-19.el9_8.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-6653MEDIUM5
libxml2
2.9.13-14.el9_7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-31789MEDIUM5
openssl-libs
1:3.5.1-7.el9_7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45447MEDIUM4.86
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2025-5916MEDIUM4.76
libarchive
3.5.3-6.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-60753MEDIUM4.67
libarchive
3.5.3-6.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5745MEDIUM4.67
libarchive
3.5.3-6.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-1632MEDIUM4.67
libarchive
3.5.3-6.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2021-46195MEDIUM4.67
libgcc
11.5.0-11.el9
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2022-27943MEDIUM4.67
libgcc
11.5.0-11.el9
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2021-46195MEDIUM4.67
libstdc++
11.5.0-11.el9
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2022-27943MEDIUM4.67
libstdc++
11.5.0-11.el9
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-0232MEDIUM4.67
sqlite-libs
3.34.1-9.el9_7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.2.11-40.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-58016MEDIUM4.64
glib2
2.68.4-18.el9_7.1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33845MEDIUM4.64
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-45445MEDIUM4.64
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-1489MEDIUM4.59
glib2
2.68.4-18.el9_7.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-33846MEDIUM4.5
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-42009MEDIUM4.5
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-5121MEDIUM4.5
libarchive
3.5.3-6.el9_6
fixed in 3.5.3-9.el9_7
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2025-27113MEDIUM4.5
libxml2
2.9.13-14.el9_7
No fix yet
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-2100MEDIUM4.5
p11-kit
0.25.3-3.el9_5
fixed in 0.26.2-1.el9
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-2100MEDIUM4.5
p11-kit-trust
0.25.3-3.el9_5
fixed in 0.26.2-1.el9
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc
2.34-231.el9_7.10
fixed in 2.34-270.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc-common
2.34-231.el9_7.10
fixed in 2.34-270.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc-minimal-langpack
2.34-231.el9_7.10
fixed in 2.34-270.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-14831MEDIUM4.5
gnutls
3.8.3-9.el9
fixed in 3.8.3-10.el9_7
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42015MEDIUM4.5
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
0.7%
Theoretical Threat
Directly Exposed
CVE-2023-30571MEDIUM4.5
libarchive
3.5.3-6.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libblkid
2.37.4-21.el9_7
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libmount
2.37.4-21.el9_7
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libsmartcols
2.37.4-21.el9_7
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13595MEDIUM4.5
libuuid
2.37.4-21.el9_7
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
xz-libs
5.2.5-8.el9_0
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-54514MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 2.18.8, 2.21.4, 3.1.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-54515MEDIUM4.5
com.fasterxml.jackson.core:jackson-databind
2.15.0
fixed in 3.1.4, 2.18.9, 2.21.5, 2.22.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.1.130.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-47244MEDIUM4.5
io.netty:netty-codec-http2
4.1.130.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50560MEDIUM4.5
io.netty:netty-codec-http2
4.1.130.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42250MEDIUM4.25
bzip2-libs
1.0.8-10.el9_5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
glibc
2.34-231.el9_7.10
fixed in 2.34-272.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
glibc
2.34-231.el9_7.10
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
glibc-common
2.34-231.el9_7.10
fixed in 2.34-272.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
glibc-common
2.34-231.el9_7.10
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
glibc-minimal-langpack
2.34-231.el9_7.10
fixed in 2.34-272.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
glibc-minimal-langpack
2.34-231.el9_7.10
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-11850MEDIUM4.25
krb5-libs
1.21.1-8.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-5917MEDIUM4.25
libarchive
3.5.3-6.el9_6
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.19.0
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.25.0
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libblkid
2.37.4-21.el9_7
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount
2.37.4-21.el9_7
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols
2.37.4-21.el9_7
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid
2.37.4-21.el9_7
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2024-13176MEDIUM4
openssl-libs
1:3.5.1-7.el9_7
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-11856LOW3.9
curl-minimal
7.76.1-35.el9_7.3
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2024-9681LOW3.9
curl-minimal
7.76.1-35.el9_7.3
No fix yet
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-11856LOW3.9
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2024-9681LOW3.9
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-11586LOW3.82
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-12064LOW3.82
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-5773LOW3.82
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-6276LOW3.82
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-11586LOW3.82
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-12064LOW3.82
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-5773LOW3.82
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-6276LOW3.82
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-9547LOW3.77
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-9547LOW3.77
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.9
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-4156LOW3.62
gawk
5.1.0-6.el9
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-44604LOW3.57
rpm
4.16.1.3-39.el9
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-1484LOW3.57
glib2
2.68.4-18.el9_7.1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-11053LOW3.54
curl-minimal
7.76.1-35.el9_7.3
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-11053LOW3.54
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2025-13034LOW3.47
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-1965LOW3.47
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-13034LOW3.47
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-1965LOW3.47
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-4438LOW3.4
glibc
2.34-231.el9_7.10
fixed in 2.34-270.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
glibc-common
2.34-231.el9_7.10
fixed in 2.34-270.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
glibc-minimal-langpack
2.34-231.el9_7.10
fixed in 2.34-270.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9820LOW3.4
gnutls
3.8.3-9.el9
fixed in 3.8.3-10.el9_7
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-3784LOW3.31
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-5545LOW3.31
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6429LOW3.31
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-8924LOW3.31
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-14524LOW3.31
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-3784LOW3.31
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-5545LOW3.31
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6429LOW3.31
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-8924LOW3.31
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-14524LOW3.31
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-58058LOW3.31
nmap-ncat
3:7.92-3.el9
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-15028LOW3.31
libarchive
3.5.3-6.el9_6
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-44605LOW3.3
rpm
4.16.1.3-39.el9
No fix yet
Post-Exploit
CVE-2022-0529LOW3.3
unzip
6.0-59.el9
No fix yet
2.4%
Low-Moderate Risk
Post-Exploit
CVE-2022-0530LOW3.3
unzip
6.0-59.el9
No fix yet
2.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-3805LOW3.21
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-3805LOW3.21
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-5958LOW3.21
sed
4.8-9.el9
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-3360LOW3.15
glib2
2.68.4-18.el9_7.1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-7039LOW3.15
glib2
2.68.4-18.el9_7.1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0988LOW3.15
glib2
2.68.4-18.el9_7.1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3832LOW3.15
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-5419LOW3.15
gnutls
3.8.3-9.el9
fixed in 3.8.10-4.el9_8
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0989LOW3.15
libxml2
2.9.13-14.el9_7
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
openssl-libs
1:3.5.1-7.el9_7
fixed in 1:3.5.5-4.el9_8
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9232LOW3.1
openssl-libs
1:3.5.1-7.el9_7
No fix yet
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-8925LOW2.92
curl-minimal
7.76.1-35.el9_7.3
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-8925LOW2.92
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-3783LOW2.91
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-3783LOW2.91
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-24883LOW2.8
gnupg2
2.3.3-5.el9_7
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-41990LOW2.8
libgcrypt
1.10.0-11.el9
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-70873LOW2.8
sqlite-libs
3.34.1-9.el9_7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-11352LOW2.7
curl-minimal
7.76.1-35.el9_7.3
No fix yet
1.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-11352LOW2.7
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
1.0%
Low-Moderate Risk
Post-Exploit
CVE-2026-4873LOW2.7
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6253LOW2.7
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-7168LOW2.7
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-4873LOW2.7
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6253LOW2.7
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-7168LOW2.7
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2024-7264LOW2.69
curl-minimal
7.76.1-35.el9_7.3
No fix yet
17.3%
High Exploitation Risk
Post-Exploit
CVE-2024-7264LOW2.69
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
17.3%
High Exploitation Risk
Post-Exploit
CVE-2026-8286LOW2.48
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-15079LOW2.48
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-8286LOW2.48
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-15079LOW2.48
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-0992LOW2.46
libxml2
2.9.13-14.el9_7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-14017LOW2.45
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-8926LOW2.45
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-14017LOW2.45
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-8926LOW2.45
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-15224LOW2.4
curl-minimal
7.76.1-35.el9_7.3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-68972LOW2.4
gnupg2
2.3.3-5.el9_7
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-30258LOW2.4
gnupg2
2.3.3-5.el9_7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-15224LOW2.4
libcurl-minimal
7.76.1-35.el9_7.3
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-1485LOW2.38
glib2
2.68.4-18.el9_7.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-5278LOW2.24
coreutils-single
8.32-39.el9
fixed in 8.32-41.el9_8
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-6170LOW2.12
libxml2
2.9.13-14.el9_7
fixed in 2.9.13-14.el9_8.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2022-3219LOW1.68
gnupg2
2.3.3-5.el9_7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2021-4217LOW1.68
unzip
6.0-59.el9
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-11961LOW1.61
libpcap
14:1.10.0-4.el9
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-57062LOW1.48
gnupg2
2.3.3-5.el9_7
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2023-50495NONE0
ncurses-base
6.2-12.20210508.el9
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2023-50495NONE0
ncurses-libs
6.2-12.20210508.el9
No fix yet
1.0%
Theoretical Threat
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.15.0
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.17.2
fixed in 2.21.1, 2.18.6
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.