Vulnerability Reportghost:6.44.0

ghost:6.44.0-bookwormghost:6.44.0

DIGESTsha256:cf579779e8c448586bcd549789c753e1acafe7b1ae3a8a06c3f9712497efb335

Executive Summary

CAUTION

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could cause denial of service by sending malicious HTTP headers or crafted input strings to the server. Updating the http-cache-semantics and validator packages to their latest patched versions would fully eliminate these two high-severity vulnerabilities. Both vulnerabilities are exploitable in the default configuration without special conditions.

Threat Score

74/100

CAUTION

Two high-severity ReDoS vulnerabilities (CVE-2022-25881, CVE-2021-3765) with CVSS 7.5 and high context importance are exposed on the network-facing surface.
The image is an official Docker image trusted by Docker, but contains 50 exposed vulnerabilities and 72 post-exploit total vulnerabilities.
No post-exploit-only vulnerabilities are present, but the exposed surface includes critical libraries used for input validation and caching.
The threat score of 74 falls into the CAUTION band, indicating significant risk.

Reputation

TRUSTED

Docker Official

OFFICIAL

Official Docker Hub Image
Pinned by digest (Immutable)

Vulnerabilities

Vulnerability Log

184 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2022-25881	HIGH7.5	http-cache-semantics 3.8.1 fixed in 4.1.1	1.6% Low-Moderate Risk	Directly ExposedContext importance: HIGH
CVE-2021-3765	HIGH7.5	validator 7.2.0 fixed in 13.7.0	1.7% Low-Moderate Risk	Directly ExposedContext importance: HIGH
CVE-2025-13151	MEDIUM5.9	libtasn1-6 4.19.0-2+deb12u1 No fix yet	1.1% Low-Moderate Risk	Directly Exposed
CVE-2011-3389	MEDIUM5.59	libgnutls30 3.7.9-2+deb12u6 No fix yet	73.3% Actively Exploited	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc6 2.36-9+deb12u14 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-33671	MEDIUM5.52	picomatch 4.0.3 fixed in 4.0.4, 3.0.2, 2.3.2	0.4% Theoretical Threat	Directly Exposed
CVE-2019-1010024	MEDIUM5.3	libc6 2.36-9+deb12u14 No fix yet	3.2% Low-Moderate Risk	Directly Exposed
CVE-2019-1010025	MEDIUM5.3	libc6 2.36-9+deb12u14 No fix yet	2.3% Low-Moderate Risk	Directly Exposed
CVE-2022-33987	MEDIUM5.3	got 8.3.2 fixed in 12.1.0, 11.8.5	1.9% Low-Moderate Risk	Directly Exposed
CVE-2022-33987	MEDIUM5.3	got 9.6.0 fixed in 12.1.0, 11.8.5	1.9% Low-Moderate Risk	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libblkid1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libmount1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-14104	MEDIUM5.18	libuuid1 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42338	MEDIUM5.18	ip-address 10.1.0 fixed in 10.1.1	0.3% Theoretical Threat	Directly Exposed
CVE-2026-33750	MEDIUM5.1	brace-expansion 2.0.2 fixed in 5.0.5, 3.0.2, 2.0.3, 1.1.13	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-5435	MEDIUM5.02	libc6 2.36-9+deb12u14 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libblkid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgcc-s1 12.2.0-14+deb12u1 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libmount1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libstdc++6 12.2.0-14+deb12u1 No fix yet	0.9% Theoretical Threat	Directly Exposed
CVE-2022-0563	MEDIUM4.67	libuuid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-27171	MEDIUM4.67	zlib1g 1:1.2.13.dfsg-1 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libblkid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42015	MEDIUM4.5	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.7% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.4.1-1 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libmount1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2023-31437	MEDIUM4.5	libsystemd0 252.39-1~deb12u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31438	MEDIUM4.5	libsystemd0 252.39-1~deb12u2 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2023-31439	MEDIUM4.5	libsystemd0 252.39-1~deb12u2 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-3184	MEDIUM4.5	libuuid1 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Directly Exposed
CVE-2026-33672	MEDIUM4.5	picomatch 4.0.3 fixed in 4.0.4, 3.0.2, 2.3.2	0.4% Theoretical Threat	Directly Exposed
CVE-2026-42250	MEDIUM4.25	libbz2-1.0 1.0.8-5+b1 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-5450	MEDIUM4.25	libc6 2.36-9+deb12u14 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5928	MEDIUM4.25	libc6 2.36-9+deb12u14 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2010-4756	MEDIUM4	libc6 2.36-9+deb12u14 No fix yet	2.6% Low-Moderate Risk	Directly Exposed
CVE-2026-48962	LOW3.98	perl-base 5.36.0-7+deb12u3 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW3.7	libapt-pkg6.0 2.6.1 No fix yet	1.2% Low-Moderate Risk	Directly Exposed
CVE-2005-2541	LOW3.6	tar 1.34+dfsg-1.2+deb12u1 No fix yet	4.0% Low-Moderate Risk	Post-Exploit
CVE-2019-1010022	LOW3.53	libc-bin 2.36-9+deb12u14 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2019-1010022	LOW3.53	libc6 2.36-9+deb12u14 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2023-45853	LOW3.53	zlib1g 1:1.2.13.dfsg-1 No fix yet	2.9% Low-Moderate Risk	Post-Exploit
CVE-2016-2781	LOW3.31	coreutils 9.1-1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-6238	LOW3.31	libc-bin 2.36-9+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2019-1010024	LOW3.18	libc-bin 2.36-9+deb12u14 No fix yet	3.2% Low-Moderate Risk	Post-Exploit
CVE-2019-1010025	LOW3.18	libc-bin 2.36-9+deb12u14 No fix yet	2.3% Low-Moderate Risk	Post-Exploit
CVE-2019-1010023	LOW3.17	libc-bin 2.36-9+deb12u14 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2019-1010023	LOW3.17	libc6 2.36-9+deb12u14 No fix yet	3.1% Low-Moderate Risk	Post-Exploit
CVE-2026-5419	LOW3.15	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.5% Theoretical Threat	Directly Exposed
CVE-2025-14104	LOW3.11	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	mount 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-14104	LOW3.11	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-5435	LOW3.01	libc-bin 2.36-9+deb12u14 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-42010	LOW3	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.8% Theoretical Threat	Post-Exploit
CVE-2026-8376	LOW3	perl-base 5.36.0-7+deb12u3 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2023-31486	LOW2.92	perl-base 5.36.0-7+deb12u3 No fix yet	1.7% Low-Moderate Risk	Post-Exploit
CVE-2022-0563	LOW2.8	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	mount 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 1.34+dfsg-1.2+deb12u1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-0563	LOW2.8	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2013-4392	LOW2.8	libsystemd0 252.39-1~deb12u2 No fix yet	0.5% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd0 252.39-1~deb12u2 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-33845	LOW2.78	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.6% Theoretical Threat	Post-Exploit
CVE-2026-42496	LOW2.78	perl-base 5.36.0-7+deb12u3 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2018-20796	LOW2.7	libc-bin 2.36-9+deb12u14 No fix yet	5.8% Low-Moderate Risk	Post-Exploit
CVE-2019-9192	LOW2.7	libc-bin 2.36-9+deb12u14 No fix yet	2.4% Low-Moderate Risk	Post-Exploit
CVE-2018-20796	LOW2.7	libc6 2.36-9+deb12u14 No fix yet	5.8% Low-Moderate Risk	Post-Exploit
CVE-2019-9192	LOW2.7	libc6 2.36-9+deb12u14 No fix yet	2.4% Low-Moderate Risk	Post-Exploit
CVE-2018-6829	LOW2.7	libgcrypt20 1.10.1-3 No fix yet	1.8% Low-Moderate Risk	Post-Exploit
CVE-2026-3184	LOW2.7	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	mount 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3184	LOW2.7	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5450	LOW2.55	libc-bin 2.36-9+deb12u14 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2026-5928	LOW2.55	libc-bin 2.36-9+deb12u14 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42013	LOW2.51	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5260	LOW2.51	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.7% Theoretical Threat	Post-Exploit
CVE-2007-5686	LOW2.5	passwd 1:4.13+dfsg1-1+deb12u2 No fix yet	0.9% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2017-18018	LOW2.4	coreutils 9.1-1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2025-30258	LOW2.4	gpgv 2.2.40-1.1+deb12u2 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2025-68972	LOW2.4	gpgv 2.2.40-1.1+deb12u2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux-extra 2.38.1-5+deb12u3 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2010-4756	LOW2.4	libc-bin 2.36-9+deb12u14 No fix yet	2.6% Low-Moderate Risk	Post-Exploit
CVE-2026-41989	LOW2.29	libgcrypt20 1.10.1-3 fixed in 1.10.1-3+deb12u1	0.2% Theoretical Threat	Post-Exploit
CVE-2026-33846	LOW2.29	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.9% Theoretical Threat	Post-Exploit
CVE-2026-42009	LOW2.29	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.8% Theoretical Threat	Post-Exploit
CVE-2026-42497	LOW2.29	perl-base 5.36.0-7+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-9538	LOW2.29	perl-base 5.36.0-7+deb12u3 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-3833	LOW2.26	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42011	LOW2.26	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.3% Theoretical Threat	Post-Exploit
CVE-2025-5278	LOW2.24	coreutils 9.1-1 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2011-3374	LOW2.22	apt 2.6.1 No fix yet	1.2% Low-Moderate Risk	Post-Exploit
CVE-2026-42012	LOW2.17	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	0.3% Theoretical Threat	Post-Exploit
CVE-2024-2236	LOW2.12	libgcrypt20 1.10.1-3 No fix yet	1.1% Low-Moderate Risk	Post-Exploit
CVE-2024-56433	LOW1.84	passwd 1:4.13+dfsg1-1+deb12u2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2022-3219	LOW1.68	gpgv 2.2.40-1.1+deb12u2 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2011-4116	LOW1.68	perl-base 5.36.0-7+deb12u3 No fix yet	0.5% Theoretical Threat	Post-Exploit
CVE-2025-68121	NONE0	stdlib v1.24.6 fixed in 1.24.13, 1.25.7, 1.26.0-rc.3	0.8% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	libtinfo6 6.4-4 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-base 6.4-4 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-69720	NONE0	ncurses-bin 6.4-4 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-61726	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	0.8% Theoretical Threat	Not Applicable
CVE-2025-61729	NONE0	stdlib v1.24.6 fixed in 1.24.11, 1.25.5	0.5% Theoretical Threat	Not Applicable
CVE-2026-25679	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	0.5% Theoretical Threat	Not Applicable
CVE-2026-32280	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Not Applicable
CVE-2026-32281	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-32283	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Not Applicable
CVE-2026-33811	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.5% Theoretical Threat	Not Applicable
CVE-2026-33814	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-39820	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-39836	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2025-58183	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Not Applicable
CVE-2025-61728	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	0.6% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libtinfo6 6.4-4 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-base 6.4-4 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-bin 6.4-4 No fix yet	1.0% Theoretical Threat	Not Applicable
CVE-2025-61727	NONE0	stdlib v1.24.6 fixed in 1.24.11, 1.25.5	0.3% Theoretical Threat	Not Applicable
CVE-2026-32282	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-32289	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2022-27943	NONE0	gcc-12-base 12.2.0-14+deb12u1 No fix yet	0.9% Theoretical Threat	Not Applicable
CVE-2026-32288	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Not Applicable
CVE-2026-27142	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	0.3% Theoretical Threat	Not Applicable
CVE-2026-39826	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2023-31437	NONE0	libudev1 252.39-1~deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2023-31438	NONE0	libudev1 252.39-1~deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2023-31439	NONE0	libudev1 252.39-1~deb12u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-47912	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Not Applicable
CVE-2025-58185	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Not Applicable
CVE-2025-58187	NONE0	stdlib v1.24.6 fixed in 1.24.9, 1.25.3	0.4% Theoretical Threat	Not Applicable
CVE-2025-58188	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.3% Theoretical Threat	Not Applicable
CVE-2025-58189	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Not Applicable
CVE-2025-61723	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.6% Theoretical Threat	Not Applicable
CVE-2025-61724	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Not Applicable
CVE-2025-61725	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.6% Theoretical Threat	Not Applicable
CVE-2025-61730	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	0.3% Theoretical Threat	Not Applicable
CVE-2025-58186	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Not Applicable
CVE-2007-5686	NONE0	login 1:4.13+dfsg1-1+deb12u2 No fix yet	0.9% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-modules 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-modules-bin 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam-runtime 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-10041	NONE0	libpam0g 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2024-56433	NONE0	login 1:4.13+dfsg1-1+deb12u2 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	libtinfo6 6.4-4 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2013-4392	NONE0	libudev1 252.39-1~deb12u2 No fix yet	0.5% Theoretical Threat	Not Applicable
CVE-2026-40228	NONE0	libudev1 252.39-1~deb12u2 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-base 6.4-4 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2025-6141	NONE0	ncurses-bin 6.4-4 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-27139	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	0.2% Theoretical Threat	Not Applicable
TEMP-0841856-B18BAF	NONE0	bash 5.2.15-2+b13 No fix yet	—	Not Applicable
CVE-2026-42014	NONE0	libgnutls30 3.7.9-2+deb12u6 fixed in 3.7.9-2+deb12u7	—	Not Applicable
CVE-2026-54411	NONE0	libpam-modules 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-modules-bin 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam-runtime 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
CVE-2026-54411	NONE0	libpam0g 1.5.2-6+deb12u2 No fix yet	0.3% Theoretical Threat	Not Applicable
TEMP-0628843-DBAD28	NONE0	login 1:4.13+dfsg1-1+deb12u2 No fix yet	—	Not Applicable
TEMP-0628843-DBAD28	NONE0	passwd 1:4.13+dfsg1-1+deb12u2 No fix yet	—	Not Applicable
CVE-2026-48959	NONE0	perl-base 5.36.0-7+deb12u3 No fix yet	0.4% Theoretical Threat	Not Applicable
CVE-2025-15649	NONE0	perl-base 5.36.0-7+deb12u3 No fix yet	0.1% Theoretical Threat	Not Applicable
CVE-2026-7010	NONE0	perl-base 5.36.0-7+deb12u3 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-48961	NONE0	perl-base 5.36.0-7+deb12u3 No fix yet	0.3% Theoretical Threat	Not Applicable
TEMP-0517018-A83CE6	NONE0	sysvinit-utils 3.06-4 No fix yet	—	Not Applicable
TEMP-0290435-0B57B5	NONE0	tar 1.34+dfsg-1.2+deb12u1 No fix yet	—	Not Applicable
CVE-2026-12143	NONE0	form-data 4.0.5 fixed in 2.5.6, 3.0.5, 4.0.6	0.3% Theoretical Threat	Not Applicable
CVE-2026-53655	NONE0	tar 7.5.11 fixed in 7.5.16	—	Not Applicable
CVE-2026-53655	NONE0	tar 7.5.15 fixed in 7.5.16	—	Not Applicable
CVE-2025-12758	NONE0	validator 7.2.0 fixed in 13.15.22	0.4% Theoretical Threat	Not Applicable
CVE-2025-56200	NONE0	validator 7.2.0 fixed in 13.15.20	0.3% Theoretical Threat	Not Applicable
CVE-2026-39823	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.3% Theoretical Threat	Not Applicable
CVE-2026-39825	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.24.6 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.24.6 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.24.6 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable