Vulnerability Reportgitlab/gitlab-ce:18.10.8-ce.0

gitlab/gitlab-ce:18.10.8-ce.0
DIGESTsha256:1a520ad6f88796a534d50cf54f34d99c0f163e23e3e528c2eb77fe6a050ef23d

Executive Summary

NEEDS_ATTENTION

This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. It has 18 exposed vulnerabilities, the most severe being CVE-2026-5260 (6.97) which could lead to information disclosure or denial of service via TLS handshake, and CVE-2026-41989 (6.38) allowing denial of service via crafted ECDH ciphertext. Note that CVE-2026-42010 (authentication bypass) requires enabling RSA-PSK, which is not default in GitLab, so its risk is low in typical deployments.

Threat Score
25/100
NEEDS_ATTENTION
Reputation
RELIABLE
gitlab

Vulnerabilities

Vulnerability Log

46 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-5260MEDIUM6.97
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.7%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-42010MEDIUM6.66
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.8%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-41989MEDIUM6.38
libgcrypt20
1.10.3-2build1
fixed in 1.10.3-2ubuntu0.1
0.2%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-42013MEDIUM5.58
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-3833MEDIUM5.03
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-42011MEDIUM5.03
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-42012MEDIUM4.82
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2024-2236MEDIUM4.72
libgcrypt20
1.10.3-2build1
No fix yet
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-42015MEDIUM4.5
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM4.42
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4437MEDIUM4.42
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4438LOW3.4
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-3832LOW3.15
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5419LOW3.15
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-45582LOW2.86
tar
1.35+dfsg-3build1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42366LOW2.8
busybox
1:1.36.1-6ubuntu3.1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5704LOW2.8
tar
1.35+dfsg-3build1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-33845LOW2.78
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-60876LOW2.75
busybox
1:1.36.1-6ubuntu3.1
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-4046LOW2.7
libc-bin
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046LOW2.7
libc6
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-27456LOW2.4
bsdutils
1:2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-33846LOW2.29
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-42009LOW2.29
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.8%
Theoretical Threat
Post-Exploit
CVE-2021-31879LOW2.2
wget
1.21.4-1ubuntu4.1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-6238LOW1.99
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
login
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox
1:1.36.1-6ubuntu3.1
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-34743LOW1.62
liblzma5
5.6.1+really5.4.5-1ubuntu0.2
fixed in 5.6.1+really5.4.5-1ubuntu0.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-40226NONE0
libsystemd0
255.4-1ubuntu8.15
fixed in 255.4-1ubuntu8.16
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-40226NONE0
libudev1
255.4-1ubuntu8.15
fixed in 255.4-1ubuntu8.16
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-27456NONE0
libblkid1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-27456NONE0
libmount1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-27456NONE0
libsmartcols1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-27456NONE0
libuuid1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-40228NONE0
libsystemd0
255.4-1ubuntu8.15
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-40228NONE0
libudev1
255.4-1ubuntu8.15
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox
1:1.36.1-6ubuntu3.1
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-42014NONE0
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
Not Applicable