Last scanned:
This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could cause denial of service, leak sensitive memory, or achieve remote code execution via the exposed OpenSSL and expat vulnerabilities (CVE-2022-0778, CVE-2021-3712). No configuration workarounds fully mitigate these risks; patching is required.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2022-0778 | CRITICAL9.75 | libcrypto1.1 1.1.1k-r0 fixed in 1.1.1n-r0 | 70.6% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2022-0778 | CRITICAL9.75 | libssl1.1 1.1.1k-r0 fixed in 1.1.1n-r0 | 70.6% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2021-3712 | CRITICAL9.62 | libcrypto1.1 1.1.1k-r0 fixed in 1.1.1l-r0 | 50.4% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2021-3712 | CRITICAL9.62 | libssl1.1 1.1.1k-r0 fixed in 1.1.1l-r0 | 50.4% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2022-22827 | HIGH8.8 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-24407 | HIGH8.8 | libsasl 2.1.27-r10 fixed in 2.1.28-r0 | 4.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-40303 | HIGH8.62 | libxml2 2.9.10-r6 fixed in 2.9.14-r2 | 22.8% High Exploitation Risk | Directly Exposed |
| CVE-2021-3517 | HIGH8.6 | libxml2 2.9.10-r6 fixed in 2.9.10-r7 | 8.3% Low-Moderate Risk | Directly Exposed |
| CVE-2022-40674 | HIGH8.1 | expat 2.2.10-r1 fixed in 2.2.10-r7 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2021-46143 | HIGH7.8 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 3.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-40304 | HIGH7.8 | libxml2 2.9.10-r6 fixed in 2.9.14-r2 | 6.8% Low-Moderate Risk | Directly Exposed |
| CVE-2018-25032 | HIGH7.8 | zlib 1.2.11-r3 fixed in 1.2.12-r0 | 52.1% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2022-23990 | HIGH7.5 | expat 2.2.10-r1 fixed in 2.2.10-r3 | 4.0% Low-Moderate Risk | Directly Exposed |
| CVE-2022-25314 | HIGH7.5 | expat 2.2.10-r1 fixed in 2.2.10-r4 | 4.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-43680 | HIGH7.5 | expat 2.2.10-r1 fixed in 2.2.10-r8 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2022-2309 | HIGH7.5 | libxml2 2.9.10-r6 fixed in 2.9.14-r1 | 2.5% Low-Moderate Risk | Directly Exposed |
| CVE-2022-23308 | HIGH7.5 | libxml2 2.9.10-r6 fixed in 2.9.13-r0 | 6.0% Low-Moderate Risk | Directly Exposed |
| CVE-2022-25313 | MEDIUM6.5 | expat 2.2.10-r1 fixed in 2.2.10-r4 | 3.3% Low-Moderate Risk | Directly Exposed |
| CVE-2021-3541 | MEDIUM6.5 | libxml2 2.9.10-r6 fixed in 2.9.11-r0 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2022-29824 | MEDIUM6.5 | libxml2 2.9.10-r6 fixed in 2.9.14-r0 | 3.6% Low-Moderate Risk | Directly Exposed |
| CVE-2021-3537 | MEDIUM5.9 | libxml2 2.9.10-r6 fixed in 2.9.10-r7 | 3.5% Low-Moderate Risk | Directly Exposed |
| CVE-2022-2097 | MEDIUM5.3 | libcrypto1.1 1.1.1k-r0 fixed in 1.1.1q-r0 | 4.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-2097 | MEDIUM5.3 | libssl1.1 1.1.1k-r0 fixed in 1.1.1q-r0 | 4.4% Low-Moderate Risk | Directly Exposed |
| CVE-2021-3995 | MEDIUM4.67 | libuuid 2.36.1-r1 fixed in 2.37.3-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2021-3996 | MEDIUM4.67 | libuuid 2.36.1-r1 fixed in 2.37.3-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2022-0563 | MEDIUM4.67 | libuuid 2.36.1-r1 fixed in 2.37.4-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2021-3711 | MEDIUM4.58 | libcrypto1.1 1.1.1k-r0 fixed in 1.1.1l-r0 | 87.8% Actively Exploited | Post-Exploit |
| CVE-2021-3711 | MEDIUM4.58 | libssl1.1 1.1.1k-r0 fixed in 1.1.1l-r0 | 87.8% Actively Exploited | Post-Exploit |
| CVE-2022-27775 | MEDIUM4.5 | libcurl 7.76.1-r0 fixed in 7.79.1-r1 | 2.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-27781 | MEDIUM4.5 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 2.4% Low-Moderate Risk | Post-Exploit |
| CVE-2022-27782 | MEDIUM4.5 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2022-32206 | MEDIUM4.48 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 32.0% High Exploitation Risk | Post-Exploit |
| CVE-2021-42378 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42379 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42380 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.8% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42381 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42382 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42383 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.1% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42384 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42385 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42386 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42378 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42379 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42380 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.8% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42381 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42382 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42383 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.1% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42384 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42385 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42386 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-25236 | MEDIUM4.06 | expat 2.2.10-r1 fixed in 2.2.10-r4 | 34.2% High Exploitation Risk | Post-Exploit |
| CVE-2022-37434 | MEDIUM4.06 | zlib 1.2.11-r3 fixed in 1.2.12-r2 | 16.0% High Exploitation Risk | Post-Exploit |
| CVE-2021-22922 | LOW3.9 | libcurl 7.76.1-r0 fixed in 7.78.0-r0 | 4.3% Low-Moderate Risk | Post-Exploit |
| CVE-2022-27776 | LOW3.9 | libcurl 7.76.1-r0 fixed in 7.79.1-r1 | 3.4% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22901 | LOW3.79 | libcurl 7.76.1-r0 fixed in 7.77.0-r0 | 60.1% Actively Exploited | Post-Exploit |
| CVE-2021-22947 | LOW3.54 | libcurl 7.76.1-r0 fixed in 7.79.0-r0 | 2.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-32208 | LOW3.54 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 6.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-22822 | LOW3.53 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 4.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-22823 | LOW3.53 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 3.4% Low-Moderate Risk | Post-Exploit |
| CVE-2022-22824 | LOW3.53 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 3.4% Low-Moderate Risk | Post-Exploit |
| CVE-2022-23852 | LOW3.53 | expat 2.2.10-r1 fixed in 2.2.10-r3 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-25235 | LOW3.53 | expat 2.2.10-r1 fixed in 2.2.10-r4 | 5.0% Low-Moderate Risk | Post-Exploit |
| CVE-2022-25315 | LOW3.53 | expat 2.2.10-r1 fixed in 2.2.10-r4 | 4.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-32207 | LOW3.53 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 6.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-27774 | LOW3.42 | libcurl 7.76.1-r0 fixed in 7.79.1-r1 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-36159 | LOW3.28 | apk-tools 2.12.5-r0 fixed in 2.12.6-r0 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22945 | LOW3.28 | libcurl 7.76.1-r0 fixed in 7.79.0-r0 | 6.2% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22923 | LOW3.18 | libcurl 7.76.1-r0 fixed in 7.78.0-r0 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22925 | LOW3.18 | libcurl 7.76.1-r0 fixed in 7.78.0-r0 | 4.9% Low-Moderate Risk | Post-Exploit |
| CVE-2022-28391 | LOW3.17 | busybox 1.32.1-r6 fixed in 1.32.1-r8 | 3.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-45960 | LOW3.17 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 4.2% Low-Moderate Risk | Post-Exploit |
| CVE-2022-22825 | LOW3.17 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2022-22826 | LOW3.17 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 2.8% Low-Moderate Risk | Post-Exploit |
| CVE-2021-3518 | LOW3.17 | libxml2 2.9.10-r6 fixed in 2.9.10-r7 | 3.7% Low-Moderate Risk | Post-Exploit |
| CVE-2022-28391 | LOW3.17 | ssl_client 1.32.1-r6 fixed in 1.32.1-r8 | 3.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-1271 | LOW3.17 | xz-libs 5.2.5-r0 fixed in 5.2.5-r1 | 4.3% Low-Moderate Risk | Post-Exploit |
| CVE-2022-32205 | LOW2.97 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 26.9% High Exploitation Risk | Post-Exploit |
| CVE-2022-22576 | LOW2.92 | libcurl 7.76.1-r0 fixed in 7.79.1-r1 | 1.9% Low-Moderate Risk | Post-Exploit |
| CVE-2022-30065 | LOW2.81 | busybox 1.32.1-r6 fixed in 1.32.1-r9 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2022-30065 | LOW2.81 | ssl_client 1.32.1-r6 fixed in 1.32.1-r9 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42375 | LOW2.8 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2021-42375 | LOW2.8 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2021-22946 | LOW2.7 | libcurl 7.76.1-r0 fixed in 7.79.0-r0 | 4.2% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42374 | LOW2.7 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2021-42374 | LOW2.7 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2021-22924 | LOW2.22 | libcurl 7.76.1-r0 fixed in 7.78.0-r0 | 6.3% Low-Moderate Risk | Post-Exploit |
| CVE-2022-35252 | LOW2.22 | libcurl 7.76.1-r0 fixed in 7.79.1-r3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22898 | LOW1.86 | libcurl 7.76.1-r0 fixed in 7.77.0-r0 | 4.4% Low-Moderate Risk | Post-Exploit |
| CVE-2021-35940.patch | NONE0 | apr 1.7.0-r0 fixed in 1.7.0-r1 | — | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.