Last scanned:
This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could achieve remote code execution via crafted XML (CVE-2022-25236) or gzip data (CVE-2022-37434 if mod_deflate is active), or cause a denial of service via a crafted TLS certificate (CVE-2022-0778). The expat and OpenSSL vulnerabilities are directly exploitable without special configuration; the zlib issue requires the server to process gzip content with inflateGetHeader, which may not be default. As an official image, supply chain trust is high, but the vulnerability density is unacceptable for production. Immediate remediation via update or alternate base image is required.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2022-25236 | CRITICAL10 | expat 2.2.10-r1 fixed in 2.2.10-r4 | 34.2% High Exploitation Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-37434 | CRITICAL10 | zlib 1.2.11-r3 fixed in 1.2.12-r2 | 16.0% High Exploitation Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-22822 | CRITICAL9.8 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 4.8% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-22823 | CRITICAL9.8 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 3.4% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-22824 | CRITICAL9.8 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 3.4% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-23852 | CRITICAL9.8 | expat 2.2.10-r1 fixed in 2.2.10-r3 | 4.5% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-25235 | CRITICAL9.8 | expat 2.2.10-r1 fixed in 2.2.10-r4 | 5.0% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-25315 | CRITICAL9.8 | expat 2.2.10-r1 fixed in 2.2.10-r4 | 4.8% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-0778 | CRITICAL9.75 | libcrypto1.1 1.1.1k-r0 fixed in 1.1.1n-r0 | 70.6% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2022-0778 | CRITICAL9.75 | libssl1.1 1.1.1k-r0 fixed in 1.1.1n-r0 | 70.6% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2018-25032 | CRITICAL9.75 | zlib 1.2.11-r3 fixed in 1.2.12-r0 | 52.1% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2021-45960 | HIGH8.8 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 4.2% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-22825 | HIGH8.8 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 2.6% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-22826 | HIGH8.8 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 2.8% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-22827 | HIGH8.8 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-24407 | HIGH8.8 | libsasl 2.1.27-r10 fixed in 2.1.28-r0 | 4.1% Low-Moderate Risk | Directly Exposed |
| CVE-2021-3518 | HIGH8.8 | libxml2 2.9.10-r6 fixed in 2.9.10-r7 | 3.7% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2022-40303 | HIGH8.62 | libxml2 2.9.10-r6 fixed in 2.9.14-r2 | 22.8% High Exploitation Risk | Directly Exposed |
| CVE-2021-3517 | HIGH8.6 | libxml2 2.9.10-r6 fixed in 2.9.10-r7 | 8.3% Low-Moderate Risk | Directly Exposed |
| CVE-2022-40674 | HIGH8.1 | expat 2.2.10-r1 fixed in 2.2.10-r7 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2021-3711 | HIGH8 | libcrypto1.1 1.1.1k-r0 fixed in 1.1.1l-r0 | 87.8% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2021-3711 | HIGH8 | libssl1.1 1.1.1k-r0 fixed in 1.1.1l-r0 | 87.8% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2021-46143 | HIGH7.8 | expat 2.2.10-r1 fixed in 2.2.10-r2 | 3.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-40304 | HIGH7.8 | libxml2 2.9.10-r6 fixed in 2.9.14-r2 | 6.8% Low-Moderate Risk | Directly Exposed |
| CVE-2021-3712 | HIGH7.7 | libcrypto1.1 1.1.1k-r0 fixed in 1.1.1l-r0 | 50.4% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2021-3712 | HIGH7.7 | libssl1.1 1.1.1k-r0 fixed in 1.1.1l-r0 | 50.4% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2022-23990 | HIGH7.5 | expat 2.2.10-r1 fixed in 2.2.10-r3 | 4.0% Low-Moderate Risk | Directly Exposed |
| CVE-2022-25314 | HIGH7.5 | expat 2.2.10-r1 fixed in 2.2.10-r4 | 4.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-43680 | HIGH7.5 | expat 2.2.10-r1 fixed in 2.2.10-r8 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2022-2309 | HIGH7.5 | libxml2 2.9.10-r6 fixed in 2.9.14-r1 | 2.5% Low-Moderate Risk | Directly Exposed |
| CVE-2022-23308 | HIGH7.5 | libxml2 2.9.10-r6 fixed in 2.9.13-r0 | 6.0% Low-Moderate Risk | Directly Exposed |
| CVE-2022-25313 | MEDIUM6.5 | expat 2.2.10-r1 fixed in 2.2.10-r4 | 3.3% Low-Moderate Risk | Directly Exposed |
| CVE-2021-3541 | MEDIUM6.5 | libxml2 2.9.10-r6 fixed in 2.9.11-r0 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2022-29824 | MEDIUM6.5 | libxml2 2.9.10-r6 fixed in 2.9.14-r0 | 3.6% Low-Moderate Risk | Directly Exposed |
| CVE-2021-3537 | MEDIUM5.9 | libxml2 2.9.10-r6 fixed in 2.9.10-r7 | 3.5% Low-Moderate Risk | Directly Exposed |
| CVE-2022-2097 | MEDIUM5.3 | libcrypto1.1 1.1.1k-r0 fixed in 1.1.1q-r0 | 4.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-2097 | MEDIUM5.3 | libssl1.1 1.1.1k-r0 fixed in 1.1.1q-r0 | 4.4% Low-Moderate Risk | Directly Exposed |
| CVE-2021-3995 | MEDIUM4.67 | libuuid 2.36.1-r1 fixed in 2.37.3-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2021-3996 | MEDIUM4.67 | libuuid 2.36.1-r1 fixed in 2.37.3-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2022-0563 | MEDIUM4.67 | libuuid 2.36.1-r1 fixed in 2.37.4-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2022-27775 | MEDIUM4.5 | libcurl 7.76.1-r0 fixed in 7.79.1-r1 | 2.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-27781 | MEDIUM4.5 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 2.4% Low-Moderate Risk | Post-Exploit |
| CVE-2022-27782 | MEDIUM4.5 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2022-32206 | MEDIUM4.48 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 32.0% High Exploitation Risk | Post-Exploit |
| CVE-2021-42378 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42379 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42380 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.8% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42381 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42382 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42383 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.1% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42384 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42385 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42386 | MEDIUM4.32 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42378 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42379 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42380 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.8% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42381 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42382 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42383 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.1% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42384 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42385 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42386 | MEDIUM4.32 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22922 | LOW3.9 | libcurl 7.76.1-r0 fixed in 7.78.0-r0 | 4.3% Low-Moderate Risk | Post-Exploit |
| CVE-2022-27776 | LOW3.9 | libcurl 7.76.1-r0 fixed in 7.79.1-r1 | 3.4% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22901 | LOW3.79 | libcurl 7.76.1-r0 fixed in 7.77.0-r0 | 60.1% Actively Exploited | Post-Exploit |
| CVE-2021-22947 | LOW3.54 | libcurl 7.76.1-r0 fixed in 7.79.0-r0 | 2.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-32208 | LOW3.54 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 6.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-32207 | LOW3.53 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 6.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-27774 | LOW3.42 | libcurl 7.76.1-r0 fixed in 7.79.1-r1 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-36159 | LOW3.28 | apk-tools 2.12.5-r0 fixed in 2.12.6-r0 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22945 | LOW3.28 | libcurl 7.76.1-r0 fixed in 7.79.0-r0 | 6.2% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22923 | LOW3.18 | libcurl 7.76.1-r0 fixed in 7.78.0-r0 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22925 | LOW3.18 | libcurl 7.76.1-r0 fixed in 7.78.0-r0 | 4.9% Low-Moderate Risk | Post-Exploit |
| CVE-2022-28391 | LOW3.17 | busybox 1.32.1-r6 fixed in 1.32.1-r8 | 3.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-28391 | LOW3.17 | ssl_client 1.32.1-r6 fixed in 1.32.1-r8 | 3.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-1271 | LOW3.17 | xz-libs 5.2.5-r0 fixed in 5.2.5-r1 | 4.3% Low-Moderate Risk | Post-Exploit |
| CVE-2022-32205 | LOW2.97 | libcurl 7.76.1-r0 fixed in 7.79.1-r2 | 26.9% High Exploitation Risk | Post-Exploit |
| CVE-2022-22576 | LOW2.92 | libcurl 7.76.1-r0 fixed in 7.79.1-r1 | 1.9% Low-Moderate Risk | Post-Exploit |
| CVE-2022-30065 | LOW2.81 | busybox 1.32.1-r6 fixed in 1.32.1-r9 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2022-30065 | LOW2.81 | ssl_client 1.32.1-r6 fixed in 1.32.1-r9 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42375 | LOW2.8 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2021-42375 | LOW2.8 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2021-22946 | LOW2.7 | libcurl 7.76.1-r0 fixed in 7.79.0-r0 | 4.2% Low-Moderate Risk | Post-Exploit |
| CVE-2021-42374 | LOW2.7 | busybox 1.32.1-r6 fixed in 1.32.1-r7 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2021-42374 | LOW2.7 | ssl_client 1.32.1-r6 fixed in 1.32.1-r7 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2021-22924 | LOW2.22 | libcurl 7.76.1-r0 fixed in 7.78.0-r0 | 6.3% Low-Moderate Risk | Post-Exploit |
| CVE-2022-35252 | LOW2.22 | libcurl 7.76.1-r0 fixed in 7.79.1-r3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2021-22898 | LOW1.86 | libcurl 7.76.1-r0 fixed in 7.77.0-r0 | 4.4% Low-Moderate Risk | Post-Exploit |
| CVE-2021-35940.patch | NONE0 | apr 1.7.0-r0 fixed in 1.7.0-r1 | — | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.