Last scanned:
This image carries significant risk; production deployment is highly discouraged without strict compensating controls. The highest-severity vulnerabilities (CVE-2024-56171 and CVE-2025-49796) could allow remote code execution or denial of service if the server is configured to process untrusted XML (e.g., via WebDAV or schematron). However, these require non-default modules to be enabled; a standard Apache httpd deployment is not affected. Disabling unused XML-related modules (e.g., mod_dav, mod_schematron) fully eliminates these risks. The remaining OpenSSL CVEs only cause denial of service under very specific conditions and have low practical impact. Despite the high trust score, the large number of exposed vulnerabilities warrants caution.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2024-56171 | HIGH7.84 | libxml2 2.13.4-r3 fixed in 2.13.4-r4 | 1.1% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2025-49796 | HIGH7.28 | libxml2 2.13.4-r3 fixed in 2.13.9-r0 | 1.4% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2025-69421 | MEDIUM6.38 | libcrypto3 3.3.2-r4 fixed in 3.3.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28388 | MEDIUM6.38 | libcrypto3 3.3.2-r4 fixed in 3.3.7-r0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-28389 | MEDIUM6.38 | libcrypto3 3.3.2-r4 fixed in 3.3.7-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | libcrypto3 3.3.2-r4 fixed in 3.3.7-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-45186 | MEDIUM6.38 | libexpat 2.6.4-r0 fixed in 2.8.1-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69421 | MEDIUM6.38 | libssl3 3.3.2-r4 fixed in 3.3.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28388 | MEDIUM6.38 | libssl3 3.3.2-r4 fixed in 3.3.7-r0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-28389 | MEDIUM6.38 | libssl3 3.3.2-r4 fixed in 3.3.7-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | libssl3 3.3.2-r4 fixed in 3.3.7-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-32414 | MEDIUM6.38 | libxml2 2.13.4-r3 fixed in 2.13.4-r6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-32415 | MEDIUM6.38 | libxml2 2.13.4-r3 fixed in 2.13.4-r6 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-49795 | MEDIUM6.38 | libxml2 2.13.4-r3 fixed in 2.13.9-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-6732 | MEDIUM6.38 | libxml2 2.13.4-r3 fixed in 2.13.9-r1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-27135 | MEDIUM6.38 | nghttp2-libs 1.64.0-r0 fixed in 1.68.1 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libcrypto3 3.3.2-r4 fixed in 3.3.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libssl3 3.3.2-r4 fixed in 3.3.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-49794 | MEDIUM6.18 | libxml2 2.13.4-r3 fixed in 2.13.9-r0 | 0.7% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-33630 | MEDIUM6 | c-ares 1.34.3-r0 fixed in 1.34.8-r0 | — | Directly ExposedContext importance: MEDIUM |
| CVE-2024-8176 | MEDIUM6 | libexpat 2.6.4-r0 fixed in 2.7.0-r0 | 1.6% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2025-27113 | MEDIUM6 | libxml2 2.13.4-r3 fixed in 2.13.4-r5 | 1.0% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2025-6021 | MEDIUM6 | libxml2 2.13.4-r3 fixed in 2.13.9-r0 | 1.1% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2025-31498 | MEDIUM5.95 | c-ares 1.34.3-r0 fixed in 1.34.5-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-26519 | MEDIUM5.95 | musl 1.2.5-r8 fixed in 1.2.5-r9 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-12797 | MEDIUM5.92 | libcrypto3 3.3.2-r4 fixed in 3.3.3-r0 | 2.4% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2024-12797 | MEDIUM5.92 | libssl3 3.3.2-r4 fixed in 3.3.3-r0 | 2.4% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2025-9231 | MEDIUM5.9 | libcrypto3 3.3.2-r4 fixed in 3.3.5-r0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-9231 | MEDIUM5.9 | libssl3 3.3.2-r4 fixed in 3.3.5-r0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2026-56132 | MEDIUM5.87 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56403 | MEDIUM5.87 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56404 | MEDIUM5.87 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56405 | MEDIUM5.87 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56406 | MEDIUM5.87 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56410 | MEDIUM5.87 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56411 | MEDIUM5.87 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-9230 | MEDIUM5.6 | libcrypto3 3.3.2-r4 fixed in 3.3.5-r0 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2025-9230 | MEDIUM5.6 | libssl3 3.3.2-r4 fixed in 3.3.5-r0 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2026-25210 | MEDIUM5.3 | libexpat 2.6.4-r0 fixed in 2.7.4-r0 | 0.2% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2025-59375 | MEDIUM5.3 | libexpat 2.6.4-r0 fixed in 2.7.2-r0 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2025-24928 | MEDIUM5.23 | libxml2 2.13.4-r3 fixed in 2.13.4-r4 | 0.4% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2025-62408 | MEDIUM5.02 | c-ares 1.34.3-r0 fixed in 1.34.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libcrypto3 3.3.2-r4 fixed in 3.3.7-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | libcrypto3 3.3.2-r4 fixed in 3.3.6-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | libcrypto3 3.3.2-r4 fixed in 3.3.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libcrypto3 3.3.2-r4 fixed in 3.3.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libcrypto3 3.3.2-r4 fixed in 3.3.6-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-50219 | MEDIUM5.02 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-56412 | MEDIUM5.02 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libssl3 3.3.2-r4 fixed in 3.3.7-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | libssl3 3.3.2-r4 fixed in 3.3.6-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | libssl3 3.3.2-r4 fixed in 3.3.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libssl3 3.3.2-r4 fixed in 3.3.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libssl3 3.3.2-r4 fixed in 3.3.6-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-31789 | MEDIUM5 | libcrypto3 3.3.2-r4 fixed in 3.3.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-31789 | MEDIUM5 | libssl3 3.3.2-r4 fixed in 3.3.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libcrypto3 3.3.2-r4 fixed in 3.3.6-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-32776 | MEDIUM4.67 | libexpat 2.6.4-r0 fixed in 2.7.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-32777 | MEDIUM4.67 | libexpat 2.6.4-r0 fixed in 2.7.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-32778 | MEDIUM4.67 | libexpat 2.6.4-r0 fixed in 2.7.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libssl3 3.3.2-r4 fixed in 3.3.6-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-6042 | MEDIUM4.67 | musl 1.2.5-r8 fixed in 1.2.5-r10 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27171 | MEDIUM4.67 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-34743 | MEDIUM4.5 | xz-libs 5.6.3-r0 fixed in 5.8.3-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-28387 | MEDIUM4.13 | libcrypto3 3.3.2-r4 fixed in 3.3.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-28387 | MEDIUM4.13 | libssl3 3.3.2-r4 fixed in 3.3.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-15467 | MEDIUM4.06 | libcrypto3 3.3.2-r4 fixed in 3.3.6-r0 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2025-15467 | MEDIUM4.06 | libssl3 3.3.2-r4 fixed in 3.3.6-r0 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2024-13176 | MEDIUM4 | libcrypto3 3.3.2-r4 fixed in 3.3.2-r5 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-68160 | MEDIUM4 | libcrypto3 3.3.2-r4 fixed in 3.3.6-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-13176 | MEDIUM4 | libssl3 3.3.2-r4 fixed in 3.3.2-r5 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-68160 | MEDIUM4 | libssl3 3.3.2-r4 fixed in 3.3.6-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40200 | LOW3.98 | musl 1.2.5-r8 fixed in 1.2.5-r11 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-31115 | LOW3.83 | xz-libs 5.6.3-r0 fixed in 5.6.3-r1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2024-56406 | LOW3.72 | perl 5.40.0-r3 fixed in 5.40.1-r1 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-69418 | LOW3.4 | libcrypto3 3.3.2-r4 fixed in 3.3.6-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW3.4 | libssl3 3.3.2-r4 fixed in 3.3.6-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-41080 | LOW3.15 | libexpat 2.6.4-r0 fixed in 2.8.1-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-9232 | LOW3.1 | libcrypto3 3.3.2-r4 fixed in 3.3.5-r0 | 2.0% Low-Moderate Risk | Directly Exposed |
| CVE-2025-9232 | LOW3.1 | libssl3 3.3.2-r4 fixed in 3.3.5-r0 | 2.0% Low-Moderate Risk | Directly Exposed |
| CVE-2025-5399 | LOW2.58 | libcurl 8.11.1-r0 fixed in 8.14.1-r0 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2025-5025 | LOW2.45 | libcurl 8.11.1-r0 fixed in 8.14.0-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2025-10148 | LOW2.45 | libcurl 8.11.1-r0 fixed in 8.14.1-r2 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-0665 | LOW2.4 | libcurl 8.11.1-r0 fixed in 8.12.0-r0 | 1.3% Low-Moderate Risk | Post-Exploit |
| CVE-2025-0725 | LOW2.4 | libcurl 8.11.1-r0 fixed in 8.12.0-r0 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2026-22184 | LOW2.39 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-24515 | LOW2.12 | libexpat 2.6.4-r0 fixed in 2.7.4-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-6170 | LOW2.12 | libxml2 2.13.4-r3 fixed in 2.13.9-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-4947 | LOW1.99 | libcurl 8.11.1-r0 fixed in 8.14.0-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2025-9086 | LOW1.91 | libcurl 8.11.1-r0 fixed in 8.14.1-r2 | 1.3% Low-Moderate Risk | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | busybox 1.37.0-r9 fixed in 1.37.0-r14 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | busybox-binsh 1.37.0-r9 fixed in 1.37.0-r14 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | ssl_client 1.37.0-r9 fixed in 1.37.0-r14 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-40200 | NONE0 | musl-utils 1.2.5-r8 fixed in 1.2.5-r11 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2025-26519 | NONE0 | musl-utils 1.2.5-r8 fixed in 1.2.5-r9 | 0.3% Theoretical Threat | Not Applicable |
| CVE-2026-6042 | NONE0 | musl-utils 1.2.5-r8 fixed in 1.2.5-r10 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2024-58251 | NONE0 | busybox 1.37.0-r9 fixed in 1.37.0-r14 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2024-58251 | NONE0 | busybox-binsh 1.37.0-r9 fixed in 1.37.0-r14 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2025-0167 | NONE0 | libcurl 8.11.1-r0 fixed in 8.12.0-r0 | 0.7% Theoretical Threat | Not Applicable |
| CVE-2026-56131 | NONE0 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-56407 | NONE0 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-56408 | NONE0 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-56409 | NONE0 | libexpat 2.6.4-r0 fixed in 2.8.2-r0 | <0.1% Theoretical Threat | Not Applicable |
| CVE-2024-58251 | NONE0 | ssl_client 1.37.0-r9 fixed in 1.37.0-r14 | 0.2% Theoretical Threat | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.