Last scanned:
This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could achieve remote code execution via crafted input exploiting glibc (CVE-2024-2961) or Handlebars (CVE-2026-33937), leading to full compromise of the container and potentially the host. Some vulnerabilities, such as the Handlebars AST injection, can be fully mitigated by ensuring compile() receives only string arguments, but this requires code changes. Note that exploits for libexpat (CVE-2024-45491, CVE-2024-45492) are limited to 32-bit systems, but the image's architecture is unknown.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2024-2961 | CRITICAL10 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.15 | 88.3% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2024-2961 | CRITICAL10 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.15 | 88.3% Actively Exploited | Directly ExposedContext importance: HIGH |
| CVE-2024-45491 | CRITICAL9.8 | libexpat1 2.2.9-1ubuntu0.6 fixed in 2.2.9-1ubuntu0.7 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-45492 | CRITICAL9.8 | libexpat1 2.2.9-1ubuntu0.6 fixed in 2.2.9-1ubuntu0.7 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2026-33937 | CRITICAL9.8 | handlebars 4.7.7 fixed in 4.7.9 | 1.8% Low-Moderate Risk | Directly Exposed |
| CVE-2026-4800 | CRITICAL9.8 | lodash 4.17.21 fixed in 4.18.0 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36665 | CRITICAL9.8 | protobufjs 6.11.3 fixed in 7.2.5, 6.11.4 | 1.7% Low-Moderate Risk | Directly ExposedContext importance: HIGH |
| CVE-2023-44487 | CRITICAL9.75 | libnghttp2-14 1.40.0-1build1 fixed in 1.40.0-1ubuntu0.2 | 100.0% Actively Exploited | Directly Exposed |
| CVE-2023-0286 | CRITICAL9.62 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 59.5% Actively Exploited | Directly Exposed |
| CVE-2025-27363 | CRITICAL9.31 | libfreetype6 2.10.1-2ubuntu0.2 fixed in 2.10.1-2ubuntu0.4 | 26.0% High Exploitation Risk | Directly Exposed |
| CVE-2024-37371 | CRITICAL9.1 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2024-37371 | CRITICAL9.1 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2024-37371 | CRITICAL9.1 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2024-37371 | CRITICAL9.1 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.2 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.2 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.2 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.2 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2022-42898 | HIGH8.8 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 6.4% Low-Moderate Risk | Directly Exposed |
| CVE-2021-36222 | HIGH8.62 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 10.3% High Exploitation Risk | Directly Exposed |
| CVE-2021-36222 | HIGH8.62 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 10.3% High Exploitation Risk | Directly Exposed |
| CVE-2021-36222 | HIGH8.62 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 10.3% High Exploitation Risk | Directly Exposed |
| CVE-2021-36222 | HIGH8.62 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 10.3% High Exploitation Risk | Directly Exposed |
| CVE-2022-4450 | HIGH8.62 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 20.4% High Exploitation Risk | Directly Exposed |
| CVE-2022-38900 | HIGH8.62 | decode-uri-component 0.2.0 fixed in 0.2.1 | 24.9% High Exploitation Risk | Directly Exposed |
| CVE-2026-42043 | HIGH8.5 | axios 0.21.4 fixed in 1.15.1, 0.31.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-42043 | HIGH8.5 | axios 0.27.2 fixed in 1.15.1, 0.31.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2023-2650 | HIGH8.45 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.19 | 73.5% Actively Exploited | Directly Exposed |
| CVE-2026-41242 | HIGH8.33 | protobufjs 6.11.3 fixed in 8.0.1, 7.5.5 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-1525 | HIGH8.33 | undici 5.8.2 fixed in 6.24.0, 7.24.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-62718 | HIGH7.92 | axios 0.21.4 fixed in 1.15.0, 0.31.0 | 1.2% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2025-62718 | HIGH7.92 | axios 0.27.2 fixed in 1.15.0, 0.31.0 | 1.2% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2024-29415 | HIGH7.84 | ip 1.1.5 No fix yet | 8.3% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2023-42282 | HIGH7.84 | ip 1.1.5 fixed in 2.0.1, 1.1.9 | 1.6% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2023-46233 | HIGH7.73 | crypto-js 4.0.0 fixed in 4.2.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33896 | HIGH7.73 | node-forge 1.3.1 fixed in 1.4.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2023-0286 | HIGH7.7 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 59.5% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2023-48795 | HIGH7.67 | libssh-4 0.9.3-2ubuntu2.2 fixed in 0.9.3-2ubuntu2.4 | 93.3% Actively Exploited | Directly Exposed |
| CVE-2024-33599 | HIGH7.6 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33599 | HIGH7.6 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-45490 | HIGH7.5 | libexpat1 2.2.9-1ubuntu0.6 fixed in 2.2.9-1ubuntu0.7 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2024-0553 | HIGH7.5 | libgnutls30 3.6.13-2ubuntu1.7 fixed in 3.6.13-2ubuntu1.10 | 1.6% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-2953 | HIGH7.5 | libldap-2.4-2 2.4.49+dfsg-2ubuntu1.9 fixed in 2.4.49+dfsg-2ubuntu1.10 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2023-2953 | HIGH7.5 | libldap-common 2.4.49+dfsg-2ubuntu1.9 fixed in 2.4.49+dfsg-2ubuntu1.10 | 1.9% Low-Moderate Risk | Directly Exposed |
| CVE-2020-11080 | HIGH7.5 | libnghttp2-14 1.40.0-1build1 fixed in 1.40.0-1ubuntu0.1 | 5.3% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0215 | HIGH7.5 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 4.5% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0464 | HIGH7.5 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2021-44758 | HIGH7.5 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2026-48068 | HIGH7.5 | @grpc/grpc-js 1.6.7 fixed in 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, 1.14.4 | — | Directly Exposed |
| CVE-2026-48069 | HIGH7.5 | @grpc/grpc-js 1.6.7 fixed in 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, 1.14.4 | — | Directly Exposed |
| CVE-2026-25639 | HIGH7.5 | axios 0.21.4 fixed in 1.13.5, 0.30.3 | 2.6% Low-Moderate Risk | Directly Exposed |
| CVE-2026-25639 | HIGH7.5 | axios 0.27.2 fixed in 1.13.5, 0.30.3 | 2.6% Low-Moderate Risk | Directly Exposed |
| CVE-2024-4068 | HIGH7.5 | braces 3.0.2 fixed in 3.0.3 | 1.5% Low-Moderate Risk | Directly Exposed |
| CVE-2022-25881 | HIGH7.5 | http-cache-semantics 4.1.0 fixed in 4.1.1 | 1.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-22467 | HIGH7.5 | luxon 1.28.0 fixed in 1.28.1, 2.5.2, 3.2.1 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-25883 | HIGH7.5 | semver 5.7.1 fixed in 7.5.2, 6.3.1, 5.7.2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-25883 | HIGH7.5 | semver 6.3.0 fixed in 7.5.2, 6.3.1, 5.7.2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2022-25883 | HIGH7.5 | semver 7.3.7 fixed in 7.5.2, 6.3.1, 5.7.2 | 2.8% Low-Moderate Risk | Directly Exposed |
| CVE-2024-12905 | HIGH7.5 | tar-fs 2.1.1 fixed in 1.16.4, 2.1.2, 3.0.7 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-24807 | HIGH7.5 | undici 5.8.2 fixed in 5.19.1 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2026-1526 | HIGH7.5 | undici 5.8.2 fixed in 6.24.0, 7.24.0 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-26115 | HIGH7.5 | word-wrap 1.2.3 fixed in 1.2.4 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0767 | HIGH7.48 | libnss3 2:3.49.1-1ubuntu1.8 fixed in 2:3.49.1-1ubuntu1.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-44293 | HIGH7.48 | protobufjs 6.11.3 fixed in 7.5.6, 8.0.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2023-0361 | HIGH7.4 | libgnutls30 3.6.13-2ubuntu1.7 fixed in 3.6.13-2ubuntu1.8 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2025-12816 | HIGH7.39 | node-forge 1.3.1 fixed in 1.3.2 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-44492 | HIGH7.31 | axios 0.21.4 fixed in 1.16.0, 0.32.0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-44492 | HIGH7.31 | axios 0.27.2 fixed in 1.16.0, 0.32.0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2023-7104 | HIGH7.3 | libsqlite3-0 3.31.1-4ubuntu0.5 fixed in 3.31.1-4ubuntu0.6 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2026-44490 | MEDIUM6.97 | axios 0.21.4 fixed in 1.16.0, 0.32.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-44490 | MEDIUM6.97 | axios 0.27.2 fixed in 1.16.0, 0.32.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33941 | MEDIUM6.97 | handlebars 4.7.7 fixed in 4.7.9 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-44705 | MEDIUM6.97 | tmp 0.0.33 fixed in 0.2.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-28182 | MEDIUM6.89 | libnghttp2-14 1.40.0-1build1 fixed in 1.40.0-1ubuntu0.3 | 85.0% Actively Exploited | Directly Exposed |
| CVE-2026-33938 | MEDIUM6.88 | handlebars 4.7.7 fixed in 4.7.9 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-33940 | MEDIUM6.88 | handlebars 4.7.7 fixed in 4.7.9 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2022-23539 | MEDIUM6.88 | jsonwebtoken 8.5.1 fixed in 9.0.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-44291 | MEDIUM6.88 | protobufjs 6.11.3 fixed in 7.5.6, 8.0.2 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-4304 | MEDIUM6.79 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 16.2% High Exploitation Risk | Directly Exposed |
| CVE-2023-2650 | MEDIUM6.76 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.19 | 73.5% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2022-3437 | MEDIUM6.5 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2021-37750 | MEDIUM6.5 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2021-37750 | MEDIUM6.5 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2021-37750 | MEDIUM6.5 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2021-37750 | MEDIUM6.5 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.3 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-36054 | MEDIUM6.5 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.4 | 2.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-1667 | MEDIUM6.5 | libssh-4 0.9.3-2ubuntu2.2 fixed in 0.9.3-2ubuntu2.3 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2023-2283 | MEDIUM6.5 | libssh-4 0.9.3-2ubuntu2.2 fixed in 0.9.3-2ubuntu2.3 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-3437 | MEDIUM6.5 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 3.7% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28849 | MEDIUM6.5 | follow-redirects 1.15.0 fixed in 1.15.6 | 1.0% Low-Moderate Risk | Directly Exposed |
| CVE-2022-23540 | MEDIUM6.46 | jsonwebtoken 8.5.1 fixed in 9.0.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-23491 | MEDIUM6.38 | ca-certificates 20211016~20.04.1 fixed in 20211016ubuntu0.20.04.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2024-37370 | MEDIUM6.38 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.6 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2022-41916 | MEDIUM6.38 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.2 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-45142 | MEDIUM6.38 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-35213 | MEDIUM6.38 | @hapi/content 5.0.2 fixed in 6.0.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-44902 | MEDIUM6.38 | @opentelemetry/exporter-prometheus 0.30.0 fixed in 0.217.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-69873 | MEDIUM6.38 | ajv 6.12.6 fixed in 8.18.0, 6.14.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-44486 | MEDIUM6.38 | axios 0.21.4 fixed in 1.16.0, 0.32.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-44487 | MEDIUM6.38 | axios 0.21.4 fixed in 1.16.0, 0.32.0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-44496 | MEDIUM6.38 | axios 0.21.4 fixed in 1.16.0, 0.32.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42038 | MEDIUM6.38 | axios 0.21.4 fixed in 1.15.1, 0.31.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42039 | MEDIUM6.38 | axios 0.21.4 fixed in 1.15.1, 0.31.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-44486 | MEDIUM6.38 | axios 0.27.2 fixed in 1.16.0, 0.32.0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-44487 | MEDIUM6.38 | axios 0.27.2 fixed in 1.16.0, 0.32.0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-44496 | MEDIUM6.38 | axios 0.27.2 fixed in 1.16.0, 0.32.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42038 | MEDIUM6.38 | axios 0.27.2 fixed in 1.15.1, 0.31.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42039 | MEDIUM6.38 | axios 0.27.2 fixed in 1.15.1, 0.31.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-33750 | MEDIUM6.38 | brace-expansion 1.1.11 fixed in 5.0.5, 3.0.2, 2.0.3, 1.1.13 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-12143 | MEDIUM6.38 | form-data 4.0.0 fixed in 2.5.6, 3.0.5, 4.0.6 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-33939 | MEDIUM6.38 | handlebars 4.7.7 fixed in 4.7.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-46625 | MEDIUM6.38 | js-cookie 2.2.1 fixed in 3.0.7 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-65945 | MEDIUM6.38 | jws 3.2.2 fixed in 3.2.3, 4.0.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-26996 | MEDIUM6.38 | minimatch 3.1.2 fixed in 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-66031 | MEDIUM6.38 | node-forge 1.3.1 fixed in 1.3.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-33891 | MEDIUM6.38 | node-forge 1.3.1 fixed in 1.4.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33894 | MEDIUM6.38 | node-forge 1.3.1 fixed in 1.4.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33895 | MEDIUM6.38 | node-forge 1.3.1 fixed in 1.4.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2023-25653 | MEDIUM6.38 | node-jose 2.1.0 fixed in 2.2.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-14874 | MEDIUM6.38 | nodemailer 6.6.2 fixed in 7.0.11 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-13033 | MEDIUM6.38 | nodemailer 6.6.2 fixed in 7.0.7 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-44289 | MEDIUM6.38 | protobufjs 6.11.3 fixed in 7.5.6, 8.0.2 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-44290 | MEDIUM6.38 | protobufjs 6.11.3 fixed in 7.5.6, 8.0.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-48712 | MEDIUM6.38 | protobufjs 6.11.3 fixed in 7.6.1, 8.4.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-44292 | MEDIUM6.38 | protobufjs 6.11.3 fixed in 7.5.6, 8.0.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-45740 | MEDIUM6.38 | protobufjs 6.11.3 fixed in 7.5.8, 8.2.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-59343 | MEDIUM6.38 | tar-fs 2.1.1 fixed in 3.1.1, 2.1.4, 1.16.6 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-12151 | MEDIUM6.38 | undici 5.8.2 fixed in 6.27.0, 7.28.0, 8.5.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-2229 | MEDIUM6.38 | undici 5.8.2 fixed in 6.24.0, 7.24.0 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2026-22036 | MEDIUM6.38 | undici 5.8.2 fixed in 7.18.2, 6.23.0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-41907 | MEDIUM6.38 | uuid 3.3.2 fixed in 11.1.1, 12.0.1, 13.0.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-41907 | MEDIUM6.38 | uuid 8.3.2 fixed in 11.1.1, 12.0.1, 13.0.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-48779 | MEDIUM6.38 | ws 8.9.0 fixed in 5.2.5, 6.2.4, 7.5.11, 8.21.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-45736 | MEDIUM6.38 | ws 8.9.0 fixed in 8.20.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-42033 | MEDIUM6.29 | axios 0.21.4 fixed in 1.15.1, 0.31.1 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-42035 | MEDIUM6.29 | axios 0.21.4 fixed in 1.15.1, 0.31.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-42033 | MEDIUM6.29 | axios 0.27.2 fixed in 1.15.1, 0.31.1 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-42035 | MEDIUM6.29 | axios 0.27.2 fixed in 1.15.1, 0.31.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-48387 | MEDIUM6.21 | tar-fs 2.1.1 fixed in 1.16.5, 2.1.3, 3.0.9 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-4802 | MEDIUM5.95 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.18 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-4802 | MEDIUM5.95 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.18 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-44495 | MEDIUM5.95 | axios 0.21.4 fixed in 1.15.2, 0.31.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-44495 | MEDIUM5.95 | axios 0.27.2 fixed in 1.15.2, 0.31.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2023-4806 | MEDIUM5.9 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.14 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2023-4813 | MEDIUM5.9 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.14 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-4806 | MEDIUM5.9 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.14 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2023-4813 | MEDIUM5.9 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.14 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2024-50602 | MEDIUM5.9 | libexpat1 2.2.9-1ubuntu0.6 fixed in 2.2.9-1ubuntu0.8 | 1.0% Low-Moderate Risk | Directly Exposed |
| CVE-2023-5981 | MEDIUM5.9 | libgnutls30 3.6.13-2ubuntu1.7 fixed in 3.6.13-2ubuntu1.9 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-26461 | MEDIUM5.9 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-5535 | MEDIUM5.9 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 5.6% Low-Moderate Risk | Directly Exposed |
| CVE-2024-37890 | MEDIUM5.9 | ws 8.9.0 fixed in 5.2.4, 6.2.3, 7.5.10, 8.17.1 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2025-22150 | MEDIUM5.78 | undici 5.8.2 fixed in 5.28.5, 6.21.1, 7.2.3 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2024-4741 | MEDIUM5.6 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 2.9% Low-Moderate Risk | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2025-24528 | MEDIUM5.52 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2023-4421 | MEDIUM5.52 | libnss3 2:3.49.1-1ubuntu1.8 fixed in 2:3.98-0ubuntu0.20.04.1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2023-5388 | MEDIUM5.52 | libnss3 2:3.49.1-1ubuntu1.8 fixed in 2:3.98-0ubuntu0.20.04.1 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2023-25166 | MEDIUM5.52 | @sideway/formula 3.0.0 fixed in 3.0.1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2023-45857 | MEDIUM5.52 | axios 0.21.4 fixed in 1.6.0, 0.28.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42041 | MEDIUM5.52 | axios 0.21.4 fixed in 1.15.1, 0.31.1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2023-45857 | MEDIUM5.52 | axios 0.27.2 fixed in 1.6.0, 0.28.0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42041 | MEDIUM5.52 | axios 0.27.2 fixed in 1.15.1, 0.31.1 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-27904 | MEDIUM5.52 | minimatch 3.1.2 fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-33671 | MEDIUM5.52 | picomatch 2.3.1 fixed in 4.0.4, 3.0.2, 2.3.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-1527 | MEDIUM5.52 | undici 5.8.2 fixed in 6.24.0, 7.24.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33532 | MEDIUM5.52 | yaml 1.10.2 fixed in 2.8.3, 1.10.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-0727 | MEDIUM5.5 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.21 | 3.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-7783 | MEDIUM5.4 | form-data 4.0.0 fixed in 2.5.4, 3.0.4, 4.0.4 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2023-23936 | MEDIUM5.4 | undici 5.8.2 fixed in 5.19.1 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2022-23541 | MEDIUM5.35 | jsonwebtoken 8.5.1 fixed in 9.0.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2024-33600 | MEDIUM5.3 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33600 | MEDIUM5.3 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-12243 | MEDIUM5.3 | libgnutls30 3.6.13-2ubuntu1.7 fixed in 3.6.13-2ubuntu1.12 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2023-6918 | MEDIUM5.3 | libssh-4 0.9.3-2ubuntu2.2 fixed in 0.9.3-2ubuntu2.5 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0465 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 1.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0466 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 1.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-3446 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.20 | 5.5% Low-Moderate Risk | Directly Exposed |
| CVE-2023-3817 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.20 | 2.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-5678 | MEDIUM5.3 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.21 | 4.5% Low-Moderate Risk | Directly Exposed |
| CVE-2024-12133 | MEDIUM5.3 | libtasn1-6 4.16.0-2 fixed in 4.16.0-2ubuntu0.1 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-48038 | MEDIUM5.3 | joi 17.4.0 fixed in 18.2.1, 17.13.4 | — | Directly Exposed |
| CVE-2025-13465 | MEDIUM5.3 | lodash 4.17.21 fixed in 4.17.23 | 1.5% Low-Moderate Risk | Directly Exposed |
| CVE-2024-4067 | MEDIUM5.3 | micromatch 4.0.5 fixed in 4.0.8 | 1.4% Low-Moderate Risk | Directly Exposed |
| CVE-2026-42042 | MEDIUM5.18 | axios 0.21.4 fixed in 1.15.1, 0.31.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42042 | MEDIUM5.18 | axios 0.27.2 fixed in 1.15.1, 0.31.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2023-26159 | MEDIUM5.18 | follow-redirects 1.15.0 fixed in 1.15.4 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2025-3576 | MEDIUM5.02 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.11 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-26458 | MEDIUM5.02 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.9 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-27903 | MEDIUM5.02 | minimatch 3.1.2 fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-9679 | MEDIUM5.02 | undici 5.8.2 fixed in 6.27.0, 7.28.0, 8.5.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2023-31484 | MEDIUM4.86 | perl-base 5.30.0-9ubuntu0.3 fixed in 5.30.0-9ubuntu0.4 | 1.5% Low-Moderate Risk | Post-Exploit |
| CVE-2024-2511 | MEDIUM4.81 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 54.0% Actively Exploited | Directly Exposed |
| CVE-2026-40175 | MEDIUM4.8 | axios 0.21.4 fixed in 1.15.0, 0.31.0 | 1.8% Low-Moderate Risk | Directly Exposed |
| CVE-2026-40175 | MEDIUM4.8 | axios 0.27.2 fixed in 1.15.0, 0.31.0 | 1.8% Low-Moderate Risk | Directly Exposed |
| CVE-2025-0395 | MEDIUM4.67 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.17 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-0395 | MEDIUM4.67 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.17 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-29088 | MEDIUM4.67 | libsqlite3-0 3.31.1-4ubuntu0.5 fixed in 3.31.1-4ubuntu0.7 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2022-3821 | MEDIUM4.67 | libsystemd0 245.4-4ubuntu3.19 fixed in 245.4-4ubuntu3.20 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2022-4415 | MEDIUM4.67 | libsystemd0 245.4-4ubuntu3.19 fixed in 245.4-4ubuntu3.20 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2022-3821 | MEDIUM4.67 | libudev1 245.4-4ubuntu3.19 fixed in 245.4-4ubuntu3.20 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2022-4415 | MEDIUM4.67 | libudev1 245.4-4ubuntu3.19 fixed in 245.4-4ubuntu3.20 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2024-27088 | MEDIUM4.67 | es5-ext 0.10.46 fixed in 0.10.63 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2024-53382 | MEDIUM4.59 | prismjs 1.27.0 fixed in 1.30.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2023-0215 | MEDIUM4.5 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-0464 | MEDIUM4.5 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 3.7% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28834 | MEDIUM4.5 | libgnutls30 3.6.13-2ubuntu1.7 fixed in 3.6.13-2ubuntu1.11 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2024-37168 | MEDIUM4.5 | @grpc/grpc-js 1.6.7 fixed in 1.10.9, 1.9.15, 1.8.22 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-54285 | MEDIUM4.5 | @opentelemetry/core 1.4.0 fixed in 2.8.0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-44288 | MEDIUM4.5 | @protobufjs/utf8 1.1.0 fixed in 1.1.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-27152 | MEDIUM4.5 | axios 0.21.4 fixed in 1.8.2, 0.30.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-42034 | MEDIUM4.5 | axios 0.21.4 fixed in 1.15.1, 0.31.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42036 | MEDIUM4.5 | axios 0.21.4 fixed in 1.15.1, 0.31.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-27152 | MEDIUM4.5 | axios 0.27.2 fixed in 1.8.2, 0.30.0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-42034 | MEDIUM4.5 | axios 0.27.2 fixed in 1.15.1, 0.31.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42036 | MEDIUM4.5 | axios 0.27.2 fixed in 1.15.1, 0.31.1 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-2739 | MEDIUM4.5 | bn.js 4.11.9 fixed in 4.12.3, 5.2.3 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-64718 | MEDIUM4.5 | js-yaml 3.14.1 fixed in 4.1.1, 3.14.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-53550 | MEDIUM4.5 | js-yaml 3.14.1 fixed in 4.2.0, 3.15.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-2950 | MEDIUM4.5 | lodash 4.17.21 fixed in 4.18.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-66030 | MEDIUM4.5 | node-forge 1.3.1 fixed in 1.3.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-33672 | MEDIUM4.5 | picomatch 2.3.1 fixed in 4.0.4, 3.0.2, 2.3.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-44288 | MEDIUM4.5 | protobufjs 6.11.3 fixed in 7.5.6, 8.0.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-44294 | MEDIUM4.5 | protobufjs 6.11.3 fixed in 7.5.6, 8.0.2 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-54269 | MEDIUM4.5 | protobufjs 6.11.3 fixed in 7.6.3, 8.6.0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-54798 | MEDIUM4.5 | tmp 0.0.33 fixed in 0.2.4 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-7264 | MEDIUM4.48 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.23 | 17.3% High Exploitation Risk | Post-Exploit |
| CVE-2024-7264 | MEDIUM4.48 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.23 | 17.3% High Exploitation Risk | Post-Exploit |
| CVE-2024-28085 | MEDIUM4.4 | libblkid1 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libfdisk1 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libmount1 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libsmartcols1 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-28085 | MEDIUM4.4 | libuuid1 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2022-29458 | MEDIUM4.26 | ncurses-bin 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 1.3% Low-Moderate Risk | Post-Exploit |
| CVE-2026-24842 | MEDIUM4.18 | tar 6.1.11 fixed in 7.5.7 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2024-4367 | MEDIUM4.12 | pdfjs-dist 2.13.216 fixed in 4.2.67 | 72.6% Actively Exploited | Post-Exploit |
| CVE-2023-6004 | MEDIUM4.08 | libssh-4 0.9.3-2ubuntu2.2 fixed in 0.9.3-2ubuntu2.5 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2022-4304 | MEDIUM4.07 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 16.2% High Exploitation Risk | Post-Exploit |
| CVE-2024-13176 | MEDIUM4 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.24 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-33916 | MEDIUM4 | handlebars 4.7.7 fixed in 4.7.9 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-33601 | MEDIUM4 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33601 | MEDIUM4 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-29491 | LOW3.98 | ncurses-bin 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2023-47038 | LOW3.98 | perl-base 5.30.0-9ubuntu0.3 fixed in 5.30.0-9ubuntu0.5 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2023-23916 | LOW3.9 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.16 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2023-46218 | LOW3.9 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.21 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2023-23916 | LOW3.9 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.16 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2023-46218 | LOW3.9 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.21 | 1.7% Low-Moderate Risk | Post-Exploit |
| CVE-2024-24758 | LOW3.82 | undici 5.8.2 fixed in 5.28.3, 6.6.1 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2024-21538 | LOW3.74 | cross-spawn 7.0.3 fixed in 7.0.5, 6.0.6 | 0.9% Theoretical Threat | Directly Exposed |
| CVE-2024-3596 | LOW3.73 | libgssapi-krb5-2 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-3596 | LOW3.73 | libk5crypto3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-3596 | LOW3.73 | libkrb5-3 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-3596 | LOW3.73 | libkrb5support0 1.17-6ubuntu4.1 fixed in 1.17-6ubuntu4.8 | 14.9% High Exploitation Risk | Post-Exploit |
| CVE-2024-9143 | LOW3.7 | libssl1.1 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.24 | 6.0% Low-Moderate Risk | Directly Exposed |
| CVE-2023-6135 | LOW3.65 | libnss3 2:3.49.1-1ubuntu1.8 fixed in 2:3.98-0ubuntu0.20.04.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2023-41037 | LOW3.65 | openpgp 5.3.0 fixed in 4.10.11, 5.10.1 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2024-30260 | LOW3.65 | undici 5.8.2 fixed in 5.28.4, 6.11.1 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-26960 | LOW3.62 | tar 6.1.11 fixed in 7.5.8 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2022-43552 | LOW3.54 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.15 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27535 | LOW3.54 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27536 | LOW3.54 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-28321 | LOW3.54 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.19 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2024-11053 | LOW3.54 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.25 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2022-43552 | LOW3.54 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.15 | 2.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27535 | LOW3.54 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27536 | LOW3.54 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-28321 | LOW3.54 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.19 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2024-11053 | LOW3.54 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.25 | 1.4% Low-Moderate Risk | Post-Exploit |
| CVE-2024-5535 | LOW3.54 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 5.6% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libasn1-8-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libgssapi3-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libhcrypto4-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libheimbase1-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libheimntlm0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libhx509-5-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libkrb5-26-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libroken18-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2022-44640 | LOW3.53 | libwind0-heimdal 7.7.0+dfsg-1ubuntu1.1 fixed in 7.7.0+dfsg-1ubuntu1.3 | 1.8% Low-Moderate Risk | Post-Exploit |
| CVE-2023-45143 | LOW3.5 | undici 5.8.2 fixed in 5.26.2 | 1.2% Low-Moderate Risk | Directly Exposed |
| CVE-2024-33602 | LOW3.4 | libc-bin 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2024-33602 | LOW3.4 | libc6 2.31-0ubuntu9.9 fixed in 2.31-0ubuntu9.16 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-3449 | LOW3.4 | @tootallnate/once 1.1.2 fixed in 3.0.1, 2.0.1 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2024-4741 | LOW3.36 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 2.9% Low-Moderate Risk | Post-Exploit |
| CVE-2024-8096 | LOW3.31 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.24 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2024-8096 | LOW3.31 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.24 | 0.7% Theoretical Threat | Post-Exploit |
| CVE-2024-28863 | LOW3.31 | tar 6.1.11 fixed in 6.2.1 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2023-27538 | LOW3.3 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27538 | LOW3.3 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 1.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-0727 | LOW3.3 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.21 | 3.2% Low-Moderate Risk | Post-Exploit |
| CVE-2022-48303 | LOW3.3 | tar 1.30+dfsg-7ubuntu0.20.04.2 fixed in 1.30+dfsg-7ubuntu0.20.04.3 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2026-29786 | LOW3.21 | tar 6.1.11 fixed in 7.5.10 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2023-0465 | LOW3.18 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-0466 | LOW3.18 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.18 | 1.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-3446 | LOW3.18 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.20 | 5.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-3817 | LOW3.18 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.20 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2023-5678 | LOW3.18 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.21 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27533 | LOW3.17 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 2.0% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27534 | LOW3.17 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27533 | LOW3.17 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 2.0% Low-Moderate Risk | Post-Exploit |
| CVE-2023-27534 | LOW3.17 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.18 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2021-39537 | LOW3.17 | ncurses-bin 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 3.0% Low-Moderate Risk | Post-Exploit |
| CVE-2026-42040 | LOW3.15 | axios 0.21.4 fixed in 1.15.1, 0.31.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42040 | LOW3.15 | axios 0.27.2 fixed in 1.15.1, 0.31.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-47764 | LOW3.15 | cookie 0.5.0 fixed in 0.7.0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-11525 | LOW3.15 | undici 5.8.2 fixed in 6.27.0, 7.28.0, 8.5.0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-6733 | LOW3.15 | undici 5.8.2 fixed in 6.27.0, 7.28.0, 8.5.0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-23745 | LOW3.11 | tar 6.1.11 fixed in 7.5.3 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2024-2398 | LOW3.1 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.22 | 36.1% High Exploitation Risk | Post-Exploit |
| CVE-2024-2398 | LOW3.1 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.22 | 36.1% High Exploitation Risk | Post-Exploit |
| CVE-2022-4450 | LOW3.1 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.17 | 20.4% High Exploitation Risk | Post-Exploit |
| CVE-2026-23950 | LOW3.01 | tar 6.1.11 fixed in 7.5.4 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2024-30261 | LOW2.98 | undici 5.8.2 fixed in 5.28.4, 6.11.1 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2024-2511 | LOW2.89 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.23 | 54.0% Actively Exploited | Post-Exploit |
| CVE-2023-4641 | LOW2.8 | login 1:4.8.1-1ubuntu5.20.04.4 fixed in 1:4.8.1-1ubuntu5.20.04.5 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2023-4641 | LOW2.8 | passwd 1:4.8.1-1ubuntu5.20.04.4 fixed in 1:4.8.1-1ubuntu5.20.04.5 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-31802 | LOW2.8 | tar 6.1.11 fixed in 7.5.11 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-53655 | LOW2.8 | tar 6.1.11 fixed in 7.5.16 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2023-4016 | LOW2.8 | libprocps8 2:3.3.16-1ubuntu2.3 fixed in 2:3.3.16-1ubuntu2.4 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2024-28085 | LOW2.64 | bsdutils 1:2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28085 | LOW2.64 | fdisk 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28085 | LOW2.64 | mount 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-28085 | LOW2.64 | util-linux 2.34-0.1ubuntu9.3 fixed in 2.34-0.1ubuntu9.6 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2025-5889 | LOW2.63 | brace-expansion 1.1.11 fixed in 2.0.2, 1.1.12, 3.0.1, 4.0.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-47279 | LOW2.63 | undici 5.8.2 fixed in 5.29.0, 6.21.2, 7.5.0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-30258 | LOW2.4 | gpgv 2.2.19-3ubuntu2.2 fixed in 2.2.19-3ubuntu2.4 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2024-13176 | LOW2.4 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.24 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2023-28322 | LOW2.22 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.19 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-38546 | LOW2.22 | curl 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.20 | 6.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-28322 | LOW2.22 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.19 | 2.2% Low-Moderate Risk | Post-Exploit |
| CVE-2023-38546 | LOW2.22 | libcurl4 7.68.0-1ubuntu2.14 fixed in 7.68.0-1ubuntu2.20 | 6.2% Low-Moderate Risk | Post-Exploit |
| CVE-2024-9143 | LOW2.22 | openssl 1.1.1f-1ubuntu2.16 fixed in 1.1.1f-1ubuntu2.24 | 6.0% Low-Moderate Risk | Post-Exploit |
| CVE-2023-4016 | LOW1.68 | procps 2:3.3.16-1ubuntu2.3 fixed in 2:3.3.16-1ubuntu2.4 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2023-39804 | LOW1.68 | tar 1.30+dfsg-7ubuntu0.20.04.2 fixed in 1.30+dfsg-7ubuntu0.20.04.4 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2022-28321 | NONE0 | libpam-modules 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.4 | 1.2% Low-Moderate Risk | Not Applicable |
| CVE-2022-28321 | NONE0 | libpam-modules-bin 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.4 | 1.2% Low-Moderate Risk | Not Applicable |
| CVE-2022-28321 | NONE0 | libpam-runtime 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.4 | 1.2% Low-Moderate Risk | Not Applicable |
| CVE-2022-28321 | NONE0 | libpam0g 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.4 | 1.2% Low-Moderate Risk | Not Applicable |
| CVE-2021-39537 | NONE0 | libncurses6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 3.0% Low-Moderate Risk | Not Applicable |
| CVE-2021-39537 | NONE0 | libncursesw6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 3.0% Low-Moderate Risk | Not Applicable |
| CVE-2021-39537 | NONE0 | libtinfo6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 3.0% Low-Moderate Risk | Not Applicable |
| CVE-2021-39537 | NONE0 | ncurses-base 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 3.0% Low-Moderate Risk | Not Applicable |
| CVE-2023-29491 | NONE0 | libncurses6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 0.9% Theoretical Threat | Not Applicable |
| CVE-2023-29491 | NONE0 | libncursesw6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 0.9% Theoretical Threat | Not Applicable |
| CVE-2023-29491 | NONE0 | libtinfo6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 0.9% Theoretical Threat | Not Applicable |
| CVE-2023-29491 | NONE0 | ncurses-base 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 0.9% Theoretical Threat | Not Applicable |
| CVE-2022-29458 | NONE0 | libncurses6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2022-29458 | NONE0 | libncursesw6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2022-29458 | NONE0 | libtinfo6 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2022-29458 | NONE0 | ncurses-base 6.2-0ubuntu2 fixed in 6.2-0ubuntu2.1 | 1.3% Low-Moderate Risk | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam-modules 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam-modules-bin 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam-runtime 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2024-22365 | NONE0 | libpam0g 1.3.1-5ubuntu4.3 fixed in 1.3.1-5ubuntu4.7 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2025-27789 | NONE0 | @babel/runtime 7.19.0 fixed in 7.26.10, 8.0.0-alpha.17 | 0.5% Theoretical Threat | Not Applicable |
| CVE-2026-44974 | NONE0 | @hapi/content 5.0.2 fixed in 6.0.2 | — | Not Applicable |
| CVE-2026-48049 | NONE0 | @hapi/inert 6.0.4 fixed in 7.1.1 | — | Not Applicable |
| CVE-2026-44979 | NONE0 | @hapi/wreck 17.1.0 fixed in 18.1.1 | — | Not Applicable |
| CVE-2026-48022 | NONE0 | @hapi/wreck 17.1.0 fixed in 18.1.2 | — | Not Applicable |
| GHSA-36jr-mh4h-2g58 | NONE0 | d3-color 2.0.0 fixed in 3.1.0 | — | Not Applicable |
| GHSA-r4q5-vmmm-2653 | NONE0 | follow-redirects 1.15.0 fixed in 1.16.0 | — | Not Applicable |
| GHSA-7rx3-28cr-v5wh | NONE0 | handlebars 4.7.7 fixed in 4.7.9 | — | Not Applicable |
| GHSA-442j-39wm-28r2 | NONE0 | handlebars 4.7.7 fixed in 4.7.9 | — | Not Applicable |
| CVE-2026-48801 | NONE0 | linkify-it 3.0.2 fixed in 5.0.1 | — | Not Applicable |
| CVE-2026-48988 | NONE0 | markdown-it 12.3.2 fixed in 14.2.0 | 0.3% Theoretical Threat | Not Applicable |
| GHSA-v78c-4p63-2j6c | NONE0 | moment-timezone 0.5.34 fixed in 0.5.35 | — | Not Applicable |
| GHSA-56x4-j7p9-fcf9 | NONE0 | moment-timezone 0.5.34 fixed in 0.5.35 | — | Not Applicable |
| GHSA-p6gq-j5cr-w38f | NONE0 | nodemailer 6.6.2 fixed in 9.0.1 | — | Not Applicable |
| GHSA-268h-hp4c-crq3 | NONE0 | nodemailer 6.6.2 fixed in 8.0.9 | — | Not Applicable |
| GHSA-9h6g-pr28-7cqp | NONE0 | nodemailer 6.6.2 fixed in 6.9.9 | — | Not Applicable |
| GHSA-r7g4-qg5f-qqm2 | NONE0 | nodemailer 6.6.2 fixed in 8.0.8 | — | Not Applicable |
| GHSA-vvjj-xcjg-gr5g | NONE0 | nodemailer 6.6.2 fixed in 8.0.5 | — | Not Applicable |
| GHSA-wqvq-jvpq-h66f | NONE0 | nodemailer 6.6.2 fixed in 8.0.9 | — | Not Applicable |
| GHSA-c7w3-x93f-qmm8 | NONE0 | nodemailer 6.6.2 fixed in 8.0.4 | — | Not Applicable |
| CVE-2025-47934 | NONE0 | openpgp 5.3.0 fixed in 5.11.3, 6.1.1 | 0.6% Theoretical Threat | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.