Vulnerability Reportlitellm/litellm-database:1.89.1

litellm/litellm-database:latestlitellm/litellm-database:main-latestlitellm/litellm-database:main-stablelitellm/litellm-database:v1.89.1litellm/litellm-database:1.89.1
DIGESTsha256:0e8dfd691ceeb660dc43165bb6205ea92921b2cf80f08f4bfd2efd237c23b938

Executive Summary

SAFE

This image is safe for production use. The 27 exposed and 23 post-exploit vulnerabilities are all low severity (max 5.35 and 3.98 respectively), posing negligible practical risk. The image is pinned by digest, ensuring consistency. Given the absence of any high-severity CVEs, the image meets the safety threshold.

Threat Score
5/100
SAFE
Reputation
UNVERIFIED
litellm

Vulnerabilities

Vulnerability Log

50 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-34181MEDIUM5.35
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33750MEDIUM5.1
brace-expansion
5.0.4
fixed in 5.0.5, 3.0.2, 2.0.3, 1.1.13
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-45149MEDIUM5.1
brace-expansion
5.0.4
fixed in 5.0.6
0.2%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-47265MEDIUM5.1
aiohttp
3.13.5
fixed in 3.14.0
0.1%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-9076MEDIUM5.02
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-48524MEDIUM5.02
PyJWT
2.12.0
fixed in 2.13.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-33672MEDIUM4.5
picomatch
4.0.3
fixed in 4.0.4, 3.0.2, 2.3.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33671MEDIUM4.42
picomatch
4.0.3
fixed in 4.0.4, 3.0.2, 2.3.2
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-34180MEDIUM4.25
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-39810LOW3.98
busybox
1.37.0-r57
fixed in 1.37.0-r58
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-26157LOW3.57
busybox
1.37.0-r57
fixed in 1.37.0-r58
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-26158LOW3.57
busybox
1.37.0-r57
fixed in 1.37.0-r58
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-6345LOW3.17
setuptools
68.1.2
fixed in 70.0.0
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2025-47273LOW3.17
setuptools
68.1.2
fixed in 78.1.1
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-45446LOW3.15
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45447LOW2.92
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
libssl3
3.6.2-r3
fixed in 3.6.3-r0
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-45445LOW2.78
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-34183LOW2.29
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-34183LOW2.29
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-34182LOW2.26
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-34182LOW2.26
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-34993LOW2.23
aiohttp
3.13.5
fixed in 3.14.0
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-42338LOW1.87
ip-address
10.1.0
fixed in 10.1.1
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42764LOW1.81
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-42769LOW1.81
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42770LOW1.81
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-42764LOW1.81
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-42769LOW1.81
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42770LOW1.81
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-35188NONE0
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.2%
Theoretical Threat
Not Applicable
CVE-2026-42765NONE0
libcrypto3
3.6.2-r3
fixed in 3.6.3-r0
0.4%
Theoretical Threat
Not Applicable
CVE-2026-35188NONE0
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.2%
Theoretical Threat
Not Applicable
CVE-2026-42765NONE0
libssl3
3.6.2-r3
fixed in 3.6.3-r0
0.4%
Theoretical Threat
Not Applicable
CVE-2026-53655NONE0
tar
7.5.11
fixed in 7.5.16
Not Applicable
GHSA-vfvv-c25p-m7mmNONE0
rkyv
0.8.15
fixed in 0.8.16
Not Applicable
GHSA-3pv8-6f4r-ffg2NONE0
tar
0.4.45
fixed in 0.4.46
Not Applicable