Vulnerability Reportlonghornio/longhorn-manager:v1.11.2

longhornio/longhorn-manager:v1.11.2

DIGESTsha256:0f80ca11ac4eb7522f4e6e801a7afc9909ea8d3041575f3d029964c46590f096

Executive Summary

Threat ScoreSAFE• Trusted community image with 113M+ pulls and high reputation.• Pinned by digest ensures immutable and verifiable content.• Only low-severity vulnerabilities found (exposed max 5.1, post-exploit max 2.29).• No exploitable high-severity vulnerabilities in exposed or post-exploit findings.

0/100SAFE

ReputationPOPULAR COMMUNITY• High Reputation Community Image (113M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This image is safe for production use. All identified vulnerabilities are low severity (max CVSS 5.1) and do not pose a practical risk. The image is from a trusted community (longhornio) with over 113 million pulls and is pinned by digest, ensuring content integrity.

Vulnerabilities

Vulnerability Log

22 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-33811	MEDIUM5.1	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.5% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-33814	MEDIUM5.1	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-39826	LOW3.67	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-39820	LOW2.29	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Post-Exploit
CVE-2026-39836	LOW2.29	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Post-Exploit
SUSE-SU-2026:2231-1	NONE0	glibc 2.38-150600.14.46.1 fixed in 2.38-150600.14.49.1	—	Not Applicable
SUSE-SU-2026:2297-1	NONE0	libavahi-client3 0.8-150600.15.15.1 fixed in 0.8-150600.15.18.1	—	Not Applicable
SUSE-SU-2026:2297-1	NONE0	libavahi-common3 0.8-150600.15.15.1 fixed in 0.8-150600.15.18.1	—	Not Applicable
SUSE-SU-2026:2115-1	NONE0	libgnutls30 3.8.3-150600.4.17.1 fixed in 3.8.3-150600.4.20.1	—	Not Applicable
SUSE-SU-2026:2076-1	NONE0	libldb2 4.21.10+git.449.dcced69e1b5-150700.3.19.1 fixed in 4.21.10+git.501.277ba349a01-150700.3.26.1	—	Not Applicable
SUSE-SU-2026:2051-1	NONE0	liblzma5 5.4.1-150600.3.3.1 fixed in 5.4.1-150600.3.6.1	—	Not Applicable
SUSE-SU-2026:2392-1	NONE0	libopenssl1_1 1.1.1w-150700.11.16.1 fixed in 1.1.1w-150700.11.22.1	—	Not Applicable
SUSE-SU-2026:1715-1	NONE0	libpython3_6m1_0 3.6.15-150300.10.109.1 fixed in 3.6.15-150300.10.118.1	—	Not Applicable
SUSE-SU-2026:1715-1	NONE0	python3-base 3.6.15-150300.10.109.1 fixed in 3.6.15-150300.10.118.1	—	Not Applicable
SUSE-SU-2026:2076-1	NONE0	samba-client-libs 4.21.10+git.449.dcced69e1b5-150700.3.19.1 fixed in 4.21.10+git.501.277ba349a01-150700.3.26.1	—	Not Applicable
SUSE-SU-2026:1941-1	NONE0	sed 4.9-150600.1.4 fixed in 4.9-150600.3.3.1	—	Not Applicable
CVE-2026-39823	NONE0	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.3% Theoretical Threat	Not Applicable
CVE-2026-39825	NONE0	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	stdlib v1.25.9 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.25.9 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.25.9 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.25.9 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable