Vulnerability Reportmariadb:10.11

Name: mariadb:10.11.18-jammy Security Vulnerability Report
Creator: BaseImage
Keywords: mariadb:10.11.18-jammy, Docker security, vulnerability scan, CVE, container security, SBOM

mariadb:10.11.18-jammymariadb:10.11.18mariadb:10.11-jammymariadb:10.11mariadb:10-jammymariadb:10

DIGESTsha256:5a5c675881ef3fd1c1da9b0a3bfd6ee82edbe39cd9e32e06be18034c37235e0e

Executive Summary

CAUTION

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could cause a denial of service for the database server via a port scan (CVE-2023-5157) or crafted regular expressions (CVE-2017-11164). Additionally, unauthorized remote attackers could bypass authentication to gain full access to the database server if GnuTLS is configured with RSA-PSK. While this is an Official Docker Hub image, the presence of multiple critical exposed vulnerabilities necessitates immediate review and mitigation strategies.

Threat Score

50/100

CAUTION

Five exposed vulnerabilities with severity 6.0 or higher are present, posing significant remote attack risks.
CVE-2023-5157 allows a remote attacker to cause a denial of service to the MariaDB server via a simple port scan.
CVE-2017-11164 enables a remote attacker to cause a denial of service by exploiting crafted regular expressions in SQL queries.
CVE-2026-42010 could lead to authentication bypass and full access if GnuTLS is configured for RSA-PSK server-side authentication.
Despite being an Official Docker Hub image, the presence of multiple high-impact exposed vulnerabilities necessitates immediate attention and compensating controls.

Reputation

TRUSTED

Docker Official

OFFICIAL

Official Docker Hub Image
Pinned by digest (Immutable)

BaseImage/

mariadb:10.11

Hardened

Grade

A+

Vulns

Verified & secured for production

Vulnerabilities

Vulnerability Log

93 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-42010	MEDIUM6.66	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	0.2% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42013	MEDIUM6.56	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	—	Directly ExposedContext importance: MEDIUM
CVE-2023-5157	MEDIUM6.38	galera-4 26.4.27-ubu2204 No fix yet	0.6% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2017-11164	MEDIUM6.38	libpcre3 2:8.39-13ubuntu0.22.04.1 No fix yet	0.1% Theoretical Threat	Directly ExposedContext importance: HIGH
CVE-2025-29481	MEDIUM6.21	libbpf0 1:0.5.0-1ubuntu22.04.1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-42012	MEDIUM5.68	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	—	Directly ExposedContext importance: MEDIUM
CVE-2026-6238	MEDIUM5.52	libc-bin 2.35-0ubuntu3.13 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-6238	MEDIUM5.52	libc6 2.35-0ubuntu3.13 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libsystemd0 249.11-0ubuntu3.20 fixed in 249.11-0ubuntu3.21	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40226	MEDIUM5.44	libudev1 249.11-0ubuntu3.20 fixed in 249.11-0ubuntu3.21	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-42015	MEDIUM5.3	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	—	Directly Exposed
CVE-2026-41989	MEDIUM5.1	libgcrypt20 1.9.4-3ubuntu3 fixed in 1.9.4-3ubuntu3.2	<0.1% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-3833	MEDIUM5.03	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	<0.1% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-42011	MEDIUM5.03	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	<0.1% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-5435	MEDIUM5.02	libc-bin 2.35-0ubuntu3.13 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-5435	MEDIUM5.02	libc6 2.35-0ubuntu3.13 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2024-2236	MEDIUM5.02	libgcrypt20 1.9.4-3ubuntu3 No fix yet	0.7% Theoretical Threat	Directly Exposed
CVE-2023-7008	MEDIUM5.02	libsystemd0 249.11-0ubuntu3.20 fixed in 249.11-0ubuntu3.21	0.5% Theoretical Threat	Directly Exposed
CVE-2023-7008	MEDIUM5.02	libudev1 249.11-0ubuntu3.20 fixed in 249.11-0ubuntu3.21	0.5% Theoretical Threat	Directly Exposed
CVE-2026-5260	MEDIUM4.92	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	—	Directly Exposed
CVE-2022-27943	MEDIUM4.67	gcc-12-base 12.3.0-1ubuntu1~22.04.3 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libgcc-s1 12.3.0-1ubuntu1~22.04.3 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2022-27943	MEDIUM4.67	libstdc++6 12.3.0-1ubuntu1~22.04.3 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-33845	MEDIUM4.64	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-42009	MEDIUM4.5	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	—	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc-bin 2.35-0ubuntu3.13 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-4046	MEDIUM4.5	libc6 2.35-0ubuntu3.13 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-34743	MEDIUM4.5	liblzma5 5.2.5-2ubuntu1 fixed in 5.2.5-2ubuntu1.1	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid1 2.37.2-4ubuntu3.5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-1376	MEDIUM4	libelf1 0.186-1ubuntu0.1 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.37.2-4ubuntu3.5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols1 2.37.2-4ubuntu3.5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.37.2-4ubuntu3.5 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-33846	LOW3.83	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-3832	LOW3.15	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	<0.1% Theoretical Threat	Directly Exposed
CVE-2025-45582	LOW2.86	tar 1.34+dfsg-1ubuntu0.1.22.04.2 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-5704	LOW2.8	tar 1.34+dfsg-1ubuntu0.1.22.04.2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-40228	LOW2.8	libsystemd0 249.11-0ubuntu3.20 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libudev1 249.11-0ubuntu3.20 No fix yet	<0.1% Theoretical Threat	Directly Exposed
CVE-2026-34743	LOW2.7	xz-utils 5.2.5-2ubuntu1 fixed in 5.2.5-2ubuntu1.1	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	bsdutils 1:2.37.2-4ubuntu3.5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.37.2-4ubuntu3.5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.37.2-4ubuntu3.5 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-1352	LOW2.29	libelf1 0.186-1ubuntu0.1 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2022-41409	LOW2.29	libpcre2-8-0 10.39-3ubuntu0.1 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2022-4899	LOW2.29	libzstd1 1.4.8+dfsg-3build1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2022-4899	LOW2.29	zstd 1.4.8+dfsg-3build1 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW2.16	login 1:4.8.1-2ubuntu2.2 No fix yet	4.5% Low-Moderate Risk	Post-Exploit
CVE-2024-56433	LOW2.16	passwd 1:4.8.1-2ubuntu2.2 No fix yet	4.5% Low-Moderate Risk	Post-Exploit
CVE-2023-29383	LOW1.68	login 1:4.8.1-2ubuntu2.2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2023-29383	LOW1.68	passwd 1:4.8.1-2ubuntu2.2 No fix yet	<0.1% Theoretical Threat	Post-Exploit
CVE-2025-68121	NONE0	stdlib v1.24.6 fixed in 1.24.13, 1.25.7, 1.26.0-rc.3	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61726	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61729	NONE0	stdlib v1.24.6 fixed in 1.24.11, 1.25.5	<0.1% Theoretical Threat	Not Applicable
CVE-2026-25679	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32280	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32281	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32283	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-33811	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	<0.1% Theoretical Threat	Not Applicable
CVE-2026-33814	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	<0.1% Theoretical Threat	Not Applicable
CVE-2026-39820	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	<0.1% Theoretical Threat	Not Applicable
CVE-2026-39836	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58183	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61728	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	<0.1% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libncurses6 6.3-2ubuntu0.1 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libncursesw6 6.3-2ubuntu0.1 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	libtinfo6 6.3-2ubuntu0.1 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-base 6.3-2ubuntu0.1 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2023-50495	NONE0	ncurses-bin 6.3-2ubuntu0.1 No fix yet	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61727	NONE0	stdlib v1.24.6 fixed in 1.24.11, 1.25.5	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32282	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32289	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-32288	NONE0	stdlib v1.24.6 fixed in 1.25.9, 1.26.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-27142	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	<0.1% Theoretical Threat	Not Applicable
CVE-2026-39826	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	<0.1% Theoretical Threat	Not Applicable
CVE-2025-47912	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58185	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58187	NONE0	stdlib v1.24.6 fixed in 1.24.9, 1.25.3	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58188	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58189	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61723	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61724	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61725	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2025-61730	NONE0	stdlib v1.24.6 fixed in 1.24.12, 1.25.6	<0.1% Theoretical Threat	Not Applicable
CVE-2025-58186	NONE0	stdlib v1.24.6 fixed in 1.24.8, 1.25.2	<0.1% Theoretical Threat	Not Applicable
CVE-2026-27139	NONE0	stdlib v1.24.6 fixed in 1.25.8, 1.26.1	<0.1% Theoretical Threat	Not Applicable
CVE-2026-42014	NONE0	libgnutls30 3.7.3-4ubuntu1.8 fixed in 3.7.3-4ubuntu1.9	—	Not Applicable
CVE-2026-39823	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	<0.1% Theoretical Threat	Not Applicable
CVE-2026-39825	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	<0.1% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	stdlib v1.24.6 fixed in 1.25.10, 1.26.3	<0.1% Theoretical Threat	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.24.6 fixed in 1.25.11, 1.26.4	—	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.24.6 fixed in 1.25.11, 1.26.4	—	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.24.6 fixed in 1.25.11, 1.26.4	—	Not Applicable