Last scanned:
This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could cause denial of service via memory corruption (CVE-2022-37434) or infinite loop (CVE-2022-0778) if specific non-default features (TLS, compression) are enabled. Disabling TLS and compression fully mitigates the highest-severity vulnerabilities. Note that these vulnerabilities require non-default configurations to be exploitable, reducing their practical impact for typical memcached deployments.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2022-37434 | HIGH8 | zlib 1.2.11-r3 fixed in 1.2.12-r2 | 15.9% High Exploitation Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2022-0778 | HIGH7.8 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1n-r0 | 70.6% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2022-0778 | HIGH7.8 | libretls 3.3.4-r2 fixed in 3.3.4-r3 | 70.6% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2022-0778 | HIGH7.8 | libssl1.1 1.1.1l-r8 fixed in 1.1.1n-r0 | 70.6% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2018-25032 | HIGH7.8 | zlib 1.2.11-r3 fixed in 1.2.12-r0 | 51.7% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2023-0464 | MEDIUM6 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1t-r2 | 3.7% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2023-0464 | MEDIUM6 | libssl1.1 1.1.1l-r8 fixed in 1.1.1t-r2 | 3.7% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2023-0286 | MEDIUM5.77 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1t-r0 | 59.5% Actively Exploited | Directly Exposed |
| CVE-2023-0286 | MEDIUM5.77 | libssl1.1 1.1.1l-r8 fixed in 1.1.1t-r0 | 59.5% Actively Exploited | Directly Exposed |
| CVE-2022-4304 | MEDIUM5.43 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1t-r0 | 16.2% High Exploitation Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2022-4304 | MEDIUM5.43 | libssl1.1 1.1.1l-r8 fixed in 1.1.1t-r0 | 16.2% High Exploitation Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2023-0465 | MEDIUM5.3 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1t-r2 | 1.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-3446 | MEDIUM5.3 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1u-r2 | 5.5% Low-Moderate Risk | Directly Exposed |
| CVE-2023-3817 | MEDIUM5.3 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1v-r0 | 2.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-5678 | MEDIUM5.3 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1w-r1 | 4.5% Low-Moderate Risk | Directly Exposed |
| CVE-2023-0465 | MEDIUM5.3 | libssl1.1 1.1.1l-r8 fixed in 1.1.1t-r2 | 1.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-3446 | MEDIUM5.3 | libssl1.1 1.1.1l-r8 fixed in 1.1.1u-r2 | 5.5% Low-Moderate Risk | Directly Exposed |
| CVE-2023-3817 | MEDIUM5.3 | libssl1.1 1.1.1l-r8 fixed in 1.1.1v-r0 | 2.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-5678 | MEDIUM5.3 | libssl1.1 1.1.1l-r8 fixed in 1.1.1w-r1 | 4.5% Low-Moderate Risk | Directly Exposed |
| CVE-2022-24407 | MEDIUM5.28 | libsasl 2.1.27-r14 fixed in 2.1.28-r0 | 4.1% Low-Moderate Risk | Directly Exposed |
| CVE-2023-2650 | MEDIUM5.07 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1u-r0 | 73.5% Actively Exploited | Directly Exposed |
| CVE-2023-2650 | MEDIUM5.07 | libssl1.1 1.1.1l-r8 fixed in 1.1.1u-r0 | 73.5% Actively Exploited | Directly Exposed |
| CVE-2022-28391 | LOW3.17 | busybox 1.34.1-r3 fixed in 1.34.1-r5 | 3.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-28391 | LOW3.17 | ssl_client 1.34.1-r3 fixed in 1.34.1-r5 | 3.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-4450 | LOW3.1 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1t-r0 | 20.4% High Exploitation Risk | Post-Exploit |
| CVE-2022-4450 | LOW3.1 | libssl1.1 1.1.1l-r8 fixed in 1.1.1t-r0 | 20.4% High Exploitation Risk | Post-Exploit |
| CVE-2023-0215 | LOW2.7 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1t-r0 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-0215 | LOW2.7 | libssl1.1 1.1.1l-r8 fixed in 1.1.1t-r0 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-2097 | LOW1.91 | libcrypto1.1 1.1.1l-r8 fixed in 1.1.1q-r0 | 4.4% Low-Moderate Risk | Post-Exploit |
| CVE-2022-2097 | LOW1.91 | libssl1.1 1.1.1l-r8 fixed in 1.1.1q-r0 | 4.4% Low-Moderate Risk | Post-Exploit |
Want to check another image? Run a full scan with the Docker Security Scanner.