Last scanned:
This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could cause memory disclosure or denial of service if TLS with CRL checking or policy verification is enabled, as per CVE-2023-0286 and CVE-2023-0464. Disabling these non-default options fully eliminates the high-severity exposures. Note: CVE-2023-0286 and CVE-2023-0464 only apply if TLS and specific certificate verification options are explicitly enabled.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2023-0286 | HIGH7.7 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1t-r0 | 59.5% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2023-0286 | HIGH7.7 | libssl1.1 1.1.1n-r0 fixed in 1.1.1t-r0 | 59.5% Actively Exploited | Directly ExposedContext importance: MEDIUM |
| CVE-2023-0464 | MEDIUM6 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1t-r2 | 3.7% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2023-0464 | MEDIUM6 | libssl1.1 1.1.1n-r0 fixed in 1.1.1t-r2 | 3.7% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2022-4304 | MEDIUM5.43 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1t-r0 | 16.2% High Exploitation Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2022-4304 | MEDIUM5.43 | libssl1.1 1.1.1n-r0 fixed in 1.1.1t-r0 | 16.2% High Exploitation Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2023-5678 | MEDIUM5.3 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1w-r1 | 4.5% Low-Moderate Risk | Directly Exposed |
| CVE-2023-3817 | MEDIUM5.3 | libssl1.1 1.1.1n-r0 fixed in 1.1.1v-r0 | 2.6% Low-Moderate Risk | Directly Exposed |
| CVE-2023-5678 | MEDIUM5.3 | libssl1.1 1.1.1n-r0 fixed in 1.1.1w-r1 | 4.5% Low-Moderate Risk | Directly Exposed |
| CVE-2023-2650 | MEDIUM5.07 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1u-r0 | 73.5% Actively Exploited | Directly Exposed |
| CVE-2023-2650 | MEDIUM5.07 | libssl1.1 1.1.1n-r0 fixed in 1.1.1u-r0 | 73.5% Actively Exploited | Directly Exposed |
| CVE-2023-0465 | MEDIUM4.24 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1t-r2 | 1.6% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2023-0465 | MEDIUM4.24 | libssl1.1 1.1.1n-r0 fixed in 1.1.1t-r2 | 1.6% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2022-37434 | MEDIUM4.06 | zlib 1.2.12-r0 fixed in 1.2.12-r2 | 16.0% High Exploitation Risk | Post-Exploit |
| CVE-2022-28391 | LOW3.17 | busybox 1.34.1-r4 fixed in 1.34.1-r5 | 3.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-28391 | LOW3.17 | ssl_client 1.34.1-r4 fixed in 1.34.1-r5 | 3.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-4450 | LOW3.1 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1t-r0 | 20.4% High Exploitation Risk | Post-Exploit |
| CVE-2022-4450 | LOW3.1 | libssl1.1 1.1.1n-r0 fixed in 1.1.1t-r0 | 20.4% High Exploitation Risk | Post-Exploit |
| CVE-2023-0215 | LOW2.7 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1t-r0 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-0215 | LOW2.7 | libssl1.1 1.1.1n-r0 fixed in 1.1.1t-r0 | 4.5% Low-Moderate Risk | Post-Exploit |
| CVE-2022-2097 | LOW1.91 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1q-r0 | 4.4% Low-Moderate Risk | Post-Exploit |
| CVE-2023-3446 | LOW1.91 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1u-r2 | 5.5% Low-Moderate Risk | Post-Exploit |
| CVE-2023-3817 | LOW1.91 | libcrypto1.1 1.1.1n-r0 fixed in 1.1.1v-r0 | 2.6% Low-Moderate Risk | Post-Exploit |
| CVE-2022-2097 | LOW1.91 | libssl1.1 1.1.1n-r0 fixed in 1.1.1q-r0 | 4.4% Low-Moderate Risk | Post-Exploit |
| CVE-2023-3446 | LOW1.91 | libssl1.1 1.1.1n-r0 fixed in 1.1.1u-r2 | 5.5% Low-Moderate Risk | Post-Exploit |
Want to check another image? Run a full scan with the Docker Security Scanner.