Vulnerability Reportmemcached:1.6.14-alpine

memcached:1.6.14-alpine
DIGESTsha256:7cb5b54e26c0f5f6dde5d79ff088e31f395411ceed4b03cb572de43505abd037

Executive Summary

Last scanned:

Threat Score
74/100CAUTION
Reputation
TRUSTED

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could cause memory disclosure or denial of service if TLS with CRL checking or policy verification is enabled, as per CVE-2023-0286 and CVE-2023-0464. Disabling these non-default options fully eliminates the high-severity exposures. Note: CVE-2023-0286 and CVE-2023-0464 only apply if TLS and specific certificate verification options are explicitly enabled.

Vulnerabilities

Vulnerability Log

25 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2023-0286HIGH7.7
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1t-r0
59.5%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2023-0286HIGH7.7
libssl1.1
1.1.1n-r0
fixed in 1.1.1t-r0
59.5%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2023-0464MEDIUM6
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1t-r2
3.7%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2023-0464MEDIUM6
libssl1.1
1.1.1n-r0
fixed in 1.1.1t-r2
3.7%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2022-4304MEDIUM5.43
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1t-r0
16.2%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2022-4304MEDIUM5.43
libssl1.1
1.1.1n-r0
fixed in 1.1.1t-r0
16.2%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2023-5678MEDIUM5.3
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1w-r1
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-3817MEDIUM5.3
libssl1.1
1.1.1n-r0
fixed in 1.1.1v-r0
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-5678MEDIUM5.3
libssl1.1
1.1.1n-r0
fixed in 1.1.1w-r1
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-2650MEDIUM5.07
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1u-r0
73.5%
Actively Exploited
Directly Exposed
CVE-2023-2650MEDIUM5.07
libssl1.1
1.1.1n-r0
fixed in 1.1.1u-r0
73.5%
Actively Exploited
Directly Exposed
CVE-2023-0465MEDIUM4.24
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1t-r2
1.6%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2023-0465MEDIUM4.24
libssl1.1
1.1.1n-r0
fixed in 1.1.1t-r2
1.6%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2022-37434MEDIUM4.06
zlib
1.2.12-r0
fixed in 1.2.12-r2
16.0%
High Exploitation Risk
Post-Exploit
CVE-2022-28391LOW3.17
busybox
1.34.1-r4
fixed in 1.34.1-r5
3.5%
Low-Moderate Risk
Post-Exploit
CVE-2022-28391LOW3.17
ssl_client
1.34.1-r4
fixed in 1.34.1-r5
3.5%
Low-Moderate Risk
Post-Exploit
CVE-2022-4450LOW3.1
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1t-r0
20.4%
High Exploitation Risk
Post-Exploit
CVE-2022-4450LOW3.1
libssl1.1
1.1.1n-r0
fixed in 1.1.1t-r0
20.4%
High Exploitation Risk
Post-Exploit
CVE-2023-0215LOW2.7
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1t-r0
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-0215LOW2.7
libssl1.1
1.1.1n-r0
fixed in 1.1.1t-r0
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2022-2097LOW1.91
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1q-r0
4.4%
Low-Moderate Risk
Post-Exploit
CVE-2023-3446LOW1.91
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1u-r2
5.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-3817LOW1.91
libcrypto1.1
1.1.1n-r0
fixed in 1.1.1v-r0
2.6%
Low-Moderate Risk
Post-Exploit
CVE-2022-2097LOW1.91
libssl1.1
1.1.1n-r0
fixed in 1.1.1q-r0
4.4%
Low-Moderate Risk
Post-Exploit
CVE-2023-3446LOW1.91
libssl1.1
1.1.1n-r0
fixed in 1.1.1u-r2
5.5%
Low-Moderate Risk
Post-Exploit

Want to check another image? Run a full scan with the Docker Security Scanner.