Vulnerability Reportmemcached:1.6.18-alpine

memcached:1.6.18-alpine
DIGESTsha256:2afc716a1ce630d4ab552b9c246726e1209f771690b13426a322ee20c314938a

Executive Summary

Last scanned:

Threat Score
25/100NEEDS ATTENTION
Reputation
TRUSTED

This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. The two medium-severity findings (CVE-2023-2650) affect OpenSSL and could cause denial of service, but only if mutual TLS client authentication is enabled, which is not a default memcached configuration. Post-exploit vulnerabilities are all low severity and irrelevant as memcached does not process CMS messages. Updating OpenSSL packages would fully mitigate the DoS risk.

Vulnerabilities

Vulnerability Log

74 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2023-2650MEDIUM6.76
libcrypto3
3.0.8-r0
fixed in 3.0.9-r0
73.5%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2023-2650MEDIUM6.76
libssl3
3.0.8-r0
fixed in 3.0.9-r0
73.5%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2025-26519MEDIUM5.95
musl
1.2.3-r4
fixed in 1.2.3-r6
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-9230MEDIUM5.6
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-4741MEDIUM5.6
libcrypto3
3.0.8-r0
fixed in 3.0.14-r0
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libssl3
3.0.8-r0
fixed in 3.0.19-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-4741MEDIUM5.6
libssl3
3.0.8-r0
fixed in 3.0.14-r0
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-0727MEDIUM5.5
libcrypto3
3.0.8-r0
fixed in 3.0.12-r4
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-0727MEDIUM5.5
libssl3
3.0.8-r0
fixed in 3.0.12-r4
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-0465MEDIUM5.3
libcrypto3
3.0.8-r0
fixed in 3.0.8-r2
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-0466MEDIUM5.3
libcrypto3
3.0.8-r0
fixed in 3.0.8-r3
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-3446MEDIUM5.3
libcrypto3
3.0.8-r0
fixed in 3.0.9-r3
5.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-3817MEDIUM5.3
libcrypto3
3.0.8-r0
fixed in 3.0.10-r0
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-5678MEDIUM5.3
libcrypto3
3.0.8-r0
fixed in 3.0.12-r1
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-4603MEDIUM5.3
libcrypto3
3.0.8-r0
fixed in 3.0.13-r0
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-0465MEDIUM5.3
libssl3
3.0.8-r0
fixed in 3.0.8-r2
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-0466MEDIUM5.3
libssl3
3.0.8-r0
fixed in 3.0.8-r3
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-3446MEDIUM5.3
libssl3
3.0.8-r0
fixed in 3.0.9-r3
5.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-3817MEDIUM5.3
libssl3
3.0.8-r0
fixed in 3.0.10-r0
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-5678MEDIUM5.3
libssl3
3.0.8-r0
fixed in 3.0.12-r1
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-4603MEDIUM5.3
libssl3
3.0.8-r0
fixed in 3.0.13-r0
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-1255MEDIUM5.02
libcrypto3
3.0.8-r0
fixed in 3.0.8-r4
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-1255MEDIUM5.02
libssl3
3.0.8-r0
fixed in 3.0.8-r4
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3
3.0.8-r0
fixed in 3.0.19-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3
3.0.8-r0
fixed in 3.0.19-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-2511MEDIUM4.81
libcrypto3
3.0.8-r0
fixed in 3.0.12-r5
54.0%
Actively Exploited
Directly Exposed
CVE-2024-2511MEDIUM4.81
libssl3
3.0.8-r0
fixed in 3.0.12-r5
54.0%
Actively Exploited
Directly Exposed
CVE-2026-22795MEDIUM4.67
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3
3.0.8-r0
fixed in 3.0.19-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2023-0464MEDIUM4.5
libcrypto3
3.0.8-r0
fixed in 3.0.8-r1
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-0464MEDIUM4.5
libssl3
3.0.8-r0
fixed in 3.0.8-r1
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-2975MEDIUM4.5
libcrypto3
3.0.8-r0
fixed in 3.0.9-r2
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-2975MEDIUM4.5
libssl3
3.0.8-r0
fixed in 3.0.9-r2
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
libssl3
3.0.8-r0
fixed in 3.0.19-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2024-13176MEDIUM4
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-13176MEDIUM4
libssl3
3.0.8-r0
fixed in 3.0.19-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3
3.0.8-r0
fixed in 3.0.19-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-9143LOW3.7
libcrypto3
3.0.8-r0
fixed in 3.0.15-r1
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-9143LOW3.7
libssl3
3.0.8-r0
fixed in 3.0.15-r1
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-26519LOW3.57
musl-utils
1.2.3-r4
fixed in 1.2.3-r6
0.3%
Theoretical Threat
Post-Exploit
CVE-2024-6119LOW3.51
libcrypto3
3.0.8-r0
fixed in 3.0.15-r0
66.6%
Actively Exploited
Post-Exploit
CVE-2024-6119LOW3.51
libssl3
3.0.8-r0
fixed in 3.0.15-r0
66.6%
Actively Exploited
Post-Exploit
CVE-2025-69418LOW3.4
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3
3.0.8-r0
fixed in 3.0.19-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-9232LOW3.1
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-9232LOW3.1
libssl3
3.0.8-r0
fixed in 3.0.19-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-42363LOW2.8
busybox
1.35.0-r29
fixed in 1.35.0-r31
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42364LOW2.8
busybox
1.35.0-r29
fixed in 1.35.0-r31
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42365LOW2.8
busybox
1.35.0-r29
fixed in 1.35.0-r31
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42366LOW2.8
busybox
1.35.0-r29
fixed in 1.35.0-r30
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42363LOW2.8
busybox-binsh
1.35.0-r29
fixed in 1.35.0-r31
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42364LOW2.8
busybox-binsh
1.35.0-r29
fixed in 1.35.0-r31
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42365LOW2.8
busybox-binsh
1.35.0-r29
fixed in 1.35.0-r31
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42366LOW2.8
busybox-binsh
1.35.0-r29
fixed in 1.35.0-r30
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42363LOW2.8
ssl_client
1.35.0-r29
fixed in 1.35.0-r31
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42364LOW2.8
ssl_client
1.35.0-r29
fixed in 1.35.0-r31
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42365LOW2.8
ssl_client
1.35.0-r29
fixed in 1.35.0-r31
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42366LOW2.8
ssl_client
1.35.0-r29
fixed in 1.35.0-r30
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-5363LOW2.7
libcrypto3
3.0.8-r0
fixed in 3.0.12-r0
3.3%
Low-Moderate Risk
Post-Exploit
CVE-2023-5363LOW2.7
libssl3
3.0.8-r0
fixed in 3.0.12-r0
3.3%
Low-Moderate Risk
Post-Exploit
CVE-2023-6129LOW2.34
libcrypto3
3.0.8-r0
fixed in 3.0.12-r2
2.3%
Low-Moderate Risk
Post-Exploit
CVE-2023-6129LOW2.34
libssl3
3.0.8-r0
fixed in 3.0.12-r2
2.3%
Low-Moderate Risk
Post-Exploit
CVE-2025-69421LOW2.29
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libssl3
3.0.8-r0
fixed in 3.0.19-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69419LOW2.26
libcrypto3
3.0.8-r0
fixed in 3.0.19-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69419LOW2.26
libssl3
3.0.8-r0
fixed in 3.0.19-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-6237LOW2.12
libcrypto3
3.0.8-r0
fixed in 3.0.12-r3
2.3%
Low-Moderate Risk
Post-Exploit
CVE-2024-5535LOW2.12
libcrypto3
3.0.8-r0
fixed in 3.0.14-r0
5.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-6237LOW2.12
libssl3
3.0.8-r0
fixed in 3.0.12-r3
2.3%
Low-Moderate Risk
Post-Exploit
CVE-2024-5535LOW2.12
libssl3
3.0.8-r0
fixed in 3.0.14-r0
5.6%
Low-Moderate Risk
Post-Exploit

Want to check another image? Run a full scan with the Docker Security Scanner.