Vulnerability Reportmemcached:1.6.27-alpine

memcached:1.6.27-alpine
DIGESTsha256:b7474699be8a7cee225d1b7e4eef893d75bb92b7c6f5aae74ca9e4e95883ba96

Executive Summary

Last scanned:

Threat Score
25/100NEEDS ATTENTION
Reputation
TRUSTED

This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. The most notable exposed vulnerability (CVE-2025-69419) affects OpenSSL and requires an attacker to supply a malicious PKCS#12 file, which is not part of memcached's typical operation. The post-exploit finding (CVE-2025-15467) is only relevant if the container were to process CMS messages, which it does not by default. Therefore, these vulnerabilities pose limited practical risk in the intended caching role. Updating the libcrypto3 and libssl3 packages would eliminate these issues.

Vulnerabilities

Vulnerability Log

70 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2025-69419MEDIUM6.29
libcrypto3
3.3.0-r2
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libssl3
3.3.0-r2
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-26519MEDIUM5.95
musl
1.2.5-r0
fixed in 1.2.5-r1
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-9231MEDIUM5.9
libcrypto3
3.3.0-r2
fixed in 3.3.5-r0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-5535MEDIUM5.9
libcrypto3
3.3.0-r2
fixed in 3.3.1-r1
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2025-9231MEDIUM5.9
libssl3
3.3.0-r2
fixed in 3.3.5-r0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-5535MEDIUM5.9
libssl3
3.3.0-r2
fixed in 3.3.1-r1
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libcrypto3
3.3.0-r2
fixed in 3.3.5-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-4741MEDIUM5.6
libcrypto3
3.3.0-r2
fixed in 3.3.0-r3
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libssl3
3.3.0-r2
fixed in 3.3.5-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-4741MEDIUM5.6
libssl3
3.3.0-r2
fixed in 3.3.0-r3
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2026-31790MEDIUM5.02
libcrypto3
3.3.0-r2
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libcrypto3
3.3.0-r2
fixed in 3.3.6-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libcrypto3
3.3.0-r2
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libcrypto3
3.3.0-r2
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libcrypto3
3.3.0-r2
fixed in 3.3.6-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.3.0-r2
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libssl3
3.3.0-r2
fixed in 3.3.6-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libssl3
3.3.0-r2
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3
3.3.0-r2
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3
3.3.0-r2
fixed in 3.3.6-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libcrypto3
3.3.0-r2
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3
3.3.0-r2
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r0
fixed in 1.2.5-r2
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r1
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libcrypto3
3.3.0-r2
fixed in 3.3.6-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
libssl3
3.3.0-r2
fixed in 3.3.6-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2024-13176MEDIUM4
libcrypto3
3.3.0-r2
fixed in 3.3.2-r2
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libcrypto3
3.3.0-r2
fixed in 3.3.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-13176MEDIUM4
libssl3
3.3.0-r2
fixed in 3.3.2-r2
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3
3.3.0-r2
fixed in 3.3.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-9143LOW3.7
libcrypto3
3.3.0-r2
fixed in 3.3.2-r1
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-9143LOW3.7
libssl3
3.3.0-r2
fixed in 3.3.2-r1
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-6119LOW3.51
libcrypto3
3.3.0-r2
fixed in 3.3.2-r0
66.6%
Actively Exploited
Post-Exploit
CVE-2024-6119LOW3.51
libssl3
3.3.0-r2
fixed in 3.3.2-r0
66.6%
Actively Exploited
Post-Exploit
CVE-2025-69418LOW3.4
libcrypto3
3.3.0-r2
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3
3.3.0-r2
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-9232LOW3.1
libcrypto3
3.3.0-r2
fixed in 3.3.5-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-9232LOW3.1
libssl3
3.3.0-r2
fixed in 3.3.5-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-31789LOW3
libcrypto3
3.3.0-r2
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
libssl3
3.3.0-r2
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2023-42364LOW2.8
busybox
1.36.1-r28
fixed in 1.36.1-r29
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42365LOW2.8
busybox
1.36.1-r28
fixed in 1.36.1-r29
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42364LOW2.8
busybox-binsh
1.36.1-r28
fixed in 1.36.1-r29
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42365LOW2.8
busybox-binsh
1.36.1-r28
fixed in 1.36.1-r29
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42364LOW2.8
ssl_client
1.36.1-r28
fixed in 1.36.1-r29
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-42365LOW2.8
ssl_client
1.36.1-r28
fixed in 1.36.1-r29
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-12797LOW2.66
libcrypto3
3.3.0-r2
fixed in 3.3.3-r0
2.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-12797LOW2.66
libssl3
3.3.0-r2
fixed in 3.3.3-r0
2.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-28387LOW2.48
libcrypto3
3.3.0-r2
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libssl3
3.3.0-r2
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-40200LOW2.39
musl
1.2.5-r0
fixed in 1.2.5-r3
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-22184LOW2.39
zlib
1.3.1-r1
fixed in 1.3.2-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libcrypto3
3.3.0-r2
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW2.29
libcrypto3
3.3.0-r2
fixed in 3.3.7-r0
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libcrypto3
3.3.0-r2
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libcrypto3
3.3.0-r2
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libssl3
3.3.0-r2
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW2.29
libssl3
3.3.0-r2
fixed in 3.3.7-r0
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libssl3
3.3.0-r2
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libssl3
3.3.0-r2
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox
1.36.1-r28
fixed in 1.36.1-r31
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox-binsh
1.36.1-r28
fixed in 1.36.1-r31
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
ssl_client
1.36.1-r28
fixed in 1.36.1-r31
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-40200NONE0
musl-utils
1.2.5-r0
fixed in 1.2.5-r3
0.1%
Theoretical Threat
Not Applicable
CVE-2025-26519NONE0
musl-utils
1.2.5-r0
fixed in 1.2.5-r1
0.3%
Theoretical Threat
Not Applicable
CVE-2026-6042NONE0
musl-utils
1.2.5-r0
fixed in 1.2.5-r2
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox
1.36.1-r28
fixed in 1.36.1-r31
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox-binsh
1.36.1-r28
fixed in 1.36.1-r31
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
ssl_client
1.36.1-r28
fixed in 1.36.1-r31
0.2%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.