Vulnerability Reportmemcached:1.6.29-alpine

memcached:1.6.29-alpine3.20memcached:1.6.29-alpine
DIGESTsha256:462ae4a35c26d8b66490856514c751651e63bdfd965742bbbe188fae79b32408

Executive Summary

Last scanned:

Threat Score
25/100NEEDS ATTENTION
Reputation
TRUSTED

This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. The most notable exposed vulnerability is CVE-2025-69419 (severity 6.29) in OpenSSL, which requires high attack complexity and malicious PKCS#12 input, unlikely in typical memcached usage. Post-exploitation findings like CVE-2025-15467 are low severity and do not impact memcached's core functionality. Upgrading OpenSSL would eliminate these risks.

Vulnerabilities

Vulnerability Log

60 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2025-69419MEDIUM6.29
libcrypto3
3.3.1-r3
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libssl3
3.3.1-r3
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-26519MEDIUM5.95
musl
1.2.5-r0
fixed in 1.2.5-r1
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-26519MEDIUM5.95
musl-utils
1.2.5-r0
fixed in 1.2.5-r1
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-9231MEDIUM5.9
libcrypto3
3.3.1-r3
fixed in 3.3.5-r0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-9231MEDIUM5.9
libssl3
3.3.1-r3
fixed in 3.3.5-r0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libcrypto3
3.3.1-r3
fixed in 3.3.5-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libssl3
3.3.1-r3
fixed in 3.3.5-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2026-31790MEDIUM5.02
libcrypto3
3.3.1-r3
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libcrypto3
3.3.1-r3
fixed in 3.3.6-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libcrypto3
3.3.1-r3
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libcrypto3
3.3.1-r3
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libcrypto3
3.3.1-r3
fixed in 3.3.6-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.3.1-r3
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libssl3
3.3.1-r3
fixed in 3.3.6-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libssl3
3.3.1-r3
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3
3.3.1-r3
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3
3.3.1-r3
fixed in 3.3.6-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libcrypto3
3.3.1-r3
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3
3.3.1-r3
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r0
fixed in 1.2.5-r2
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl-utils
1.2.5-r0
fixed in 1.2.5-r2
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r1
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libcrypto3
3.3.1-r3
fixed in 3.3.6-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
libssl3
3.3.1-r3
fixed in 3.3.6-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2024-13176MEDIUM4
libcrypto3
3.3.1-r3
fixed in 3.3.2-r2
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libcrypto3
3.3.1-r3
fixed in 3.3.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-13176MEDIUM4
libssl3
3.3.1-r3
fixed in 3.3.2-r2
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3
3.3.1-r3
fixed in 3.3.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-9143LOW3.7
libcrypto3
3.3.1-r3
fixed in 3.3.2-r1
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-9143LOW3.7
libssl3
3.3.1-r3
fixed in 3.3.2-r1
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-6119LOW3.51
libcrypto3
3.3.1-r3
fixed in 3.3.2-r0
66.6%
Actively Exploited
Post-Exploit
CVE-2024-6119LOW3.51
libssl3
3.3.1-r3
fixed in 3.3.2-r0
66.6%
Actively Exploited
Post-Exploit
CVE-2025-69418LOW3.4
libcrypto3
3.3.1-r3
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3
3.3.1-r3
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-9232LOW3.1
libcrypto3
3.3.1-r3
fixed in 3.3.5-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-9232LOW3.1
libssl3
3.3.1-r3
fixed in 3.3.5-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-31789LOW3
libcrypto3
3.3.1-r3
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
libssl3
3.3.1-r3
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-12797LOW2.66
libcrypto3
3.3.1-r3
fixed in 3.3.3-r0
2.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-12797LOW2.66
libssl3
3.3.1-r3
fixed in 3.3.3-r0
2.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-28387LOW2.48
libcrypto3
3.3.1-r3
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libssl3
3.3.1-r3
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-40200LOW2.39
musl
1.2.5-r0
fixed in 1.2.5-r3
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-40200LOW2.39
musl-utils
1.2.5-r0
fixed in 1.2.5-r3
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-22184LOW2.39
zlib
1.3.1-r1
fixed in 1.3.2-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libcrypto3
3.3.1-r3
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW2.29
libcrypto3
3.3.1-r3
fixed in 3.3.7-r0
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libcrypto3
3.3.1-r3
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libcrypto3
3.3.1-r3
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libssl3
3.3.1-r3
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW2.29
libssl3
3.3.1-r3
fixed in 3.3.7-r0
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libssl3
3.3.1-r3
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libssl3
3.3.1-r3
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox
1.36.1-r29
fixed in 1.36.1-r31
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox-binsh
1.36.1-r29
fixed in 1.36.1-r31
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
ssl_client
1.36.1-r29
fixed in 1.36.1-r31
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-58251NONE0
busybox
1.36.1-r29
fixed in 1.36.1-r31
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox-binsh
1.36.1-r29
fixed in 1.36.1-r31
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
ssl_client
1.36.1-r29
fixed in 1.36.1-r31
0.2%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.