Vulnerability Reportpactfoundation/pact-broker:2.139.0-pactbroker2.119.0

pactfoundation/pact-broker:2.139.0-pactbroker2.119.0
DIGESTsha256:086014f753edd183428be7face3397a5f3feab23e4fdfffd49d6ef68277ea6be

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
RELIABLE

This image is safe for production use. There are 18 exposed vulnerabilities and 7 post-exploit-only findings, but all are low severity (max 5.18) and none exceed 6.0, indicating minimal practical risk. The image is widely used and pinned by digest, ensuring immutability.

Vulnerabilities

Vulnerability Log

30 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-47240MEDIUM5.18
net-imap
0.5.8
fixed in ~> 0.5.15, >= 0.6.4.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42258MEDIUM4.5
net-imap
0.5.8
fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-42257LOW3
net-imap
0.5.8
fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-41316LOW2.92
erb
4.0.4
fixed in ~> 4.0.3.1, ~> 4.0.4.1, ~> 6.0.1.1, >= 6.0.4
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-33630LOW2.7
c-ares
1.34.6-r0
fixed in 1.34.8-r0
Post-Exploit
CVE-2026-42245LOW2.29
net-imap
0.5.8
fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-42246LOW2.26
net-imap
0.5.8
fixed in ~> 0.3.10, ~> 0.4.24, ~> 0.5.14, >= 0.6.4
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42256LOW1.99
net-imap
0.5.8
fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-47241LOW1.81
net-imap
0.5.8
fixed in ~> 0.5.15, >= 0.6.4.1
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-39822NONE0
stdlib
v1.26.3
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.2%
Theoretical Threat
Not Applicable
CVE-2026-27145NONE0
stdlib
v1.26.3
fixed in 1.25.11, 1.26.4
0.9%
Theoretical Threat
Not Applicable
CVE-2026-42504NONE0
stdlib
v1.26.3
fixed in 1.25.11, 1.26.4
0.6%
Theoretical Threat
Not Applicable
CVE-2026-42505NONE0
stdlib
v1.26.3
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42507NONE0
stdlib
v1.26.3
fixed in 1.25.11, 1.26.4
0.4%
Theoretical Threat
Not Applicable
GHSA-6jxj-px6v-747wNONE0
crass
1.0.6
fixed in >= 1.0.7
Not Applicable
GHSA-6wmf-3r64-vcwvNONE0
crass
1.0.6
fixed in >= 1.0.7
Not Applicable
GHSA-8vfg-2r28-hvhjNONE0
crass
1.0.6
fixed in >= 1.0.7
Not Applicable
GHSA-wwpr-jff3-395cNONE0
crass
1.0.6
fixed in >= 1.0.7
Not Applicable
CVE-2026-54696NONE0
json
2.12.2
fixed in >= 2.19.9
0.3%
Theoretical Threat
Not Applicable
CVE-2026-54696NONE0
json
2.9.1
fixed in >= 2.19.9
0.3%
Theoretical Threat
Not Applicable
CVE-2026-47242NONE0
net-imap
0.5.8
fixed in ~> 0.5.15, >= 0.6.4.1
0.1%
Theoretical Threat
Not Applicable
GHSA-5prr-v3j2-97mhNONE0
nokogiri
1.19.3
fixed in >= 1.19.4
Not Applicable
GHSA-5v8h-3h3q-446pNONE0
nokogiri
1.19.3
fixed in >= 1.19.4
Not Applicable
GHSA-8678-w3jw-xfc2NONE0
nokogiri
1.19.3
fixed in >= 1.19.4
Not Applicable
GHSA-9cv2-cfxc-v4v2NONE0
nokogiri
1.19.3
fixed in >= 1.19.4
Not Applicable
GHSA-p67v-3w7g-wjg7NONE0
nokogiri
1.19.3
fixed in >= 1.19.4
Not Applicable
GHSA-phwj-rprq-35ppNONE0
nokogiri
1.19.3
fixed in >= 1.19.4
Not Applicable
GHSA-wfpw-mmfh-qq69NONE0
nokogiri
1.19.3
fixed in >= 1.19.4
Not Applicable
GHSA-wjv4-x9w8-wm3hNONE0
nokogiri
1.19.3
fixed in >= 1.19.4
Not Applicable
GHSA-g9g8-vgvw-g3vfNONE0
nokogiri
1.19.3
fixed in >= 1.19.4
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.