Last scanned:
This image is safe for production use. It contains 12 known vulnerabilities, but none exceed a CVSS score of 5.52, and all are low severity. The trusted publisher and pinned digest further reduce risk. No exploitable vulnerabilities with significant impact were identified.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-53489 | MEDIUM5.52 | github.com/containerd/containerd/v2 v2.2.4 fixed in 2.1.9, 2.2.5, 2.3.2 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-47262 | MEDIUM4.67 | github.com/containerd/containerd v1.7.32 fixed in 1.7.33 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-47262 | MEDIUM4.67 | github.com/containerd/containerd/v2 v2.2.4 fixed in 2.0.10, 2.1.9, 2.2.5, 2.3.2 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42505 | LOW3.6 | stdlib v1.25.11 fixed in 1.25.12, 1.26.5, 1.27.0-rc.2 | 0.4% Theoretical Threat | Directly ExposedContext importance: MEDIUM |
| CVE-2026-41568 | LOW3.31 | github.com/docker/docker v28.5.1+incompatible No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-50195 | LOW3.03 | github.com/containerd/containerd/v2 v2.2.4 fixed in 2.1.9, 2.2.5, 2.3.2 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-33747 | LOW3 | github.com/moby/buildkit v0.25.1 fixed in 0.28.1 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-53492 | LOW2.94 | github.com/containerd/containerd/v2 v2.2.4 fixed in 2.1.9, 2.2.5, 2.3.2 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-34040 | LOW2.81 | github.com/docker/docker v28.5.1+incompatible fixed in 29.3.1 | 8.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-53488 | LOW2.69 | github.com/containerd/containerd v1.7.32 fixed in 1.7.33 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-53488 | LOW2.69 | github.com/containerd/containerd/v2 v2.2.4 fixed in 2.0.10, 2.1.9, 2.2.5, 2.3.2 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-33997 | LOW2.48 | github.com/docker/docker v28.5.1+incompatible fixed in 29.3.1 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-15558 | LOW2.45 | github.com/docker/cli v28.5.1+incompatible fixed in 29.2.0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-39822 | LOW2.39 | stdlib v1.25.11 fixed in 1.25.12, 1.26.5, 1.27.0-rc.2 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-41567 | LOW2.29 | github.com/docker/docker v28.5.1+incompatible No fix yet | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-33748 | LOW2.29 | github.com/moby/buildkit v0.25.1 fixed in 0.28.1 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-42306 | LOW2.2 | github.com/docker/docker v28.5.1+incompatible No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-47909 | NONE0 | github.com/gorilla/csrf v1.7.3 No fix yet | 0.2% Theoretical Threat | Not Applicable |
| GO-2026-5932 | NONE0 | golang.org/x/crypto v0.52.0 No fix yet | — | Not Applicable |
| CVE-2026-50151 | NONE0 | oras.land/oras-go/v2 v2.6.0 fixed in 2.6.1 | — | Not Applicable |
| CVE-2026-50163 | NONE0 | oras.land/oras-go/v2 v2.6.0 No fix yet | — | Not Applicable |
| CVE-2026-50162 | NONE0 | oras.land/oras-go/v2 v2.6.0 fixed in 2.6.1 | — | Not Applicable |
| GHSA-vh4v-2xq2-g5cg | NONE0 | oras.land/oras-go/v2 v2.6.0 fixed in 2.6.1 | — | Not Applicable |
| CVE-2026-48978 | NONE0 | oras.land/oras-go/v2 v2.6.0 fixed in 2.6.1 | — | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.