Vulnerability Reportpostgres:18.4-alpine3.23

postgres:alpine3.23postgres:18.4-alpine3.23postgres:18-alpine3.23
DIGESTsha256:996d0920e4ff9df1fc19dacb904492f3c1ec0ec1cc338f0ad7123be7731c5f5e

Executive Summary

Last scanned:

Threat Score
25/100NEEDS ATTENTION
Reputation
TRUSTED

This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. The only notable exposed vulnerability is CVE-2026-33630, a use-after-free in c-ares with medium severity (6.0) that could cause denial of service during outbound DNS lookups. Post-exploit vulnerabilities are all low severity and pose minimal risk. The container is an official PostgreSQL image, widely used and trusted.

Vulnerabilities

Vulnerability Log

48 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-33630MEDIUM6
c-ares
1.34.6-r0
fixed in 1.34.8-r0
Directly ExposedContext importance: MEDIUM
CVE-2026-4873LOW2.7
libcurl
8.19.0-r0
fixed in 8.20.0-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6253LOW2.7
libcurl
8.19.0-r0
fixed in 8.20.0-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-7009LOW2.7
libcurl
8.19.0-r0
fixed in 8.20.0-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-7168LOW2.7
libcurl
8.19.0-r0
fixed in 8.20.0-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-5773LOW2.29
libcurl
8.19.0-r0
fixed in 8.20.0-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-6276LOW2.29
libcurl
8.19.0-r0
fixed in 8.20.0-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-5545LOW1.99
libcurl
8.19.0-r0
fixed in 8.20.0-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-6429LOW1.99
libcurl
8.19.0-r0
fixed in 8.20.0-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-68121NONE0
stdlib
v1.24.6
fixed in 1.24.13, 1.25.7, 1.26.0-rc.3
0.8%
Theoretical Threat
Not Applicable
CVE-2026-39822NONE0
stdlib
v1.24.6
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.2%
Theoretical Threat
Not Applicable
CVE-2025-61726NONE0
stdlib
v1.24.6
fixed in 1.24.12, 1.25.6
1.9%
Low-Moderate Risk
Not Applicable
CVE-2025-61729NONE0
stdlib
v1.24.6
fixed in 1.24.11, 1.25.5
0.5%
Theoretical Threat
Not Applicable
CVE-2026-25679NONE0
stdlib
v1.24.6
fixed in 1.25.8, 1.26.1
0.7%
Theoretical Threat
Not Applicable
CVE-2026-27145NONE0
stdlib
v1.24.6
fixed in 1.25.11, 1.26.4
0.9%
Theoretical Threat
Not Applicable
CVE-2026-32280NONE0
stdlib
v1.24.6
fixed in 1.25.9, 1.26.2
0.6%
Theoretical Threat
Not Applicable
CVE-2026-32281NONE0
stdlib
v1.24.6
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32283NONE0
stdlib
v1.24.6
fixed in 1.25.9, 1.26.2
0.6%
Theoretical Threat
Not Applicable
CVE-2026-33811NONE0
stdlib
v1.24.6
fixed in 1.25.10, 1.26.3
0.8%
Theoretical Threat
Not Applicable
CVE-2026-33814NONE0
stdlib
v1.24.6
fixed in 1.25.10, 1.26.3
0.8%
Theoretical Threat
Not Applicable
CVE-2026-39820NONE0
stdlib
v1.24.6
fixed in 1.25.10, 1.26.3
0.8%
Theoretical Threat
Not Applicable
CVE-2026-39836NONE0
stdlib
v1.24.6
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2026-42499NONE0
stdlib
v1.24.6
fixed in 1.25.10, 1.26.3
0.8%
Theoretical Threat
Not Applicable
CVE-2026-42504NONE0
stdlib
v1.24.6
fixed in 1.25.11, 1.26.4
0.6%
Theoretical Threat
Not Applicable
CVE-2025-58183NONE0
stdlib
v1.24.6
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-61728NONE0
stdlib
v1.24.6
fixed in 1.24.12, 1.25.6
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61727NONE0
stdlib
v1.24.6
fixed in 1.24.11, 1.25.5
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39825NONE0
stdlib
v1.24.6
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2026-32282NONE0
stdlib
v1.24.6
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32289NONE0
stdlib
v1.24.6
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32288NONE0
stdlib
v1.24.6
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-27142NONE0
stdlib
v1.24.6
fixed in 1.25.8, 1.26.1
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39823NONE0
stdlib
v1.24.6
fixed in 1.25.10, 1.26.3
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39826NONE0
stdlib
v1.24.6
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2025-47912NONE0
stdlib
v1.24.6
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58185NONE0
stdlib
v1.24.6
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2025-58187NONE0
stdlib
v1.24.6
fixed in 1.24.9, 1.25.3
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58188NONE0
stdlib
v1.24.6
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58189NONE0
stdlib
v1.24.6
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-61723NONE0
stdlib
v1.24.6
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61724NONE0
stdlib
v1.24.6
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2025-61725NONE0
stdlib
v1.24.6
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61730NONE0
stdlib
v1.24.6
fixed in 1.24.12, 1.25.6
0.3%
Theoretical Threat
Not Applicable
CVE-2026-42505NONE0
stdlib
v1.24.6
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42507NONE0
stdlib
v1.24.6
fixed in 1.25.11, 1.26.4
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58186NONE0
stdlib
v1.24.6
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2026-27139NONE0
stdlib
v1.24.6
fixed in 1.25.8, 1.26.1
0.2%
Theoretical Threat
Not Applicable
CVE-2026-39824NONE0
golang.org/x/sys
v0.1.0
fixed in 0.44.0
0.1%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.