Vulnerability Reportprom/prometheus:v2.37.8

prom/prometheus:v2.37.8
DIGESTsha256:14ba50a00431d29032f7415052cd4de89ceca5441c0ecd22be92eafc453a7f05

Executive Summary

Last scanned:

Threat Score
100/100DANGEROUS
Reputation
RELIABLE

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker can cause denial of service by sending crafted HTTP/2 CONTINUATION frames or rapid stream resets, bypass network access controls using IPv4-mapped IPv6 addresses, or exhaust server memory via excessive query parameters. Disabling HTTP/2 in Prometheus (--http2=false) fully mitigates the HTTP/2-specific vulnerabilities (CVE-2023-45288, CVE-2023-39325). Other issues require updating the Go runtime. The container's trusted provenance does not offset the immediate and exploitable threats present.

Vulnerabilities

Vulnerability Log

132 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2023-45288CRITICAL9.75
golang.org/x/net
v0.7.0
fixed in 0.23.0
92.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2023-45288CRITICAL9.75
stdlib
v1.19.9
fixed in 1.21.9, 1.22.2
92.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2024-24790HIGH7.84
stdlib
v1.19.9
fixed in 1.21.11, 1.22.4
2.0%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2023-39325HIGH7.5
golang.org/x/net
v0.7.0
fixed in 0.17.0
3.8%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2023-39325HIGH7.5
stdlib
v1.19.9
fixed in 1.20.10, 1.21.3
3.8%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2025-61726HIGH7.5
stdlib
v1.19.9
fixed in 1.24.12, 1.25.6
1.9%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2026-33997MEDIUM6.88
github.com/docker/docker
v20.10.24+incompatible
fixed in 29.3.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-39831MEDIUM6.88
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-25681MEDIUM6.88
golang.org/x/net
v0.7.0
fixed in 0.55.0
0.2%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-27136MEDIUM6.88
golang.org/x/net
v0.7.0
fixed in 0.55.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-68121MEDIUM6.8
stdlib
v1.19.9
fixed in 1.24.13, 1.25.7, 1.26.0-rc.3
0.8%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2024-24557MEDIUM6.63
github.com/docker/docker
v20.10.24+incompatible
fixed in 24.0.9, 25.0.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-29403MEDIUM6.63
stdlib
v1.19.9
fixed in 1.19.10, 1.20.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-39822MEDIUM6.63
stdlib
v1.19.9
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-29406MEDIUM6.5
stdlib
v1.19.9
fixed in 1.19.11, 1.20.6
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-41567MEDIUM6.38
github.com/docker/docker
v20.10.24+incompatible
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-29018MEDIUM6.38
github.com/docker/docker
v20.10.24+incompatible
fixed in 26.0.0-rc3, 25.0.5, 23.0.11
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-30204MEDIUM6.38
github.com/golang-jwt/jwt/v4
v4.2.0
fixed in 4.5.2
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-65637MEDIUM6.38
github.com/sirupsen/logrus
v1.8.1
fixed in 1.8.3, 1.9.1, 1.9.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-39882MEDIUM6.38
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
v1.7.0
fixed in 1.43.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-22869MEDIUM6.38
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.35.0
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-47913MEDIUM6.38
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.43.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-39829MEDIUM6.38
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-39830MEDIUM6.38
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-39835MEDIUM6.38
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-46597MEDIUM6.38
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-45338MEDIUM6.38
golang.org/x/net
v0.7.0
fixed in 0.33.0
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-33814MEDIUM6.38
golang.org/x/net
v0.7.0
fixed in 0.53.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-22868MEDIUM6.38
golang.org/x/oauth2
v0.0.0-20220628200809-02e64fa58f26
fixed in 0.27.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-61729MEDIUM6.38
stdlib
v1.19.9
fixed in 1.24.11, 1.25.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-25679MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.8, 1.26.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-27145MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.11, 1.26.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-32280MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.9, 1.26.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-32281MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-32283MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.9, 1.26.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33811MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.10, 1.26.3
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-33814MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.10, 1.26.3
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-39820MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.10, 1.26.3
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-39836MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42499MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.10, 1.26.3
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-42504MEDIUM6.38
stdlib
v1.19.9
fixed in 1.25.11, 1.26.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-58183MEDIUM6.38
stdlib
v1.19.9
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-61728MEDIUM6.38
stdlib
v1.19.9
fixed in 1.24.12, 1.25.6
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42508MEDIUM6.29
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42306MEDIUM6.12
github.com/docker/docker
v20.10.24+incompatible
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-46595MEDIUM6.03
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-45142MEDIUM6
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
v0.32.0
fixed in 0.44.0
1.4%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2023-45287MEDIUM6
stdlib
v1.19.9
fixed in 1.20.0
1.3%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2025-47907MEDIUM5.95
stdlib
v1.19.9
fixed in 1.23.12, 1.24.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-24786MEDIUM5.9
google.golang.org/protobuf
v1.28.0
fixed in 1.33.0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-24791MEDIUM5.9
stdlib
v1.19.9
fixed in 1.21.12, 1.22.5
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-34158MEDIUM5.9
stdlib
v1.19.9
fixed in 1.22.7, 1.23.1
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-4673MEDIUM5.78
stdlib
v1.19.9
fixed in 1.23.10, 1.24.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-39821MEDIUM5.58
golang.org/x/net
v0.7.0
fixed in 0.55.0
0.5%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2023-2253MEDIUM5.52
github.com/docker/distribution
v2.7.1+incompatible
fixed in 2.8.2-beta.1
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-39827MEDIUM5.52
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-39834MEDIUM5.52
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-22872MEDIUM5.52
golang.org/x/net
v0.7.0
fixed in 0.38.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-25680MEDIUM5.52
golang.org/x/net
v0.7.0
fixed in 0.55.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-24785MEDIUM5.52
stdlib
v1.19.9
fixed in 1.21.8, 1.22.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-47906MEDIUM5.52
stdlib
v1.19.9
fixed in 1.23.12, 1.24.6
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-61727MEDIUM5.52
stdlib
v1.19.9
fixed in 1.24.11, 1.25.5
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-39825MEDIUM5.52
stdlib
v1.19.9
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-32282MEDIUM5.44
stdlib
v1.19.9
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-24784MEDIUM5.4
stdlib
v1.19.9
fixed in 1.21.8, 1.22.1
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-29409MEDIUM5.3
stdlib
v1.19.9
fixed in 1.19.12, 1.20.7, 1.21.0-rc.4
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-39326MEDIUM5.3
stdlib
v1.19.9
fixed in 1.20.12, 1.21.5
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-45289MEDIUM5.3
stdlib
v1.19.9
fixed in 1.21.8, 1.22.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-45290MEDIUM5.3
stdlib
v1.19.9
fixed in 1.21.8, 1.22.1
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-3978MEDIUM5.18
golang.org/x/net
v0.7.0
fixed in 0.13.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-42502MEDIUM5.18
golang.org/x/net
v0.7.0
fixed in 0.55.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-39318MEDIUM5.18
stdlib
v1.19.9
fixed in 1.20.8, 1.21.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-39319MEDIUM5.18
stdlib
v1.19.9
fixed in 1.20.8, 1.21.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-32289MEDIUM5.18
stdlib
v1.19.9
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-24783MEDIUM5.02
stdlib
v1.19.9
fixed in 1.21.8, 1.22.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-34155MEDIUM5.02
stdlib
v1.19.9
fixed in 1.22.7, 1.23.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-45336MEDIUM5.02
stdlib
v1.19.9
fixed in 1.22.11, 1.23.5, 1.24.0-rc.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-6104MEDIUM4.67
github.com/hashicorp/go-retryablehttp
v0.7.1
fixed in 0.7.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-39833MEDIUM4.67
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-24789MEDIUM4.67
stdlib
v1.19.9
fixed in 1.21.11, 1.22.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-32288MEDIUM4.67
stdlib
v1.19.9
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-40577MEDIUM4.59
github.com/prometheus/alertmanager
v0.24.0
fixed in 0.25.1
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42506MEDIUM4.59
golang.org/x/net
v0.7.0
fixed in 0.55.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-22871MEDIUM4.59
stdlib
v1.19.9
fixed in 1.23.8, 1.24.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-27142MEDIUM4.59
stdlib
v1.19.9
fixed in 1.25.8, 1.26.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-39823MEDIUM4.59
stdlib
v1.19.9
fixed in 1.25.10, 1.26.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-39826MEDIUM4.59
stdlib
v1.19.9
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-47914MEDIUM4.5
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.45.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-58181MEDIUM4.5
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.45.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-46598MEDIUM4.5
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-47911MEDIUM4.5
golang.org/x/net
v0.7.0
fixed in 0.45.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-58190MEDIUM4.5
golang.org/x/net
v0.7.0
fixed in 0.45.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-45284MEDIUM4.5
stdlib
v1.19.9
fixed in 1.20.11, 1.21.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-22866MEDIUM4.5
stdlib
v1.19.9
fixed in 1.22.12, 1.23.6, 1.24.0-rc.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-22873MEDIUM4.5
stdlib
v1.19.9
fixed in 1.23.9, 1.24.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-47912MEDIUM4.5
stdlib
v1.19.9
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58185MEDIUM4.5
stdlib
v1.19.9
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-58187MEDIUM4.5
stdlib
v1.19.9
fixed in 1.24.9, 1.25.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58188MEDIUM4.5
stdlib
v1.19.9
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58189MEDIUM4.5
stdlib
v1.19.9
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-61723MEDIUM4.5
stdlib
v1.19.9
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-61724MEDIUM4.5
stdlib
v1.19.9
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-61725MEDIUM4.5
stdlib
v1.19.9
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-61730MEDIUM4.5
stdlib
v1.19.9
fixed in 1.24.12, 1.25.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42505MEDIUM4.5
stdlib
v1.19.9
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42507MEDIUM4.5
stdlib
v1.19.9
fixed in 1.25.11, 1.26.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58186MEDIUM4.5
stdlib
v1.19.9
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-54410MEDIUM4.42
github.com/docker/docker
v20.10.24+incompatible
fixed in 25.0.13, 28.0.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-41110MEDIUM4.1
github.com/docker/docker
v20.10.24+incompatible
fixed in 23.0.15, 26.1.5, 27.1.1, 25.0.6
16.5%
High Exploitation Risk
Post-Exploit
CVE-2025-22870LOW3.74
golang.org/x/net
v0.7.0
fixed in 0.36.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-22870LOW3.74
stdlib
v1.19.9
fixed in 1.23.7, 1.24.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-45341LOW3.57
stdlib
v1.19.9
fixed in 1.22.11, 1.23.5, 1.24.0-rc.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-41568LOW3.31
github.com/docker/docker
v20.10.24+incompatible
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-33186LOW3.28
google.golang.org/grpc
v1.47.0
fixed in 1.79.3
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2024-45337LOW2.95
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.31.0
3.2%
Low-Moderate Risk
Post-Exploit
CVE-2026-34040LOW2.81
github.com/docker/docker
v20.10.24+incompatible
fixed in 29.3.1
8.1%
Low-Moderate Risk
Post-Exploit
CVE-2023-48795LOW2.76
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.17.0
93.3%
Actively Exploited
Post-Exploit
CVE-2023-45283LOW2.7
stdlib
v1.19.9
fixed in 1.20.11, 1.21.4, 1.20.12, 1.21.5
2.8%
Low-Moderate Risk
Post-Exploit
CVE-2024-34156LOW2.7
stdlib
v1.19.9
fixed in 1.22.7, 1.23.1
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-39828LOW2.69
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-39832LOW2.66
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.52.0
0.5%
Theoretical Threat
Post-Exploit
CVE-2024-51744LOW2.63
github.com/golang-jwt/jwt/v4
v4.2.0
fixed in 4.5.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27139LOW2.12
stdlib
v1.19.9
fixed in 1.25.8, 1.26.1
0.2%
Theoretical Threat
Directly Exposed
GHSA-qq97-vm5h-rrhgNONE0
github.com/docker/distribution
v2.7.1+incompatible
fixed in 2.8.0
Not Applicable
GHSA-jq35-85cj-fj4pNONE0
github.com/docker/docker
v20.10.24+incompatible
fixed in 24.0.7, 23.0.8, 20.10.27
Not Applicable
CVE-2026-2303NONE0
go.mongodb.org/mongo-driver
v1.8.3
fixed in 1.17.7
0.2%
Theoretical Threat
Not Applicable
CVE-2022-30636NONE0
golang.org/x/crypto
v0.0.0-20220511200225-c6db032c6c88
fixed in 0.0.0-20220525230936-793ad666bf5e
0.6%
Theoretical Threat
Not Applicable
CVE-2026-46600NONE0
golang.org/x/net
v0.7.0
fixed in 0.56.0
Not Applicable
CVE-2026-39824NONE0
golang.org/x/sys
v0.5.0
fixed in 0.44.0
0.1%
Theoretical Threat
Not Applicable
CVE-2026-56852NONE0
golang.org/x/text
v0.7.0
fixed in 0.39.0
Not Applicable
GHSA-m425-mq94-257gNONE0
google.golang.org/grpc
v1.47.0
fixed in 1.56.3, 1.57.1, 1.58.3
Not Applicable
CVE-2025-0913NONE0
stdlib
v1.19.9
fixed in 1.23.10, 1.24.4
0.2%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.