Vulnerability Reportprom/prometheus:v3.13.0

prom/prometheus:v3.13.0prom/prometheus:v3.13.0-busybox
DIGESTsha256:c6b27ea434f8389bfe233fbc7be381cf50587c286e871bc842008f5a1b1908a7

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
RELIABLE

This image is safe for production use. Although 4 exposed vulnerabilities and 1 post-exploit vulnerability were identified, they are all of low severity (max 3.6) and pose no practical threat in typical deployments. The image is widely used, well-maintained, and pinned by digest, ensuring its integrity.

Vulnerabilities

Vulnerability Log

5 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-42505LOW3.6
stdlib
v1.26.4
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-39822LOW2.39
stdlib
v1.26.4
fixed in 1.25.12, 1.26.5, 1.27.0-rc.2
0.2%
Theoretical Threat
Post-Exploit
GO-2026-5932NONE0
golang.org/x/crypto
v0.52.0
No fix yet
Not Applicable
CVE-2026-46600NONE0
golang.org/x/net
v0.55.0
fixed in 0.56.0
Not Applicable
CVE-2026-56852NONE0
golang.org/x/text
v0.38.0
fixed in 0.39.0
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.