Last scanned:
This image is safe for production use. It has 6 exposed vulnerabilities and 17 post-exploit vulnerabilities, all of low severity (max CVSS 4.67 and 2.81 respectively). The image is from a reliable community publisher and is pinned by digest, ensuring integrity.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-39833 | MEDIUM4.67 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-41568 | LOW3.31 | github.com/docker/docker v28.5.2+incompatible No fix yet | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-34040 | LOW2.81 | github.com/docker/docker v28.5.2+incompatible fixed in 29.3.1 | 8.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-39828 | LOW2.69 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-39832 | LOW2.66 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-33997 | LOW2.48 | github.com/docker/docker v28.5.2+incompatible fixed in 29.3.1 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-39831 | LOW2.48 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-41567 | LOW2.29 | github.com/docker/docker v28.5.2+incompatible No fix yet | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-39829 | LOW2.29 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-39830 | LOW2.29 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-39835 | LOW2.29 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-46597 | LOW2.29 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-42508 | LOW2.26 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-42306 | LOW2.2 | github.com/docker/docker v28.5.2+incompatible No fix yet | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-46595 | LOW2.17 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-39827 | LOW1.99 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-39834 | LOW1.99 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2025-11065 | LOW1.62 | github.com/go-viper/mapstructure/v2 v2.3.0 fixed in 2.4.0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-46598 | LOW1.62 | golang.org/x/crypto v0.51.0 fixed in 0.52.0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-2303 | NONE0 | go.mongodb.org/mongo-driver v1.14.0 fixed in 1.17.7 | 0.2% Theoretical Threat | Not Applicable |
| GO-2026-5932 | NONE0 | golang.org/x/crypto v0.51.0 No fix yet | — | Not Applicable |
| CVE-2026-46600 | NONE0 | golang.org/x/net v0.55.0 fixed in 0.56.0 | — | Not Applicable |
| CVE-2026-56852 | NONE0 | golang.org/x/text v0.37.0 fixed in 0.39.0 | — | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.