Vulnerability Reportpython:3.11-slim

DIGESTsha256:233de06753d30d120b1a3ce359d8d3be8bda78524cd8f520c99883bfe33964cf

Executive Summary

CAUTION

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could achieve local privilege escalation within the container via `CVE-2026-4878` or trigger denial of service, and potentially arbitrary code execution, through systemd vulnerabilities such as `CVE-2026-29111`. While this is an official and trusted image, the presence of these high-severity exposed vulnerabilities requires careful consideration. The glibc vulnerability `CVE-2018-20796` could lead to denial of service if the application processes untrusted regular expressions.

Threat Score
50/100
CAUTION
Reputation
TRUSTED
Docker Official
BaseImage/
python:3.11-slim
Hardened
Grade
A+
Vulns
0
Verified & secured for production

Vulnerabilities

Vulnerability Log

128 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-4878MEDIUM6.7
libcap2
1:2.75-10+b8
No fix yet
Directly Exposed
CVE-2026-29111MEDIUM6.63
libsystemd0
257.9-1~deb13u1
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-29111MEDIUM6.63
libudev1
257.9-1~deb13u1
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40225MEDIUM6.4
libsystemd0
257.9-1~deb13u1
No fix yet
Directly Exposed
CVE-2026-40226MEDIUM6.4
libsystemd0
257.9-1~deb13u1
No fix yet
Directly Exposed
CVE-2026-40225MEDIUM6.4
libudev1
257.9-1~deb13u1
No fix yet
Directly Exposed
CVE-2026-40226MEDIUM6.4
libudev1
257.9-1~deb13u1
No fix yet
Directly Exposed
CVE-2018-20796MEDIUM6
libc-bin
2.41-12+deb13u2
No fix yet
1.5%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-20796MEDIUM6
libc6
2.41-12+deb13u2
No fix yet
1.5%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-23949MEDIUM5.85
jaraco.context
5.3.0
fixed in 6.1.0
<0.1%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4105MEDIUM5.7
libsystemd0
257.9-1~deb13u1
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4105MEDIUM5.7
libudev1
257.9-1~deb13u1
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
libc-bin
2.41-12+deb13u2
No fix yet
<0.1%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2026-4437MEDIUM5.52
libc6
2.41-12+deb13u2
No fix yet
<0.1%
Theoretical Threat
Directly ExposedContext importance: HIGH
CVE-2025-14104MEDIUM5.18
libblkid1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
liblastlog2-2
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libmount1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libuuid1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2019-9192MEDIUM5.1
libc-bin
2.41-12+deb13u2
No fix yet
0.8%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2019-9192MEDIUM5.1
libc6
2.41-12+deb13u2
No fix yet
0.8%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28390MEDIUM5.1
libssl3t64
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28390MEDIUM5.1
openssl
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28390MEDIUM5.1
openssl-provider-legacy
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28389MEDIUM5.02
libssl3t64
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3t64
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM5.02
openssl-provider-legacy
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-provider-legacy
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2019-1010022MEDIUM5
libc-bin
2.41-12+deb13u2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2019-1010022MEDIUM5
libc6
2.41-12+deb13u2
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-31789MEDIUM4.93
libssl3t64
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-31789MEDIUM4.93
openssl-provider-legacy
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
libblkid1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
liblastlog2-2
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
libmount1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
libuuid1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.3.dfsg+really1.3.1-1+b1
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-24049MEDIUM4.67
wheel
0.45.1
fixed in 0.46.2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc-bin
2.41-12+deb13u2
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2019-1010024MEDIUM4.5
libc-bin
2.41-12+deb13u2
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2019-1010025MEDIUM4.5
libc-bin
2.41-12+deb13u2
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc6
2.41-12+deb13u2
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2019-1010024MEDIUM4.5
libc6
2.41-12+deb13u2
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2019-1010025MEDIUM4.5
libc6
2.41-12+deb13u2
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
liblzma5
5.8.1-1
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2023-31437MEDIUM4.5
libsystemd0
257.9-1~deb13u1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-31438MEDIUM4.5
libsystemd0
257.9-1~deb13u1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2023-31439MEDIUM4.5
libsystemd0
257.9-1~deb13u1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2023-31437MEDIUM4.5
libudev1
257.9-1~deb13u1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-31438MEDIUM4.5
libudev1
257.9-1~deb13u1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2023-31439MEDIUM4.5
libudev1
257.9-1~deb13u1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM4.02
openssl
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-27456MEDIUM4
libblkid1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
liblastlog2-2
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2011-3374LOW3.7
libapt-pkg7.0
3.0.3
No fix yet
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2021-45346LOW3.65
libsqlite3-0
3.46.1-7+deb13u1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2005-2541LOW3.6
tar
1.35+dfsg-3.1
No fix yet
3.3%
Low-Moderate Risk
Post-Exploit
CVE-2026-4438LOW3.4
libc-bin
2.41-12+deb13u2
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2010-4756LOW3.4
libc-bin
2.41-12+deb13u2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.41-12+deb13u2
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2010-4756LOW3.4
libc6
2.41-12+deb13u2
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3184LOW3.15
libblkid1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-3184LOW3.15
liblastlog2-2
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-3184LOW3.15
libmount1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-28387LOW3.15
libssl3t64
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-3184LOW3.15
libuuid1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-28387LOW3.15
openssl-provider-legacy
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2025-14104LOW3.11
bsdutils
1:2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2025-14104LOW3.11
login
1:4.16.0-2+really2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2025-14104LOW3.11
mount
2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2025-14104LOW3.11
util-linux
2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW3.01
libssl3t64
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-28388LOW3.01
openssl
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-31790LOW3.01
openssl
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-28388LOW3.01
openssl-provider-legacy
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-31789LOW2.96
openssl
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Post-Exploit
CVE-2026-40228LOW2.9
libsystemd0
257.9-1~deb13u1
No fix yet
Directly Exposed
CVE-2026-40228LOW2.9
libudev1
257.9-1~deb13u1
No fix yet
Directly Exposed
CVE-2022-0563LOW2.8
bsdutils
1:2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2022-0563LOW2.8
login
1:4.16.0-2+really2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2022-0563LOW2.8
mount
2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2022-0563LOW2.8
util-linux
2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2025-70873LOW2.8
libsqlite3-0
3.46.1-7+deb13u1
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2013-4392LOW2.8
libsystemd0
257.9-1~deb13u1
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2013-4392LOW2.8
libudev1
257.9-1~deb13u1
No fix yet
<0.1%
Theoretical Threat
Directly Exposed
CVE-2025-8869LOW2.7
pip
24.0
fixed in 25.3
<0.1%
Theoretical Threat
Post-Exploit
CVE-2019-1010023LOW2.69
libc-bin
2.41-12+deb13u2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2019-1010023LOW2.69
libc6
2.41-12+deb13u2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-2673LOW2.63
libssl3t64
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-2673LOW2.63
openssl-provider-legacy
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-5704LOW2.55
tar
1.35+dfsg-3.1
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2007-5686LOW2.5
login.defs
1:4.17.4-2
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2007-5686LOW2.5
passwd
1:4.17.4-2
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2017-18018LOW2.4
coreutils
9.7-3
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
login
1:4.16.0-2+really2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2025-5278LOW2.24
coreutils
9.7-3
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2011-3374LOW2.22
apt
3.0.3
No fix yet
1.5%
Low-Moderate Risk
Post-Exploit
CVE-2024-56433LOW2.16
login.defs
1:4.17.4-2
No fix yet
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2024-56433LOW2.16
passwd
1:4.17.4-2
No fix yet
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2026-1703LOW1.99
pip
24.0
fixed in 26.0
<0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW1.89
bsdutils
1:2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW1.89
login
1:4.16.0-2+really2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW1.89
mount
2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW1.89
openssl
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW1.89
util-linux
2.41-5
No fix yet
<0.1%
Theoretical Threat
Post-Exploit
CVE-2011-4116LOW1.68
perl-base
5.40.1-6
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-2673LOW1.58
openssl
3.5.5-1~deb13u1
fixed in 3.5.5-1~deb13u2
<0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69720NONE0
libncursesw6
6.5+20250216-2
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
libtinfo6
6.5+20250216-2
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-base
6.5+20250216-2
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-bin
6.5+20250216-2
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2025-14104NONE0
libsmartcols1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2022-0563NONE0
libsmartcols1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-27456NONE0
libsmartcols1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2026-3184NONE0
libsmartcols1
2.41-5
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2025-6141NONE0
libncursesw6
6.5+20250216-2
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2025-6141NONE0
libtinfo6
6.5+20250216-2
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2025-6141NONE0
ncurses-base
6.5+20250216-2
No fix yet
<0.1%
Theoretical Threat
Not Applicable
CVE-2025-6141NONE0
ncurses-bin
6.5+20250216-2
No fix yet
<0.1%
Theoretical Threat
Not Applicable
TEMP-0841856-B18BAFNONE0
bash
5.2.37-2+b8
No fix yet
Not Applicable
TEMP-0628843-DBAD28NONE0
login.defs
1:4.17.4-2
No fix yet
Not Applicable
TEMP-0628843-DBAD28NONE0
passwd
1:4.17.4-2
No fix yet
Not Applicable
TEMP-0517018-A83CE6NONE0
sysvinit-utils
3.14-4
No fix yet
Not Applicable
TEMP-0290435-0B57B5NONE0
tar
1.35+dfsg-3.1
No fix yet
Not Applicable