Vulnerability Reportrabbitmq:4.0.5-alpine

rabbitmq:4.0.5-alpine
DIGESTsha256:e045b5166b9188a38eee5c99411709aa1f0ffa2ac75664053e64cb69411f7c32

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This image is safe for production use. While 29 exposed vulnerabilities were identified, all are low severity (below 6.0) and none are exploitable via RabbitMQ's network surface. The only post-exploit finding, CVE-2025-15467, affects OpenSSL's CMS parsing, which RabbitMQ does not use, making it irrelevant. No action is required.

Vulnerabilities

Vulnerability Log

56 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2025-26519MEDIUM5.95
musl
1.2.5-r8
fixed in 1.2.5-r9
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-9231MEDIUM5.9
libcrypto3
3.3.2-r4
fixed in 3.3.5-r0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-9231MEDIUM5.9
libssl3
3.3.2-r4
fixed in 3.3.5-r0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libcrypto3
3.3.2-r4
fixed in 3.3.5-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libssl3
3.3.2-r4
fixed in 3.3.5-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2026-28388MEDIUM5.1
libcrypto3
3.3.2-r4
fixed in 3.3.7-r0
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28388MEDIUM5.1
libssl3
3.3.2-r4
fixed in 3.3.7-r0
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-31790MEDIUM5.02
libcrypto3
3.3.2-r4
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libcrypto3
3.3.2-r4
fixed in 3.3.6-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libcrypto3
3.3.2-r4
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libcrypto3
3.3.2-r4
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libcrypto3
3.3.2-r4
fixed in 3.3.6-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.3.2-r4
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libssl3
3.3.2-r4
fixed in 3.3.6-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libssl3
3.3.2-r4
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3
3.3.2-r4
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3
3.3.2-r4
fixed in 3.3.6-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libcrypto3
3.3.2-r4
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3
3.3.2-r4
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r8
fixed in 1.2.5-r10
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libcrypto3
3.3.2-r4
fixed in 3.3.6-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
libssl3
3.3.2-r4
fixed in 3.3.6-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2024-13176MEDIUM4
libcrypto3
3.3.2-r4
fixed in 3.3.2-r5
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libcrypto3
3.3.2-r4
fixed in 3.3.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-13176MEDIUM4
libssl3
3.3.2-r4
fixed in 3.3.2-r5
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3
3.3.2-r4
fixed in 3.3.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libcrypto3
3.3.2-r4
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3
3.3.2-r4
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-9232LOW3.1
libcrypto3
3.3.2-r4
fixed in 3.3.5-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-9232LOW3.1
libssl3
3.3.2-r4
fixed in 3.3.5-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-31789LOW3
libcrypto3
3.3.2-r4
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
libssl3
3.3.2-r4
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-12797LOW2.66
libcrypto3
3.3.2-r4
fixed in 3.3.3-r0
2.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-12797LOW2.66
libssl3
3.3.2-r4
fixed in 3.3.3-r0
2.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-28387LOW2.48
libcrypto3
3.3.2-r4
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libssl3
3.3.2-r4
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-40200LOW2.39
musl
1.2.5-r8
fixed in 1.2.5-r11
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-22184LOW2.39
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libcrypto3
3.3.2-r4
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libcrypto3
3.3.2-r4
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libcrypto3
3.3.2-r4
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libssl3
3.3.2-r4
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libssl3
3.3.2-r4
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libssl3
3.3.2-r4
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69419LOW2.26
libcrypto3
3.3.2-r4
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69419LOW2.26
libssl3
3.3.2-r4
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox
1.37.0-r9
fixed in 1.37.0-r14
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox-binsh
1.37.0-r9
fixed in 1.37.0-r14
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
ssl_client
1.37.0-r9
fixed in 1.37.0-r14
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-40200NONE0
musl-utils
1.2.5-r8
fixed in 1.2.5-r11
0.1%
Theoretical Threat
Not Applicable
CVE-2025-26519NONE0
musl-utils
1.2.5-r8
fixed in 1.2.5-r9
0.3%
Theoretical Threat
Not Applicable
CVE-2026-6042NONE0
musl-utils
1.2.5-r8
fixed in 1.2.5-r10
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox
1.37.0-r9
fixed in 1.37.0-r14
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox-binsh
1.37.0-r9
fixed in 1.37.0-r14
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
ssl_client
1.37.0-r9
fixed in 1.37.0-r14
0.2%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.