Vulnerability Reportrabbitmq:4.0.8-management-alpine

rabbitmq:4.0.8-management-alpine
DIGESTsha256:01965a0eb700ea8ca27f9736780e54b44c61078af8f55415f9c4b134b5a093f8

Executive Summary

Last scanned:

Threat Score
50/100CAUTION
Reputation
TRUSTED

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could cause denial of service via crafted XML input (CVE-2026-45186) or potentially execute arbitrary code by providing a malicious PKCS#12 file (CVE-2025-69419). Note that CVE-2026-28388 only applies if delta CRL processing is explicitly enabled, and CVE-2025-69419 requires the application to parse untrusted PKCS#12 files, which RabbitMQ does not do by default. The image is official and trusted, but the presence of multiple medium-severity vulnerabilities in core libraries (libexpat, OpenSSL) warrants caution and recommends remediation.

Vulnerabilities

Vulnerability Log

97 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-45186MEDIUM6.38
libexpat
2.7.0-r0
fixed in 2.8.1-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libcrypto3
3.3.3-r0
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libssl3
3.3.3-r0
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6
libcrypto3
3.3.3-r0
fixed in 3.3.7-r0
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-28388MEDIUM6
libssl3
3.3.3-r0
fixed in 3.3.7-r0
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2025-9231MEDIUM5.9
libcrypto3
3.3.3-r0
fixed in 3.3.5-r0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-9231MEDIUM5.9
libssl3
3.3.3-r0
fixed in 3.3.5-r0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-56132MEDIUM5.87
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56403MEDIUM5.87
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56404MEDIUM5.87
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56405MEDIUM5.87
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56406MEDIUM5.87
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56410MEDIUM5.87
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56411MEDIUM5.87
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-9230MEDIUM5.6
libcrypto3
3.3.3-r0
fixed in 3.3.5-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libssl3
3.3.3-r0
fixed in 3.3.5-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2026-28387MEDIUM5.5
libcrypto3
3.3.3-r0
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28387MEDIUM5.5
libssl3
3.3.3-r0
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2025-59375MEDIUM5.3
libexpat
2.7.0-r0
fixed in 2.7.2-r0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-31790MEDIUM5.02
libcrypto3
3.3.3-r0
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libcrypto3
3.3.3-r0
fixed in 3.3.6-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libcrypto3
3.3.3-r0
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libcrypto3
3.3.3-r0
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libcrypto3
3.3.3-r0
fixed in 3.3.6-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-50219MEDIUM5.02
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-56412MEDIUM5.02
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.3.3-r0
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libssl3
3.3.3-r0
fixed in 3.3.6-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libssl3
3.3.3-r0
fixed in 3.3.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3
3.3.3-r0
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3
3.3.3-r0
fixed in 3.3.6-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libcrypto3
3.3.3-r0
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-32776MEDIUM4.67
libexpat
2.7.0-r0
fixed in 2.7.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-32777MEDIUM4.67
libexpat
2.7.0-r0
fixed in 2.7.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-32778MEDIUM4.67
libexpat
2.7.0-r0
fixed in 2.7.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3
3.3.3-r0
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r9
fixed in 1.2.5-r10
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-29088MEDIUM4.67
sqlite-libs
3.48.0-r0
fixed in 3.48.0-r4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
xz-libs
5.6.3-r0
fixed in 5.8.3-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libcrypto3
3.3.3-r0
fixed in 3.3.6-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
libssl3
3.3.3-r0
fixed in 3.3.6-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-68160MEDIUM4
libcrypto3
3.3.3-r0
fixed in 3.3.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3
3.3.3-r0
fixed in 3.3.6-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-6965LOW3.61
sqlite-libs
3.48.0-r0
fixed in 3.48.0-r3
73.5%
Actively Exploited
Post-Exploit
CVE-2025-69418LOW3.4
libcrypto3
3.3.3-r0
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3
3.3.3-r0
fixed in 3.3.6-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-41080LOW3.15
libexpat
2.7.0-r0
fixed in 2.8.1-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-9232LOW3.1
libcrypto3
3.3.3-r0
fixed in 3.3.5-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-9232LOW3.1
libssl3
3.3.3-r0
fixed in 3.3.5-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-31789LOW3
libcrypto3
3.3.3-r0
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
libssl3
3.3.3-r0
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-3277LOW3
sqlite-libs
3.48.0-r0
fixed in 3.48.0-r1
0.7%
Theoretical Threat
Post-Exploit
CVE-2025-4517LOW2.74
python3
3.12.9-r0
fixed in 3.12.11-r0
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2025-4138LOW2.7
python3
3.12.9-r0
fixed in 3.12.11-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-4516LOW2.6
python3
3.12.9-r0
fixed in 3.12.10-r1
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-25210LOW2.39
libexpat
2.7.0-r0
fixed in 2.7.4-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-40200LOW2.39
musl
1.2.5-r9
fixed in 1.2.5-r11
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-22184LOW2.39
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-12718LOW2.33
python3
3.12.9-r0
fixed in 3.12.11-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libcrypto3
3.3.3-r0
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libcrypto3
3.3.3-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libcrypto3
3.3.3-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libssl3
3.3.3-r0
fixed in 3.3.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libssl3
3.3.3-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libssl3
3.3.3-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-29087LOW2.29
sqlite-libs
3.48.0-r0
fixed in 3.48.0-r1
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-31115LOW2.29
xz-libs
5.6.3-r0
fixed in 5.6.3-r1
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-4330LOW2.23
python3
3.12.9-r0
fixed in 3.12.11-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-24515LOW2.12
libexpat
2.7.0-r0
fixed in 2.7.4-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-46394LOW1.68
busybox
1.37.0-r12
fixed in 1.37.0-r14
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox-binsh
1.37.0-r12
fixed in 1.37.0-r14
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
ssl_client
1.37.0-r12
fixed in 1.37.0-r14
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-40200NONE0
musl-utils
1.2.5-r9
fixed in 1.2.5-r11
0.1%
Theoretical Threat
Not Applicable
CVE-2024-12718NONE0
pyc
3.12.9-r0
fixed in 3.12.11-r0
0.6%
Theoretical Threat
Not Applicable
CVE-2025-4517NONE0
pyc
3.12.9-r0
fixed in 3.12.11-r0
1.2%
Low-Moderate Risk
Not Applicable
CVE-2024-12718NONE0
python3-pyc
3.12.9-r0
fixed in 3.12.11-r0
0.6%
Theoretical Threat
Not Applicable
CVE-2025-4517NONE0
python3-pyc
3.12.9-r0
fixed in 3.12.11-r0
1.2%
Low-Moderate Risk
Not Applicable
CVE-2024-12718NONE0
python3-pycache-pyc0
3.12.9-r0
fixed in 3.12.11-r0
0.6%
Theoretical Threat
Not Applicable
CVE-2025-4517NONE0
python3-pycache-pyc0
3.12.9-r0
fixed in 3.12.11-r0
1.2%
Low-Moderate Risk
Not Applicable
CVE-2025-4138NONE0
pyc
3.12.9-r0
fixed in 3.12.11-r0
1.1%
Low-Moderate Risk
Not Applicable
CVE-2025-4138NONE0
python3-pyc
3.12.9-r0
fixed in 3.12.11-r0
1.1%
Low-Moderate Risk
Not Applicable
CVE-2025-4138NONE0
python3-pycache-pyc0
3.12.9-r0
fixed in 3.12.11-r0
1.1%
Low-Moderate Risk
Not Applicable
CVE-2025-4330NONE0
pyc
3.12.9-r0
fixed in 3.12.11-r0
0.8%
Theoretical Threat
Not Applicable
CVE-2025-4330NONE0
python3-pyc
3.12.9-r0
fixed in 3.12.11-r0
0.8%
Theoretical Threat
Not Applicable
CVE-2025-4330NONE0
python3-pycache-pyc0
3.12.9-r0
fixed in 3.12.11-r0
0.8%
Theoretical Threat
Not Applicable
CVE-2026-6042NONE0
musl-utils
1.2.5-r9
fixed in 1.2.5-r10
0.2%
Theoretical Threat
Not Applicable
CVE-2025-4516NONE0
pyc
3.12.9-r0
fixed in 3.12.10-r1
0.2%
Theoretical Threat
Not Applicable
CVE-2025-4516NONE0
python3-pyc
3.12.9-r0
fixed in 3.12.10-r1
0.2%
Theoretical Threat
Not Applicable
CVE-2025-4516NONE0
python3-pycache-pyc0
3.12.9-r0
fixed in 3.12.10-r1
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox
1.37.0-r12
fixed in 1.37.0-r14
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox-binsh
1.37.0-r12
fixed in 1.37.0-r14
0.2%
Theoretical Threat
Not Applicable
CVE-2026-56131NONE0
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Not Applicable
CVE-2026-56407NONE0
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Not Applicable
CVE-2026-56408NONE0
libexpat
2.7.0-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Not Applicable
CVE-2026-56409NONE0
libexpat
2.7.0-r0
fixed in 2.8.2-r0
<0.1%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
ssl_client
1.37.0-r12
fixed in 1.37.0-r14
0.2%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.