Vulnerability Reportrabbitmq:4.1.0-management-alpine

rabbitmq:4.1.0-management-alpine
DIGESTsha256:770948395acde6a1faf449f8570dc1f0365eb573dba1c6c89d060e1fcbfe199c

Executive Summary

Last scanned:

Threat Score
50/100CAUTION
Reputation
TRUSTED

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could cause denial of service by exploiting vulnerabilities in OpenSSL and libexpat, potentially crashing the RabbitMQ service. Although the image is official and pinned by digest, the high volume of medium-severity issues (11 with CVSS >= 6.0) requires prompt remediation. Updating the affected packages (openssl, libexpat) would resolve the most critical findings.

Vulnerabilities

Vulnerability Log

127 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-28390MEDIUM6.38
libcrypto3
3.5.0-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34183MEDIUM6.38
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-45186MEDIUM6.38
libexpat
2.7.1-r0
fixed in 2.8.1-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
libssl3
3.5.0-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34183MEDIUM6.38
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34182MEDIUM6.29
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6
libcrypto3
3.5.0-r0
fixed in 3.5.6-r0
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-28388MEDIUM6
libssl3
3.5.0-r0
fixed in 3.5.6-r0
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2025-9231MEDIUM5.9
libcrypto3
3.5.0-r0
fixed in 3.5.4-r0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-9231MEDIUM5.9
libssl3
3.5.0-r0
fixed in 3.5.4-r0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-56132MEDIUM5.87
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56403MEDIUM5.87
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56404MEDIUM5.87
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56405MEDIUM5.87
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56406MEDIUM5.87
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56410MEDIUM5.87
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-56411MEDIUM5.87
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-9230MEDIUM5.6
libcrypto3
3.5.0-r0
fixed in 3.5.4-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2025-9230MEDIUM5.6
libssl3
3.5.0-r0
fixed in 3.5.4-r0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2026-2673MEDIUM5.52
libcrypto3
3.5.0-r0
fixed in 3.5.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
libssl3
3.5.0-r0
fixed in 3.5.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-59375MEDIUM5.3
libexpat
2.7.1-r0
fixed in 2.7.2-r0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-11187MEDIUM5.18
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-11187MEDIUM5.18
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libcrypto3
3.5.0-r0
fixed in 3.5.6-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-50219MEDIUM5.02
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-56412MEDIUM5.02
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.5.0-r0
fixed in 3.5.6-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-15469MEDIUM4.67
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-32776MEDIUM4.67
libexpat
2.7.1-r0
fixed in 2.7.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-32777MEDIUM4.67
libexpat
2.7.1-r0
fixed in 2.7.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-32778MEDIUM4.67
libexpat
2.7.1-r0
fixed in 2.7.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-15469MEDIUM4.67
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r10
fixed in 1.2.5-r11
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
xz-libs
5.8.1-r0
fixed in 5.8.3-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM4.06
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-15467MEDIUM4.06
libssl3
3.5.0-r0
fixed in 3.5.5-r0
47.6%
High Exploitation Risk
Post-Exploit
CVE-2025-68160MEDIUM4
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40200LOW3.98
musl-utils
1.2.5-r10
fixed in 1.2.5-r12
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-4330LOW3.72
pyc
3.12.10-r1
fixed in 3.12.11-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-4330LOW3.72
python3
3.12.10-r1
fixed in 3.12.11-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-4330LOW3.72
python3-pyc
3.12.10-r1
fixed in 3.12.11-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-4330LOW3.72
python3-pycache-pyc0
3.12.10-r1
fixed in 3.12.11-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-6965LOW3.61
sqlite-libs
3.49.2-r0
fixed in 3.49.2-r1
73.5%
Actively Exploited
Post-Exploit
CVE-2025-69418LOW3.4
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-41080LOW3.15
libexpat
2.7.1-r0
fixed in 2.8.1-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9232LOW3.1
libcrypto3
3.5.0-r0
fixed in 3.5.4-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-9232LOW3.1
libssl3
3.5.0-r0
fixed in 3.5.4-r0
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-31789LOW3
libcrypto3
3.5.0-r0
fixed in 3.5.6-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
libssl3
3.5.0-r0
fixed in 3.5.6-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-45447LOW2.92
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
libssl3
3.5.0-r0
fixed in 3.5.7-r0
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-6042LOW2.8
musl-utils
1.2.5-r10
fixed in 1.2.5-r11
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libcrypto3
3.5.0-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libssl3
3.5.0-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-4517LOW2.74
pyc
3.12.10-r1
fixed in 3.12.11-r0
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2025-4517LOW2.74
python3
3.12.10-r1
fixed in 3.12.11-r0
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2025-4517LOW2.74
python3-pyc
3.12.10-r1
fixed in 3.12.11-r0
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2025-4517LOW2.74
python3-pycache-pyc0
3.12.10-r1
fixed in 3.12.11-r0
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2025-4138LOW2.7
pyc
3.12.10-r1
fixed in 3.12.11-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-4138LOW2.7
python3
3.12.10-r1
fixed in 3.12.11-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-4138LOW2.7
python3-pyc
3.12.10-r1
fixed in 3.12.11-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2025-4138LOW2.7
python3-pycache-pyc0
3.12.10-r1
fixed in 3.12.11-r0
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-28387LOW2.48
libcrypto3
3.5.0-r0
fixed in 3.5.6-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libssl3
3.5.0-r0
fixed in 3.5.6-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-25210LOW2.39
libexpat
2.7.1-r0
fixed in 2.7.4-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-40200LOW2.39
musl
1.2.5-r10
fixed in 1.2.5-r12
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-22184LOW2.39
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-12718LOW2.33
pyc
3.12.10-r1
fixed in 3.12.11-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2024-12718LOW2.33
python3
3.12.10-r1
fixed in 3.12.11-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2024-12718LOW2.33
python3-pyc
3.12.10-r1
fixed in 3.12.11-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2024-12718LOW2.33
python3-pycache-pyc0
3.12.10-r1
fixed in 3.12.11-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libcrypto3
3.5.0-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libcrypto3
3.5.0-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
libssl3
3.5.0-r0
fixed in 3.5.5-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libssl3
3.5.0-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-24515LOW2.12
libexpat
2.7.1-r0
fixed in 2.7.4-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-46394LOW1.68
busybox
1.37.0-r18
fixed in 1.37.0-r20
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox-binsh
1.37.0-r18
fixed in 1.37.0-r20
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
ssl_client
1.37.0-r18
fixed in 1.37.0-r20
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-58251NONE0
busybox
1.37.0-r18
fixed in 1.37.0-r20
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox-binsh
1.37.0-r18
fixed in 1.37.0-r20
0.2%
Theoretical Threat
Not Applicable
CVE-2025-4575NONE0
libcrypto3
3.5.0-r0
fixed in 3.5.1-r0
0.3%
Theoretical Threat
Not Applicable
CVE-2026-56131NONE0
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Not Applicable
CVE-2026-56407NONE0
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Not Applicable
CVE-2026-56408NONE0
libexpat
2.7.1-r0
fixed in 2.8.2-r0
0.1%
Theoretical Threat
Not Applicable
CVE-2026-56409NONE0
libexpat
2.7.1-r0
fixed in 2.8.2-r0
<0.1%
Theoretical Threat
Not Applicable
CVE-2025-4575NONE0
libssl3
3.5.0-r0
fixed in 3.5.1-r0
0.3%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
ssl_client
1.37.0-r18
fixed in 1.37.0-r20
0.2%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.