Last scanned:
This image carries significant risk; production deployment is highly discouraged without strict compensating controls. The image has 85 exposed vulnerabilities, 11 of which are medium-severity (CVSS >= 6.0) in OpenSSL, such as CVE-2026-28390 and CVE-2026-34183, which could allow denial of service under specific conditions. However, RabbitMQ's default configuration does not enable the vulnerable CMS, QUIC, or delta CRL processing, reducing the immediate risk. Despite this, the sheer number of vulnerabilities increases attack surface and requires active monitoring and updates.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-28390 | MEDIUM6.38 | libcrypto3 3.5.0-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34183 | MEDIUM6.38 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-45186 | MEDIUM6.38 | libexpat 2.7.1-r0 fixed in 2.8.1-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-28390 | MEDIUM6.38 | libssl3 3.5.0-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34183 | MEDIUM6.38 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-28388 | MEDIUM6 | libcrypto3 3.5.0-r0 fixed in 3.5.6-r0 | 1.1% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2026-28388 | MEDIUM6 | libssl3 3.5.0-r0 fixed in 3.5.6-r0 | 1.1% Low-Moderate Risk | Directly ExposedContext importance: MEDIUM |
| CVE-2025-9231 | MEDIUM5.9 | libcrypto3 3.5.0-r0 fixed in 3.5.4-r0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2025-9231 | MEDIUM5.9 | libssl3 3.5.0-r0 fixed in 3.5.4-r0 | 2.2% Low-Moderate Risk | Directly Exposed |
| CVE-2026-56132 | MEDIUM5.87 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56403 | MEDIUM5.87 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56404 | MEDIUM5.87 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56405 | MEDIUM5.87 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56406 | MEDIUM5.87 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56410 | MEDIUM5.87 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-56411 | MEDIUM5.87 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-9230 | MEDIUM5.6 | libcrypto3 3.5.0-r0 fixed in 3.5.4-r0 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2025-9230 | MEDIUM5.6 | libssl3 3.5.0-r0 fixed in 3.5.4-r0 | 1.7% Low-Moderate Risk | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | libcrypto3 3.5.0-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | libssl3 3.5.0-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-59375 | MEDIUM5.3 | libexpat 2.7.1-r0 fixed in 2.7.2-r0 | 1.3% Low-Moderate Risk | Directly Exposed |
| CVE-2025-11187 | MEDIUM5.18 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-11187 | MEDIUM5.18 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libcrypto3 3.5.0-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-50219 | MEDIUM5.02 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-56412 | MEDIUM5.02 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libssl3 3.5.0-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-15469 | MEDIUM4.67 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-32776 | MEDIUM4.67 | libexpat 2.7.1-r0 fixed in 2.7.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-32777 | MEDIUM4.67 | libexpat 2.7.1-r0 fixed in 2.7.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-32778 | MEDIUM4.67 | libexpat 2.7.1-r0 fixed in 2.7.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-15469 | MEDIUM4.67 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-6042 | MEDIUM4.67 | musl 1.2.5-r10 fixed in 1.2.5-r11 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27171 | MEDIUM4.67 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34743 | MEDIUM4.5 | xz-libs 5.8.1-r0 fixed in 5.8.3-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-15467 | MEDIUM4.06 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2025-15467 | MEDIUM4.06 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2025-68160 | MEDIUM4 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-68160 | MEDIUM4 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-40200 | LOW3.98 | musl-utils 1.2.5-r10 fixed in 1.2.5-r12 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-6965 | LOW3.61 | sqlite-libs 3.49.2-r0 fixed in 3.49.2-r1 | 73.5% Actively Exploited | Post-Exploit |
| CVE-2025-69418 | LOW3.4 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW3.4 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-41080 | LOW3.15 | libexpat 2.7.1-r0 fixed in 2.8.1-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-9232 | LOW3.1 | libcrypto3 3.5.0-r0 fixed in 3.5.4-r0 | 2.0% Low-Moderate Risk | Directly Exposed |
| CVE-2025-9232 | LOW3.1 | libssl3 3.5.0-r0 fixed in 3.5.4-r0 | 2.0% Low-Moderate Risk | Directly Exposed |
| CVE-2026-31789 | LOW3 | libcrypto3 3.5.0-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | libssl3 3.5.0-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-6042 | LOW2.8 | musl-utils 1.2.5-r10 fixed in 1.2.5-r11 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libcrypto3 3.5.0-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libssl3 3.5.0-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | libcrypto3 3.5.0-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | libssl3 3.5.0-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-25210 | LOW2.39 | libexpat 2.7.1-r0 fixed in 2.7.4-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-40200 | LOW2.39 | musl 1.2.5-r10 fixed in 1.2.5-r12 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-22184 | LOW2.39 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-69421 | LOW2.29 | libcrypto3 3.5.0-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW2.29 | libcrypto3 3.5.0-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2025-69421 | LOW2.29 | libssl3 3.5.0-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW2.29 | libssl3 3.5.0-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-24515 | LOW2.12 | libexpat 2.7.1-r0 fixed in 2.7.4-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-46394 | LOW1.68 | busybox 1.37.0-r18 fixed in 1.37.0-r20 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | busybox-binsh 1.37.0-r18 fixed in 1.37.0-r20 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | ssl_client 1.37.0-r18 fixed in 1.37.0-r20 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2024-58251 | NONE0 | busybox 1.37.0-r18 fixed in 1.37.0-r20 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2024-58251 | NONE0 | busybox-binsh 1.37.0-r18 fixed in 1.37.0-r20 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2025-4575 | NONE0 | libcrypto3 3.5.0-r0 fixed in 3.5.1-r0 | 0.3% Theoretical Threat | Not Applicable |
| CVE-2026-56131 | NONE0 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-56407 | NONE0 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-56408 | NONE0 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-56409 | NONE0 | libexpat 2.7.1-r0 fixed in 2.8.2-r0 | <0.1% Theoretical Threat | Not Applicable |
| CVE-2025-4575 | NONE0 | libssl3 3.5.0-r0 fixed in 3.5.1-r0 | 0.3% Theoretical Threat | Not Applicable |
| CVE-2024-58251 | NONE0 | ssl_client 1.37.0-r18 fixed in 1.37.0-r20 | 0.2% Theoretical Threat | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.