Vulnerability Reportrabbitmq:4.2.4

rabbitmq:4.2.4
DIGESTsha256:ede3a083bc7c3d55e85c7d46f708d09d49ffe959d69b3a3369e7fe707aa1905c

Executive Summary

Last scanned:

Threat Score
75/100DANGEROUS
Reputation
TRUSTED

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could bypass TLS authentication and gain unauthorized access to RabbitMQ, potentially compromising the entire message queue. Disabling RSA-PSK cipher suites or updating libgnutls would fully eliminate CVE-2026-42010. Note: CVE-2026-42010 only applies if RSA-PSK is enabled, which is not the default.

Vulnerabilities

Vulnerability Log

90 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-42010HIGH7.84
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-42011MEDIUM6.29
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42012MEDIUM6.03
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4878MEDIUM5.95
libcap2
1:2.66-5ubuntu2.2
fixed in 1:2.66-5ubuntu2.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-2236MEDIUM5.9
libgcrypt20
1.10.3-2build1
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-42014MEDIUM5.61
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42013MEDIUM5.58
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4437MEDIUM5.52
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM5.52
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-40225MEDIUM5.44
libsystemd0
255.4-1ubuntu8.12
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40226MEDIUM5.44
libsystemd0
255.4-1ubuntu8.12
fixed in 255.4-1ubuntu8.16
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40225MEDIUM5.44
libudev1
255.4-1ubuntu8.12
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40226MEDIUM5.44
libudev1
255.4-1ubuntu8.12
fixed in 255.4-1ubuntu8.16
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
libp11-kit0
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM5.1
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28388MEDIUM5.1
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-3833MEDIUM5.03
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.6%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-5435MEDIUM5.02
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-31789MEDIUM5
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.3.dfsg-3.1ubuntu2.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc-bin
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc6
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42015MEDIUM4.5
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
liblzma5
5.6.1+really5.4.5-1ubuntu0.2
fixed in 5.6.1+really5.4.5-1ubuntu0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5260MEDIUM4.18
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libblkid1
2.39.3-9ubuntu6.4
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.39.3-9ubuntu6.4
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.39.3-9ubuntu6.4
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.39.3-9ubuntu6.4
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-41989LOW3.83
libgcrypt20
1.10.3-2build1
fixed in 1.10.3-2ubuntu0.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-34182LOW3.77
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-4438LOW3.4
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5958LOW3.21
sed
4.9-2build1
fixed in 4.9-2ubuntu0.24.04.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3832LOW3.15
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-5419LOW3.15
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-31790LOW3.01
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
1.0%
Theoretical Threat
Post-Exploit
CVE-2026-42770LOW3.01
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-9076LOW3.01
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-31789LOW3
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-8376LOW3
perl-base
5.38.2-3.2ubuntu0.2
fixed in 5.38.2-3.2ubuntu0.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-45447LOW2.92
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2025-45582LOW2.86
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.2
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-7383LOW2.8
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5704LOW2.8
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-40228LOW2.8
libsystemd0
255.4-1ubuntu8.12
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libudev1
255.4-1ubuntu8.12
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-33845LOW2.78
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-42496LOW2.78
perl-base
5.38.2-3.2ubuntu0.2
fixed in 5.38.2-3.2ubuntu0.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-33846LOW2.7
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2026-42009LOW2.7
libgnutls30t64
3.8.3-1.1ubuntu3.5
fixed in 3.8.3-1.1ubuntu3.6
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2026-42766LOW2.7
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-42767LOW2.7
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-34180LOW2.55
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.39.3-9ubuntu6.4
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-41991LOW2.4
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.39.3-9ubuntu6.4
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.39.3-9ubuntu6.4
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69720LOW2.39
libncursesw6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-29111LOW2.39
libsystemd0
255.4-1ubuntu8.12
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69720LOW2.39
libtinfo6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-29111LOW2.39
libudev1
255.4-1ubuntu8.12
fixed in 255.4-1ubuntu8.14
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-41992LOW2.29
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.9
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-34182LOW2.26
libssl3t64
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-45446LOW1.89
openssl
3.0.13-0ubuntu3.7
fixed in 3.0.13-0ubuntu3.11
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
login
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69720NONE0
ncurses-base
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-bin
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2026-2219NONE0
dpkg
1.22.6ubuntu6.5
fixed in 1.22.6ubuntu6.6
0.4%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.