Vulnerability Reportrabbitmq:4.2.4-management-alpine

rabbitmq:4.2.4-management-alpine
DIGESTsha256:adac51a4a14a200b8eb928a12787564ed56e93fc55e789a73ec13e1e2eac7aef

Executive Summary

Last scanned:

Threat Score
25/100NEEDS ATTENTION
Reputation
TRUSTED

This image is acceptable for production, but remediating the identified vulnerabilities is recommended to reduce the attack surface. The most notable finding is CVE-2026-31789, a heap buffer overflow in OpenSSL that only affects 32-bit platforms when processing certificates larger than 1 GB. Since most production environments run on 64-bit systems, this vulnerability is unlikely to be exploitable. Additionally, all post-exploit vulnerabilities are low severity (maximum 3.98). The image is official and trusted, but regular patching is advised to maintain security posture.

Vulnerabilities

Vulnerability Log

50 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-31789MEDIUM6.66
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.2%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-31789MEDIUM6.66
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.2%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-2673MEDIUM5.52
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34181MEDIUM5.35
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42768MEDIUM5.35
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM5.1
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-28388MEDIUM5.1
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.9%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-31790MEDIUM5.02
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.5.5-r0
fixed in 3.5.6-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42764MEDIUM5.02
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-42769MEDIUM5.02
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42770MEDIUM5.02
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r21
fixed in 1.2.5-r22
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42767MEDIUM4.5
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40200LOW3.98
musl
1.2.5-r21
fixed in 1.2.5-r23
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40200LOW3.98
musl-utils
1.2.5-r21
fixed in 1.2.5-r23
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-45446LOW3.15
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45446LOW3.15
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45447LOW2.92
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-45447LOW2.92
libssl3
3.5.5-r0
fixed in 3.5.7-r0
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2026-6042LOW2.8
musl-utils
1.2.5-r21
fixed in 1.2.5-r22
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-45445LOW2.78
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-22184LOW2.39
zlib
1.3.1-r2
fixed in 1.3.2-r0
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libcrypto3
3.5.5-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-34183LOW2.29
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
libssl3
3.5.5-r0
fixed in 3.5.6-r0
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-34183LOW2.29
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-34182LOW2.26
libcrypto3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-34182LOW2.26
libssl3
3.5.5-r0
fixed in 3.5.7-r0
0.2%
Theoretical Threat
Post-Exploit

Want to check another image? Run a full scan with the Docker Security Scanner.