Last scanned:
This image carries significant risk; production deployment is highly discouraged without strict compensating controls. Although the image is trusted and official, it contains 6 medium-severity OpenSSL vulnerabilities (CVE-2026-34183, CVE-2025-69419) that could lead to denial of service or memory corruption in specific scenarios. However, Redis does not use QUIC or parse CMS/PKCS#12 data by default, limiting direct exploitability; the primary concern is if TLS is enabled and an attacker can trigger these issues through crafted network traffic or files. Restricting network access and disabling unneeded features like TLS can fully mitigate the majority of the risk.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-34183 | MEDIUM6.38 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34183 | MEDIUM6.38 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69419 | MEDIUM6.29 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-11187 | MEDIUM5.18 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-11187 | MEDIUM5.18 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-15468 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2025-66199 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-69420 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-22796 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2025-15469 | MEDIUM4.67 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2025-15469 | MEDIUM4.67 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-22795 | MEDIUM4.67 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-6042 | MEDIUM4.67 | musl 1.2.5-r10 fixed in 1.2.5-r11 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27171 | MEDIUM4.67 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2025-15467 | MEDIUM4.06 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2025-15467 | MEDIUM4.06 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 47.6% High Exploitation Risk | Post-Exploit |
| CVE-2025-68160 | MEDIUM4 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-68160 | MEDIUM4 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW3.4 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2025-69418 | LOW3.4 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.1% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-31789 | LOW3 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-31789 | LOW3 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libcrypto3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libssl3 3.5.4-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-28387 | LOW2.48 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Post-Exploit |
| CVE-2026-40200 | LOW2.39 | musl 1.2.5-r10 fixed in 1.2.5-r12 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-22184 | LOW2.39 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2025-69421 | LOW2.29 | libcrypto3 3.5.4-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28388 | LOW2.29 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW2.29 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28390 | LOW2.29 | libcrypto3 3.5.4-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2025-69421 | LOW2.29 | libssl3 3.5.4-r0 fixed in 3.5.5-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28388 | LOW2.29 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.9% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW2.29 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28390 | LOW2.29 | libssl3 3.5.4-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | busybox 1.37.0-r19 fixed in 1.37.0-r20 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | busybox-binsh 1.37.0-r19 fixed in 1.37.0-r20 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2025-46394 | LOW1.68 | ssl_client 1.37.0-r19 fixed in 1.37.0-r20 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-40200 | NONE0 | musl-utils 1.2.5-r10 fixed in 1.2.5-r12 | 0.1% Theoretical Threat | Not Applicable |
| CVE-2026-6042 | NONE0 | musl-utils 1.2.5-r10 fixed in 1.2.5-r11 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2024-58251 | NONE0 | busybox 1.37.0-r19 fixed in 1.37.0-r20 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2024-58251 | NONE0 | busybox-binsh 1.37.0-r19 fixed in 1.37.0-r20 | 0.2% Theoretical Threat | Not Applicable |
| CVE-2024-58251 | NONE0 | ssl_client 1.37.0-r19 fixed in 1.37.0-r20 | 0.2% Theoretical Threat | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.