Vulnerability Reportredislabs/redisinsight:3.0

redislabs/redisinsight:3.0redislabs/redisinsight:3.0.3
DIGESTsha256:4455c3304eafe1311d0a367022bad41520e307138b7272e1c0c308ce781f7162

Executive Summary

Threat Score
74/100CAUTION
Reputation
TRUSTED

This image carries significant risk; production deployment is highly discouraged without strict compensating controls. An attacker could exploit CVE-2025-62718 or CVE-2026-42043 to bypass proxies and perform server-side request forgery, potentially accessing internal services, or use CVE-2026-4800 to execute arbitrary code during template compilation. While the image is from a verified publisher and pinned by digest, the sheer volume of high-severity vulnerabilities (12 with CVSS >=7.0) exposes the container to serious threats. Network segmentation and strict input validation may reduce some attack vectors, but the overall risk remains substantial.

Vulnerabilities

Vulnerability Log

106 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2025-62718CRITICAL9.9
axios
1.12.2
fixed in 1.15.0, 0.31.0
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-4800CRITICAL9.8
lodash
4.17.21
fixed in 4.18.0
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-4800CRITICAL9.8
lodash
4.17.23
fixed in 4.18.0
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-42043HIGH8.5
axios
1.12.2
fixed in 1.15.1, 0.31.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-31789HIGH8.33
libcrypto3
3.3.6-r0
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-31789HIGH8.33
libssl3
3.3.6-r0
fixed in 3.3.7-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42264HIGH7.73
axios
1.12.2
fixed in 1.15.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42044HIGH7.73
axios
1.12.2
fixed in 1.15.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-25639HIGH7.5
axios
1.12.2
fixed in 1.13.5, 0.30.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-64756HIGH7.5
glob
10.3.12
fixed in 11.1.0, 10.5.0
3.0%
Low-Moderate Risk
Directly Exposed
CVE-2026-44494HIGH7.39
axios
1.12.2
fixed in 1.16.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-44492HIGH7.31
axios
1.12.2
fixed in 1.16.0, 0.32.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-44490MEDIUM6.97
axios
1.12.2
fixed in 1.16.0, 0.32.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-28387MEDIUM6.88
libcrypto3
3.3.6-r0
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-28387MEDIUM6.88
libssl3
3.3.6-r0
fixed in 3.3.7-r0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-40200MEDIUM6.63
musl
1.2.5-r0
fixed in 1.2.5-r3
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40200MEDIUM6.63
musl-utils
1.2.5-r0
fixed in 1.2.5-r3
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-22184MEDIUM6.63
zlib
1.3.1-r1
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
libcrypto3
3.3.6-r0
fixed in 3.3.7-r0
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
libcrypto3
3.3.6-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
libcrypto3
3.3.6-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
libssl3
3.3.6-r0
fixed in 3.3.7-r0
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
libssl3
3.3.6-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
libssl3
3.3.6-r0
fixed in 3.3.7-r0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-44486MEDIUM6.38
axios
1.12.2
fixed in 1.16.0, 0.32.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-44487MEDIUM6.38
axios
1.12.2
fixed in 1.16.0, 0.32.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-44488MEDIUM6.38
axios
1.12.2
fixed in 1.16.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-44496MEDIUM6.38
axios
1.12.2
fixed in 1.16.0, 0.32.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42038MEDIUM6.38
axios
1.12.2
fixed in 1.15.1, 0.31.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42039MEDIUM6.38
axios
1.12.2
fixed in 1.15.1, 0.31.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33750MEDIUM6.38
brace-expansion
1.1.12
fixed in 5.0.5, 3.0.2, 2.0.3, 1.1.13
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33750MEDIUM6.38
brace-expansion
2.0.1
fixed in 5.0.5, 3.0.2, 2.0.3, 1.1.13
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-33750MEDIUM6.38
brace-expansion
2.0.2
fixed in 5.0.5, 3.0.2, 2.0.3, 1.1.13
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-24001MEDIUM6.38
diff
4.0.2
fixed in 8.0.3, 5.2.2, 4.0.4, 3.5.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-24001MEDIUM6.38
diff
5.2.0
fixed in 8.0.3, 5.2.2, 4.0.4, 3.5.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-26996MEDIUM6.38
minimatch
3.1.2
fixed in 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-26996MEDIUM6.38
minimatch
9.0.4
fixed in 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-26996MEDIUM6.38
minimatch
9.0.5
fixed in 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-2359MEDIUM6.38
multer
2.0.2
fixed in 2.1.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-3304MEDIUM6.38
multer
2.0.2
fixed in 2.1.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-3520MEDIUM6.38
multer
2.0.2
fixed in 2.1.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-4926MEDIUM6.38
path-to-regexp
8.2.0
fixed in 8.4.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-15284MEDIUM6.38
qs
6.13.0
fixed in 6.14.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2391MEDIUM6.38
qs
6.13.0
fixed in 6.14.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-15284MEDIUM6.38
qs
6.14.0
fixed in 6.14.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2391MEDIUM6.38
qs
6.14.0
fixed in 6.14.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-33151MEDIUM6.38
socket.io-parser
4.2.4
fixed in 3.3.5, 3.4.4, 4.2.6
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-41907MEDIUM6.38
uuid
11.1.0
fixed in 11.1.1, 12.0.1, 13.0.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41907MEDIUM6.38
uuid
8.3.2
fixed in 11.1.1, 12.0.1, 13.0.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-45736MEDIUM6.38
ws
8.17.1
fixed in 8.20.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42033MEDIUM6.29
axios
1.12.2
fixed in 1.15.1, 0.31.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42035MEDIUM6.29
axios
1.12.2
fixed in 1.15.1, 0.31.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-26519MEDIUM5.95
musl
1.2.5-r0
fixed in 1.2.5-r1
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-26519MEDIUM5.95
musl-utils
1.2.5-r0
fixed in 1.2.5-r1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-44495MEDIUM5.95
axios
1.12.2
fixed in 1.15.2, 0.31.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42041MEDIUM5.52
axios
1.12.2
fixed in 1.15.1, 0.31.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-27904MEDIUM5.52
minimatch
3.1.2
fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27904MEDIUM5.52
minimatch
9.0.4
fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27904MEDIUM5.52
minimatch
9.0.5
fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-33532MEDIUM5.52
yaml
2.4.1
fixed in 2.8.3, 1.10.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-35515MEDIUM5.18
@nestjs/core
11.0.20
fixed in 11.1.18
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42042MEDIUM5.18
axios
1.12.2
fixed in 1.15.1, 0.31.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42338MEDIUM5.18
ip-address
9.0.5
fixed in 10.1.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libcrypto3
3.3.6-r0
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
libssl3
3.3.6-r0
fixed in 3.3.7-r0
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-27903MEDIUM5.02
minimatch
3.1.2
fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27903MEDIUM5.02
minimatch
9.0.4
fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27903MEDIUM5.02
minimatch
9.0.5
fixed in 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-4923MEDIUM5.02
path-to-regexp
8.2.0
fixed in 8.4.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl
1.2.5-r0
fixed in 1.2.5-r2
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-6042MEDIUM4.67
musl-utils
1.2.5-r0
fixed in 1.2.5-r2
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib
1.3.1-r1
fixed in 1.3.2-r0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42034MEDIUM4.5
axios
1.12.2
fixed in 1.15.1, 0.31.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42036MEDIUM4.5
axios
1.12.2
fixed in 1.15.1, 0.31.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42037MEDIUM4.5
axios
1.12.2
fixed in 1.15.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-31808MEDIUM4.5
file-type
16.5.4
fixed in 21.3.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-31808MEDIUM4.5
file-type
20.4.1
fixed in 21.3.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-32630MEDIUM4.5
file-type
20.4.1
fixed in 21.3.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-13465MEDIUM4.5
lodash
4.17.21
fixed in 4.17.23
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-2950MEDIUM4.5
lodash
4.17.21
fixed in 4.18.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-2950MEDIUM4.5
lodash
4.17.23
fixed in 4.18.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-24842MEDIUM4.18
tar
6.2.1
fixed in 7.5.7
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-40175MEDIUM4.08
axios
1.12.2
fixed in 1.15.0, 0.31.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-21538LOW3.74
cross-spawn
7.0.3
fixed in 7.0.5, 6.0.6
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-26960LOW3.62
tar
6.2.1
fixed in 7.5.8
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-3449LOW3.4
@tootallnate/once
1.1.2
fixed in 3.0.1, 2.0.1
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-29786LOW3.21
tar
6.2.1
fixed in 7.5.10
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-23745LOW3.11
tar
6.2.1
fixed in 7.5.3
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-23950LOW3.01
tar
6.2.1
fixed in 7.5.4
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-31802LOW2.8
tar
6.2.1
fixed in 7.5.11
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-5889LOW2.63
brace-expansion
2.0.1
fixed in 2.0.2, 1.1.12, 3.0.1, 4.0.1
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-46394LOW1.68
busybox
1.36.1-r29
fixed in 1.36.1-r31
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
busybox-binsh
1.36.1-r29
fixed in 1.36.1-r31
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-46394LOW1.68
ssl_client
1.36.1-r29
fixed in 1.36.1-r31
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-58251NONE0
busybox
1.36.1-r29
fixed in 1.36.1-r31
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
busybox-binsh
1.36.1-r29
fixed in 1.36.1-r31
0.2%
Theoretical Threat
Not Applicable
CVE-2024-58251NONE0
ssl_client
1.36.1-r29
fixed in 1.36.1-r31
0.2%
Theoretical Threat
Not Applicable
CVE-2026-42040NONE0
axios
1.12.2
fixed in 1.15.1, 0.31.1
0.2%
Theoretical Threat
Not Applicable
GHSA-r4q5-vmmm-2653NONE0
follow-redirects
1.15.6
fixed in 1.16.0
Not Applicable
CVE-2026-12143NONE0
form-data
4.0.4
fixed in 2.5.6, 3.0.5, 4.0.6
0.3%
Theoretical Threat
Not Applicable
CVE-2026-46625NONE0
js-cookie
3.0.5
fixed in 3.0.7
0.4%
Theoretical Threat
Not Applicable
CVE-2026-53550NONE0
js-yaml
4.1.1
fixed in 4.2.0
Not Applicable
CVE-2026-8723NONE0
qs
6.13.0
fixed in 6.15.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-8723NONE0
qs
6.14.0
fixed in 6.15.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-53655NONE0
tar
6.2.1
fixed in 7.5.16
Not Applicable
CVE-2026-48779NONE0
ws
8.17.1
fixed in 5.2.5, 6.2.4, 7.5.11, 8.21.0
Not Applicable