Last scanned:
This base/runtime image is a reasonable foundation, but it ships vulnerabilities worth remediating in the images built on top of it. The most notable issues involve CVE-2026-34182 in OpenSSL, which could let an on-path attacker decrypt or forge CMS messages, and CVE-2026-42246 in Net::IMAP, allowing a man-in-the-middle to bypass TLS. Both require high attack complexity but could lead to exposure of sensitive data. Note: CVE-2026-42246 only affects applications that use Net::IMAP with STARTTLS. Post-exploit vulnerabilities are all low severity. Note: this is a general-purpose base/runtime image — many findings live in components that an application built on top may never load, so actual exploitability depends on the final image. For an accurate risk picture, re-scan the final application image with context.
| CVE ID | Adjusted Severity | Package | Exploit Probability | Risk Context |
|---|---|---|---|---|
| CVE-2026-34182 | MEDIUM6.29 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-34182 | MEDIUM6.29 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42246 | MEDIUM6.29 | net-imap 0.3.9 fixed in ~> 0.3.10, ~> 0.4.24, ~> 0.5.14, >= 0.6.4 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | libcrypto3 3.5.5-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-2673 | MEDIUM5.52 | libssl3 3.5.5-r0 fixed in 3.5.6-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-34181 | MEDIUM5.35 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42768 | MEDIUM5.35 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-47240 | MEDIUM5.18 | net-imap 0.3.9 fixed in ~> 0.5.15, >= 0.6.4.1 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libcrypto3 3.5.5-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-31790 | MEDIUM5.02 | libssl3 3.5.5-r0 fixed in 3.5.6-r0 | 1.0% Theoretical Threat | Directly Exposed |
| CVE-2026-42764 | MEDIUM5.02 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.7% Theoretical Threat | Directly Exposed |
| CVE-2026-42769 | MEDIUM5.02 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42770 | MEDIUM5.02 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-9076 | MEDIUM5.02 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-47241 | MEDIUM5.02 | net-imap 0.3.9 fixed in ~> 0.5.15, >= 0.6.4.1 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-31789 | MEDIUM5 | libcrypto3 3.5.5-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-31789 | MEDIUM5 | libssl3 3.5.5-r0 fixed in 3.5.6-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-7383 | MEDIUM4.67 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.4% Theoretical Threat | Directly Exposed |
| CVE-2026-6042 | MEDIUM4.67 | musl 1.2.5-r10 fixed in 1.2.5-r11 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-27171 | MEDIUM4.67 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-28388 | MEDIUM4.5 | libcrypto3 3.5.5-r0 fixed in 3.5.6-r0 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-28388 | MEDIUM4.5 | libssl3 3.5.5-r0 fixed in 3.5.6-r0 | 1.1% Low-Moderate Risk | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42766 | MEDIUM4.5 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-42767 | MEDIUM4.5 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Directly Exposed |
| CVE-2026-42258 | MEDIUM4.5 | net-imap 0.3.9 fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4 | 0.8% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-34180 | MEDIUM4.25 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Directly Exposed |
| CVE-2026-28387 | MEDIUM4.13 | libcrypto3 3.5.5-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-28387 | MEDIUM4.13 | libssl3 3.5.5-r0 fixed in 3.5.6-r0 | 0.6% Theoretical Threat | Directly Exposed |
| CVE-2026-40200 | LOW3.98 | musl-utils 1.2.5-r10 fixed in 1.2.5-r12 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-45446 | LOW3.15 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-45446 | LOW3.15 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.2% Theoretical Threat | Directly Exposed |
| CVE-2026-42257 | LOW3 | net-imap 0.3.9 fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-45447 | LOW2.92 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 2.7% Low-Moderate Risk | Post-Exploit |
| CVE-2026-41316 | LOW2.92 | erb 4.0.2 fixed in ~> 4.0.3.1, ~> 4.0.4.1, ~> 6.0.1.1, >= 6.0.4 | 1.1% Low-Moderate Risk | Post-Exploit |
| CVE-2026-6042 | LOW2.8 | musl-utils 1.2.5-r10 fixed in 1.2.5-r11 | 0.2% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-45445 | LOW2.78 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.3% Theoretical Threat | Post-Exploit |
| CVE-2026-40200 | LOW2.39 | musl 1.2.5-r10 fixed in 1.2.5-r12 | 0.1% Theoretical Threat | Post-Exploit |
| CVE-2026-22184 | LOW2.39 | zlib 1.3.1-r2 fixed in 1.3.2-r0 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW2.29 | libcrypto3 3.5.5-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28390 | LOW2.29 | libcrypto3 3.5.5-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-34183 | LOW2.29 | libcrypto3 3.5.5-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-28389 | LOW2.29 | libssl3 3.5.5-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-28390 | LOW2.29 | libssl3 3.5.5-r0 fixed in 3.5.6-r0 | 0.8% Theoretical Threat | Post-Exploit |
| CVE-2026-34183 | LOW2.29 | libssl3 3.5.5-r0 fixed in 3.5.7-r0 | 0.5% Theoretical Threat | Post-Exploit |
| CVE-2026-42245 | LOW2.29 | net-imap 0.3.9 fixed in ~> 0.4.24, ~> 0.5.14, >= 0.6.4 | 0.4% Theoretical Threat | Post-Exploit |
| CVE-2026-47242 | NONE0 | net-imap 0.3.9 fixed in ~> 0.5.15, >= 0.6.4.1 | 0.1% Theoretical Threat | Not Applicable |
Want to check another image? Run a full scan with the Docker Security Scanner.