Vulnerability Reportrust:alpine

rust:alpine3.24rust:alpinerust:1.96.0-alpine3.24rust:1.96.0-alpinerust:1.96-alpine3.24rust:1.96-alpinerust:1-alpine3.24rust:1-alpine
DIGESTsha256:2ea3db105d38fdfa4e31f366674287fcaa828087e2fe3973befdc537f2d443b1

Executive Summary

DANGEROUS

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. Exploitation could lead to severe consequences including loss of data confidentiality, integrity bypass, and potentially remote code execution or denial of service. A total of 30 vulnerabilities were detected, with the highest severity findings related to OpenSSL (CVE-2026-45445, CVE-2026-45447). It is crucial to verify if the container's application uses the specific, less-recommended OpenSSL APIs or acts as a QUIC client/server, as these are conditions for some of the critical vulnerabilities to be exploitable. Due to the DANGEROUS threat score, this image requires immediate remediation or replacement.

Threat Score
75/100
DANGEROUS
Reputation
TRUSTED
Docker Official
BaseImage/
rust:alpine
Hardened
Grade
A+
Vulns
0
Verified & secured for production

Vulnerabilities

Vulnerability Log

30 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-45445HIGH7.28
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly ExposedContext importance: MEDIUM
CVE-2026-45445HIGH7.28
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly ExposedContext importance: MEDIUM
CVE-2026-45447MEDIUM6.48
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly ExposedContext importance: MEDIUM
CVE-2026-45447MEDIUM6.48
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly ExposedContext importance: MEDIUM
CVE-2026-34181MEDIUM6.3
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42768MEDIUM6.3
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-34181MEDIUM6.3
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42768MEDIUM6.3
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-34183MEDIUM6
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly ExposedContext importance: MEDIUM
CVE-2026-34183MEDIUM6
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly ExposedContext importance: MEDIUM
CVE-2026-34182MEDIUM5.92
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly ExposedContext importance: MEDIUM
CVE-2026-34182MEDIUM5.92
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly ExposedContext importance: MEDIUM
CVE-2026-9076MEDIUM5.9
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-7383MEDIUM5.5
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-7383MEDIUM5.5
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42766MEDIUM5.3
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42767MEDIUM5.3
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42766MEDIUM5.3
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42767MEDIUM5.3
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-34180MEDIUM5
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-34180MEDIUM5
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-9076MEDIUM4.72
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly ExposedContext importance: MEDIUM
CVE-2026-45446LOW3.7
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-45446LOW3.7
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42764LOW3.54
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42769LOW3.54
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42770LOW3.54
libcrypto3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42764LOW3.54
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42769LOW3.54
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed
CVE-2026-42770LOW3.54
libssl3
3.5.6-r0
fixed in 3.5.7-r0
Directly Exposed