Vulnerability Reportscylladb/scylla:2025.1

scylladb/scylla:2025.1scylladb/scylla:2025.1.14

DIGESTsha256:1dda1faf5bb33ce285d5cf0cf993f88ea21d8216b336dc15f56133453c18bde1

Executive Summary

Threat ScoreSAFE• Threat score is 0, indicating no actionable risks.• All 26 exposed vulnerabilities have max severity 5.95 (below 6.0), posing minimal risk.• 12 post-exploit findings have max severity 2.86 (low).• Image is from a popular community publisher (scylladb) with 29M+ pulls and pinned by digest.• No high or critical severity vulnerabilities identified.

0/100SAFE

ReputationPOPULAR COMMUNITY• High Reputation Community Image (29M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This image is safe for production use. The 26 exposed vulnerabilities are all low severity (max CVSS 5.95) and the 12 post-exploit findings are even lower (max 2.86), presenting negligible practical risk. The image is from a well-established community publisher with strong reputation and is pinned by digest, ensuring immutability. No high-severity issues or exploitable pathways exist in this deployment context.

Vulnerabilities

Vulnerability Log

40 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2025-5222	MEDIUM5.95	libicu74 74.2-1ubuntu3.1 No fix yet	0.3% Theoretical Threat	Directly Exposed
CVE-2024-2236	MEDIUM4.72	libgcrypt20 1.10.3-2ubuntu0.1 No fix yet	1.1% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2025-66382	MEDIUM4.67	libexpat1 2.6.1-2ubuntu0.4 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libblkid1 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libfdisk1 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libmount1 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libsmartcols1 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-27456	MEDIUM4	libuuid1 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Directly Exposed
CVE-2026-4046	LOW3.6	libc-bin 2.39-0ubuntu8.7 No fix yet	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-4046	LOW3.6	libc6 2.39-0ubuntu8.7 No fix yet	0.4% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-4438	LOW3.4	libc-bin 2.39-0ubuntu8.7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-4438	LOW3.4	libc6 2.39-0ubuntu8.7 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-45582	LOW2.86	tar 1.35+dfsg-3build1 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2025-13462	LOW2.8	libpython3.12-minimal 3.12.3-1ubuntu0.13 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-2297	LOW2.8	libpython3.12-minimal 3.12.3-1ubuntu0.13 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-13462	LOW2.8	libpython3.12-stdlib 3.12.3-1ubuntu0.13 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-2297	LOW2.8	libpython3.12-stdlib 3.12.3-1ubuntu0.13 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd-shared 255.4-1ubuntu8.16 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libsystemd0 255.4-1ubuntu8.16 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	libudev1 255.4-1ubuntu8.16 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-13462	LOW2.8	python3.12 3.12.3-1ubuntu0.13 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-2297	LOW2.8	python3.12 3.12.3-1ubuntu0.13 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2025-13462	LOW2.8	python3.12-minimal 3.12.3-1ubuntu0.13 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-2297	LOW2.8	python3.12-minimal 3.12.3-1ubuntu0.13 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	systemd-resolved 255.4-1ubuntu8.16 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40228	LOW2.8	systemd-timesyncd 255.4-1ubuntu8.16 No fix yet	0.2% Theoretical Threat	Directly Exposed
CVE-2026-27456	LOW2.4	bsdutils 1:2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	mount 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27456	LOW2.4	util-linux 2.39.3-9ubuntu6.5 No fix yet	0.1% Theoretical Threat	Post-Exploit
CVE-2026-4437	LOW1.99	libc-bin 2.39-0ubuntu8.7 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6238	LOW1.99	libc-bin 2.39-0ubuntu8.7 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-4437	LOW1.99	libc6 2.39-0ubuntu8.7 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2026-6238	LOW1.99	libc6 2.39-0ubuntu8.7 No fix yet	0.3% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	login 1:4.13+dfsg1-4ubuntu3.2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2024-56433	LOW1.84	passwd 1:4.13+dfsg1-4ubuntu3.2 No fix yet	0.4% Theoretical Threat	Post-Exploit
CVE-2026-5435	LOW1.81	libc-bin 2.39-0ubuntu8.7 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-5435	LOW1.81	libc6 2.39-0ubuntu8.7 No fix yet	0.2% Theoretical Threat	Post-Exploit
CVE-2026-40228	NONE0	systemd 255.4-1ubuntu8.16 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-40228	NONE0	systemd-dev 255.4-1ubuntu8.16 No fix yet	0.2% Theoretical Threat	Not Applicable
CVE-2026-6653	NONE0	libxml2 2.9.14+dfsg-1.3ubuntu3.7 No fix yet	0.3% Theoretical Threat	Not Applicable