Vulnerability Reportsonatype/nexus3:3.93.0

sonatype/nexus3:latestsonatype/nexus3:3.93.0-alpinesonatype/nexus3:3.93.0

DIGESTsha256:65b9b1e418e5a068b0c4c958b91a4cea692b35901554398171b1f22808b24098

Executive Summary

Threat ScoreSAFE• Maximum vulnerability severity is low (5.35 for exposed, 3.21 for post-exploit)• No exposed or post-exploit findings with severity ≥ 6.0 or critical impact• Verified publisher (Sonatype) with high community trust (1465 stars, 198M pulls)• Image pinned by digest ensures immutability and consistency• All 49 total vulnerabilities (16 exposed, 33 post) are low severity

0/100SAFE

ReputationVERIFIED• Verified Publisher (Trusted Vendor)• Pinned by digest (Immutable)

TRUSTED

This image is safe for production use. Although 16 exposed and 33 post-exploit vulnerabilities exist, they are all low severity (maximum 5.35 exposed, 3.21 post) and do not pose a practical risk. The image is from a verified, trusted publisher and pinned by digest, ensuring integrity and consistency.

Vulnerabilities

Vulnerability Log

49 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2026-34181	MEDIUM5.35	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34181	MEDIUM5.35	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-42768	MEDIUM5.35	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-45292	MEDIUM5.1	io.opentelemetry:opentelemetry-api 1.47.0 fixed in 1.62.0	0.5% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2026-7383	MEDIUM4.67	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-7383	MEDIUM4.67	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-42767	MEDIUM4.5	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34180	MEDIUM4.25	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-34181	LOW3.21	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-42768	LOW3.21	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.4% Theoretical Threat	Post-Exploit
CVE-2026-45446	LOW3.15	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW3.15	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45447	LOW2.92	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-45447	LOW2.92	libssl3 3.5.6-r0 fixed in 3.5.7-r0	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-45447	LOW2.92	openssl 3.5.6-r0 fixed in 3.5.7-r0	1.4% Low-Moderate Risk	Post-Exploit
CVE-2026-7383	LOW2.8	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-45445	LOW2.78	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42766	LOW2.7	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.6% Theoretical Threat	Post-Exploit
CVE-2026-42767	LOW2.7	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-23903	LOW2.7	org.apache.shiro:shiro-spring 1.13.0 fixed in 2.1.0	0.4% Theoretical Threat	Directly Exposed
CVE-2026-34180	LOW2.55	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Post-Exploit
CVE-2026-34183	LOW2.29	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Post-Exploit
CVE-2026-34183	LOW2.29	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Post-Exploit
CVE-2026-34183	LOW2.29	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.5% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW2.26	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW2.26	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-34182	LOW2.26	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-23901	LOW2.12	org.apache.shiro:shiro-core 1.13.0 fixed in 2.1.0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45446	LOW1.89	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-42764	LOW1.81	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.7% Theoretical Threat	Post-Exploit
CVE-2026-42769	LOW1.81	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42770	LOW1.81	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW1.81	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42764	LOW1.81	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.7% Theoretical Threat	Post-Exploit
CVE-2026-42769	LOW1.81	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42770	LOW1.81	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW1.81	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42764	LOW1.81	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.7% Theoretical Threat	Post-Exploit
CVE-2026-42769	LOW1.81	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42770	LOW1.81	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.2% Theoretical Threat	Post-Exploit
CVE-2026-9076	LOW1.81	openssl 3.5.6-r0 fixed in 3.5.7-r0	0.3% Theoretical Threat	Post-Exploit
CVE-2026-42766	LOW1.62	libcrypto3 3.5.6-r0 fixed in 3.5.7-r0	0.6% Theoretical Threat	Post-Exploit
CVE-2026-42766	LOW1.62	libssl3 3.5.6-r0 fixed in 3.5.7-r0	0.6% Theoretical Threat	Post-Exploit
CVE-2026-8149	NONE0	org.bouncycastle:bc-fips 2.1.2 No fix yet	0.2% Theoretical Threat	Not Applicable