Vulnerability Reporttomcat:11.0.24-jdk17

tomcat:jdk17-temurin-nobletomcat:jdk17-temurintomcat:jdk17tomcat:11.0.24-jdk17-temurin-nobletomcat:11.0.24-jdk17-temurintomcat:11.0.24-jdk17tomcat:11.0-jdk17-temurin-nobletomcat:11.0-jdk17-temurintomcat:11.0-jdk17tomcat:11-jdk17-temurin-noble
DIGESTsha256:70d853820f77afb833464e337784c68a96bcf089842d6973ef7902036cc43702

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This image is safe for production use. It has 62 vulnerabilities, but none exceed a severity of 5.5 and all are low-risk. The image is officially published and pinned, minimizing supply chain risks. No actionable exploitation paths are identified given the current configuration.

Vulnerabilities

Vulnerability Log

120 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2017-13716MEDIUM5.5
libbinutils
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libctf0
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libgprofng0
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libsframe1
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2026-13757MEDIUM5.27
libp11-kit0
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2024-2236MEDIUM4.72
libgcrypt20
1.10.3-2ubuntu0.1
No fix yet
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2025-69651MEDIUM4.67
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69651MEDIUM4.67
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69651MEDIUM4.67
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-66382MEDIUM4.67
libexpat1
2.6.1-2ubuntu0.4
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69651MEDIUM4.67
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69651MEDIUM4.67
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.3.dfsg-3.1ubuntu2.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM4.42
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4437MEDIUM4.42
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-27456MEDIUM4
libblkid1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69720LOW3.98
ncurses-bin
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-4046LOW3.6
libc-bin
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4046LOW3.6
libc6
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4438LOW3.4
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2017-13716LOW3.3
binutils
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2017-13716LOW3.3
binutils-common
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2017-13716LOW3.3
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2026-13757LOW3.16
p11-kit
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-13757LOW3.16
p11-kit-modules
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-1152LOW3.15
libbinutils
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-1152LOW3.15
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-1152LOW3.15
libctf0
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-1152LOW3.15
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-1152LOW3.15
libsframe1
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-45582LOW2.86
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.2
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69651LOW2.8
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69651LOW2.8
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69651LOW2.8
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5704LOW2.8
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69647LOW2.8
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69648LOW2.8
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69652LOW2.8
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69647LOW2.8
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69648LOW2.8
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69652LOW2.8
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69647LOW2.8
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69648LOW2.8
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69652LOW2.8
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69647LOW2.8
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69648LOW2.8
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69652LOW2.8
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69647LOW2.8
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69648LOW2.8
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69652LOW2.8
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libsystemd0
255.4-1ubuntu8.16
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libudev1
255.4-1ubuntu8.16
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-58470LOW2.7
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-10536LOW2.4
curl
8.5.0-2ubuntu10.10
fixed in 8.5.0-2ubuntu10.11
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-41991LOW2.4
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-10536LOW2.4
libcurl4t64
8.5.0-2ubuntu10.10
fixed in 8.5.0-2ubuntu10.11
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69644LOW2.38
libbinutils
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69645LOW2.38
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69646LOW2.38
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69644LOW2.38
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69645LOW2.38
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69646LOW2.38
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69644LOW2.38
libctf0
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69645LOW2.38
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69646LOW2.38
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69644LOW2.38
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69645LOW2.38
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69646LOW2.38
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69644LOW2.38
libsframe1
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69645LOW2.38
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69646LOW2.38
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-41992LOW2.29
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.3%
Theoretical Threat
Post-Exploit
CVE-2021-31879LOW2.2
wget
1.21.4-1ubuntu4.1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-58471LOW2.17
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-58472LOW2.17
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-1152LOW1.89
binutils
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-1152LOW1.89
binutils-common
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-1152LOW1.89
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
login
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69647LOW1.68
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69648LOW1.68
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69652LOW1.68
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69647LOW1.68
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69648LOW1.68
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69652LOW1.68
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69647LOW1.68
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69648LOW1.68
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69652LOW1.68
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69644LOW1.43
binutils
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69645LOW1.43
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69646LOW1.43
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69644LOW1.43
binutils-common
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69645LOW1.43
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69646LOW1.43
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69644LOW1.43
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69645LOW1.43
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69646LOW1.43
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69720NONE0
libncursesw6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
libtinfo6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-base
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2026-4437NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-6238NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-5435NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-4046NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2026-4438NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-58055NONE0
libnghttp2-14
1.59.0-1ubuntu0.3
fixed in 1.59.0-1ubuntu0.4
0.2%
Theoretical Threat
Not Applicable
CVE-2026-58469NONE0
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.4%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.