Vulnerability Reporttomcat:11.0.24-jdk21

tomcat:jdk21-temurin-nobletomcat:jdk21-temurintomcat:jdk21tomcat:11.0.24-jdk21-temurin-nobletomcat:11.0.24-jdk21-temurintomcat:11.0.24-jdk21tomcat:11.0-jdk21-temurin-nobletomcat:11.0-jdk21-temurintomcat:11.0-jdk21tomcat:11-jdk21-temurin-nobletomcat:11-jdk21-temurintomcat:11-jdk21
DIGESTsha256:543dd74d992458d558875de8493399a718270b361b16e4ea6750371a13dda077

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This image is safe for production use. While the image contains 63 exposed and 48 post-exploitation vulnerabilities, all are low severity (maximum CVSS 5.5 and 3.3 respectively), meaning they pose negligible practical risk to typical deployments. The image is an official Docker image with a trusted publisher and is pinned by digest, ensuring immutability. No exploitable high-severity findings exist, and the container environment does not introduce additional risk factors.

Vulnerabilities

Vulnerability Log

120 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2017-13716MEDIUM5.5
libbinutils
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libctf0
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libgprofng0
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-13716MEDIUM5.5
libsframe1
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2026-13757MEDIUM5.27
libp11-kit0
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit-modules
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69651MEDIUM4.67
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69651MEDIUM4.67
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69651MEDIUM4.67
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-66382MEDIUM4.67
libexpat1
2.6.1-2ubuntu0.4
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69651MEDIUM4.67
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69651MEDIUM4.67
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.3.dfsg-3.1ubuntu2.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM4.42
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4437MEDIUM4.42
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-27456MEDIUM4
libblkid1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4046LOW3.6
libc-bin
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4046LOW3.6
libc6
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4438LOW3.4
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2017-13716LOW3.3
binutils
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2017-13716LOW3.3
binutils-common
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2017-13716LOW3.3
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2025-1152LOW3.15
libbinutils
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-1152LOW3.15
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-1152LOW3.15
libctf0
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-1152LOW3.15
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-1152LOW3.15
libsframe1
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-45582LOW2.86
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.2
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69651LOW2.8
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69651LOW2.8
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69651LOW2.8
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5704LOW2.8
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69647LOW2.8
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69648LOW2.8
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69652LOW2.8
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69647LOW2.8
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69648LOW2.8
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69652LOW2.8
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69647LOW2.8
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69648LOW2.8
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69652LOW2.8
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69647LOW2.8
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69648LOW2.8
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69652LOW2.8
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69647LOW2.8
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69648LOW2.8
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69652LOW2.8
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libsystemd0
255.4-1ubuntu8.16
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libudev1
255.4-1ubuntu8.16
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-58470LOW2.7
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-10536LOW2.4
curl
8.5.0-2ubuntu10.10
fixed in 8.5.0-2ubuntu10.11
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-41991LOW2.4
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-10536LOW2.4
libcurl4t64
8.5.0-2ubuntu10.10
fixed in 8.5.0-2ubuntu10.11
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69644LOW2.38
libbinutils
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69645LOW2.38
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69646LOW2.38
libbinutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69644LOW2.38
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69645LOW2.38
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69646LOW2.38
libctf-nobfd0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69644LOW2.38
libctf0
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69645LOW2.38
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69646LOW2.38
libctf0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69644LOW2.38
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69645LOW2.38
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69646LOW2.38
libgprofng0
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69644LOW2.38
libsframe1
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69645LOW2.38
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69646LOW2.38
libsframe1
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-41992LOW2.29
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.3%
Theoretical Threat
Post-Exploit
CVE-2021-31879LOW2.2
wget
1.21.4-1ubuntu4.1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-58471LOW2.17
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-58472LOW2.17
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-2236LOW2.12
libgcrypt20
1.10.3-2ubuntu0.1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-6238LOW1.99
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-1152LOW1.89
binutils
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-1152LOW1.89
binutils-common
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-1152LOW1.89
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.6%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
login
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69647LOW1.68
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69648LOW1.68
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69652LOW1.68
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69647LOW1.68
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69648LOW1.68
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69652LOW1.68
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69647LOW1.68
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69648LOW1.68
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69652LOW1.68
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69644LOW1.43
binutils
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69645LOW1.43
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69646LOW1.43
binutils
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69644LOW1.43
binutils-common
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69645LOW1.43
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69646LOW1.43
binutils-common
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69644LOW1.43
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-69645LOW1.43
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69646LOW1.43
binutils-x86-64-linux-gnu
2.42-4ubuntu2.10
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69720NONE0
libncursesw6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
libtinfo6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-base
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-bin
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2026-4437NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-6238NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-5435NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-4046NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2026-4438NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-58055NONE0
libnghttp2-14
1.59.0-1ubuntu0.3
fixed in 1.59.0-1ubuntu0.4
0.2%
Theoretical Threat
Not Applicable
CVE-2026-58469NONE0
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.4%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.