Vulnerability Reporttomcat:11.0.24-jre17

tomcat:jre17-temurin-nobletomcat:jre17-temurintomcat:jre17tomcat:11.0.24-jre17-temurin-nobletomcat:11.0.24-jre17-temurintomcat:11.0.24-jre17tomcat:11.0-jre17-temurin-nobletomcat:11.0-jre17-temurintomcat:11.0-jre17tomcat:11-jre17-temurin-nobletomcat:11-jre17-temurintomcat:11-jre17
DIGESTsha256:c462bd7aa8278b56932c26a45e145f4bd09e8c25cba0e1b40b3aef929f38adbf

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This image is safe for production use. It contains 15 exposed vulnerabilities and 25 post-exploit findings, but all are low severity (maximum CVSS score 5.27 for exposed, 3.0 for post-exploit), posing no practical risk in typical deployment scenarios. The image is official, trusted, and pinned by digest.

Vulnerabilities

Vulnerability Log

50 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-13757MEDIUM5.27
libp11-kit0
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-13757MEDIUM5.27
p11-kit-modules
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-66382MEDIUM4.67
libexpat1
2.6.1-2ubuntu0.4
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.3.dfsg-3.1ubuntu2.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM4.42
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4437MEDIUM4.42
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-27456MEDIUM4
libblkid1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-8376LOW3
perl-base
5.38.2-3.2ubuntu0.2
fixed in 5.38.2-3.2ubuntu0.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-45582LOW2.86
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.2
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5704LOW2.8
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-40228LOW2.8
libsystemd0
255.4-1ubuntu8.16
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42496LOW2.78
perl-base
5.38.2-3.2ubuntu0.2
fixed in 5.38.2-3.2ubuntu0.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-58470LOW2.7
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-10536LOW2.4
curl
8.5.0-2ubuntu10.10
fixed in 8.5.0-2ubuntu10.11
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-41991LOW2.4
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-10536LOW2.4
libcurl4t64
8.5.0-2ubuntu10.10
fixed in 8.5.0-2ubuntu10.11
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-41992LOW2.29
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.3%
Theoretical Threat
Post-Exploit
CVE-2021-31879LOW2.2
wget
1.21.4-1ubuntu4.1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-58471LOW2.17
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-58472LOW2.17
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-2236LOW2.12
libgcrypt20
1.10.3-2ubuntu0.1
No fix yet
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-6238LOW1.99
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
login
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-4046LOW1.62
libc-bin
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-4046LOW1.62
libc6
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69720NONE0
libncursesw6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
libtinfo6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-base
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-bin
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2026-4437NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-6238NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-5435NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-4046NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2026-4438NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-40228NONE0
libudev1
255.4-1ubuntu8.16
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-58055NONE0
libnghttp2-14
1.59.0-1ubuntu0.3
fixed in 1.59.0-1ubuntu0.4
0.2%
Theoretical Threat
Not Applicable
CVE-2026-58469NONE0
wget
1.21.4-1ubuntu4.1
fixed in 1.21.4-1ubuntu4.3
0.4%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.