Vulnerability Reporttomcat:11.0.24-jre25

tomcat:jre25-temurin-nobletomcat:jre25-temurintomcat:jre25tomcat:11.0.24-jre25-temurin-nobletomcat:11.0.24-jre25-temurintomcat:11.0.24-jre25tomcat:11.0-jre25-temurin-nobletomcat:11.0-jre25-temurintomcat:11.0-jre25tomcat:11-jre25-temurin-nobletomcat:11-jre25-temurintomcat:11-jre25
DIGESTsha256:8a42fd4b974e0a65e24268b4636353fabe5651c75da81e255dd52136907a5a75

Executive Summary

Last scanned:

Threat Score
0/100SAFE
Reputation
TRUSTED

This image is safe for production use. The image contains 15 exposed and 16 post-exploit vulnerabilities, but all are low severity with the highest being 5.27 on the exposed surface. Given the low scores and the lack of any exploitable high-severity issues, the risk is minimal and acceptable for deployment.

Vulnerabilities

Vulnerability Log

42 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2026-13757MEDIUM5.27
libp11-kit0
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2024-2236MEDIUM4.72
libgcrypt20
1.10.3-2ubuntu0.1
No fix yet
1.1%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2025-66382MEDIUM4.67
libexpat1
2.6.1-2ubuntu0.4
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.3.dfsg-3.1ubuntu2.1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4437MEDIUM4.42
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4437MEDIUM4.42
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-27456MEDIUM4
libblkid1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4046LOW3.6
libc-bin
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4046LOW3.6
libc6
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-4438LOW3.4
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4438LOW3.4
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-13757LOW3.16
p11-kit
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-8376LOW3
perl-base
5.38.2-3.2ubuntu0.2
fixed in 5.38.2-3.2ubuntu0.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-45582LOW2.86
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.2
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5704LOW2.8
tar
1.35+dfsg-3build1
fixed in 1.35+dfsg-3ubuntu0.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-40228LOW2.8
libsystemd0
255.4-1ubuntu8.16
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42496LOW2.78
perl-base
5.38.2-3.2ubuntu0.2
fixed in 5.38.2-3.2ubuntu0.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-41991LOW2.4
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.39.3-9ubuntu6.5
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-41992LOW2.29
gzip
1.12-1ubuntu3.1
fixed in 1.12-1ubuntu3.2
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc-bin
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-6238LOW1.99
libc6
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
login
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.13+dfsg1-4ubuntu3.2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc-bin
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-5435LOW1.81
libc6
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69720NONE0
libncursesw6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
libtinfo6
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-base
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-bin
6.4+20240113-1ubuntu2
fixed in 6.4+20240113-1ubuntu2.1
0.4%
Theoretical Threat
Not Applicable
CVE-2026-4437NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-6238NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-13757NONE0
p11-kit-modules
0.25.3-4ubuntu2.1
No fix yet
0.1%
Theoretical Threat
Not Applicable
CVE-2026-5435NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-4046NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2026-4438NONE0
locales
2.39-0ubuntu8.7
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2026-40228NONE0
libudev1
255.4-1ubuntu8.16
No fix yet
0.2%
Theoretical Threat
Not Applicable

Want to check another image? Run a full scan with the Docker Security Scanner.