Vulnerability Reportwazuh/wazuh-manager:4.10.3

wazuh/wazuh-manager:4.10.3

DIGESTsha256:b75d38e797310ee7ae51c31745014585760cc83e991279b233b6afe9a846b25e

Executive Summary

Threat ScoreDANGEROUS• 50 high-severity exposures (CVSS >= 7) with a maximum severity of 9.75.• CVE-2023-44487 (HTTP/2 Rapid Reset) with EPSS 0.99999 enables remote denial-of-service with active exploitation.• CVE-2023-45288 (HTTP/2 CONTINUATION frames) also scores 9.75 and is a network-accessible DoS vector.• CVE-2021-3121 (protobuf, severity 8.6) allows remote code execution or crash via crafted protobuf messages.• Despite being a popular, pinned community image (2M+ pulls, publisher 'wazuh'), the high volume of critical vulnerabilities renders it dangerous for production.

100/100DANGEROUS

ReputationPOPULAR COMMUNITY• High Reputation Community Image (2M+ pulls)• Pinned by digest (Immutable)

RELIABLE

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. Remote attackers can cause denial of service via HTTP/2 Rapid Reset (CVE-2023-44487) or execute arbitrary code via protobuf deserialization (CVE-2021-3121), potentially compromising the entire Wazuh deployment. With 50 high-severity vulnerabilities and a maximum severity of 9.75, the attack surface is unacceptably large.

Vulnerabilities

Vulnerability Log

220 total

CVE ID	Adjusted Severity	Package	Exploit Probability	Risk Context
CVE-2023-44487	CRITICAL9.75	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.17.0	100.0% Actively Exploited	Directly ExposedContext importance: HIGH
CVE-2023-45288	CRITICAL9.75	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.23.0	92.0% Actively Exploited	Directly ExposedContext importance: HIGH
CVE-2023-45288	CRITICAL9.75	stdlib v1.14.12 fixed in 1.21.9, 1.22.2	92.0% Actively Exploited	Directly ExposedContext importance: HIGH
CVE-2021-3121	HIGH8.6	github.com/gogo/protobuf v1.3.1 fixed in 1.3.2	3.5% Low-Moderate Risk	Directly ExposedContext importance: HIGH
CVE-2024-24790	HIGH7.84	stdlib v1.14.12 fixed in 1.21.11, 1.22.4	2.0% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2026-48863	HIGH7.5	libsolv 0.7.22-1.amzn2023.0.3 fixed in 0.7.22-1.amzn2023.0.4	—	Directly Exposed
CVE-2026-24486	HIGH7.5	python-multipart 0.0.20 fixed in 0.0.22	1.8% Low-Moderate Risk	Directly Exposed
CVE-2022-27191	HIGH7.5	golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 fixed in 0.0.0-20220314234659-1baeb1ce4c0b	3.9% Low-Moderate Risk	Directly Exposed
CVE-2022-27664	HIGH7.5	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.0.0-20220906165146-f3363e06e74c	2.4% Low-Moderate Risk	Directly Exposed
CVE-2022-41723	HIGH7.5	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.7.0	4.6% Low-Moderate Risk	Directly Exposed
CVE-2023-39325	HIGH7.5	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.17.0	3.8% Low-Moderate Risk	Directly Exposed
CVE-2022-32149	HIGH7.5	golang.org/x/text v0.3.2 fixed in 0.3.8	1.4% Low-Moderate Risk	Directly Exposed
CVE-2021-39293	HIGH7.5	stdlib v1.14.12 fixed in 1.16.8, 1.17.1	6.9% Low-Moderate Risk	Directly Exposed
CVE-2021-41771	HIGH7.5	stdlib v1.14.12 fixed in 1.16.10, 1.17.3	4.4% Low-Moderate Risk	Directly Exposed
CVE-2021-41772	HIGH7.5	stdlib v1.14.12 fixed in 1.16.10, 1.17.3	3.1% Low-Moderate Risk	Directly Exposed
CVE-2021-44716	HIGH7.5	stdlib v1.14.12 fixed in 1.16.12, 1.17.5	4.0% Low-Moderate Risk	Directly Exposed
CVE-2022-23772	HIGH7.5	stdlib v1.14.12 fixed in 1.16.14, 1.17.7	2.8% Low-Moderate Risk	Directly Exposed
CVE-2022-24675	HIGH7.5	stdlib v1.14.12 fixed in 1.17.9, 1.18.1	5.3% Low-Moderate Risk	Directly Exposed
CVE-2022-24921	HIGH7.5	stdlib v1.14.12 fixed in 1.16.15, 1.17.8	3.2% Low-Moderate Risk	Directly Exposed
CVE-2022-27664	HIGH7.5	stdlib v1.14.12 fixed in 1.18.6, 1.19.1	2.4% Low-Moderate Risk	Directly Exposed
CVE-2022-28131	HIGH7.5	stdlib v1.14.12 fixed in 1.17.12, 1.18.4	1.9% Low-Moderate Risk	Directly Exposed
CVE-2022-28327	HIGH7.5	stdlib v1.14.12 fixed in 1.17.9, 1.18.1	3.9% Low-Moderate Risk	Directly Exposed
CVE-2022-2879	HIGH7.5	stdlib v1.14.12 fixed in 1.18.7, 1.19.2	1.6% Low-Moderate Risk	Directly Exposed
CVE-2022-2880	HIGH7.5	stdlib v1.14.12 fixed in 1.18.7, 1.19.2	1.1% Low-Moderate Risk	Directly Exposed
CVE-2022-29804	HIGH7.5	stdlib v1.14.12 fixed in 1.17.11, 1.18.3	1.9% Low-Moderate Risk	Directly Exposed
CVE-2022-30630	HIGH7.5	stdlib v1.14.12 fixed in 1.17.12, 1.18.4	1.6% Low-Moderate Risk	Directly Exposed
CVE-2022-30631	HIGH7.5	stdlib v1.14.12 fixed in 1.17.12, 1.18.4	1.6% Low-Moderate Risk	Directly Exposed
CVE-2022-30632	HIGH7.5	stdlib v1.14.12 fixed in 1.17.12, 1.18.4	1.6% Low-Moderate Risk	Directly Exposed
CVE-2022-30633	HIGH7.5	stdlib v1.14.12 fixed in 1.17.12, 1.18.4	1.6% Low-Moderate Risk	Directly Exposed
CVE-2022-30634	HIGH7.5	stdlib v1.14.12 fixed in 1.17.11, 1.18.3	1.6% Low-Moderate Risk	Directly Exposed
CVE-2022-30635	HIGH7.5	stdlib v1.14.12 fixed in 1.17.12, 1.18.4	1.4% Low-Moderate Risk	Directly Exposed
CVE-2022-32189	HIGH7.5	stdlib v1.14.12 fixed in 1.17.13, 1.18.5	2.0% Low-Moderate Risk	Directly Exposed
CVE-2022-41715	HIGH7.5	stdlib v1.14.12 fixed in 1.18.7, 1.19.2	1.3% Low-Moderate Risk	Directly Exposed
CVE-2022-41720	HIGH7.5	stdlib v1.14.12 fixed in 1.18.9, 1.19.4	1.2% Low-Moderate Risk	Directly Exposed
CVE-2022-41722	HIGH7.5	stdlib v1.14.12 fixed in 1.19.6, 1.20.1	1.7% Low-Moderate Risk	Directly Exposed
CVE-2022-41723	HIGH7.5	stdlib v1.14.12 fixed in 1.19.6, 1.20.1	4.6% Low-Moderate Risk	Directly Exposed
CVE-2022-41724	HIGH7.5	stdlib v1.14.12 fixed in 1.19.6, 1.20.1	1.1% Low-Moderate Risk	Directly Exposed
CVE-2022-41725	HIGH7.5	stdlib v1.14.12 fixed in 1.19.6, 1.20.1	1.2% Low-Moderate Risk	Directly Exposed
CVE-2023-24534	HIGH7.5	stdlib v1.14.12 fixed in 1.19.8, 1.20.3	1.9% Low-Moderate Risk	Directly Exposed
CVE-2023-24536	HIGH7.5	stdlib v1.14.12 fixed in 1.19.8, 1.20.3	1.5% Low-Moderate Risk	Directly Exposed
CVE-2023-24537	HIGH7.5	stdlib v1.14.12 fixed in 1.19.8, 1.20.3	1.4% Low-Moderate Risk	Directly Exposed
CVE-2023-39325	HIGH7.5	stdlib v1.14.12 fixed in 1.20.10, 1.21.3	3.8% Low-Moderate Risk	Directly Exposed
CVE-2023-45283	HIGH7.5	stdlib v1.14.12 fixed in 1.20.11, 1.21.4, 1.20.12, 1.21.5	2.8% Low-Moderate Risk	Directly Exposed
CVE-2023-45287	HIGH7.5	stdlib v1.14.12 fixed in 1.20.0	1.3% Low-Moderate Risk	Directly Exposed
CVE-2024-34156	HIGH7.5	stdlib v1.14.12 fixed in 1.22.7, 1.23.1	1.1% Low-Moderate Risk	Directly Exposed
CVE-2026-23949	HIGH7.31	jaraco.context 5.3.0 fixed in 6.1.0	0.5% Theoretical Threat	Directly Exposed
CVE-2021-33195	HIGH7.3	stdlib v1.14.12 fixed in 1.15.13, 1.16.5	3.1% Low-Moderate Risk	Directly Exposed
CVE-2023-24539	HIGH7.3	stdlib v1.14.12 fixed in 1.19.9, 1.20.4	1.0% Low-Moderate Risk	Directly Exposed
CVE-2023-29400	HIGH7.3	stdlib v1.14.12 fixed in 1.19.9, 1.20.4	1.0% Low-Moderate Risk	Directly Exposed
CVE-2022-23806	HIGH7.28	stdlib v1.14.12 fixed in 1.16.14, 1.17.7	3.0% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2025-68121	MEDIUM6.8	stdlib v1.14.12 fixed in 1.24.13, 1.25.7, 1.26.0-rc.3	0.8% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2020-8559	MEDIUM6.8	k8s.io/apimachinery v0.18.3 fixed in 0.16.13, 0.17.9, 0.18.7	6.1% Low-Moderate Risk	Directly Exposed
CVE-2026-48864	MEDIUM6.63	libsolv 0.7.22-1.amzn2023.0.3 fixed in 0.7.22-1.amzn2023.0.4	0.2% Theoretical Threat	Directly Exposed
CVE-2024-25621	MEDIUM6.63	github.com/containerd/containerd v1.3.3 fixed in 1.7.29	0.1% Theoretical Threat	Directly Exposed
CVE-2021-41103	MEDIUM6.63	github.com/containerd/containerd v1.3.3 fixed in 1.4.11, 1.5.7	0.5% Theoretical Threat	Directly Exposed
CVE-2023-25173	MEDIUM6.63	github.com/containerd/containerd v1.3.3 fixed in 1.5.18, 1.6.18	0.5% Theoretical Threat	Directly Exposed
CVE-2024-40635	MEDIUM6.63	github.com/containerd/containerd v1.3.3 fixed in 1.7.27, 1.6.38	0.3% Theoretical Threat	Directly Exposed
CVE-2022-30580	MEDIUM6.63	stdlib v1.14.12 fixed in 1.17.11, 1.18.3	0.6% Theoretical Threat	Directly Exposed
CVE-2023-29403	MEDIUM6.63	stdlib v1.14.12 fixed in 1.19.10, 1.20.5	0.4% Theoretical Threat	Directly Exposed
CVE-2022-23471	MEDIUM6.5	github.com/containerd/containerd v1.3.3 fixed in 1.5.16, 1.6.12	1.0% Low-Moderate Risk	Directly Exposed
CVE-2021-3114	MEDIUM6.5	stdlib v1.14.12 fixed in 1.14.14, 1.15.7	2.6% Low-Moderate Risk	Directly Exposed
CVE-2021-34558	MEDIUM6.5	stdlib v1.14.12 fixed in 1.15.14, 1.16.6	7.0% Low-Moderate Risk	Directly Exposed
CVE-2022-1705	MEDIUM6.5	stdlib v1.14.12 fixed in 1.17.12, 1.18.4	1.1% Low-Moderate Risk	Directly Exposed
CVE-2022-32148	MEDIUM6.5	stdlib v1.14.12 fixed in 1.17.12, 1.18.4	1.1% Low-Moderate Risk	Directly Exposed
CVE-2023-29406	MEDIUM6.5	stdlib v1.14.12 fixed in 1.19.11, 1.20.6	1.3% Low-Moderate Risk	Directly Exposed
CVE-2026-32597	MEDIUM6.38	PyJWT 2.10.1 fixed in 2.12.0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-0994	MEDIUM6.38	protobuf 5.29.5 fixed in 6.33.5, 5.29.6	0.4% Theoretical Threat	Directly Exposed
CVE-2026-30922	MEDIUM6.38	pyasn1 0.4.8 fixed in 0.6.3	0.6% Theoretical Threat	Directly Exposed
CVE-2025-62727	MEDIUM6.38	starlette 0.42.0 fixed in 0.49.1	0.6% Theoretical Threat	Directly Exposed
CVE-2025-66418	MEDIUM6.38	urllib3 2.5.0 fixed in 2.6.0	0.5% Theoretical Threat	Directly Exposed
CVE-2025-66471	MEDIUM6.38	urllib3 2.5.0 fixed in 2.6.0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-21441	MEDIUM6.38	urllib3 2.5.0 fixed in 2.6.3	0.5% Theoretical Threat	Directly Exposed
CVE-2025-65637	MEDIUM6.38	github.com/sirupsen/logrus v1.4.2 fixed in 1.8.3, 1.9.1, 1.9.3	0.6% Theoretical Threat	Directly Exposed
CVE-2021-43565	MEDIUM6.38	golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 fixed in 0.0.0-20211202192323-5770296d904e	0.9% Theoretical Threat	Directly Exposed
CVE-2025-22869	MEDIUM6.38	golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 fixed in 0.35.0	0.9% Theoretical Threat	Directly Exposed
CVE-2025-22868	MEDIUM6.38	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d fixed in 0.27.0	0.8% Theoretical Threat	Directly Exposed
CVE-2022-41716	MEDIUM6.38	stdlib v1.14.12 fixed in 1.18.8, 1.19.3	0.8% Theoretical Threat	Directly Exposed
CVE-2025-61726	MEDIUM6.38	stdlib v1.14.12 fixed in 1.24.12, 1.25.6	0.8% Theoretical Threat	Directly Exposed
CVE-2025-61729	MEDIUM6.38	stdlib v1.14.12 fixed in 1.24.11, 1.25.5	0.5% Theoretical Threat	Directly Exposed
CVE-2026-25679	MEDIUM6.38	stdlib v1.14.12 fixed in 1.25.8, 1.26.1	0.5% Theoretical Threat	Directly Exposed
CVE-2026-32280	MEDIUM6.38	stdlib v1.14.12 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Directly Exposed
CVE-2026-32281	MEDIUM6.38	stdlib v1.14.12 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-32283	MEDIUM6.38	stdlib v1.14.12 fixed in 1.25.9, 1.26.2	0.4% Theoretical Threat	Directly Exposed
CVE-2026-33811	MEDIUM6.38	stdlib v1.14.12 fixed in 1.25.10, 1.26.3	0.5% Theoretical Threat	Directly Exposed
CVE-2026-33814	MEDIUM6.38	stdlib v1.14.12 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Directly Exposed
CVE-2026-39820	MEDIUM6.38	stdlib v1.14.12 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-39836	MEDIUM6.38	stdlib v1.14.12 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Directly Exposed
CVE-2025-58183	MEDIUM6.38	stdlib v1.14.12 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Directly Exposed
CVE-2025-61728	MEDIUM6.38	stdlib v1.14.12 fixed in 1.24.12, 1.25.6	0.6% Theoretical Threat	Directly Exposed
CVE-2021-21334	MEDIUM6.3	github.com/containerd/containerd v1.3.3 fixed in 1.4.4, 1.3.10	2.0% Low-Moderate Risk	Directly Exposed
CVE-2021-32760	MEDIUM6.3	github.com/containerd/containerd v1.3.3 fixed in 1.4.8, 1.5.4	1.6% Low-Moderate Risk	Directly Exposed
CVE-2026-48526	MEDIUM6.29	PyJWT 2.10.1 fixed in 2.13.0	0.1% Theoretical Threat	Directly Exposed
CVE-2026-33186	MEDIUM6.18	google.golang.org/grpc v1.29.1 fixed in 1.79.3	0.5% Theoretical Threat	Directly ExposedContext importance: MEDIUM
CVE-2021-38561	MEDIUM6	golang.org/x/text v0.3.2 fixed in 0.3.7	1.4% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2020-14040	MEDIUM6	golang.org/x/text v0.3.2 fixed in 0.3.3	1.9% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2021-27918	MEDIUM6	stdlib v1.14.12 fixed in 1.15.9, 1.16.1	2.5% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2021-33196	MEDIUM6	stdlib v1.14.12 fixed in 1.15.13, 1.16.5	3.5% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2021-33198	MEDIUM6	stdlib v1.14.12 fixed in 1.15.13, 1.16.5	3.4% Low-Moderate Risk	Directly ExposedContext importance: MEDIUM
CVE-2025-47907	MEDIUM5.95	stdlib v1.14.12 fixed in 1.23.12, 1.24.6	0.3% Theoretical Threat	Directly Exposed
CVE-2019-19794	MEDIUM5.9	github.com/miekg/dns v1.1.15 fixed in 1.1.25	2.1% Low-Moderate Risk	Directly Exposed
CVE-2021-31525	MEDIUM5.9	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.0.0-20210428140749-89ef3d95e781	3.7% Low-Moderate Risk	Directly Exposed
CVE-2024-24786	MEDIUM5.9	google.golang.org/protobuf v1.23.0 fixed in 1.33.0	1.3% Low-Moderate Risk	Directly Exposed
CVE-2021-31525	MEDIUM5.9	stdlib v1.14.12 fixed in 1.15.12, 1.16.4	3.7% Low-Moderate Risk	Directly Exposed
CVE-2021-36221	MEDIUM5.9	stdlib v1.14.12 fixed in 1.15.15, 1.16.7	3.1% Low-Moderate Risk	Directly Exposed
CVE-2024-24791	MEDIUM5.9	stdlib v1.14.12 fixed in 1.21.12, 1.22.5	1.4% Low-Moderate Risk	Directly Exposed
CVE-2024-34158	MEDIUM5.9	stdlib v1.14.12 fixed in 1.22.7, 1.23.1	1.0% Low-Moderate Risk	Directly Exposed
CVE-2025-4673	MEDIUM5.78	stdlib v1.14.12 fixed in 1.23.10, 1.24.4	0.6% Theoretical Threat	Directly Exposed
CVE-2026-9149	MEDIUM5.52	libsolv 0.7.22-1.amzn2023.0.3 fixed in 0.7.22-1.amzn2023.0.4	0.3% Theoretical Threat	Directly Exposed
CVE-2026-9150	MEDIUM5.52	libsolv 0.7.22-1.amzn2023.0.3 fixed in 0.7.22-1.amzn2023.0.4	0.4% Theoretical Threat	Directly Exposed
CVE-2026-26007	MEDIUM5.52	cryptography 44.0.1 fixed in 46.0.5	0.2% Theoretical Threat	Directly Exposed
CVE-2026-48710	MEDIUM5.52	starlette 0.42.0 fixed in 1.0.1	0.9% Theoretical Threat	Directly Exposed
CVE-2023-2253	MEDIUM5.52	github.com/docker/distribution v2.7.1+incompatible fixed in 2.8.2-beta.1	0.9% Theoretical Threat	Directly Exposed
CVE-2025-22872	MEDIUM5.52	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.38.0	0.4% Theoretical Threat	Directly Exposed
CVE-2024-24785	MEDIUM5.52	stdlib v1.14.12 fixed in 1.21.8, 1.22.1	0.8% Theoretical Threat	Directly Exposed
CVE-2025-47906	MEDIUM5.52	stdlib v1.14.12 fixed in 1.23.12, 1.24.6	0.5% Theoretical Threat	Directly Exposed
CVE-2025-61727	MEDIUM5.52	stdlib v1.14.12 fixed in 1.24.11, 1.25.5	0.3% Theoretical Threat	Directly Exposed
CVE-2026-32282	MEDIUM5.44	stdlib v1.14.12 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Directly Exposed
CVE-2024-24784	MEDIUM5.4	stdlib v1.14.12 fixed in 1.21.8, 1.22.1	1.0% Low-Moderate Risk	Directly Exposed
CVE-2022-41717	MEDIUM5.3	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.4.0	5.6% Low-Moderate Risk	Directly Exposed
CVE-2022-29526	MEDIUM5.3	golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae fixed in 0.0.0-20220412211240-33da011f77ad	2.1% Low-Moderate Risk	Directly Exposed
CVE-2021-33197	MEDIUM5.3	stdlib v1.14.12 fixed in 1.15.13, 1.16.5	2.3% Low-Moderate Risk	Directly Exposed
CVE-2022-29526	MEDIUM5.3	stdlib v1.14.12 fixed in 1.17.10, 1.18.2	2.1% Low-Moderate Risk	Directly Exposed
CVE-2022-41717	MEDIUM5.3	stdlib v1.14.12 fixed in 1.18.9, 1.19.4	5.6% Low-Moderate Risk	Directly Exposed
CVE-2023-29409	MEDIUM5.3	stdlib v1.14.12 fixed in 1.19.12, 1.20.7, 1.21.0-rc.4	1.3% Low-Moderate Risk	Directly Exposed
CVE-2023-39326	MEDIUM5.3	stdlib v1.14.12 fixed in 1.20.12, 1.21.5	1.2% Low-Moderate Risk	Directly Exposed
CVE-2023-45289	MEDIUM5.3	stdlib v1.14.12 fixed in 1.21.8, 1.22.1	1.1% Low-Moderate Risk	Directly Exposed
CVE-2023-45290	MEDIUM5.3	stdlib v1.14.12 fixed in 1.21.8, 1.22.1	1.2% Low-Moderate Risk	Directly Exposed
CVE-2020-15257	MEDIUM5.2	github.com/containerd/containerd v1.3.3 fixed in 1.3.9, 1.4.3	3.2% Low-Moderate Risk	Directly Exposed
CVE-2026-6019	MEDIUM5.18	python3 3.9.25-1.amzn2023.0.5 fixed in 3.9.25-1.amzn2023.0.6	0.2% Theoretical Threat	Directly Exposed
CVE-2026-6019	MEDIUM5.18	python3-libs 3.9.25-1.amzn2023.0.5 fixed in 3.9.25-1.amzn2023.0.6	0.2% Theoretical Threat	Directly Exposed
CVE-2023-3978	MEDIUM5.18	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.13.0	0.8% Theoretical Threat	Directly Exposed
CVE-2023-39318	MEDIUM5.18	stdlib v1.14.12 fixed in 1.20.8, 1.21.1	0.8% Theoretical Threat	Directly Exposed
CVE-2023-39319	MEDIUM5.18	stdlib v1.14.12 fixed in 1.20.8, 1.21.1	0.8% Theoretical Threat	Directly Exposed
CVE-2026-32289	MEDIUM5.18	stdlib v1.14.12 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-48524	MEDIUM5.02	PyJWT 2.10.1 fixed in 2.13.0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-40347	MEDIUM5.02	python-multipart 0.0.20 fixed in 0.0.26	0.4% Theoretical Threat	Directly Exposed
CVE-2024-24783	MEDIUM5.02	stdlib v1.14.12 fixed in 1.21.8, 1.22.1	0.7% Theoretical Threat	Directly Exposed
CVE-2024-34155	MEDIUM5.02	stdlib v1.14.12 fixed in 1.22.7, 1.23.1	0.8% Theoretical Threat	Directly Exposed
CVE-2024-45336	MEDIUM5.02	stdlib v1.14.12 fixed in 1.22.11, 1.23.5, 1.24.0-rc.2	0.6% Theoretical Threat	Directly Exposed
CVE-2021-44717	MEDIUM4.8	stdlib v1.14.12 fixed in 1.16.12, 1.17.5	1.9% Low-Moderate Risk	Directly Exposed
CVE-2026-25645	MEDIUM4.67	requests 2.32.4 fixed in 2.33.0	0.2% Theoretical Threat	Directly Exposed
CVE-2026-24049	MEDIUM4.67	wheel 0.45.1 fixed in 0.46.2	0.3% Theoretical Threat	Directly Exposed
CVE-2022-31030	MEDIUM4.67	github.com/containerd/containerd v1.3.3 fixed in 1.5.13, 1.6.6	0.4% Theoretical Threat	Directly Exposed
CVE-2023-25153	MEDIUM4.67	github.com/containerd/containerd v1.3.3 fixed in 1.5.18, 1.6.18	0.4% Theoretical Threat	Directly Exposed
CVE-2025-64329	MEDIUM4.67	github.com/containerd/containerd v1.3.3 fixed in 1.7.29	0.1% Theoretical Threat	Directly Exposed
CVE-2020-8565	MEDIUM4.67	k8s.io/client-go v0.18.3 fixed in 0.19.6, 0.20.0-alpha.2, 0.18.14, 0.17.16	0.5% Theoretical Threat	Directly Exposed
CVE-2022-1962	MEDIUM4.67	stdlib v1.14.12 fixed in 1.17.12, 1.18.4	0.9% Theoretical Threat	Directly Exposed
CVE-2024-24789	MEDIUM4.67	stdlib v1.14.12 fixed in 1.21.11, 1.22.4	0.4% Theoretical Threat	Directly Exposed
CVE-2026-32288	MEDIUM4.67	stdlib v1.14.12 fixed in 1.25.9, 1.26.2	0.3% Theoretical Threat	Directly Exposed
CVE-2026-48523	MEDIUM4.59	PyJWT 2.10.1 fixed in 2.13.0	0.1% Theoretical Threat	Directly Exposed
CVE-2025-22871	MEDIUM4.59	stdlib v1.14.12 fixed in 1.23.8, 1.24.2	0.7% Theoretical Threat	Directly Exposed
CVE-2026-27142	MEDIUM4.59	stdlib v1.14.12 fixed in 1.25.8, 1.26.1	0.3% Theoretical Threat	Directly Exposed
CVE-2026-39826	MEDIUM4.59	stdlib v1.14.12 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Directly Exposed
CVE-2026-48525	MEDIUM4.5	PyJWT 2.10.1 fixed in 2.13.0	0.3% Theoretical Threat	Directly Exposed
CVE-2025-66221	MEDIUM4.5	Werkzeug 3.1.3 fixed in 3.1.4	0.5% Theoretical Threat	Directly Exposed
CVE-2026-21860	MEDIUM4.5	Werkzeug 3.1.3 fixed in 3.1.5	0.4% Theoretical Threat	Directly Exposed
CVE-2026-27199	MEDIUM4.5	Werkzeug 3.1.3 fixed in 3.1.6	0.6% Theoretical Threat	Directly Exposed
CVE-2026-34073	MEDIUM4.5	cryptography 44.0.1 fixed in 46.0.6	0.2% Theoretical Threat	Directly Exposed
CVE-2026-45409	MEDIUM4.5	idna 3.7 fixed in 3.15	0.4% Theoretical Threat	Directly Exposed
CVE-2025-54121	MEDIUM4.5	starlette 0.42.0 fixed in 0.47.2	0.5% Theoretical Threat	Directly Exposed
CVE-2026-44431	MEDIUM4.5	urllib3 2.5.0 fixed in 2.7.0	0.3% Theoretical Threat	Directly Exposed
CVE-2025-10543	MEDIUM4.5	github.com/eclipse/paho.mqtt.golang v1.2.1-0.20200121105743-0d940dd29fd2 fixed in 1.5.1	0.2% Theoretical Threat	Directly Exposed
CVE-2025-47914	MEDIUM4.5	golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 fixed in 0.45.0	0.5% Theoretical Threat	Directly Exposed
CVE-2025-58181	MEDIUM4.5	golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 fixed in 0.45.0	0.5% Theoretical Threat	Directly Exposed
CVE-2023-24532	MEDIUM4.5	stdlib v1.14.12 fixed in 1.19.7, 1.20.2	0.8% Theoretical Threat	Directly Exposed
CVE-2023-45284	MEDIUM4.5	stdlib v1.14.12 fixed in 1.20.11, 1.21.4	0.9% Theoretical Threat	Directly Exposed
CVE-2025-22866	MEDIUM4.5	stdlib v1.14.12 fixed in 1.22.12, 1.23.6, 1.24.0-rc.3	0.3% Theoretical Threat	Directly Exposed
CVE-2025-22873	MEDIUM4.5	stdlib v1.14.12 fixed in 1.23.9, 1.24.3	0.2% Theoretical Threat	Directly Exposed
CVE-2025-47912	MEDIUM4.5	stdlib v1.14.12 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Directly Exposed
CVE-2025-58185	MEDIUM4.5	stdlib v1.14.12 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Directly Exposed
CVE-2025-58187	MEDIUM4.5	stdlib v1.14.12 fixed in 1.24.9, 1.25.3	0.4% Theoretical Threat	Directly Exposed
CVE-2025-58188	MEDIUM4.5	stdlib v1.14.12 fixed in 1.24.8, 1.25.2	0.3% Theoretical Threat	Directly Exposed
CVE-2025-58189	MEDIUM4.5	stdlib v1.14.12 fixed in 1.24.8, 1.25.2	0.4% Theoretical Threat	Directly Exposed
CVE-2025-61723	MEDIUM4.5	stdlib v1.14.12 fixed in 1.24.8, 1.25.2	0.6% Theoretical Threat	Directly Exposed
CVE-2025-61724	MEDIUM4.5	stdlib v1.14.12 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Directly Exposed
CVE-2025-61725	MEDIUM4.5	stdlib v1.14.12 fixed in 1.24.8, 1.25.2	0.6% Theoretical Threat	Directly Exposed
CVE-2025-61730	MEDIUM4.5	stdlib v1.14.12 fixed in 1.24.12, 1.25.6	0.3% Theoretical Threat	Directly Exposed
CVE-2025-58186	MEDIUM4.5	stdlib v1.14.12 fixed in 1.24.8, 1.25.2	0.5% Theoretical Threat	Directly Exposed
CVE-2025-22870	LOW3.74	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.36.0	0.4% Theoretical Threat	Directly Exposed
CVE-2025-22870	LOW3.74	stdlib v1.14.12 fixed in 1.23.7, 1.24.1	0.4% Theoretical Threat	Directly Exposed
CVE-2026-48522	LOW3.57	PyJWT 2.10.1 fixed in 2.13.0	0.1% Theoretical Threat	Directly Exposed
CVE-2024-45341	LOW3.57	stdlib v1.14.12 fixed in 1.22.11, 1.23.5, 1.24.0-rc.2	0.4% Theoretical Threat	Directly Exposed
CVE-2023-24538	LOW3.53	stdlib v1.14.12 fixed in 1.19.8, 1.20.3	2.3% Low-Moderate Risk	Post-Exploit
CVE-2023-24540	LOW3.53	stdlib v1.14.12 fixed in 1.19.9, 1.20.4	1.6% Low-Moderate Risk	Post-Exploit
CVE-2022-23648	LOW3.1	github.com/containerd/containerd v1.3.3 fixed in 1.4.13, 1.5.10, 1.6.1	27.4% High Exploitation Risk	Post-Exploit
CVE-2026-6357	LOW2.96	pip 23.3.2 fixed in 26.1	0.1% Theoretical Threat	Post-Exploit
CVE-2024-45337	LOW2.95	golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 fixed in 0.31.0	3.1% Low-Moderate Risk	Post-Exploit
CVE-2023-48795	LOW2.76	golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 fixed in 0.17.0, 0.0.0-20231218163308-9d2ee975ef9f	93.3% Actively Exploited	Post-Exploit
CVE-2020-29652	LOW2.7	golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 fixed in 0.0.0-20201216223049-8b5274cf687f	3.2% Low-Moderate Risk	Post-Exploit
CVE-2021-33194	LOW2.7	golang.org/x/net v0.0.0-20200202094626-16171245cfb2 fixed in 0.0.0-20210520170846-37e1c6afe023	7.5% Low-Moderate Risk	Post-Exploit
CVE-2025-8869	LOW2.7	pip 23.3.2 fixed in 25.3	0.4% Theoretical Threat	Post-Exploit
CVE-2022-30629	LOW2.63	stdlib v1.14.12 fixed in 1.17.11, 1.18.3	0.9% Theoretical Threat	Directly Exposed
CVE-2026-3219	LOW2.55	pip 23.3.2 fixed in 26.1	0.1% Theoretical Threat	Post-Exploit
CVE-2026-27139	LOW2.12	stdlib v1.14.12 fixed in 1.25.8, 1.26.1	0.2% Theoretical Threat	Directly Exposed
CVE-2021-22133	LOW2.04	go.elastic.co/apm v1.8.1-0.20200909061013-2aef45b9cf4b fixed in 1.11.0	0.5% Theoretical Threat	Directly Exposed
CVE-2026-1703	LOW1.99	pip 23.3.2 fixed in 26.0	0.4% Theoretical Threat	Post-Exploit
CVE-2026-21226	NONE0	azure-core 1.30.2 fixed in 1.38.0	0.8% Theoretical Threat	Not Applicable
GHSA-537c-gmf6-5ccf	NONE0	cryptography 44.0.1 fixed in 48.0.1	—	Not Applicable
CVE-2026-42561	NONE0	python-multipart 0.0.20 fixed in 0.0.27	0.3% Theoretical Threat	Not Applicable
CVE-2026-53539	NONE0	python-multipart 0.0.20 fixed in 0.0.30	—	Not Applicable
CVE-2026-53537	NONE0	python-multipart 0.0.20 fixed in 0.0.30	—	Not Applicable
CVE-2026-53538	NONE0	python-multipart 0.0.20 fixed in 0.0.30	—	Not Applicable
CVE-2026-53540	NONE0	python-multipart 0.0.20 fixed in 0.0.31	—	Not Applicable
CVE-2026-48818	NONE0	starlette 0.42.0 fixed in 1.1.0	—	Not Applicable
CVE-2026-54283	NONE0	starlette 0.42.0 fixed in 1.3.1	—	Not Applicable
CVE-2026-48817	NONE0	starlette 0.42.0 fixed in 1.1.0	—	Not Applicable
CVE-2026-54282	NONE0	starlette 0.42.0 fixed in 1.3.0	—	Not Applicable
GHSA-7ww5-4wqc-m92c	NONE0	github.com/containerd/containerd v1.3.3 fixed in 1.6.26, 1.7.11	—	Not Applicable
GHSA-5j5w-g665-5m35	NONE0	github.com/containerd/containerd v1.3.3 fixed in 1.4.12, 1.5.8	—	Not Applicable
GHSA-c9cp-9c75-9v8c	NONE0	github.com/containerd/containerd v1.3.3 fixed in 1.5.11, 1.6.2	—	Not Applicable
GHSA-qq97-vm5h-rrhg	NONE0	github.com/docker/distribution v2.7.1+incompatible fixed in 2.8.0	—	Not Applicable
GHSA-77vh-xpmg-72qh	NONE0	github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6 fixed in 1.0.2	—	Not Applicable
GHSA-m425-mq94-257g	NONE0	google.golang.org/grpc v1.29.1 fixed in 1.56.3, 1.57.1, 1.58.3	—	Not Applicable
CVE-2026-39823	NONE0	stdlib v1.14.12 fixed in 1.25.10, 1.26.3	0.3% Theoretical Threat	Not Applicable
CVE-2026-39825	NONE0	stdlib v1.14.12 fixed in 1.25.10, 1.26.3	0.4% Theoretical Threat	Not Applicable
CVE-2026-42499	NONE0	stdlib v1.14.12 fixed in 1.25.10, 1.26.3	0.6% Theoretical Threat	Not Applicable
CVE-2026-42504	NONE0	stdlib v1.14.12 fixed in 1.25.11, 1.26.4	0.4% Theoretical Threat	Not Applicable
CVE-2025-0913	NONE0	stdlib v1.14.12 fixed in 1.23.10, 1.24.4	0.2% Theoretical Threat	Not Applicable
CVE-2026-27145	NONE0	stdlib v1.14.12 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable
CVE-2026-42507	NONE0	stdlib v1.14.12 fixed in 1.25.11, 1.26.4	0.3% Theoretical Threat	Not Applicable