Vulnerability Reportwazuh/wazuh-manager:4.14.2

wazuh/wazuh-manager:4.14.2
DIGESTsha256:c5b9d21e82c26494ec48505fdc033cdd79eb76cf5b230de736c7dcbe42f1b01a

Executive Summary

Threat Score
100/100DANGEROUS
Reputation
RELIABLE

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could cause a denial of service by exploiting HTTP/2 rapid reset attacks (CVE-2023-44487) or CONTINUATION frame floods (CVE-2023-45288). Additionally, remote code execution is possible via a stack buffer overflow in OpenSSL's CMS parsing (CVE-2025-15467) if untrusted messages are processed. Note that CVE-2025-15467 is only exploitable if the container parses untrusted CMS messages, which is not a core function of the Wazuh manager, but cannot be ruled out. These vulnerabilities require immediate patching; the image should not be used in production.

Vulnerabilities

Vulnerability Log

329 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2023-44487CRITICAL9.75
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.17.0
100.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2023-45288CRITICAL9.75
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.23.0
92.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2025-15467HIGH8
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.4
48.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2025-15467HIGH8
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.4
48.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-48863HIGH7.5
libsolv
0.7.22-1.amzn2023.0.2
fixed in 0.7.22-1.amzn2023.0.4
Directly Exposed
CVE-2022-27664HIGH7.5
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.0.0-20220906165146-f3363e06e74c
2.4%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2022-41723HIGH7.5
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.7.0
4.6%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2023-39325HIGH7.5
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.17.0
3.8%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2026-23949HIGH7.31
jaraco.context
5.3.0
fixed in 6.1.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2021-3121MEDIUM6.88
github.com/gogo/protobuf
v1.3.1
fixed in 1.3.2
3.5%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2026-28387MEDIUM6.88
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-28387MEDIUM6.88
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-6100MEDIUM6.88
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-6100MEDIUM6.88
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-68121MEDIUM6.8
libcap
2.73-1.amzn2023.0.5
fixed in 2.73-1.amzn2023.0.6
0.8%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2020-8559MEDIUM6.8
k8s.io/apimachinery
v0.18.3
fixed in 0.16.13, 0.17.9, 0.18.7
6.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-25210MEDIUM6.63
expat
2.6.3-1.amzn2023.0.3
fixed in 2.6.3-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-48864MEDIUM6.63
libsolv
0.7.22-1.amzn2023.0.2
fixed in 0.7.22-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-25621MEDIUM6.63
github.com/containerd/containerd
v1.3.3
fixed in 1.7.29
0.1%
Theoretical Threat
Directly Exposed
CVE-2021-41103MEDIUM6.63
github.com/containerd/containerd
v1.3.3
fixed in 1.4.11, 1.5.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-25173MEDIUM6.63
github.com/containerd/containerd
v1.3.3
fixed in 1.5.18, 1.6.18
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-40635MEDIUM6.63
github.com/containerd/containerd
v1.3.3
fixed in 1.7.27, 1.6.38
0.3%
Theoretical Threat
Directly Exposed
CVE-2022-23471MEDIUM6.5
github.com/containerd/containerd
v1.3.3
fixed in 1.5.16, 1.6.12
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-61726MEDIUM6.38
libcap
2.73-1.amzn2023.0.5
fixed in 2.73-1.amzn2023.0.6
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-61728MEDIUM6.38
libcap
2.73-1.amzn2023.0.5
fixed in 2.73-1.amzn2023.0.6
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33811MEDIUM6.38
libcap
2.73-1.amzn2023.0.5
fixed in 2.73-1.amzn2023.0.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-33814MEDIUM6.38
libcap
2.73-1.amzn2023.0.5
fixed in 2.73-1.amzn2023.0.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-39820MEDIUM6.38
libcap
2.73-1.amzn2023.0.5
fixed in 2.73-1.amzn2023.0.7
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-41989MEDIUM6.38
libgcrypt
1.10.2-1.amzn2023.0.2
fixed in 1.10.2-1.amzn2023.0.3
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-27135MEDIUM6.38
libnghttp2
1.59.0-3.amzn2023.0.1
fixed in 1.59.0-3.amzn2023.0.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-69421MEDIUM6.38
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-69421MEDIUM6.38
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-3644MEDIUM6.38
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4224MEDIUM6.38
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-3644MEDIUM6.38
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4224MEDIUM6.38
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-21441MEDIUM6.38
python3-pip-wheel
21.3.1-2.amzn2023.0.15
fixed in 21.3.1-2.amzn2023.0.16
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-32597MEDIUM6.38
PyJWT
2.10.1
fixed in 2.12.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-0994MEDIUM6.38
protobuf
5.29.5
fixed in 6.33.5, 5.29.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-30922MEDIUM6.38
pyasn1
0.4.8
fixed in 0.6.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-66418MEDIUM6.38
urllib3
2.5.0
fixed in 2.6.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-66471MEDIUM6.38
urllib3
2.5.0
fixed in 2.6.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-21441MEDIUM6.38
urllib3
2.5.0
fixed in 2.6.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-65637MEDIUM6.38
github.com/sirupsen/logrus
v1.4.2
fixed in 1.8.3, 1.9.1, 1.9.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2021-43565MEDIUM6.38
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.0.0-20211202192323-5770296d904e
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-22869MEDIUM6.38
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.35.0
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-22868MEDIUM6.38
golang.org/x/oauth2
v0.0.0-20200107190931-bf48bf16ab8d
fixed in 0.27.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2021-21334MEDIUM6.3
github.com/containerd/containerd
v1.3.3
fixed in 1.4.4, 1.3.10
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-32760MEDIUM6.3
github.com/containerd/containerd
v1.3.3
fixed in 1.4.8, 1.5.4
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2025-69419MEDIUM6.29
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-48526MEDIUM6.29
PyJWT
2.10.1
fixed in 2.13.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-33186MEDIUM6.18
google.golang.org/grpc
v1.29.1
fixed in 1.79.3
0.5%
Theoretical Threat
Directly ExposedContext importance: MEDIUM
CVE-2026-1299MEDIUM6.03
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4786MEDIUM6.03
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-1299MEDIUM6.03
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4786MEDIUM6.03
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-24486MEDIUM6
python-multipart
0.0.20
fixed in 0.0.22
1.8%
Low-Moderate Risk
Directly ExposedContext importance: MEDIUM
CVE-2025-13151MEDIUM5.9
libtasn1
4.19.0-1.amzn2023.0.5
fixed in 4.19.0-1.amzn2023.0.6
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2019-19794MEDIUM5.9
github.com/miekg/dns
v1.1.15
fixed in 1.1.25
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-31525MEDIUM5.9
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.0.0-20210428140749-89ef3d95e781
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-24786MEDIUM5.9
google.golang.org/protobuf
v1.23.0
fixed in 1.33.0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-9149MEDIUM5.52
libsolv
0.7.22-1.amzn2023.0.2
fixed in 0.7.22-1.amzn2023.0.4
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-9150MEDIUM5.52
libsolv
0.7.22-1.amzn2023.0.2
fixed in 0.7.22-1.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-2673MEDIUM5.52
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-26007MEDIUM5.52
cryptography
44.0.1
fixed in 46.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-48710MEDIUM5.52
starlette
0.49.1
fixed in 1.0.1
0.9%
Theoretical Threat
Directly Exposed
CVE-2023-2253MEDIUM5.52
github.com/docker/distribution
v2.7.1+incompatible
fixed in 2.8.2-beta.1
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-22872MEDIUM5.52
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.38.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-15467MEDIUM5.41
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.4
48.7%
High Exploitation Risk
Post-ExploitContext importance: MEDIUM
CVE-2022-41717MEDIUM5.3
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.4.0
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-29526MEDIUM5.3
golang.org/x/sys
v0.0.0-20200625212154-ddb9806d33ae
fixed in 0.0.0-20220412211240-33da011f77ad
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2026-1757MEDIUM5.27
libxml2
2.10.4-1.amzn2023.0.15
fixed in 2.10.4-1.amzn2023.0.18
0.2%
Theoretical Threat
Directly Exposed
CVE-2020-15257MEDIUM5.2
github.com/containerd/containerd
v1.3.3
fixed in 1.3.9, 1.4.3
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-6019MEDIUM5.18
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-6019MEDIUM5.18
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-3978MEDIUM5.18
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.13.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-40355MEDIUM5.02
krb5-libs
1.21.3-6.amzn2023.0.1
fixed in 1.21.3-7.amzn2023.0.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40356MEDIUM5.02
krb5-libs
1.21.3-6.amzn2023.0.1
fixed in 1.21.3-7.amzn2023.0.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-0990MEDIUM5.02
libxml2
2.10.4-1.amzn2023.0.15
fixed in 2.10.4-1.amzn2023.0.16
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-15468MEDIUM5.02
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-66199MEDIUM5.02
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-31790MEDIUM5.02
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-48524MEDIUM5.02
PyJWT
2.10.1
fixed in 2.13.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-40347MEDIUM5.02
python-multipart
0.0.20
fixed in 0.0.26
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-6357MEDIUM4.93
python3-pip-wheel
21.3.1-2.amzn2023.0.15
fixed in 21.3.1-2.amzn2023.0.19
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-25645MEDIUM4.67
requests
2.32.4
fixed in 2.33.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-24049MEDIUM4.67
wheel
0.45.1
fixed in 0.46.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2022-31030MEDIUM4.67
github.com/containerd/containerd
v1.3.3
fixed in 1.5.13, 1.6.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-25153MEDIUM4.67
github.com/containerd/containerd
v1.3.3
fixed in 1.5.18, 1.6.18
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-64329MEDIUM4.67
github.com/containerd/containerd
v1.3.3
fixed in 1.7.29
0.1%
Theoretical Threat
Directly Exposed
CVE-2020-8565MEDIUM4.67
k8s.io/client-go
v0.18.3
fixed in 0.19.6, 0.20.0-alpha.2, 0.18.14, 0.17.16
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27142MEDIUM4.59
libcap
2.73-1.amzn2023.0.5
fixed in 2.73-1.amzn2023.0.7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-48523MEDIUM4.59
PyJWT
2.10.1
fixed in 2.13.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc
2.34-231.amzn2023.0.1
fixed in 2.34-231.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc-common
2.34-231.amzn2023.0.1
fixed in 2.34-231.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
glibc-minimal-langpack
2.34-231.amzn2023.0.1
fixed in 2.34-231.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-61730MEDIUM4.5
libcap
2.73-1.amzn2023.0.5
fixed in 2.73-1.amzn2023.0.6
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-48525MEDIUM4.5
PyJWT
2.10.1
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-66221MEDIUM4.5
Werkzeug
3.1.3
fixed in 3.1.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-21860MEDIUM4.5
Werkzeug
3.1.3
fixed in 3.1.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-27199MEDIUM4.5
Werkzeug
3.1.3
fixed in 3.1.6
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-34073MEDIUM4.5
cryptography
44.0.1
fixed in 46.0.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45409MEDIUM4.5
idna
3.7
fixed in 3.15
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-44431MEDIUM4.5
urllib3
2.5.0
fixed in 2.7.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-10543MEDIUM4.5
github.com/eclipse/paho.mqtt.golang
v1.2.1-0.20200121105743-0d940dd29fd2
fixed in 1.5.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-47914MEDIUM4.5
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.45.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-58181MEDIUM4.5
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.45.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-15282MEDIUM4.08
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-0672MEDIUM4.08
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-15282MEDIUM4.08
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-0672MEDIUM4.08
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-24882LOW3.98
gnupg2-minimal
2.3.7-1.amzn2023.0.6
fixed in 2.3.7-1.amzn2023.0.7
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-11468LOW3.82
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-0865LOW3.82
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-11468LOW3.82
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-0865LOW3.82
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-22870LOW3.74
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.36.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-48522LOW3.57
PyJWT
2.10.1
fixed in 2.13.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-14819LOW3.47
curl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-13034LOW3.47
libcurl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-14819LOW3.47
libcurl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-69418LOW3.4
openssl-fips-provider-latest
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
openssl-libs
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-14524LOW3.31
curl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-14524LOW3.31
libcurl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-2673LOW3.31
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-1703LOW3.31
python3-pip-wheel
21.3.1-2.amzn2023.0.15
fixed in 21.3.1-2.amzn2023.0.17
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3805LOW3.21
curl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.3
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-3805LOW3.21
libcurl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.3
0.7%
Theoretical Threat
Post-Exploit
CVE-2026-0989LOW3.15
libxml2
2.10.4-1.amzn2023.0.15
fixed in 2.10.4-1.amzn2023.0.17
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-23648LOW3.1
github.com/containerd/containerd
v1.3.3
fixed in 1.4.13, 1.5.10, 1.6.1
27.4%
High Exploitation Risk
Post-Exploit
CVE-2025-15468LOW3.01
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.7%
Theoretical Threat
Post-Exploit
CVE-2025-66199LOW3.01
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-69420LOW3.01
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-22796LOW3.01
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-31790LOW3.01
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
1.0%
Theoretical Threat
Post-Exploit
CVE-2026-6357LOW2.96
pip
23.3.2
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-45337LOW2.95
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.31.0
3.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-22795LOW2.8
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-4519LOW2.8
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-2297LOW2.8
python3
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-4519LOW2.8
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-2297LOW2.8
python3-libs
3.9.25-1.amzn2023.0.3
fixed in 3.9.25-1.amzn2023.0.4
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-48795LOW2.76
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.17.0, 0.0.0-20231218163308-9d2ee975ef9f
93.3%
Actively Exploited
Post-Exploit
CVE-2020-29652LOW2.7
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.0.0-20201216223049-8b5274cf687f
3.2%
Low-Moderate Risk
Post-Exploit
CVE-2022-27191LOW2.7
golang.org/x/crypto
v0.0.0-20200510223506-06a226fb4e37
fixed in 0.0.0-20220314234659-1baeb1ce4c0b
3.9%
Low-Moderate Risk
Post-Exploit
CVE-2021-33194LOW2.7
golang.org/x/net
v0.0.0-20200202094626-16171245cfb2
fixed in 0.0.0-20210520170846-37e1c6afe023
7.5%
Low-Moderate Risk
Post-Exploit
CVE-2021-38561LOW2.7
golang.org/x/text
v0.3.2
fixed in 0.3.7
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2022-32149LOW2.7
golang.org/x/text
v0.3.2
fixed in 0.3.8
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2020-14040LOW2.7
golang.org/x/text
v0.3.2
fixed in 0.3.3
1.9%
Low-Moderate Risk
Post-Exploit
CVE-2025-8869LOW2.7
pip
23.3.2
fixed in 25.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3219LOW2.55
pip
23.3.2
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-15079LOW2.48
curl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-15079LOW2.48
libcurl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-28387LOW2.48
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-0992LOW2.46
libxml2
2.10.4-1.amzn2023.0.15
fixed in 2.10.4-1.amzn2023.0.16
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-14017LOW2.45
curl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-14017LOW2.45
libcurl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-15224LOW2.4
curl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-15224LOW2.4
libcurl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-68160LOW2.4
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW2.29
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW2.29
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW2.29
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW2.29
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.5.5-1.amzn2023.0.4
0.8%
Theoretical Threat
Post-Exploit
CVE-2025-69419LOW2.26
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-13034LOW2.08
curl-minimal
8.15.0-4.amzn2023.0.1
fixed in 8.17.0-1.amzn2023.0.1
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-69418LOW2.04
openssl
1:3.2.2-1.amzn2023.0.3
fixed in 1:3.2.2-1.amzn2023.0.5
0.1%
Theoretical Threat
Post-Exploit
CVE-2021-22133LOW2.04
go.elastic.co/apm
v1.8.1-0.20200909061013-2aef45b9cf4b
fixed in 1.11.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-1703LOW1.99
pip
23.3.2
fixed in 26.0
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-68121NONE0
stdlib
v1.14.12
fixed in 1.24.13, 1.25.7, 1.26.0-rc.3
0.8%
Theoretical Threat
Not Applicable
CVE-2023-24538NONE0
stdlib
v1.14.12
fixed in 1.19.8, 1.20.3
2.3%
Low-Moderate Risk
Not Applicable
CVE-2023-24540NONE0
stdlib
v1.14.12
fixed in 1.19.9, 1.20.4
1.6%
Low-Moderate Risk
Not Applicable
CVE-2024-24790NONE0
stdlib
v1.14.12
fixed in 1.21.11, 1.22.4
2.0%
Low-Moderate Risk
Not Applicable
CVE-2022-23806NONE0
stdlib
v1.14.12
fixed in 1.16.14, 1.17.7
3.0%
Low-Moderate Risk
Not Applicable
CVE-2022-30580NONE0
stdlib
v1.14.12
fixed in 1.17.11, 1.18.3
0.6%
Theoretical Threat
Not Applicable
CVE-2023-29403NONE0
stdlib
v1.14.12
fixed in 1.19.10, 1.20.5
0.4%
Theoretical Threat
Not Applicable
CVE-2021-27918NONE0
stdlib
v1.14.12
fixed in 1.15.9, 1.16.1
2.5%
Low-Moderate Risk
Not Applicable
CVE-2021-33196NONE0
stdlib
v1.14.12
fixed in 1.15.13, 1.16.5
3.5%
Low-Moderate Risk
Not Applicable
CVE-2021-33198NONE0
stdlib
v1.14.12
fixed in 1.15.13, 1.16.5
3.4%
Low-Moderate Risk
Not Applicable
CVE-2021-39293NONE0
stdlib
v1.14.12
fixed in 1.16.8, 1.17.1
6.9%
Low-Moderate Risk
Not Applicable
CVE-2021-41771NONE0
stdlib
v1.14.12
fixed in 1.16.10, 1.17.3
4.4%
Low-Moderate Risk
Not Applicable
CVE-2021-41772NONE0
stdlib
v1.14.12
fixed in 1.16.10, 1.17.3
3.1%
Low-Moderate Risk
Not Applicable
CVE-2021-44716NONE0
stdlib
v1.14.12
fixed in 1.16.12, 1.17.5
4.0%
Low-Moderate Risk
Not Applicable
CVE-2022-23772NONE0
stdlib
v1.14.12
fixed in 1.16.14, 1.17.7
2.8%
Low-Moderate Risk
Not Applicable
CVE-2022-24675NONE0
stdlib
v1.14.12
fixed in 1.17.9, 1.18.1
5.3%
Low-Moderate Risk
Not Applicable
CVE-2022-24921NONE0
stdlib
v1.14.12
fixed in 1.16.15, 1.17.8
3.2%
Low-Moderate Risk
Not Applicable
CVE-2022-27664NONE0
stdlib
v1.14.12
fixed in 1.18.6, 1.19.1
2.4%
Low-Moderate Risk
Not Applicable
CVE-2022-28131NONE0
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.9%
Low-Moderate Risk
Not Applicable
CVE-2022-28327NONE0
stdlib
v1.14.12
fixed in 1.17.9, 1.18.1
3.9%
Low-Moderate Risk
Not Applicable
CVE-2022-2879NONE0
stdlib
v1.14.12
fixed in 1.18.7, 1.19.2
1.6%
Low-Moderate Risk
Not Applicable
CVE-2022-2880NONE0
stdlib
v1.14.12
fixed in 1.18.7, 1.19.2
1.1%
Low-Moderate Risk
Not Applicable
CVE-2022-29804NONE0
stdlib
v1.14.12
fixed in 1.17.11, 1.18.3
1.9%
Low-Moderate Risk
Not Applicable
CVE-2022-30630NONE0
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.6%
Low-Moderate Risk
Not Applicable
CVE-2022-30631NONE0
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.6%
Low-Moderate Risk
Not Applicable
CVE-2022-30632NONE0
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.6%
Low-Moderate Risk
Not Applicable
CVE-2022-30633NONE0
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.6%
Low-Moderate Risk
Not Applicable
CVE-2022-30634NONE0
stdlib
v1.14.12
fixed in 1.17.11, 1.18.3
1.6%
Low-Moderate Risk
Not Applicable
CVE-2022-30635NONE0
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.4%
Low-Moderate Risk
Not Applicable
CVE-2022-32189NONE0
stdlib
v1.14.12
fixed in 1.17.13, 1.18.5
2.0%
Low-Moderate Risk
Not Applicable
CVE-2022-41715NONE0
stdlib
v1.14.12
fixed in 1.18.7, 1.19.2
1.3%
Low-Moderate Risk
Not Applicable
CVE-2022-41716NONE0
stdlib
v1.14.12
fixed in 1.18.8, 1.19.3
0.8%
Theoretical Threat
Not Applicable
CVE-2022-41720NONE0
stdlib
v1.14.12
fixed in 1.18.9, 1.19.4
1.2%
Low-Moderate Risk
Not Applicable
CVE-2022-41722NONE0
stdlib
v1.14.12
fixed in 1.19.6, 1.20.1
1.7%
Low-Moderate Risk
Not Applicable
CVE-2022-41723NONE0
stdlib
v1.14.12
fixed in 1.19.6, 1.20.1
4.6%
Low-Moderate Risk
Not Applicable
CVE-2022-41724NONE0
stdlib
v1.14.12
fixed in 1.19.6, 1.20.1
1.1%
Low-Moderate Risk
Not Applicable
CVE-2022-41725NONE0
stdlib
v1.14.12
fixed in 1.19.6, 1.20.1
1.2%
Low-Moderate Risk
Not Applicable
CVE-2023-24534NONE0
stdlib
v1.14.12
fixed in 1.19.8, 1.20.3
1.9%
Low-Moderate Risk
Not Applicable
CVE-2023-24536NONE0
stdlib
v1.14.12
fixed in 1.19.8, 1.20.3
1.5%
Low-Moderate Risk
Not Applicable
CVE-2023-24537NONE0
stdlib
v1.14.12
fixed in 1.19.8, 1.20.3
1.4%
Low-Moderate Risk
Not Applicable
CVE-2023-39325NONE0
stdlib
v1.14.12
fixed in 1.20.10, 1.21.3
3.8%
Low-Moderate Risk
Not Applicable
CVE-2023-45283NONE0
stdlib
v1.14.12
fixed in 1.20.11, 1.21.4, 1.20.12, 1.21.5
2.8%
Low-Moderate Risk
Not Applicable
CVE-2023-45287NONE0
stdlib
v1.14.12
fixed in 1.20.0
1.3%
Low-Moderate Risk
Not Applicable
CVE-2023-45288NONE0
stdlib
v1.14.12
fixed in 1.21.9, 1.22.2
92.0%
Actively Exploited
Not Applicable
CVE-2024-34156NONE0
stdlib
v1.14.12
fixed in 1.22.7, 1.23.1
1.1%
Low-Moderate Risk
Not Applicable
CVE-2025-61726NONE0
stdlib
v1.14.12
fixed in 1.24.12, 1.25.6
0.8%
Theoretical Threat
Not Applicable
CVE-2025-61729NONE0
stdlib
v1.14.12
fixed in 1.24.11, 1.25.5
0.5%
Theoretical Threat
Not Applicable
CVE-2026-25679NONE0
stdlib
v1.14.12
fixed in 1.25.8, 1.26.1
0.5%
Theoretical Threat
Not Applicable
CVE-2026-32280NONE0
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-32281NONE0
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32283NONE0
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.4%
Theoretical Threat
Not Applicable
CVE-2026-33811NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.5%
Theoretical Threat
Not Applicable
CVE-2026-33814NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2026-39820NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2026-39836NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2025-58183NONE0
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-61728NONE0
stdlib
v1.14.12
fixed in 1.24.12, 1.25.6
0.6%
Theoretical Threat
Not Applicable
CVE-2021-33195NONE0
stdlib
v1.14.12
fixed in 1.15.13, 1.16.5
3.1%
Low-Moderate Risk
Not Applicable
CVE-2023-24539NONE0
stdlib
v1.14.12
fixed in 1.19.9, 1.20.4
1.0%
Low-Moderate Risk
Not Applicable
CVE-2023-29400NONE0
stdlib
v1.14.12
fixed in 1.19.9, 1.20.4
1.0%
Low-Moderate Risk
Not Applicable
CVE-2025-47907NONE0
stdlib
v1.14.12
fixed in 1.23.12, 1.24.6
0.3%
Theoretical Threat
Not Applicable
CVE-2025-4673NONE0
stdlib
v1.14.12
fixed in 1.23.10, 1.24.4
0.6%
Theoretical Threat
Not Applicable
CVE-2021-3114NONE0
stdlib
v1.14.12
fixed in 1.14.14, 1.15.7
2.6%
Low-Moderate Risk
Not Applicable
CVE-2021-34558NONE0
stdlib
v1.14.12
fixed in 1.15.14, 1.16.6
7.0%
Low-Moderate Risk
Not Applicable
CVE-2022-1705NONE0
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.1%
Low-Moderate Risk
Not Applicable
CVE-2022-32148NONE0
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
1.1%
Low-Moderate Risk
Not Applicable
CVE-2023-29406NONE0
stdlib
v1.14.12
fixed in 1.19.11, 1.20.6
1.3%
Low-Moderate Risk
Not Applicable
CVE-2024-24785NONE0
stdlib
v1.14.12
fixed in 1.21.8, 1.22.1
0.8%
Theoretical Threat
Not Applicable
CVE-2025-47906NONE0
stdlib
v1.14.12
fixed in 1.23.12, 1.24.6
0.5%
Theoretical Threat
Not Applicable
CVE-2025-61727NONE0
stdlib
v1.14.12
fixed in 1.24.11, 1.25.5
0.3%
Theoretical Threat
Not Applicable
CVE-2026-32282NONE0
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2023-39318NONE0
stdlib
v1.14.12
fixed in 1.20.8, 1.21.1
0.8%
Theoretical Threat
Not Applicable
CVE-2023-39319NONE0
stdlib
v1.14.12
fixed in 1.20.8, 1.21.1
0.8%
Theoretical Threat
Not Applicable
CVE-2026-32289NONE0
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2021-31525NONE0
stdlib
v1.14.12
fixed in 1.15.12, 1.16.4
3.7%
Low-Moderate Risk
Not Applicable
CVE-2021-36221NONE0
stdlib
v1.14.12
fixed in 1.15.15, 1.16.7
3.1%
Low-Moderate Risk
Not Applicable
CVE-2024-24783NONE0
stdlib
v1.14.12
fixed in 1.21.8, 1.22.1
0.7%
Theoretical Threat
Not Applicable
CVE-2024-24791NONE0
stdlib
v1.14.12
fixed in 1.21.12, 1.22.5
1.4%
Low-Moderate Risk
Not Applicable
CVE-2024-34155NONE0
stdlib
v1.14.12
fixed in 1.22.7, 1.23.1
0.8%
Theoretical Threat
Not Applicable
CVE-2024-34158NONE0
stdlib
v1.14.12
fixed in 1.22.7, 1.23.1
1.0%
Low-Moderate Risk
Not Applicable
CVE-2024-45336NONE0
stdlib
v1.14.12
fixed in 1.22.11, 1.23.5, 1.24.0-rc.2
0.6%
Theoretical Threat
Not Applicable
CVE-2022-1962NONE0
stdlib
v1.14.12
fixed in 1.17.12, 1.18.4
0.9%
Theoretical Threat
Not Applicable
CVE-2024-24789NONE0
stdlib
v1.14.12
fixed in 1.21.11, 1.22.4
0.4%
Theoretical Threat
Not Applicable
CVE-2026-32288NONE0
stdlib
v1.14.12
fixed in 1.25.9, 1.26.2
0.3%
Theoretical Threat
Not Applicable
CVE-2024-24784NONE0
stdlib
v1.14.12
fixed in 1.21.8, 1.22.1
1.0%
Low-Moderate Risk
Not Applicable
CVE-2025-22871NONE0
stdlib
v1.14.12
fixed in 1.23.8, 1.24.2
0.7%
Theoretical Threat
Not Applicable
CVE-2026-27142NONE0
stdlib
v1.14.12
fixed in 1.25.8, 1.26.1
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39826NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2021-33197NONE0
stdlib
v1.14.12
fixed in 1.15.13, 1.16.5
2.3%
Low-Moderate Risk
Not Applicable
CVE-2022-29526NONE0
stdlib
v1.14.12
fixed in 1.17.10, 1.18.2
2.1%
Low-Moderate Risk
Not Applicable
CVE-2022-41717NONE0
stdlib
v1.14.12
fixed in 1.18.9, 1.19.4
5.6%
Low-Moderate Risk
Not Applicable
CVE-2023-24532NONE0
stdlib
v1.14.12
fixed in 1.19.7, 1.20.2
0.8%
Theoretical Threat
Not Applicable
CVE-2023-29409NONE0
stdlib
v1.14.12
fixed in 1.19.12, 1.20.7, 1.21.0-rc.4
1.3%
Low-Moderate Risk
Not Applicable
CVE-2023-39326NONE0
stdlib
v1.14.12
fixed in 1.20.12, 1.21.5
1.2%
Low-Moderate Risk
Not Applicable
CVE-2023-45284NONE0
stdlib
v1.14.12
fixed in 1.20.11, 1.21.4
0.9%
Theoretical Threat
Not Applicable
CVE-2023-45289NONE0
stdlib
v1.14.12
fixed in 1.21.8, 1.22.1
1.1%
Low-Moderate Risk
Not Applicable
CVE-2023-45290NONE0
stdlib
v1.14.12
fixed in 1.21.8, 1.22.1
1.2%
Low-Moderate Risk
Not Applicable
CVE-2025-22866NONE0
stdlib
v1.14.12
fixed in 1.22.12, 1.23.6, 1.24.0-rc.3
0.3%
Theoretical Threat
Not Applicable
CVE-2025-22873NONE0
stdlib
v1.14.12
fixed in 1.23.9, 1.24.3
0.2%
Theoretical Threat
Not Applicable
CVE-2025-47912NONE0
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58185NONE0
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2025-58187NONE0
stdlib
v1.14.12
fixed in 1.24.9, 1.25.3
0.4%
Theoretical Threat
Not Applicable
CVE-2025-58188NONE0
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.3%
Theoretical Threat
Not Applicable
CVE-2025-58189NONE0
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-61723NONE0
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61724NONE0
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2025-61725NONE0
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.6%
Theoretical Threat
Not Applicable
CVE-2025-61730NONE0
stdlib
v1.14.12
fixed in 1.24.12, 1.25.6
0.3%
Theoretical Threat
Not Applicable
CVE-2025-58186NONE0
stdlib
v1.14.12
fixed in 1.24.8, 1.25.2
0.5%
Theoretical Threat
Not Applicable
CVE-2021-44717NONE0
stdlib
v1.14.12
fixed in 1.16.12, 1.17.5
1.9%
Low-Moderate Risk
Not Applicable
CVE-2025-22870NONE0
stdlib
v1.14.12
fixed in 1.23.7, 1.24.1
0.4%
Theoretical Threat
Not Applicable
CVE-2024-45341NONE0
stdlib
v1.14.12
fixed in 1.22.11, 1.23.5, 1.24.0-rc.2
0.4%
Theoretical Threat
Not Applicable
CVE-2022-30629NONE0
stdlib
v1.14.12
fixed in 1.17.11, 1.18.3
0.9%
Theoretical Threat
Not Applicable
CVE-2026-27139NONE0
stdlib
v1.14.12
fixed in 1.25.8, 1.26.1
0.2%
Theoretical Threat
Not Applicable
CVE-2026-39823NONE0
libcap
2.73-1.amzn2023.0.5
fixed in 2.73-1.amzn2023.0.7
0.3%
Theoretical Threat
Not Applicable
CVE-2026-42499NONE0
libcap
2.73-1.amzn2023.0.5
fixed in 2.73-1.amzn2023.0.7
0.6%
Theoretical Threat
Not Applicable
CVE-2026-21226NONE0
azure-core
1.30.2
fixed in 1.38.0
0.8%
Theoretical Threat
Not Applicable
GHSA-537c-gmf6-5ccfNONE0
cryptography
44.0.1
fixed in 48.0.1
Not Applicable
CVE-2026-42561NONE0
python-multipart
0.0.20
fixed in 0.0.27
0.3%
Theoretical Threat
Not Applicable
CVE-2026-53539NONE0
python-multipart
0.0.20
fixed in 0.0.30
Not Applicable
CVE-2026-53537NONE0
python-multipart
0.0.20
fixed in 0.0.30
Not Applicable
CVE-2026-53538NONE0
python-multipart
0.0.20
fixed in 0.0.30
Not Applicable
CVE-2026-53540NONE0
python-multipart
0.0.20
fixed in 0.0.31
Not Applicable
CVE-2026-48818NONE0
starlette
0.49.1
fixed in 1.1.0
Not Applicable
CVE-2026-54283NONE0
starlette
0.49.1
fixed in 1.3.1
Not Applicable
CVE-2026-48817NONE0
starlette
0.49.1
fixed in 1.1.0
Not Applicable
CVE-2026-54282NONE0
starlette
0.49.1
fixed in 1.3.0
Not Applicable
GHSA-7ww5-4wqc-m92cNONE0
github.com/containerd/containerd
v1.3.3
fixed in 1.6.26, 1.7.11
Not Applicable
GHSA-5j5w-g665-5m35NONE0
github.com/containerd/containerd
v1.3.3
fixed in 1.4.12, 1.5.8
Not Applicable
GHSA-c9cp-9c75-9v8cNONE0
github.com/containerd/containerd
v1.3.3
fixed in 1.5.11, 1.6.2
Not Applicable
GHSA-qq97-vm5h-rrhgNONE0
github.com/docker/distribution
v2.7.1+incompatible
fixed in 2.8.0
Not Applicable
GHSA-77vh-xpmg-72qhNONE0
github.com/opencontainers/image-spec
v1.0.2-0.20190823105129-775207bd45b6
fixed in 1.0.2
Not Applicable
GHSA-m425-mq94-257gNONE0
google.golang.org/grpc
v1.29.1
fixed in 1.56.3, 1.57.1, 1.58.3
Not Applicable
CVE-2026-39823NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.3%
Theoretical Threat
Not Applicable
CVE-2026-39825NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42499NONE0
stdlib
v1.14.12
fixed in 1.25.10, 1.26.3
0.6%
Theoretical Threat
Not Applicable
CVE-2026-42504NONE0
stdlib
v1.14.12
fixed in 1.25.11, 1.26.4
0.4%
Theoretical Threat
Not Applicable
CVE-2025-0913NONE0
stdlib
v1.14.12
fixed in 1.23.10, 1.24.4
0.2%
Theoretical Threat
Not Applicable
CVE-2026-27145NONE0
stdlib
v1.14.12
fixed in 1.25.11, 1.26.4
0.3%
Theoretical Threat
Not Applicable
CVE-2026-42507NONE0
stdlib
v1.14.12
fixed in 1.25.11, 1.26.4
0.3%
Theoretical Threat
Not Applicable