Scanner: Docker Scout
Critical vulnerabilities: 5
High vulnerabilities: 7
Medium vulnerabilities: 9
Critical
| CVE | Package | Installed | Fixed | Description |
|---|---|---|---|---|
| CVE-2026-34872 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2026-34872 |
| CVE-2026-34873 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2026-34873 |
| CVE-2026-6100 | python3.13 | 3.13.5-2 | not fixed | CVE-2026-6100 |
| CVE-2026-34875 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2026-34875 |
| CVE-2026-34877 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2026-34877 |
High
| CVE | Package | Installed | Fixed | Description |
|---|---|---|---|---|
| CVE-2026-24049 | wheel | 0.45.1 | 0.46.2 | CVE-2026-24049: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
| CVE-2026-25833 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2026-25833 |
| CVE-2026-27135 | nghttp2 | 1.64.0-1.1 | not fixed | CVE-2026-27135 |
| CVE-2026-34874 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2026-34874 |
| CVE-2026-34876 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2026-34876 |
| CVE-2026-25835 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2026-25835 |
| CVE-2026-40393 | mesa | 25.0.7-2 | not fixed | CVE-2026-40393 |
Medium
| CVE | Package | Installed | Fixed | Description |
|---|---|---|---|---|
| CVE-2025-45582 | tar | 1.35%2Bdfsg-3.1 | not fixed | CVE-2025-45582 |
| CVE-2026-6192 | openjpeg2 | 2.5.3-2.1~deb13u1 | not fixed | CVE-2026-6192 |
| CVE-2026-5704 | tar | 1.35%2Bdfsg-3.1 | not fixed | CVE-2026-5704 |
| CVE-2025-66442 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2025-66442 |
| CVE-2026-34757 | libpng1.6 | 1.6.48-1%2Bdeb13u4 | not fixed | CVE-2026-34757 |
| CVE-2025-69534 | markdown | 3.7 | 3.8.1 | CVE-2025-69534: Uncaught Exception |
| CVE-2026-1502 | python | 3.13.13 | not fixed | CVE-2026-1502 |
| CVE-2026-25834 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2026-25834 |
| CVE-2026-34871 | mbedtls | 3.6.5-0.1~deb13u1 | not fixed | CVE-2026-34871 |