Grype Vulnerabilities for ghcr.io/fluent/fluent-bit:5.0.3
Unfiltered vulnerability scan results for ghcr.io/fluent/fluent-bit:5.0.3 using Grype. Refer to the triaged vulnerabilities or VEX endpoint for more information on vulnerabilities that have been reviewed.
| Package | Version Installed | Vulnerability ID | Severity |
|---|---|---|---|
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-42010 | Critical |
| libc6 | 2.41-12+deb13u2 | CVE-2026-5450 | Critical |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-33845 | Critical |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-3833 | High |
| libtasn1-6 | 4.20.0-2 | CVE-2025-13151 | High |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-33846 | High |
| libpq5 | 17.9-0+deb13u1 | CVE-2026-6473 | High |
| libc6 | 2.41-12+deb13u2 | CVE-2026-4437 | High |
| libc6 | 2.41-12+deb13u2 | CVE-2026-4046 | High |
| libpq5 | 17.9-0+deb13u1 | CVE-2026-6475 | High |
| libc6 | 2.41-12+deb13u2 | CVE-2026-5928 | High |
| libpq5 | 17.9-0+deb13u1 | CVE-2026-6477 | High |
| libc6 | 2.41-12+deb13u2 | CVE-2026-5435 | High |
| libpq5 | 17.9-0+deb13u1 | CVE-2026-6637 | High |
| libpq5 | 17.9-0+deb13u1 | CVE-2026-6479 | High |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-3805 | High |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-5773 | High |
| libpq5 | 17.9-0+deb13u1 | CVE-2026-6476 | High |
| libnghttp2-14 | 1.64.0-1.1 | CVE-2026-27135 | High |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-42011 | High |
| libpq5 | 17.9-0+deb13u1 | CVE-2026-6638 | High |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-6276 | High |
| libcap2 | 1:2.75-10+b8 | CVE-2026-4878 | High |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-42009 | High |
| fluent-bit | 5.0.3 | CVE-2025-29478 | Medium |
| fluent-bit | 5.0.3 | CVE-2025-29477 | Medium |
| libgssapi-krb5-2 | 1.21.3-5 | CVE-2026-40355 | Medium |
| libk5crypto3 | 1.21.3-5 | CVE-2026-40355 | Medium |
| libkrb5-3 | 1.21.3-5 | CVE-2026-40355 | Medium |
| libkrb5support0 | 1.21.3-5 | CVE-2026-40355 | Medium |
| libgssapi-krb5-2 | 1.21.3-5 | CVE-2026-40356 | Medium |
| libk5crypto3 | 1.21.3-5 | CVE-2026-40356 | Medium |
| libkrb5-3 | 1.21.3-5 | CVE-2026-40356 | Medium |
| libkrb5support0 | 1.21.3-5 | CVE-2026-40356 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-1965 | Medium |
| libssh2-1t64 | 1.11.1-1 | CVE-2026-7598 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-7168 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-14819 | Medium |
| liblzma5 | 5.8.1-1 | CVE-2026-34743 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-5545 | Medium |
| libc6 | 2.41-12+deb13u2 | CVE-2026-6238 | Medium |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2026-40225 | Medium |
| systemd | 257.9-1~deb13u1 | CVE-2026-40225 | Medium |
| libc6 | 2.41-12+deb13u2 | CVE-2026-4438 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-6253 | Medium |
| libpq5 | 17.9-0+deb13u1 | CVE-2026-6478 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-14524 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-6429 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-3784 | Medium |
| libpq5 | 17.9-0+deb13u1 | CVE-2026-6472 | Medium |
| libpq5 | 17.9-0+deb13u1 | CVE-2026-6474 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-3783 | Medium |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2026-29111 | Medium |
| systemd | 257.9-1~deb13u1 | CVE-2026-29111 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-4873 | Medium |
| libgcrypt20 | 1.11.0-7 | CVE-2026-41989 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-13034 | Medium |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2026-40226 | Medium |
| systemd | 257.9-1~deb13u1 | CVE-2026-40226 | Medium |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2026-4105 | Medium |
| systemd | 257.9-1~deb13u1 | CVE-2026-4105 | Medium |
| zlib1g | 1:1.3.dfsg+really1.3.1-1+b1 | CVE-2026-27171 | Medium |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-3832 | Low |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2026-40228 | Low |
| systemd | 257.9-1~deb13u1 | CVE-2026-40228 | Low |
| libldap2 | 2.6.10+dfsg-1 | CVE-2017-17740 | Negligible |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2011-3389 | Negligible |
| libldap2 | 2.6.10+dfsg-1 | CVE-2015-3276 | Negligible |
| libc6 | 2.41-12+deb13u2 | CVE-2018-20796 | Negligible |
| libgssapi-krb5-2 | 1.21.3-5 | CVE-2018-5709 | Negligible |
| libk5crypto3 | 1.21.3-5 | CVE-2018-5709 | Negligible |
| libkrb5-3 | 1.21.3-5 | CVE-2018-5709 | Negligible |
| libkrb5support0 | 1.21.3-5 | CVE-2018-5709 | Negligible |
| libc6 | 2.41-12+deb13u2 | CVE-2019-1010025 | Negligible |
| libc6 | 2.41-12+deb13u2 | CVE-2019-9192 | Negligible |
| libgcrypt20 | 1.11.0-7 | CVE-2024-2236 | Negligible |
| libc6 | 2.41-12+deb13u2 | CVE-2019-1010024 | Negligible |
| libgcrypt20 | 1.11.0-7 | CVE-2018-6829 | Negligible |
| libc6 | 2.41-12+deb13u2 | CVE-2010-4756 | Negligible |
| libc6 | 2.41-12+deb13u2 | CVE-2019-1010023 | Negligible |
| libgssapi-krb5-2 | 1.21.3-5 | CVE-2024-26458 | Negligible |
| libk5crypto3 | 1.21.3-5 | CVE-2024-26458 | Negligible |
| libkrb5-3 | 1.21.3-5 | CVE-2024-26458 | Negligible |
| libkrb5support0 | 1.21.3-5 | CVE-2024-26458 | Negligible |
| libldap2 | 2.6.10+dfsg-1 | CVE-2020-15719 | Negligible |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2023-31437 | Negligible |
| systemd | 257.9-1~deb13u1 | CVE-2023-31437 | Negligible |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2023-31438 | Negligible |
| systemd | 257.9-1~deb13u1 | CVE-2023-31438 | Negligible |
| libc6 | 2.41-12+deb13u2 | CVE-2019-1010022 | Negligible |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2023-31439 | Negligible |
| systemd | 257.9-1~deb13u1 | CVE-2023-31439 | Negligible |
| libldap2 | 2.6.10+dfsg-1 | CVE-2017-14159 | Negligible |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-15224 | Negligible |
| libgssapi-krb5-2 | 1.21.3-5 | CVE-2024-26461 | Negligible |
| libk5crypto3 | 1.21.3-5 | CVE-2024-26461 | Negligible |
| libkrb5-3 | 1.21.3-5 | CVE-2024-26461 | Negligible |
| libkrb5support0 | 1.21.3-5 | CVE-2024-26461 | Negligible |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-15079 | Negligible |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2013-4392 | Negligible |
| systemd | 257.9-1~deb13u1 | CVE-2013-4392 | Negligible |
| libldap2 | 2.6.10+dfsg-1 | CVE-2026-22185 | Negligible |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-10966 | Negligible |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-14017 | Negligible |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-42012 | Unknown |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-42013 | Unknown |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-42014 | Unknown |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-42015 | Unknown |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-5260 | Unknown |
| libgnutls30t64 | 3.8.9-3+deb13u2 | CVE-2026-5419 | Unknown |