Grype Vulnerabilities for ghcr.io/fluent/fluent-bit:4.2.3
Unfiltered vulnerability scan results for ghcr.io/fluent/fluent-bit:4.2.3 using Grype. Refer to the triaged vulnerabilities or VEX endpoint for more information on vulnerabilities that have been reviewed.
| Package | Version Installed | Vulnerability ID | Severity |
|---|---|---|---|
| libc6 | 2.41-12+deb13u1 | CVE-2025-15281 | High |
| libtasn1-6 | 4.20.0-2 | CVE-2025-13151 | High |
| libssl3t64 | 3.5.4-1~deb13u2 | CVE-2026-2673 | High |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-3805 | High |
| libc6 | 2.41-12+deb13u1 | CVE-2026-0915 | High |
| libc6 | 2.41-12+deb13u1 | CVE-2026-4437 | High |
| libnghttp2-14 | 1.64.0-1.1 | CVE-2026-27135 | High |
| libc6 | 2.41-12+deb13u1 | CVE-2026-0861 | High |
| fluent-bit | 4.2.3 | CVE-2025-29478 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-1965 | Medium |
| fluent-bit | 4.2.3 | CVE-2025-29477 | Medium |
| libgnutls30t64 | 3.8.9-3+deb13u1 | CVE-2025-14831 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-14819 | Medium |
| libc6 | 2.41-12+deb13u1 | CVE-2026-4438 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-14524 | Medium |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2026-4105 | Medium |
| systemd | 257.9-1~deb13u1 | CVE-2026-4105 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-3784 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2026-3783 | Medium |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-13034 | Medium |
| zlib1g | 1:1.3.dfsg+really1.3.1-1+b1 | CVE-2026-27171 | Medium |
| libldap2 | 2.6.10+dfsg-1 | CVE-2017-17740 | Negligible |
| libgnutls30t64 | 3.8.9-3+deb13u1 | CVE-2011-3389 | Negligible |
| libldap2 | 2.6.10+dfsg-1 | CVE-2015-3276 | Negligible |
| libgssapi-krb5-2 | 1.21.3-5 | CVE-2018-5709 | Negligible |
| libk5crypto3 | 1.21.3-5 | CVE-2018-5709 | Negligible |
| libkrb5-3 | 1.21.3-5 | CVE-2018-5709 | Negligible |
| libkrb5support0 | 1.21.3-5 | CVE-2018-5709 | Negligible |
| libc6 | 2.41-12+deb13u1 | CVE-2018-20796 | Negligible |
| libc6 | 2.41-12+deb13u1 | CVE-2019-1010025 | Negligible |
| libc6 | 2.41-12+deb13u1 | CVE-2019-9192 | Negligible |
| libc6 | 2.41-12+deb13u1 | CVE-2019-1010024 | Negligible |
| libgcrypt20 | 1.11.0-7 | CVE-2024-2236 | Negligible |
| libgcrypt20 | 1.11.0-7 | CVE-2018-6829 | Negligible |
| libc6 | 2.41-12+deb13u1 | CVE-2010-4756 | Negligible |
| libc6 | 2.41-12+deb13u1 | CVE-2019-1010023 | Negligible |
| libgssapi-krb5-2 | 1.21.3-5 | CVE-2024-26458 | Negligible |
| libk5crypto3 | 1.21.3-5 | CVE-2024-26458 | Negligible |
| libkrb5-3 | 1.21.3-5 | CVE-2024-26458 | Negligible |
| libkrb5support0 | 1.21.3-5 | CVE-2024-26458 | Negligible |
| libldap2 | 2.6.10+dfsg-1 | CVE-2020-15719 | Negligible |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2023-31437 | Negligible |
| systemd | 257.9-1~deb13u1 | CVE-2023-31437 | Negligible |
| libc6 | 2.41-12+deb13u1 | CVE-2019-1010022 | Negligible |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2023-31438 | Negligible |
| systemd | 257.9-1~deb13u1 | CVE-2023-31438 | Negligible |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2023-31439 | Negligible |
| systemd | 257.9-1~deb13u1 | CVE-2023-31439 | Negligible |
| libldap2 | 2.6.10+dfsg-1 | CVE-2017-14159 | Negligible |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-15224 | Negligible |
| libgssapi-krb5-2 | 1.21.3-5 | CVE-2024-26461 | Negligible |
| libk5crypto3 | 1.21.3-5 | CVE-2024-26461 | Negligible |
| libkrb5-3 | 1.21.3-5 | CVE-2024-26461 | Negligible |
| libkrb5support0 | 1.21.3-5 | CVE-2024-26461 | Negligible |
| libsystemd0 | 257.9-1~deb13u1 | CVE-2013-4392 | Negligible |
| systemd | 257.9-1~deb13u1 | CVE-2013-4392 | Negligible |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-15079 | Negligible |
| libldap2 | 2.6.10+dfsg-1 | CVE-2026-22185 | Negligible |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-10966 | Negligible |
| libcurl4t64 | 8.14.1-2+deb13u2 | CVE-2025-14017 | Negligible |