Skip to content

docker.io/grafana/k6:latest (alpine 3.23.3)

Trivy Image Scan

  • Image: docker.io/grafana/k6:latest (alpine 3.23.3)
  • Scan date: 2026-04-24

docker.io/grafana/k6:latest (alpine 3.23.3) (alpine)

Package Vulnerability ID Severity Installed Version Fixed Version Links
libcrypto3 CVE-2026-31789 CRITICAL 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-31789 https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49 https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9 https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-28387 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28387 https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3 https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7 https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177 https://nvd.nist.gov/vuln/detail/CVE-2026-28387 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28387 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-28388 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28388 https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139 https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3 https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8 https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-28389 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28389 https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5 https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616 https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-28390 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28390 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-31790 MEDIUM 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-31790 https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482 https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406 https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790 https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://www.openwall.com/lists/oss-security/2026/04/07/11
libcrypto3 CVE-2026-2673 LOW 3.5.5-r0 3.5.6-r0 http://www.openwall.com/lists/oss-security/2026/03/13/3 https://access.redhat.com/security/cve/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://openssl-library.org/news/secadv/20260313.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-2673
libssl3 CVE-2026-31789 CRITICAL 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-31789 https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49 https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9 https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521 https://nvd.nist.gov/vuln/detail/CVE-2026-31789 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31789 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-28387 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28387 https://github.com/openssl/openssl/commit/07e727d304746edb49a98ee8f6ab00256e1f012b https://github.com/openssl/openssl/commit/258a8f63b26995ba357f4326da00e19e29c6acbe https://github.com/openssl/openssl/commit/444958deaf450aea819171f97ae69eaedede42c3 https://github.com/openssl/openssl/commit/7a4e08cee62a728d32e60b0de89e6764339df0a7 https://github.com/openssl/openssl/commit/ec03fa050b3346997ed9c5fef3d0e16ad7db8177 https://nvd.nist.gov/vuln/detail/CVE-2026-28387 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28387 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-28388 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28388 https://github.com/openssl/openssl/commit/59c3b3158553ab53275bbbccca5cb305d591cf2e https://github.com/openssl/openssl/commit/5a0b4930779cd2408880979db765db919da55139 https://github.com/openssl/openssl/commit/602542f2c0c2d5edb47128f93eac10b62aeeefb3 https://github.com/openssl/openssl/commit/a9d187dd1000130100fa7ab915f8513532cb3bb8 https://github.com/openssl/openssl/commit/d3a901e8d9f021f3e67d6cfbc12e768129862726 https://nvd.nist.gov/vuln/detail/CVE-2026-28388 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28388 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-28389 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28389 https://github.com/openssl/openssl/commit/16cea4188e0ea567deb4f93f85902247e67384f5 https://github.com/openssl/openssl/commit/785cbf7ea3b5a6f5adf0c1ccb92b79d89c35c616 https://github.com/openssl/openssl/commit/7b5274e812400cacb6f3be4c2df5340923fa807f https://github.com/openssl/openssl/commit/c6725634e089eb2b634b10ede33944be7248172a https://github.com/openssl/openssl/commit/f80f83bc5fd036bc47d773e8b15a001e2b4ce686 https://nvd.nist.gov/vuln/detail/CVE-2026-28389 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28389 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-28390 HIGH 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-28390 https://github.com/openssl/openssl/commit/01194a8f1941115cd0383bfa91c736dd3993c8bc https://github.com/openssl/openssl/commit/2e39b7a6993be445fddb9fbce316fa756e0397b6 https://github.com/openssl/openssl/commit/af2a5fecd3e71a29e7568f9c1453dec5cebbaff4 https://github.com/openssl/openssl/commit/ea7b4ea4f9f853521ba34830cbcadc970d2e0788 https://github.com/openssl/openssl/commit/fd2f1a6cf53b9ceeca723a001aa4b825d7c7ee75 https://nvd.nist.gov/vuln/detail/CVE-2026-28390 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://ubuntu.com/security/notices/USN-8155-2 https://www.cve.org/CVERecord?id=CVE-2026-28390 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-31790 MEDIUM 3.5.5-r0 3.5.6-r0 https://access.redhat.com/security/cve/CVE-2026-31790 https://github.com/openssl/openssl/commit/001e01db3e996e13ffc72386fe79d03a6683b5ac https://github.com/openssl/openssl/commit/abd8b2eec7e3f3fda60ecfb68498b246b52af482 https://github.com/openssl/openssl/commit/b922e24e5b23ffb9cb9e14cadff23d91e9f7e406 https://github.com/openssl/openssl/commit/d5f8e71cd0a54e961d0c3b174348f8308486f790 https://github.com/openssl/openssl/commit/eed200f58cd8645ed77e46b7e9f764e284df379e https://nvd.nist.gov/vuln/detail/CVE-2026-31790 https://openssl-library.org/news/secadv/20260407.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-31790 https://www.openwall.com/lists/oss-security/2026/04/07/11
libssl3 CVE-2026-2673 LOW 3.5.5-r0 3.5.6-r0 http://www.openwall.com/lists/oss-security/2026/03/13/3 https://access.redhat.com/security/cve/CVE-2026-2673 https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34 https://nvd.nist.gov/vuln/detail/CVE-2026-2673 https://openssl-library.org/news/secadv/20260313.txt https://ubuntu.com/security/notices/USN-8155-1 https://www.cve.org/CVERecord?id=CVE-2026-2673
musl CVE-2026-40200 HIGH 1.2.5-r21 1.2.5-r23 http://www.openwall.com/lists/oss-security/2026/04/10/13 https://access.redhat.com/security/cve/CVE-2026-40200 https://musl.libc.org/releases.html https://nvd.nist.gov/vuln/detail/CVE-2026-40200 https://www.cve.org/CVERecord?id=CVE-2026-40200 https://www.openwall.com/lists/oss-security/2026/04/10/13
musl CVE-2026-6042 MEDIUM 1.2.5-r21 1.2.5-r22 http://www.openwall.com/lists/oss-security/2026/04/09/19 https://access.redhat.com/security/cve/CVE-2026-6042 https://nvd.nist.gov/vuln/detail/CVE-2026-6042 https://vuldb.com/submit/796352 https://vuldb.com/vuln/356620 https://vuldb.com/vuln/356620/cti https://www.cve.org/CVERecord?id=CVE-2026-6042 https://www.openwall.com/lists/oss-security/2026/04/02/10 https://www.openwall.com/lists/oss-security/2026/04/03/2
musl-utils CVE-2026-40200 HIGH 1.2.5-r21 1.2.5-r23 http://www.openwall.com/lists/oss-security/2026/04/10/13 https://access.redhat.com/security/cve/CVE-2026-40200 https://musl.libc.org/releases.html https://nvd.nist.gov/vuln/detail/CVE-2026-40200 https://www.cve.org/CVERecord?id=CVE-2026-40200 https://www.openwall.com/lists/oss-security/2026/04/10/13
musl-utils CVE-2026-6042 MEDIUM 1.2.5-r21 1.2.5-r22 http://www.openwall.com/lists/oss-security/2026/04/09/19 https://access.redhat.com/security/cve/CVE-2026-6042 https://nvd.nist.gov/vuln/detail/CVE-2026-6042 https://vuldb.com/submit/796352 https://vuldb.com/vuln/356620 https://vuldb.com/vuln/356620/cti https://www.cve.org/CVERecord?id=CVE-2026-6042 https://www.openwall.com/lists/oss-security/2026/04/02/10 https://www.openwall.com/lists/oss-security/2026/04/03/2
zlib CVE-2026-22184 HIGH 1.3.1-r2 1.3.2-r0 https://access.redhat.com/security/cve/CVE-2026-22184 https://github.com/madler/zlib https://github.com/madler/zlib/issues/1142 https://nvd.nist.gov/vuln/detail/CVE-2026-22184 https://seclists.org/fulldisclosure/2026/Jan/3 https://www.cve.org/CVERecord?id=CVE-2026-22184 https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname https://zlib.net/
zlib CVE-2026-27171 MEDIUM 1.3.1-r2 1.3.2-r0 https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ https://7asecurity.com/reports/pentest-report-zlib-RC1.1.pdf https://access.redhat.com/security/cve/CVE-2026-27171 https://github.com/madler/zlib/issues/904 https://github.com/madler/zlib/releases/tag/v1.3.2 https://nvd.nist.gov/vuln/detail/CVE-2026-27171 https://ostif.org/zlib-audit-complete/ https://www.cve.org/CVERecord?id=CVE-2026-27171
No Misconfigurations found

usr/bin/k6 (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/Azure/go-ntlmssp CVE-2026-32952 MEDIUM v0.0.0-20221128193559-754e69321358 0.1.1 https://github.com/Azure/go-ntlmssp https://github.com/Azure/go-ntlmssp/releases/tag/v0.1.1 https://github.com/Azure/go-ntlmssp/security/advisories/GHSA-pjcq-xvwq-hhpj
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp CVE-2026-39882 MEDIUM v1.38.0 1.43.0 http://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.43.0 https://github.com/open-telemetry/opentelemetry-go https://github.com/open-telemetry/opentelemetry-go/pull/8108 https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-w8rr-5gcm-pp58 https://nvd.nist.gov/vuln/detail/CVE-2026-39882
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp CVE-2026-39882 MEDIUM v1.38.0 1.43.0 http://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.43.0 https://github.com/open-telemetry/opentelemetry-go https://github.com/open-telemetry/opentelemetry-go/pull/8108 https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-w8rr-5gcm-pp58 https://nvd.nist.gov/vuln/detail/CVE-2026-39882
go.opentelemetry.io/otel/sdk CVE-2026-39883 HIGH v1.40.0 1.43.0 http://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.43.0 https://github.com/open-telemetry/opentelemetry-go https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-hfvc-g4fc-pqhx https://nvd.nist.gov/vuln/detail/CVE-2026-39883
stdlib CVE-2026-32280 HIGH v1.26.1 1.25.9, 1.26.2 https://access.redhat.com/security/cve/CVE-2026-32280 https://go.dev/cl/758320 https://go.dev/issue/78282 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32280 https://pkg.go.dev/vuln/GO-2026-4947 https://www.cve.org/CVERecord?id=CVE-2026-32280
stdlib CVE-2026-32281 HIGH v1.26.1 1.25.9, 1.26.2 https://access.redhat.com/security/cve/CVE-2026-32281 https://go.dev/cl/758061 https://go.dev/issue/78281 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32281 https://pkg.go.dev/vuln/GO-2026-4946 https://www.cve.org/CVERecord?id=CVE-2026-32281
stdlib CVE-2026-32283 HIGH v1.26.1 1.25.9, 1.26.2 https://go.dev/cl/763767 https://go.dev/issue/78334 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32283 https://pkg.go.dev/vuln/GO-2026-4870
stdlib CVE-2026-33810 HIGH v1.26.1 1.26.2 http://www.openwall.com/lists/oss-security/2026/04/19/4 http://www.openwall.com/lists/oss-security/2026/04/20/1 https://access.redhat.com/security/cve/CVE-2026-33810 https://go.dev/cl/763763 https://go.dev/issue/78332 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-33810 https://pkg.go.dev/vuln/GO-2026-4866 https://www.cve.org/CVERecord?id=CVE-2026-33810
stdlib CVE-2026-32282 MEDIUM v1.26.1 1.25.9, 1.26.2 https://access.redhat.com/security/cve/CVE-2026-32282 https://go.dev/cl/763761 https://go.dev/issue/78293 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32282 https://pkg.go.dev/vuln/GO-2026-4864 https://www.cve.org/CVERecord?id=CVE-2026-32282
stdlib CVE-2026-32288 MEDIUM v1.26.1 1.25.9, 1.26.2 https://access.redhat.com/security/cve/CVE-2026-32288 https://go.dev/cl/763766 https://go.dev/issue/78301 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32288 https://pkg.go.dev/vuln/GO-2026-4869 https://www.cve.org/CVERecord?id=CVE-2026-32288
stdlib CVE-2026-32289 MEDIUM v1.26.1 1.25.9, 1.26.2 https://access.redhat.com/security/cve/CVE-2026-32289 https://go.dev/cl/763762 https://go.dev/issue/78331 https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU https://nvd.nist.gov/vuln/detail/CVE-2026-32289 https://pkg.go.dev/vuln/GO-2026-4865 https://www.cve.org/CVERecord?id=CVE-2026-32289
No Misconfigurations found