kubernetes-reflector
PatchedKubernetes & Orchestrationfrom
ghcr.io/emberstack/kubernetes-reflectorPull Reference
ghcr.io/verity-org/emberstack/kubernetes-reflector
docker pull ghcr.io/verity-org/emberstack/kubernetes-reflector
Available Versions
10.0.57latest10 CVEs fixed25 remaining
10.0.5610 CVEs fixed25 remaining
10.0.5510 CVEs fixed25 remaining
Copa-Patched Image
Patched in-place from the upstream image usingCopa. OS-level vulnerabilities are fixed without rebuilding \u2014 same layers, same behavior, fewer CVEs.
Supply Chain
Full compliance detailsSignedSLSA L3SBOMRekor
Verify this artifact
Cosign signature
cosign verify \ --certificate-identity-regexp "https://github.com/verity-org/verity/.github/workflows/" \ --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \ ghcr.io/verity-org/emberstack/kubernetes-reflector:10.0.57
Build provenance
gh attestation verify \ oci://ghcr.io/verity-org/emberstack/kubernetes-reflector:10.0.57 \ --owner verity-org
Vulnerability Scan
Found 35 vulnerabilities in the original image. 10 fixed by Copa. 25 remaining after patching.
24 MEDIUM11 LOW
Awaiting upstream fix
No fix is available yet for these vulnerabilities.
- CVE-2026-27456MEDIUM
- Package
- bsdutils
- Installed
- 1:2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-27456MEDIUM
- Package
- libblkid1
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-4046MEDIUM
- Package
- libc-bin
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-4437MEDIUM
- Package
- libc-bin
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-4438MEDIUM
- Package
- libc-bin
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-5435MEDIUM
- Package
- libc-bin
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-6238MEDIUM
- Package
- libc-bin
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-4046MEDIUM
- Package
- libc6
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-4437MEDIUM
- Package
- libc6
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-4438MEDIUM
- Package
- libc6
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-5435MEDIUM
- Package
- libc6
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-6238MEDIUM
- Package
- libc6
- Installed
- 2.39-0ubuntu8.7
- Fixed
- CVE-2026-27456MEDIUM
- Package
- libmount1
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-13757MEDIUM
- Package
- libp11-kit0
- Installed
- 0.25.3-4ubuntu2.1
- Fixed
- CVE-2026-27456MEDIUM
- Package
- libsmartcols1
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-27456MEDIUM
- Package
- libuuid1
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-27456MEDIUM
- Package
- mount
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2026-27456MEDIUM
- Package
- util-linux
- Installed
- 2.39.3-9ubuntu6.5
- Fixed
- CVE-2024-2236LOW
- Package
- libgcrypt20
- Installed
- 1.10.3-2ubuntu0.1
- Fixed
- CVE-2025-5222LOW
- Package
- libicu74
- Installed
- 74.2-1ubuntu3.1
- Fixed
- CVE-2026-40228LOW
- Package
- libsystemd0
- Installed
- 255.4-1ubuntu8.16
- Fixed
- CVE-2026-40228LOW
- Package
- libudev1
- Installed
- 255.4-1ubuntu8.16
- Fixed
- CVE-2024-56433LOW
- Package
- login
- Installed
- 1:4.13+dfsg1-4ubuntu3.2
- Fixed
- CVE-2024-56433LOW
- Package
- passwd
- Installed
- 1:4.13+dfsg1-4ubuntu3.2
- Fixed
- CVE-2026-27171LOW
- Package
- zlib1g
- Installed
- 1:1.3.dfsg-3.1ubuntu2.1
- Fixed
| ID | Package | Installed | Fixed | Severity |
|---|---|---|---|---|
| CVE-2026-27456 | bsdutils | 1:2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-27456 | libblkid1 | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-4046 | libc-bin | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-4437 | libc-bin | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-4438 | libc-bin | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-5435 | libc-bin | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-6238 | libc-bin | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-4046 | libc6 | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-4437 | libc6 | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-4438 | libc6 | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-5435 | libc6 | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-6238 | libc6 | 2.39-0ubuntu8.7 | MEDIUM | |
| CVE-2026-27456 | libmount1 | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-13757 | libp11-kit0 | 0.25.3-4ubuntu2.1 | MEDIUM | |
| CVE-2026-27456 | libsmartcols1 | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-27456 | libuuid1 | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-27456 | mount | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2026-27456 | util-linux | 2.39.3-9ubuntu6.5 | MEDIUM | |
| CVE-2024-2236 | libgcrypt20 | 1.10.3-2ubuntu0.1 | LOW | |
| CVE-2025-5222 | libicu74 | 74.2-1ubuntu3.1 | LOW | |
| CVE-2026-40228 | libsystemd0 | 255.4-1ubuntu8.16 | LOW | |
| CVE-2026-40228 | libudev1 | 255.4-1ubuntu8.16 | LOW | |
| CVE-2024-56433 | login | 1:4.13+dfsg1-4ubuntu3.2 | LOW | |
| CVE-2024-56433 | passwd | 1:4.13+dfsg1-4ubuntu3.2 | LOW | |
| CVE-2026-27171 | zlib1g | 1:1.3.dfsg-3.1ubuntu2.1 | LOW |
Source
Copa (in-place patch)
Platforms
linux/amd64, linux/arm64
Registry
ghcr.io/verity-org
Upstream
ghcr.io/emberstack/kubernetes-reflector
Version
10.0.57