docker.elastic.co/elasticsearch/elasticsearch:8.15.3 linux/amd64

docker.elastic.co/elasticsearch/elasticsearch:8.15.3 - Trivy安全扫描结果 扫描时间: 2024-10-30 17:36
全部漏洞信息
低危漏洞:32 中危漏洞:6 高危漏洞:2 严重漏洞:0

系统OS: ubuntu 20.04 扫描引擎: Trivy 扫描时间: 2024-10-30 17:36

docker.elastic.co/elasticsearch/elasticsearch:8.15.3 (ubuntu 20.04) (ubuntu)
低危漏洞:32 中危漏洞:5 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libgcrypt20 CVE-2024-2236 中危 1.8.5-5ubuntu1.1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2024-03-06 22:15 修改: 2024-09-14 04:15
libgssapi-krb5-2 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
gpgv CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libgssapi-krb5-2 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libgssapi-krb5-2 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libc-bin CVE-2016-20013 低危 2.31-0ubuntu9.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libk5crypto3 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libc6 CVE-2016-20013 低危 2.31-0ubuntu9.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libkrb5-3 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
coreutils CVE-2016-2781 低危 8.30-3ubuntu2 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libkrb5support0 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:59761b4ac1e6c06952a7f06b84bebb50ba1a6b53e62a1d589cfac166675bddc7

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libncurses6 CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2024-02-16 22:15 修改: 2024-03-15 11:15
libncurses6 CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libncursesw6 CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2024-02-16 22:15 修改: 2024-03-15 11:15
libncursesw6 CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libpcre2-8-0 CVE-2022-41409 低危 10.34-7ubuntu0.1 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46
libpcre3 CVE-2017-11164 低危 2:8.39-12ubuntu0.1 pcre: OP_KETRMAX feature in the match function in pcre_exec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2017-07-11 03:29 修改: 2023-11-07 02:38
libsystemd0 CVE-2023-26604 低危 245.4-4ubuntu3.24 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
libsystemd0 CVE-2023-7008 低危 245.4-4ubuntu3.24 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16
libtinfo6 CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2024-02-16 22:15 修改: 2024-03-15 11:15
libtinfo6 CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libudev1 CVE-2023-26604 低危 245.4-4ubuntu3.24 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
libudev1 CVE-2023-7008 低危 245.4-4ubuntu3.24 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16
login CVE-2013-4235 低危 1:4.8.1-1ubuntu5.20.04.5 shadow-utils: TOCTOU race conditions by copying and removing directory trees

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2019-12-03 15:15 修改: 2023-02-13 00:28
login CVE-2023-29383 低危 1:4.8.1-1ubuntu5.20.04.5 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
ncurses-base CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2024-02-16 22:15 修改: 2024-03-15 11:15
ncurses-base CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
ncurses-bin CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2024-02-16 22:15 修改: 2024-03-15 11:15
ncurses-bin CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
passwd CVE-2013-4235 低危 1:4.8.1-1ubuntu5.20.04.5 shadow-utils: TOCTOU race conditions by copying and removing directory trees

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2019-12-03 15:15 修改: 2023-02-13 00:28
passwd CVE-2023-29383 低危 1:4.8.1-1ubuntu5.20.04.5 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:20eafb43e177262767f62cacb9ee87b70eae2d0804c03b5f6f387ca9e64c70f9

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
Java (jar)
低危漏洞:0 中危漏洞:1 高危漏洞:2 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.23 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:dcf8690aac4070828a8668ad74b6e6a9c840f5e3a7febaf9e1def4a9313b2b79

发布日期: 2024-02-11 05:15 修改: 2024-10-16 20:01
net.minidev:json-smart CVE-2023-1370 高危 2.4.8 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:dcf8690aac4070828a8668ad74b6e6a9c840f5e3a7febaf9e1def4a9313b2b79

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
org.bouncycastle:bc-fips CVE-2024-29857 中危 1.0.2.4 1.0.2.5 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:dcf8690aac4070828a8668ad74b6e6a9c840f5e3a7febaf9e1def4a9313b2b79

发布日期: 2024-05-14 15:17 修改: 2024-08-15 19:35