docker.io/airbyte/worker:0.63.20 linux/amd64

docker.io/airbyte/worker:0.63.20 - Trivy安全扫描结果 扫描时间: 2024-11-29 11:01
全部漏洞信息
低危漏洞:3 中危漏洞:12 高危漏洞:5 严重漏洞:1

系统OS: amazon 2 (Karoo) 扫描引擎: Trivy 扫描时间: 2024-11-29 11:01

docker.io/airbyte/worker:0.63.20 (amazon 2 (Karoo)) (amazon)
低危漏洞:3 中危漏洞:5 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
krb5-libs CVE-2024-37370 中危 1.15.1-55.amzn2.2.7 1.15.1-55.amzn2.2.8 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:50398924c43a1129031d251a84eea6a278d1f682e8e9c27ab4e73e34e9f42acd

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
krb5-libs CVE-2024-37371 中危 1.15.1-55.amzn2.2.7 1.15.1-55.amzn2.2.8 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:50398924c43a1129031d251a84eea6a278d1f682e8e9c27ab4e73e34e9f42acd

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
openssl-libs CVE-2024-5535 中危 1:1.0.2k-24.amzn2.0.12 1:1.0.2k-24.amzn2.0.13 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:50398924c43a1129031d251a84eea6a278d1f682e8e9c27ab4e73e34e9f42acd

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
python CVE-2023-27043 中危 2.7.18-1.amzn2.0.8 2.7.18-1.amzn2.0.9 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:50398924c43a1129031d251a84eea6a278d1f682e8e9c27ab4e73e34e9f42acd

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python-libs CVE-2023-27043 中危 2.7.18-1.amzn2.0.8 2.7.18-1.amzn2.0.9 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:50398924c43a1129031d251a84eea6a278d1f682e8e9c27ab4e73e34e9f42acd

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
ca-certificates CVE-2024-39689 低危 2023.2.64-1.amzn2.0.1 2023.2.68-1.amzn2.0.1 python-certifi: Remove root certificates from `GLOBALTRUST` from the root store

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39689

镜像层: sha256:50398924c43a1129031d251a84eea6a278d1f682e8e9c27ab4e73e34e9f42acd

发布日期: 2024-07-05 19:15 修改: 2024-07-08 15:49
systemd CVE-2023-31439 低危 219-78.amzn2.0.23 219-78.amzn2.0.24 An issue was discovered in systemd 253. An attacker can modify the con ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31439

镜像层: sha256:e516759138871262992d553ca4779333c8ec601dcaf09acdc74912ad45ef5476

发布日期: 2023-06-13 17:15 修改: 2024-08-02 15:16
systemd-libs CVE-2023-31439 低危 219-78.amzn2.0.23 219-78.amzn2.0.24 An issue was discovered in systemd 253. An attacker can modify the con ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31439

镜像层: sha256:e516759138871262992d553ca4779333c8ec601dcaf09acdc74912ad45ef5476

发布日期: 2023-06-13 17:15 修改: 2024-08-02 15:16
Java (jar)
低危漏洞:0 中危漏洞:2 高危漏洞:4 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.25.3 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:df2845431289b13e10b1c82f6340311529aa37d4f7454c252bbdc400d114c54c

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30
io.netty:netty-common CVE-2024-47535 高危 4.1.109.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:df2845431289b13e10b1c82f6340311529aa37d4f7454c252bbdc400d114c54c

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-common CVE-2024-47535 高危 4.1.111.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:df2845431289b13e10b1c82f6340311529aa37d4f7454c252bbdc400d114c54c

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
org.keycloak:keycloak-core CVE-2024-10039 高危 25.0.2 26.0.6 keycloak-core: mTLS passthrough

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10039

镜像层: sha256:df2845431289b13e10b1c82f6340311529aa37d4f7454c252bbdc400d114c54c

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.elasticsearch:elasticsearch CVE-2024-23444 中危 7.17.21 8.13.0, 7.17.23 Elasticsearch stores private key on disk unencrypted

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23444

镜像层: sha256:df2845431289b13e10b1c82f6340311529aa37d4f7454c252bbdc400d114c54c

发布日期: 2024-07-31 18:15 修改: 2024-08-01 12:42
org.keycloak:keycloak-core GHSA-xmmm-jw76-q7vg 中危 25.0.2 24.0.7, 25.0.4 One Time Passcode (OTP) is valid longer than expiration timeSeverity

漏洞详情: https://github.com/advisories/GHSA-xmmm-jw76-q7vg

镜像层: sha256:df2845431289b13e10b1c82f6340311529aa37d4f7454c252bbdc400d114c54c

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
usr/local/bin/kubectl (gobinary)
低危漏洞:0 中危漏洞:5 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2024-24790 严重 1.22.2 1.21.11, 1.22.4 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790

镜像层: sha256:e516759138871262992d553ca4779333c8ec601dcaf09acdc74912ad45ef5476

发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib CVE-2024-24788 高危 1.22.2 1.22.3 golang: net: malformed DNS message can cause infinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24788

镜像层: sha256:e516759138871262992d553ca4779333c8ec601dcaf09acdc74912ad45ef5476

发布日期: 2024-05-08 16:15 修改: 2024-06-14 13:15
stdlib CVE-2024-24789 中危 1.22.2 1.21.11, 1.22.4 golang: archive/zip: Incorrect handling of certain ZIP files

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789

镜像层: sha256:e516759138871262992d553ca4779333c8ec601dcaf09acdc74912ad45ef5476

发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib CVE-2024-24791 中危 1.22.2 1.21.12, 1.22.5 net/http: Denial of service due to improper 100-continue handling in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791

镜像层: sha256:e516759138871262992d553ca4779333c8ec601dcaf09acdc74912ad45ef5476

发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib CVE-2024-34155 中危 1.22.2 1.22.7, 1.23.1 Calling any of the Parse functions on Go source code which contains de ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:e516759138871262992d553ca4779333c8ec601dcaf09acdc74912ad45ef5476

发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib CVE-2024-34156 中危 1.22.2 1.22.7, 1.23.1 Calling Decoder.Decode on a message which contains deeply nested struc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:e516759138871262992d553ca4779333c8ec601dcaf09acdc74912ad45ef5476

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib CVE-2024-34158 中危 1.22.2 1.22.7, 1.23.1 Calling Parse on a "// +build" build tag line with deeply nested expre ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:e516759138871262992d553ca4779333c8ec601dcaf09acdc74912ad45ef5476

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35