docker.io/airbyte/workload-launcher:1.3.1 linux/amd64

docker.io/airbyte/workload-launcher:1.3.1 - Trivy安全扫描结果 扫描时间: 2025-01-03 15:28
全部漏洞信息
低危漏洞:1 中危漏洞:14 高危漏洞:2 严重漏洞:0

系统OS: amazon 2 (Karoo) 扫描引擎: Trivy 扫描时间: 2025-01-03 15:28

docker.io/airbyte/workload-launcher:1.3.1 (amazon 2 (Karoo)) (amazon)
低危漏洞:0 中危漏洞:8 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
expat CVE-2024-45490 高危 2.1.0-15.amzn2.0.3 2.1.0-15.amzn2.0.4 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:1744c642d3df1bb8b96ce8fd2f141c61b428d0e075d46dd6cf48d25b534bf269

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
glibc CVE-2024-33600 中危 2.26-64.amzn2.0.2 2.26-64.amzn2.0.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:1744c642d3df1bb8b96ce8fd2f141c61b428d0e075d46dd6cf48d25b534bf269

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common CVE-2024-33600 中危 2.26-64.amzn2.0.2 2.26-64.amzn2.0.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:1744c642d3df1bb8b96ce8fd2f141c61b428d0e075d46dd6cf48d25b534bf269

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-langpack-en CVE-2024-33600 中危 2.26-64.amzn2.0.2 2.26-64.amzn2.0.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:1744c642d3df1bb8b96ce8fd2f141c61b428d0e075d46dd6cf48d25b534bf269

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-minimal-langpack CVE-2024-33600 中危 2.26-64.amzn2.0.2 2.26-64.amzn2.0.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:1744c642d3df1bb8b96ce8fd2f141c61b428d0e075d46dd6cf48d25b534bf269

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libcrypt CVE-2024-33600 中危 2.26-64.amzn2.0.2 2.26-64.amzn2.0.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:1744c642d3df1bb8b96ce8fd2f141c61b428d0e075d46dd6cf48d25b534bf269

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libxml2 CVE-2024-34459 中危 2.9.1-6.amzn2.5.13 2.9.1-6.amzn2.5.14 libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459

镜像层: sha256:1744c642d3df1bb8b96ce8fd2f141c61b428d0e075d46dd6cf48d25b534bf269

发布日期: 2024-05-14 15:39 修改: 2024-08-22 18:35
vim-data CVE-2024-43802 中危 2:9.0.2153-1.amzn2.0.1 2:9.0.2153-1.amzn2.0.2 vim: Heap Buffer Overflow in Vim's Typeahead Buffer Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43802

镜像层: sha256:1744c642d3df1bb8b96ce8fd2f141c61b428d0e075d46dd6cf48d25b534bf269

发布日期: 2024-08-26 19:15 修改: 2024-08-27 13:02
vim-minimal CVE-2024-43802 中危 2:9.0.2153-1.amzn2.0.1 2:9.0.2153-1.amzn2.0.2 vim: Heap Buffer Overflow in Vim's Typeahead Buffer Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43802

镜像层: sha256:1744c642d3df1bb8b96ce8fd2f141c61b428d0e075d46dd6cf48d25b534bf269

发布日期: 2024-08-26 19:15 修改: 2024-08-27 13:02
Java (jar)
低危漏洞:1 中危漏洞:6 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
org.keycloak:keycloak-core CVE-2024-10039 高危 25.0.2 26.0.6 keycloak-core: mTLS passthrough

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10039

镜像层: sha256:a195275884e2f4d7b05a504b37d78bf75dcb5bd42dba82c32971a2ba3704ad81

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
io.netty:netty-common CVE-2024-47535 中危 4.1.114.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:a195275884e2f4d7b05a504b37d78bf75dcb5bd42dba82c32971a2ba3704ad81

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:a195275884e2f4d7b05a504b37d78bf75dcb5bd42dba82c32971a2ba3704ad81

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:a195275884e2f4d7b05a504b37d78bf75dcb5bd42dba82c32971a2ba3704ad81

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:a195275884e2f4d7b05a504b37d78bf75dcb5bd42dba82c32971a2ba3704ad81

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
ch.qos.logback:logback-core CVE-2024-12798 中危 1.5.12 1.5.13 logback-core: arbitrary code execution via JaninoEventEvaluator

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798

镜像层: sha256:a195275884e2f4d7b05a504b37d78bf75dcb5bd42dba82c32971a2ba3704ad81

发布日期: 2024-12-19 16:15 修改: 2024-12-19 16:15
org.keycloak:keycloak-core CVE-2024-7318 中危 25.0.2 24.0.7, 25.0.4 keycloak-core: One Time Passcode (OTP) is valid longer than expiration timeSeverity

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7318

镜像层: sha256:a195275884e2f4d7b05a504b37d78bf75dcb5bd42dba82c32971a2ba3704ad81

发布日期: 2024-09-09 19:15 修改: 2024-10-07 20:15
ch.qos.logback:logback-core CVE-2024-12801 低危 1.5.12 1.5.13 logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801

镜像层: sha256:a195275884e2f4d7b05a504b37d78bf75dcb5bd42dba82c32971a2ba3704ad81

发布日期: 2024-12-19 17:15 修改: 2024-12-19 17:15