docker.io/anmour/bncr:latest linux/amd64

docker.io/anmour/bncr:latest - Trivy安全扫描结果 扫描时间: 2026-01-23 00:01
全部漏洞信息
低危漏洞:9 中危漏洞:8 高危漏洞:5 严重漏洞:0

系统OS: alpine 3.19.4 扫描引擎: Trivy 扫描时间: 2026-01-23 00:01

docker.io/anmour/bncr:latest (alpine 3.19.4) (alpine)
低危漏洞:7 中危漏洞:8 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
musl-utils CVE-2025-26519 高危 1.2.4_git20230717-r4 1.2.4_git20230717-r5 musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26519

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-02-14 04:15 修改: 2025-12-10 20:03
busybox-binsh CVE-2024-58251 中危 1.36.1-r19 1.36.1-r21 In netstat in BusyBox through 1.37.0, local users can launch of networ ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-04-23 18:16 修改: 2025-04-29 13:52
libcrypto3 CVE-2024-13176 中危 3.1.7-r0 3.1.8-r0 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-01-20 14:15 修改: 2025-11-03 20:16
libcrypto3 CVE-2025-9230 中危 3.1.7-r0 3.1.8-r1 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-09-30 14:15 修改: 2025-11-04 22:16
libexpat CVE-2025-59375 中危 2.7.0-r0 2.7.2-r0 expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375

镜像层: sha256:5abbaefa5ec77e456215f499c31ca59b548270b2411ed92225301c2f7c1e508d

发布日期: 2025-09-15 03:15 修改: 2025-11-04 22:16
libssl3 CVE-2024-13176 中危 3.1.7-r0 3.1.8-r0 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-01-20 14:15 修改: 2025-11-03 20:16
libssl3 CVE-2025-9230 中危 3.1.7-r0 3.1.8-r1 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-09-30 14:15 修改: 2025-11-04 22:16
busybox CVE-2024-58251 中危 1.36.1-r19 1.36.1-r21 In netstat in BusyBox through 1.37.0, local users can launch of networ ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-04-23 18:16 修改: 2025-04-29 13:52
ssl_client CVE-2024-58251 中危 1.36.1-r19 1.36.1-r21 In netstat in BusyBox through 1.37.0, local users can launch of networ ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-04-23 18:16 修改: 2025-04-29 13:52
busybox-binsh CVE-2025-46394 低危 1.36.1-r19 1.36.1-r21 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-04-23 16:15 修改: 2025-09-24 14:38
libcrypto3 CVE-2024-9143 低危 3.1.7-r0 3.1.7-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2024-10-16 17:15 修改: 2025-11-03 23:17
libssl3 CVE-2024-9143 低危 3.1.7-r0 3.1.7-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2024-10-16 17:15 修改: 2025-11-03 23:17
libssl3 CVE-2025-9232 低危 3.1.7-r0 3.1.8-r1 openssl: Out-of-bounds read in HTTP client no_proxy handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-09-30 14:15 修改: 2025-11-04 22:16
libcrypto3 CVE-2025-9232 低危 3.1.7-r0 3.1.8-r1 openssl: Out-of-bounds read in HTTP client no_proxy handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-09-30 14:15 修改: 2025-11-04 22:16
busybox CVE-2025-46394 低危 1.36.1-r19 1.36.1-r21 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-04-23 16:15 修改: 2025-09-24 14:38
ssl_client CVE-2025-46394 低危 1.36.1-r19 1.36.1-r21 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394

镜像层: sha256:ba79b2c0127890636a791eb3ec3993cce08a50cc01fcb1513f0e8fbae41977af

发布日期: 2025-04-23 16:15 修改: 2025-09-24 14:38
Node.js (node-pkg)
低危漏洞:2 中危漏洞:0 高危漏洞:4 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
cross-spawn CVE-2024-21538 高危 7.0.3 7.0.5, 6.0.6 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:fc228dab618f8609f9c81ead72f37cc3f007c929c746c22a559eac13275627df

发布日期: 2024-11-08 05:15 修改: 2025-05-20 15:16
glob CVE-2025-64756 高危 10.4.2 11.1.0, 10.5.0 glob: glob: Command Injection Vulnerability via Malicious Filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756

镜像层: sha256:fc228dab618f8609f9c81ead72f37cc3f007c929c746c22a559eac13275627df

发布日期: 2025-11-17 18:15 修改: 2025-12-02 19:34
tar CVE-2026-23745 高危 6.2.1 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:fc228dab618f8609f9c81ead72f37cc3f007c929c746c22a559eac13275627df

发布日期: 2026-01-16 22:16 修改: 2026-01-16 22:16
tar CVE-2026-23950 高危 6.2.1 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:fc228dab618f8609f9c81ead72f37cc3f007c929c746c22a559eac13275627df

发布日期: 2026-01-20 01:15 修改: 2026-01-20 01:15
diff CVE-2026-24001 低危 5.2.0 8.0.3, 5.2.2, 4.0.4 jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001

镜像层: sha256:fc228dab618f8609f9c81ead72f37cc3f007c929c746c22a559eac13275627df

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
brace-expansion CVE-2025-5889 低危 2.0.1 2.0.2, 1.1.12, 3.0.1, 4.0.1 brace-expansion: juliangruber brace-expansion index.js expand redos

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889

镜像层: sha256:fc228dab618f8609f9c81ead72f37cc3f007c929c746c22a559eac13275627df

发布日期: 2025-06-09 19:15 修改: 2025-06-12 16:06