docker.io/apache/skywalking-ui:horizon-0.7.0 linux/amd64

docker.io/apache/skywalking-ui:horizon-0.7.0 - Trivy安全扫描结果 扫描时间: 2026-07-11 09:10
全部漏洞信息
低危漏洞:2 中危漏洞:6 高危漏洞:2 严重漏洞:0

系统OS: alpine 3.24.1 扫描引擎: Trivy 扫描时间: 2026-07-11 09:10

docker.io/apache/skywalking-ui:horizon-0.7.0 (alpine 3.24.1) (alpine)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Node.js (node-pkg)
低危漏洞:2 中危漏洞:6 高危漏洞:2 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
sigstore CVE-2026-48815 高危 4.1.0 4.1.1 sigstore's `certificateOIDs` verification constraints are silently dropped and never enforced

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48815

镜像层: sha256:d3c73e8570f30954434f38f7fa096f4923e63a45eadfa889beb1006f32cd0ead

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

undici CVE-2026-12151 高危 6.25.0 6.27.0, 7.28.0, 8.5.0 undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12151

镜像层: sha256:d3c73e8570f30954434f38f7fa096f4923e63a45eadfa889beb1006f32cd0ead

发布日期: 2026-06-17 17:16 修改: 2026-07-09 13:16

brace-expansion CVE-2026-45149 中危 5.0.5 5.0.6 brace-expansion: brace-expansion: Denial of Service due to excessive memory allocation when expanding large numeric ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45149

镜像层: sha256:d3c73e8570f30954434f38f7fa096f4923e63a45eadfa889beb1006f32cd0ead

发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:51

ip-address CVE-2026-42338 中危 10.1.0 10.1.1 ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:d3c73e8570f30954434f38f7fa096f4923e63a45eadfa889beb1006f32cd0ead

发布日期: 2026-05-12 20:16 修改: 2026-07-09 13:17

@sigstore/core CVE-2026-48758 中危 3.2.0 3.2.1 @sigstore/core has DSSE payloadType type-binding failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48758

镜像层: sha256:d3c73e8570f30954434f38f7fa096f4923e63a45eadfa889beb1006f32cd0ead

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tar CVE-2026-53655 中危 7.5.13 7.5.16 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (nod ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:d3c73e8570f30954434f38f7fa096f4923e63a45eadfa889beb1006f32cd0ead

发布日期: 2026-06-22 16:16 修改: 2026-06-26 20:03

@sigstore/verify CVE-2026-48816 中危 3.1.0 3.1.1 sigstore-js has Insufficient Verification of Data Authenticity

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48816

镜像层: sha256:d3c73e8570f30954434f38f7fa096f4923e63a45eadfa889beb1006f32cd0ead

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

undici CVE-2026-9679 中危 6.25.0 6.27.0, 7.28.0, 8.5.0 undici: undici vulnerable to HTTP header injection via Set-Cookie percent-decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9679

镜像层: sha256:d3c73e8570f30954434f38f7fa096f4923e63a45eadfa889beb1006f32cd0ead

发布日期: 2026-06-17 18:18 修改: 2026-06-25 17:43

undici CVE-2026-11525 低危 6.25.0 6.27.0, 7.28.0, 8.5.0 undici: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11525

镜像层: sha256:d3c73e8570f30954434f38f7fa096f4923e63a45eadfa889beb1006f32cd0ead

发布日期: 2026-06-17 18:17 修改: 2026-06-25 17:46

undici CVE-2026-6733 低危 6.25.0 6.27.0, 7.28.0, 8.5.0 undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6733

镜像层: sha256:d3c73e8570f30954434f38f7fa096f4923e63a45eadfa889beb1006f32cd0ead

发布日期: 2026-06-17 18:18 修改: 2026-06-27 23:46

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×