docker.io/apecloud/benchmarksql:latest linux/amd64

docker.io/apecloud/benchmarksql:latest - Trivy安全扫描结果 扫描时间: 2024-11-02 21:48
全部漏洞信息
低危漏洞:1 中危漏洞:9 高危漏洞:4 严重漏洞:3

系统OS: ubuntu 18.04 扫描引擎: Trivy 扫描时间: 2024-11-02 21:48

docker.io/apecloud/benchmarksql:latest (ubuntu 18.04) (ubuntu)
低危漏洞:0 中危漏洞:4 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libpython3.6-minimal CVE-2023-24329 中危 3.6.9-1~18.04ubuntu1.12 3.6.9-1~18.04ubuntu1.13 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:33f5cdef817acd9f69543b0f2188ca108fd2fe676e81ca45b4dc058b9c0a91c2

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
libpython3.6-stdlib CVE-2023-24329 中危 3.6.9-1~18.04ubuntu1.12 3.6.9-1~18.04ubuntu1.13 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:33f5cdef817acd9f69543b0f2188ca108fd2fe676e81ca45b4dc058b9c0a91c2

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
python3.6 CVE-2023-24329 中危 3.6.9-1~18.04ubuntu1.12 3.6.9-1~18.04ubuntu1.13 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:33f5cdef817acd9f69543b0f2188ca108fd2fe676e81ca45b4dc058b9c0a91c2

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
python3.6-minimal CVE-2023-24329 中危 3.6.9-1~18.04ubuntu1.12 3.6.9-1~18.04ubuntu1.13 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:33f5cdef817acd9f69543b0f2188ca108fd2fe676e81ca45b4dc058b9c0a91c2

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
Java (jar)
低危漏洞:1 中危漏洞:5 高危漏洞:4 严重漏洞:3
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
log4j:log4j CVE-2019-17571 严重 1.2.17 log4j: deserialization of untrusted data in SocketServer

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17571

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2019-12-20 17:15 修改: 2023-11-07 03:06
log4j:log4j CVE-2022-23305 严重 1.2.17 log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23305

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2022-01-18 16:15 修改: 2023-02-24 15:30
log4j:log4j CVE-2022-23307 严重 1.2.17 log4j: Unsafe deserialization flaw in Chainsaw log viewer

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23307

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2022-01-18 16:15 修改: 2023-02-24 15:29
log4j:log4j CVE-2021-4104 高危 1.2.17 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4104

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2021-12-14 12:15 修改: 2023-12-22 09:15
log4j:log4j CVE-2022-23302 高危 1.2.17 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23302

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2022-01-18 16:15 修改: 2023-02-24 15:30
org.json:json CVE-2022-45688 高危 20160810 20230227 json stack overflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45688

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2022-12-13 15:15 修改: 2023-03-09 15:16
org.json:json CVE-2023-5072 高危 20160810 20231013 JSON-java: parser confusion leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2023-10-12 17:15 修改: 2024-06-21 19:15
mysql:mysql-connector-java CVE-2019-2692 中危 8.0.13 8.0.16 mysql-connector-java: privilege escalation in MySQL connector

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-2692

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2019-04-23 19:32 修改: 2020-08-24 17:37
mysql:mysql-connector-java CVE-2021-2471 中危 8.0.13 8.0.27 mysql-connector-java: unauthorized access to critical

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-2471

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2021-10-20 11:16 修改: 2022-04-28 15:07
mysql:mysql-connector-java CVE-2022-21363 中危 8.0.13 8.0.28 mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21363

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2022-01-19 12:15 修改: 2022-05-27 14:50
com.google.guava:guava CVE-2023-2976 中危 18.0 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
com.google.guava:guava CVE-2018-10237 中危 18.0 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51
com.google.guava:guava CVE-2020-8908 低危 18.0 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:cbed0f8dfe3014ce487d3f6057672fb636136f2c2bdf87912082aeaa2bc3d74e

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30