docker.io/congcong126/prometheus-alert:master linux/arm64
docker.io/congcong126/prometheus-alert:master - Trivy安全扫描结果 扫描时间: 2024-11-12 09:24
温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:4
中危漏洞:61
高危漏洞:17
严重漏洞:1
系统OS: alpine 3.18.5 扫描引擎: Trivy 扫描时间: 2024-11-12 09:24
docker.io/congcong126/prometheus-alert:master (alpine 3.18.5) (alpine)
低危漏洞:4
中危漏洞:40
高危漏洞:6
严重漏洞:0
| 软件包 | 漏洞 | 安全状态 | 安装版本 | 修复版本 | 漏洞信息 |
|---|---|---|---|---|---|
| curl | CVE-2024-2398 | 高危 | 8.4.0-r0 | 8.7.1-r0 |
curl: HTTP/2 push headers memory-leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15 |
| curl | CVE-2024-6197 | 高危 | 8.4.0-r0 | 8.9.0-r0 |
curl: freeing stack buffer in utf8asn1str
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6197 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-07-24 08:15 修改: 2024-08-26 15:25 |
| libcurl | CVE-2024-2398 | 高危 | 8.4.0-r0 | 8.7.1-r0 |
curl: HTTP/2 push headers memory-leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15 |
| libcurl | CVE-2024-6197 | 高危 | 8.4.0-r0 | 8.9.0-r0 |
curl: freeing stack buffer in utf8asn1str
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6197 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-07-24 08:15 修改: 2024-08-26 15:25 |
| sqlite | CVE-2023-7104 | 高危 | 3.41.2-r2 | 3.41.2-r3 |
sqlite: heap-buffer-overflow at sessionfuzz
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2023-12-29 10:15 修改: 2024-05-17 02:34 |
| sqlite-libs | CVE-2023-7104 | 高危 | 3.41.2-r2 | 3.41.2-r3 |
sqlite: heap-buffer-overflow at sessionfuzz
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2023-12-29 10:15 修改: 2024-05-17 02:34 |
| busybox-binsh | CVE-2023-42365 | 中危 | 1.36.1-r5 | 1.36.1-r7 |
busybox: use-after-free
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08 |
| busybox-binsh | CVE-2023-42366 | 中危 | 1.36.1-r5 | 1.36.1-r6 |
busybox: A heap-buffer-overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08 |
| busybox | CVE-2023-42363 | 中危 | 1.36.1-r5 | 1.36.1-r7 |
busybox: use-after-free in awk
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06 |
| busybox | CVE-2023-42364 | 中危 | 1.36.1-r5 | 1.36.1-r7 |
busybox: use-after-free
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36 |
| curl | CVE-2023-46218 | 中危 | 8.4.0-r0 | 8.5.0-r0 |
curl: information disclosure by exploiting a mixed case flaw
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15 |
| curl | CVE-2023-46219 | 中危 | 8.4.0-r0 | 8.5.0-r0 |
curl: excessively long file name may lead to unknown HSTS status
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46219 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2023-12-12 02:15 修改: 2024-01-19 16:15 |
| curl | CVE-2024-0853 | 中危 | 8.4.0-r0 | 8.6.0-r0 |
curl: OCSP verification bypass with TLS session reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0853 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-02-03 14:15 修改: 2024-05-03 13:15 |
| curl | CVE-2024-2004 | 中危 | 8.4.0-r0 | 8.7.1-r0 |
curl: Usage of disabled protocol
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2004 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-03-27 08:15 修改: 2024-10-29 16:35 |
| curl | CVE-2024-2379 | 中危 | 8.4.0-r0 | 8.7.1-r0 |
curl: QUIC certificate check bypass with wolfSSL
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15 |
| curl | CVE-2024-2466 | 中危 | 8.4.0-r0 | 8.7.1-r0 |
curl: TLS certificate check bypass with mbedTLS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2466 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-03-27 08:15 修改: 2024-08-23 19:35 |
| curl | CVE-2024-6874 | 中危 | 8.4.0-r0 | 8.9.0-r0 |
curl: macidn punycode buffer overread
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6874 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-07-24 08:15 修改: 2024-09-10 15:27 |
| libcrypto3 | CVE-2023-6129 | 中危 | 3.1.4-r1 | 3.1.4-r3 |
openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-01-09 17:15 修改: 2024-10-14 15:15 |
| libcrypto3 | CVE-2023-6237 | 中危 | 3.1.4-r1 | 3.1.4-r4 |
openssl: Excessive time spent checking invalid RSA public keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-04-25 07:15 修改: 2024-11-01 15:35 |
| libcrypto3 | CVE-2024-0727 | 中危 | 3.1.4-r1 | 3.1.4-r5 |
openssl: denial of service via null dereference
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15 |
| libcrypto3 | CVE-2024-4603 | 中危 | 3.1.4-r1 | 3.1.5-r0 |
openssl: Excessive time spent checking DSA keys and parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15 |
| libcrypto3 | CVE-2024-4741 | 中危 | 3.1.4-r1 | 3.1.6-r0 |
openssl: Use After Free with SSL_free_buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00 |
| libcrypto3 | CVE-2024-5535 | 中危 | 3.1.4-r1 | 3.1.6-r0 |
openssl: SSL_select_next_proto buffer overread
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15 |
| libcrypto3 | CVE-2024-6119 | 中危 | 3.1.4-r1 | 3.1.7-r0 |
openssl: Possible denial of service in X.509 name checks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35 |
| busybox | CVE-2023-42365 | 中危 | 1.36.1-r5 | 1.36.1-r7 |
busybox: use-after-free
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08 |
| busybox | CVE-2023-42366 | 中危 | 1.36.1-r5 | 1.36.1-r6 |
busybox: A heap-buffer-overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08 |
| libcurl | CVE-2023-46218 | 中危 | 8.4.0-r0 | 8.5.0-r0 |
curl: information disclosure by exploiting a mixed case flaw
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15 |
| libcurl | CVE-2023-46219 | 中危 | 8.4.0-r0 | 8.5.0-r0 |
curl: excessively long file name may lead to unknown HSTS status
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46219 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2023-12-12 02:15 修改: 2024-01-19 16:15 |
| libcurl | CVE-2024-0853 | 中危 | 8.4.0-r0 | 8.6.0-r0 |
curl: OCSP verification bypass with TLS session reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0853 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-02-03 14:15 修改: 2024-05-03 13:15 |
| libcurl | CVE-2024-2004 | 中危 | 8.4.0-r0 | 8.7.1-r0 |
curl: Usage of disabled protocol
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2004 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-03-27 08:15 修改: 2024-10-29 16:35 |
| libcurl | CVE-2024-2379 | 中危 | 8.4.0-r0 | 8.7.1-r0 |
curl: QUIC certificate check bypass with wolfSSL
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15 |
| libcurl | CVE-2024-2466 | 中危 | 8.4.0-r0 | 8.7.1-r0 |
curl: TLS certificate check bypass with mbedTLS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2466 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-03-27 08:15 修改: 2024-08-23 19:35 |
| libcurl | CVE-2024-6874 | 中危 | 8.4.0-r0 | 8.9.0-r0 |
curl: macidn punycode buffer overread
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6874 镜像层: sha256:4776c65c3922e89a5f53d11aa71db43c810db9988fa0d8cb3df1924f78506eac 发布日期: 2024-07-24 08:15 修改: 2024-09-10 15:27 |
| libssl3 | CVE-2023-6129 | 中危 | 3.1.4-r1 | 3.1.4-r3 |
openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-01-09 17:15 修改: 2024-10-14 15:15 |
| libssl3 | CVE-2023-6237 | 中危 | 3.1.4-r1 | 3.1.4-r4 |
openssl: Excessive time spent checking invalid RSA public keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-04-25 07:15 修改: 2024-11-01 15:35 |
| libssl3 | CVE-2024-0727 | 中危 | 3.1.4-r1 | 3.1.4-r5 |
openssl: denial of service via null dereference
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15 |
| libssl3 | CVE-2024-4603 | 中危 | 3.1.4-r1 | 3.1.5-r0 |
openssl: Excessive time spent checking DSA keys and parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15 |
| libssl3 | CVE-2024-4741 | 中危 | 3.1.4-r1 | 3.1.6-r0 |
openssl: Use After Free with SSL_free_buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00 |
| libssl3 | CVE-2024-5535 | 中危 | 3.1.4-r1 | 3.1.6-r0 |
openssl: SSL_select_next_proto buffer overread
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15 |
| libssl3 | CVE-2024-6119 | 中危 | 3.1.4-r1 | 3.1.7-r0 |
openssl: Possible denial of service in X.509 name checks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35 |
| busybox-binsh | CVE-2023-42363 | 中危 | 1.36.1-r5 | 1.36.1-r7 |
busybox: use-after-free in awk
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06 |
| busybox-binsh | CVE-2023-42364 | 中危 | 1.36.1-r5 | 1.36.1-r7 |
busybox: use-after-free
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36 |
| ssl_client | CVE-2023-42363 | 中危 | 1.36.1-r5 | 1.36.1-r7 |
busybox: use-after-free in awk
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06 |
| ssl_client | CVE-2023-42364 | 中危 | 1.36.1-r5 | 1.36.1-r7 |
busybox: use-after-free
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36 |
| ssl_client | CVE-2023-42365 | 中危 | 1.36.1-r5 | 1.36.1-r7 |
busybox: use-after-free
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08 |
| ssl_client | CVE-2023-42366 | 中危 | 1.36.1-r5 | 1.36.1-r6 |
busybox: A heap-buffer-overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08 |
| libssl3 | CVE-2024-2511 | 低危 | 3.1.4-r1 | 3.1.4-r6 |
openssl: Unbounded memory growth with session handling in TLSv1.3
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15 |
| libssl3 | CVE-2024-9143 | 低危 | 3.1.4-r1 | 3.1.7-r1 |
openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35 |
| libcrypto3 | CVE-2024-2511 | 低危 | 3.1.4-r1 | 3.1.4-r6 |
openssl: Unbounded memory growth with session handling in TLSv1.3
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15 |
| libcrypto3 | CVE-2024-9143 | 低危 | 3.1.4-r1 | 3.1.7-r1 |
openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:0faf9b67be60a76d473c955d4de2849da5e99e07fcefb753219631e1e7b608fb 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35 |
app/PrometheusAlert (gobinary)
低危漏洞:0
中危漏洞:21
高危漏洞:11
严重漏洞:1
| 软件包 | 漏洞 | 安全状态 | 安装版本 | 修复版本 | 漏洞信息 |
|---|---|---|---|---|---|
| stdlib | CVE-2024-24790 | 严重 | 1.20.6 | 1.21.11, 1.22.4 |
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35 |
| golang.org/x/crypto | CVE-2021-43565 | 高危 | v0.0.0-20200622213623-75b288015ac9 | 0.0.0-20211202192323-5770296d904e |
golang.org/x/crypto: empty plaintext packet causes panic
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43565 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:39 |
| golang.org/x/crypto | CVE-2022-27191 | 高危 | v0.0.0-20200622213623-75b288015ac9 | 0.0.0-20220314234659-1baeb1ce4c0b |
golang: crash in a golang.org/x/crypto/ssh server
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27191 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2022-03-18 07:15 修改: 2023-11-07 03:45 |
| golang.org/x/net | CVE-2022-27664 | 高危 | v0.0.0-20220127200216-cd36cc0744dd | 0.0.0-20220906165146-f3363e06e74c |
golang: net/http: handle server errors after sending GOAWAY
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45 |
| golang.org/x/net | CVE-2022-41723 | 高危 | v0.0.0-20220127200216-cd36cc0744dd | 0.7.0 |
golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15 |
| golang.org/x/net | CVE-2023-39325 | 高危 | v0.0.0-20220127200216-cd36cc0744dd | 0.17.0 |
golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15 |
| golang.org/x/text | CVE-2022-32149 | 高危 | v0.3.7 | 0.3.8 |
golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41 |
| golang.org/x/crypto | CVE-2020-29652 | 高危 | v0.0.0-20200622213623-75b288015ac9 | 0.0.0-20201216223049-8b5274cf687f |
golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29652 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2020-12-17 05:15 修改: 2023-11-07 03:21 |
| stdlib | CVE-2023-39325 | 高危 | 1.20.6 | 1.20.10, 1.21.3 |
golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15 |
| stdlib | CVE-2023-45283 | 高危 | 1.20.6 | 1.20.11, 1.21.4, 1.20.12, 1.21.5 |
The filepath package does not recognize paths with a \??\ prefix as sp ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15 |
| stdlib | CVE-2023-45288 | 高危 | 1.20.6 | 1.21.9, 1.22.2 |
golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35 |
| stdlib | CVE-2024-34156 | 高危 | 1.20.6 | 1.22.7, 1.23.1 |
encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35 |
| golang.org/x/crypto | CVE-2023-48795 | 中危 | v0.0.0-20200622213623-75b288015ac9 | 0.17.0 |
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-12-18 16:15 修改: 2024-05-01 18:15 |
| google.golang.org/protobuf | CVE-2024-24786 | 中危 | v1.26.0 | 1.33.0 |
golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35 |
| golang.org/x/net | CVE-2022-41717 | 中危 | v0.0.0-20220127200216-cd36cc0744dd | 0.4.0 |
golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15 |
| golang.org/x/net | CVE-2023-3978 | 中危 | v0.0.0-20220127200216-cd36cc0744dd | 0.13.0 |
golang.org/x/net/html: Cross site scripting
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20 |
| golang.org/x/net | CVE-2023-44487 | 中危 | v0.0.0-20220127200216-cd36cc0744dd | 0.17.0 |
HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-10-10 14:15 修改: 2024-08-14 19:57 |
| golang.org/x/net | CVE-2023-45288 | 中危 | v0.0.0-20220127200216-cd36cc0744dd | 0.23.0 |
golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35 |
| golang.org/x/sys | CVE-2022-29526 | 中危 | v0.0.0-20220114195835-da31bd327af9 | 0.0.0-20220412211240-33da011f77ad |
golang: syscall: faccessat checks wrong group
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46 |
| stdlib | CVE-2023-29409 | 中危 | 1.20.6 | 1.19.12, 1.20.7, 1.21.0-rc.4 |
golang: crypto/tls: slow verification of certificate chains containing large RSA keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15 |
| stdlib | CVE-2023-39318 | 中危 | 1.20.6 | 1.20.8, 1.21.1 |
golang: html/template: improper handling of HTML-like comments within script contexts
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15 |
| stdlib | CVE-2023-39319 | 中危 | 1.20.6 | 1.20.8, 1.21.1 |
golang: html/template: improper handling of special tags within script contexts
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15 |
| stdlib | CVE-2023-39326 | 中危 | 1.20.6 | 1.20.12, 1.21.5 |
golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15 |
| stdlib | CVE-2023-45284 | 中危 | 1.20.6 | 1.20.11, 1.21.4 |
On Windows, The IsLocal function does not correctly detect reserved de ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35 |
| stdlib | CVE-2023-45289 | 中危 | 1.20.6 | 1.21.8, 1.22.1 |
golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35 |
| stdlib | CVE-2023-45290 | 中危 | 1.20.6 | 1.21.8, 1.22.1 |
golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35 |
| stdlib | CVE-2024-24783 | 中危 | 1.20.6 | 1.21.8, 1.22.1 |
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35 |
| stdlib | CVE-2024-24784 | 中危 | 1.20.6 | 1.21.8, 1.22.1 |
golang: net/mail: comments in display names are incorrectly handled
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35 |
| stdlib | CVE-2024-24785 | 中危 | 1.20.6 | 1.21.8, 1.22.1 |
golang: html/template: errors returned from MarshalJSON methods may break template escaping
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15 |
| stdlib | CVE-2024-24789 | 中危 | 1.20.6 | 1.21.11, 1.22.4 |
golang: archive/zip: Incorrect handling of certain ZIP files
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48 |
| stdlib | CVE-2024-24791 | 中危 | 1.20.6 | 1.21.12, 1.22.5 |
net/http: Denial of service due to improper 100-continue handling in net/http
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17 |
| stdlib | CVE-2024-34155 | 中危 | 1.20.6 | 1.22.7, 1.23.1 |
go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35 |
| stdlib | CVE-2024-34158 | 中危 | 1.20.6 | 1.22.7, 1.23.1 |
go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:0ae353e3bc24c271a8659ef695419cba66e4cde68376f6dbf4536a6807ba205d 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35 |