docker.io/earthly/buildkitd:v0.8.15 linux/amd64

docker.io/earthly/buildkitd:v0.8.15 - Trivy安全扫描结果 扫描时间: 2024-12-16 20:15
全部漏洞信息
低危漏洞:7 中危漏洞:66 高危漏洞:53 严重漏洞:13

系统OS: alpine 3.19.2 扫描引擎: Trivy 扫描时间: 2024-12-16 20:15

docker.io/earthly/buildkitd:v0.8.15 (alpine 3.19.2) (alpine)
低危漏洞:6 中危漏洞:32 高危漏洞:40 严重漏洞:5
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
git CVE-2024-32002 严重 2.43.4-r0 2.45.1-r0 git: Recursive clones RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32002

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-05-14 19:15 修改: 2024-06-26 10:15
libexpat CVE-2024-45491 严重 2.6.2-r0 2.6.3-r0 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat CVE-2024-45492 严重 2.6.2-r0 2.6.3-r0 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
xz CVE-2024-3094 严重 5.4.5-r0 5.6.1-r2 xz: malicious code in distributed source

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3094

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-03-29 17:15 修改: 2024-05-01 19:15
xz-libs CVE-2024-3094 严重 5.4.5-r0 5.6.1-r2 xz: malicious code in distributed source

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3094

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-03-29 17:15 修改: 2024-05-01 19:15
fstrim CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
agetty CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
git CVE-2024-32004 高危 2.43.4-r0 2.45.1-r0 git: RCE while cloning local repos

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32004

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-05-14 19:15 修改: 2024-06-26 10:15
git CVE-2024-32465 高危 2.43.4-r0 2.45.1-r0 git: additional local RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32465

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-05-14 20:15 修改: 2024-06-26 10:15
hexdump CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libblkid CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libcurl CVE-2024-2398 高危 8.5.0-r0 8.7.1-r0 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
libcurl CVE-2024-6197 高危 8.5.0-r0 8.9.0-r0 curl: freeing stack buffer in utf8asn1str

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6197

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-07-24 08:15 修改: 2024-11-29 12:15
blkid CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
cfdisk CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libexpat CVE-2024-45490 高危 2.6.2-r0 2.6.3-r0 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
libfdisk CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libmount CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libsmartcols CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libuuid CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libxml2 CVE-2024-25062 高危 2.11.8-r0 2.12.5-r0 libxml2: use-after-free in XMLReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-02-04 16:15 修改: 2024-02-13 00:40
logger CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
losetup CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
lsblk CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
mcookie CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
mount CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
openssh CVE-2024-6387 高危 9.6_p1-r0 9.8_p1-r0 openssh: regreSSHion - race condition in SSH allows RCE/DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
openssh-client-common CVE-2024-6387 高危 9.6_p1-r0 9.8_p1-r0 openssh: regreSSHion - race condition in SSH allows RCE/DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
openssh-client-default CVE-2024-6387 高危 9.6_p1-r0 9.8_p1-r0 openssh: regreSSHion - race condition in SSH allows RCE/DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
openssh-keygen CVE-2024-6387 高危 9.6_p1-r0 9.8_p1-r0 openssh: regreSSHion - race condition in SSH allows RCE/DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
openssh-server CVE-2024-6387 高危 9.6_p1-r0 9.8_p1-r0 openssh: regreSSHion - race condition in SSH allows RCE/DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
openssh-server-common CVE-2024-6387 高危 9.6_p1-r0 9.8_p1-r0 openssh: regreSSHion - race condition in SSH allows RCE/DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
openssh-sftp-server CVE-2024-6387 高危 9.6_p1-r0 9.8_p1-r0 openssh: regreSSHion - race condition in SSH allows RCE/DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
partx CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
runuser CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
setarch CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
setpriv CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
sfdisk CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
umount CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
util-linux CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
util-linux-misc CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
uuidgen CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
wipefs CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
findmnt CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
flock CVE-2024-28085 高危 2.39.3-r0 2.40-r0 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libcrypto3 CVE-2024-4603 中危 3.1.5-r0 3.3.0-r2 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libcrypto3 CVE-2024-4741 中危 3.1.5-r0 3.3.0-r3 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
libxml2 CVE-2024-34459 中危 2.11.8-r0 2.12.7-r0 libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-05-14 15:39 修改: 2024-08-22 18:35
linux-pam CVE-2024-22365 中危 1.5.3-r7 1.6.0-r0 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:d4402e4b435d01c6477d35ccd989d60cd5032b07c0bcaa303db07e6aa7864eca

发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27
libcrypto3 CVE-2024-5535 中危 3.1.5-r0 3.3.1-r1 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libcrypto3 CVE-2024-6119 中危 3.1.5-r0 3.3.2-r0 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
busybox CVE-2023-42364 中危 1.36.1-r19 1.36.1-r30 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox CVE-2023-42365 中危 1.36.1-r19 1.36.1-r30 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libcurl CVE-2024-0853 中危 8.5.0-r0 8.6.0-r0 curl: OCSP verification bypass with TLS session reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0853

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-02-03 14:15 修改: 2024-05-03 13:15
libcurl CVE-2024-11053 中危 8.5.0-r0 8.11.1-r0 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-12-11 08:15 修改: 2024-12-11 15:15
libcurl CVE-2024-2004 中危 8.5.0-r0 8.7.1-r0 curl: Usage of disabled protocol

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2004

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-03-27 08:15 修改: 2024-10-29 16:35
libcurl CVE-2024-2379 中危 8.5.0-r0 8.7.1-r0 curl: QUIC certificate check bypass with wolfSSL

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-03-27 08:15 修改: 2024-11-14 20:35
libcurl CVE-2024-2466 中危 8.5.0-r0 8.7.1-r0 curl: TLS certificate check bypass with mbedTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2466

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-03-27 08:15 修改: 2024-08-23 19:35
libcurl CVE-2024-6874 中危 8.5.0-r0 8.9.0-r0 curl: macidn punycode buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6874

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-07-24 08:15 修改: 2024-09-10 15:27
libcurl CVE-2024-7264 中危 8.5.0-r0 8.9.1-r0 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
libcurl CVE-2024-8096 中危 8.5.0-r0 8.10.0-r0 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-09-11 10:15 修改: 2024-09-11 16:26
libcurl CVE-2024-9681 中危 8.5.0-r0 8.11.0-r0 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-11-06 08:15 修改: 2024-12-13 14:15
busybox CVE-2023-42366 中危 1.36.1-r19 1.36.1-r25 busybox: A heap-buffer-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
busybox-binsh CVE-2023-42363 中危 1.36.1-r19 1.36.1-r27 busybox: use-after-free in awk

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
busybox-binsh CVE-2023-42364 中危 1.36.1-r19 1.36.1-r30 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
libexpat CVE-2024-50602 中危 2.6.2-r0 2.6.4-r0 libexpat: expat: DoS via XML_ResumeParser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
ssl_client CVE-2023-42363 中危 1.36.1-r19 1.36.1-r27 busybox: use-after-free in awk

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
ssl_client CVE-2023-42364 中危 1.36.1-r19 1.36.1-r30 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
ssl_client CVE-2023-42365 中危 1.36.1-r19 1.36.1-r30 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
ssl_client CVE-2023-42366 中危 1.36.1-r19 1.36.1-r25 busybox: A heap-buffer-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
busybox-binsh CVE-2023-42365 中危 1.36.1-r19 1.36.1-r30 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox-binsh CVE-2023-42366 中危 1.36.1-r19 1.36.1-r25 busybox: A heap-buffer-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
busybox CVE-2023-42363 中危 1.36.1-r19 1.36.1-r27 busybox: use-after-free in awk

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
libssl3 CVE-2024-4603 中危 3.1.5-r0 3.3.0-r2 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libssl3 CVE-2024-4741 中危 3.1.5-r0 3.3.0-r3 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
libssl3 CVE-2024-5535 中危 3.1.5-r0 3.3.1-r1 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libssl3 CVE-2024-6119 中危 3.1.5-r0 3.3.2-r0 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
git CVE-2024-32020 低危 2.43.4-r0 2.45.1-r0 git: insecure hardlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32020

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-05-14 19:15 修改: 2024-06-10 18:15
git CVE-2024-32021 低危 2.43.4-r0 2.45.1-r0 git: symlink bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32021

镜像层: sha256:9f2eec8134406c7f67cd987492924e14a385f623cf074d257458371639a9013e

发布日期: 2024-05-14 20:15 修改: 2024-06-26 10:15
libssl3 CVE-2024-2511 低危 3.1.5-r0 3.2.1-r2 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libssl3 CVE-2024-9143 低危 3.1.5-r0 3.3.2-r3 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libcrypto3 CVE-2024-2511 低危 3.1.5-r0 3.2.1-r2 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libcrypto3 CVE-2024-9143 低危 3.1.5-r0 3.3.2-r3 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:af9a70194aa4d12f967dbd4bcb1ce9c98ba42adb4ec05536080fd4560155e809

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
usr/bin/buildctl (gobinary)
低危漏洞:0 中危漏洞:8 高危漏洞:3 严重漏洞:3
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
github.com/moby/buildkit CVE-2024-23652 严重 v0.8.15 0.12.5 moby/buildkit: possible host system access from mount stub cleaner

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23652

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-01-31 22:15 修改: 2024-02-09 01:44
github.com/moby/buildkit CVE-2024-23653 严重 v0.8.15 0.12.5 moby/buildkit: Buildkit's interactive containers API does not validate entitlements check

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23653

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-01-31 22:15 修改: 2024-02-09 01:44
golang.org/x/crypto CVE-2024-45337 严重 v0.14.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc CVE-2023-47108 高危 v0.40.0 0.46.0 opentelemetry-go-contrib: DoS vulnerability in otelgrpc due to unbound cardinality metrics

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47108

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2023-11-10 19:15 修改: 2023-11-20 19:34
github.com/moby/buildkit CVE-2024-23651 高危 v0.8.15 0.12.5 moby/buildkit: possible race condition with accessing subpaths from cache mounts

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23651

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-01-31 22:15 修改: 2024-02-09 01:43
stdlib CVE-2024-34156 高危 1.21.12 1.22.7, 1.23.1 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
github.com/docker/docker CVE-2024-24557 中危 v24.0.0-rc.2.0.20230905130451-032797ea4bcb+incompatible 24.0.9, 25.0.2 moby: classic builder cache poisoning

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24557

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-02-01 17:15 修改: 2024-02-09 20:21
github.com/containerd/containerd GHSA-7ww5-4wqc-m92c 中危 v1.7.8 1.6.26, 1.7.11 containerd allows RAPL to be accessible to a container

漏洞详情: https://github.com/advisories/GHSA-7ww5-4wqc-m92c

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
golang.org/x/crypto CVE-2023-48795 中危 v0.14.0 0.17.0 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
golang.org/x/net CVE-2023-45288 中危 v0.17.0 0.23.0 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
google.golang.org/protobuf CVE-2024-24786 中危 v1.31.0 1.33.0 golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
github.com/moby/buildkit CVE-2024-23650 中危 v0.8.15 0.12.5 moby/buildkit: Possible race condition with accessing subpaths from cache mounts

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23650

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-01-31 22:15 修改: 2024-02-09 01:38
stdlib CVE-2024-34155 中危 1.21.12 1.22.7, 1.23.1 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib CVE-2024-34158 中危 1.21.12 1.22.7, 1.23.1 go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
usr/bin/buildkit-runc (gobinary)
低危漏洞:0 中危漏洞:6 高危漏洞:2 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/net CVE-2023-39325 高危 v0.8.0 0.17.0 golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib CVE-2024-34156 高危 1.21.12 1.22.7, 1.23.1 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net CVE-2023-44487 中危 v0.8.0 0.17.0 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2023-10-10 14:15 修改: 2024-08-14 19:57
golang.org/x/net CVE-2023-45288 中危 v0.8.0 0.23.0 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
google.golang.org/protobuf CVE-2024-24786 中危 v1.27.1 1.33.0 golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net CVE-2023-3978 中危 v0.8.0 0.13.0 golang.org/x/net/html: Cross site scripting

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
stdlib CVE-2024-34155 中危 1.21.12 1.22.7, 1.23.1 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib CVE-2024-34158 中危 1.21.12 1.22.7, 1.23.1 go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
usr/bin/buildkitd (gobinary)
低危漏洞:1 中危漏洞:11 高危漏洞:6 严重漏洞:4
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
github.com/gorilla/handlers CVE-2017-20146 严重 v0.0.0-20150720190736-60c7bfde3e33 1.3.0 gorilla: Usage of the CORS handler may apply improper CORS headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20146

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2022-12-27 22:15 修改: 2023-01-06 16:26
github.com/moby/buildkit CVE-2024-23652 严重 v0.8.15 0.12.5 moby/buildkit: possible host system access from mount stub cleaner

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23652

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-01-31 22:15 修改: 2024-02-09 01:44
github.com/moby/buildkit CVE-2024-23653 严重 v0.8.15 0.12.5 moby/buildkit: Buildkit's interactive containers API does not validate entitlements check

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23653

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-01-31 22:15 修改: 2024-02-09 01:44
golang.org/x/crypto CVE-2024-45337 严重 v0.14.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
github.com/opencontainers/runc CVE-2024-21626 高危 v1.1.9 1.1.12 runc: file descriptor leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21626

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-01-31 22:15 修改: 2024-02-19 03:15
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc CVE-2023-47108 高危 v0.40.0 0.46.0 opentelemetry-go-contrib: DoS vulnerability in otelgrpc due to unbound cardinality metrics

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47108

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2023-11-10 19:15 修改: 2023-11-20 19:34
go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace CVE-2023-45142 高危 v0.40.0 0.44.0 opentelemetry: DoS vulnerability in otelhttp

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45142

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2023-10-12 17:15 修改: 2024-02-19 03:15
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp CVE-2023-45142 高危 v0.40.0 0.44.0 opentelemetry: DoS vulnerability in otelhttp

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45142

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2023-10-12 17:15 修改: 2024-02-19 03:15
github.com/moby/buildkit CVE-2024-23651 高危 v0.8.15 0.12.5 moby/buildkit: possible race condition with accessing subpaths from cache mounts

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23651

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-01-31 22:15 修改: 2024-02-09 01:43
stdlib CVE-2024-34156 高危 1.21.12 1.22.7, 1.23.1 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
github.com/opencontainers/runc CVE-2024-45310 中危 v1.1.9 1.1.14, 1.2.0-rc.3 runc: runc can be tricked into creating empty files/directories on host

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45310

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-09-03 19:15 修改: 2024-09-03 19:40
github.com/containerd/containerd GHSA-7ww5-4wqc-m92c 中危 v1.7.8 1.6.26, 1.7.11 containerd allows RAPL to be accessible to a container

漏洞详情: https://github.com/advisories/GHSA-7ww5-4wqc-m92c

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/docker/docker CVE-2024-24557 中危 v24.0.0-rc.2.0.20230905130451-032797ea4bcb+incompatible 24.0.9, 25.0.2 moby: classic builder cache poisoning

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24557

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-02-01 17:15 修改: 2024-02-09 20:21
github.com/Azure/azure-sdk-for-go/sdk/azidentity CVE-2024-35255 中危 v1.1.0 1.6.0 azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35255

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-06-11 17:16 修改: 2024-06-20 16:31
github.com/moby/buildkit CVE-2024-23650 中危 v0.8.15 0.12.5 moby/buildkit: Possible race condition with accessing subpaths from cache mounts

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23650

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-01-31 22:15 修改: 2024-02-09 01:38
golang.org/x/crypto CVE-2023-48795 中危 v0.14.0 0.17.0 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
golang.org/x/net CVE-2023-45288 中危 v0.17.0 0.23.0 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
google.golang.org/protobuf CVE-2024-24786 中危 v1.31.0 1.33.0 golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
github.com/hashicorp/go-retryablehttp CVE-2024-6104 中危 v0.7.2 0.7.7 go-retryablehttp: url might write sensitive information to log file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6104

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-06-24 17:15 修改: 2024-06-26 17:19
stdlib CVE-2024-34155 中危 1.21.12 1.22.7, 1.23.1 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib CVE-2024-34158 中危 1.21.12 1.22.7, 1.23.1 go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
github.com/golang-jwt/jwt/v4 CVE-2024-51744 低危 v4.4.2 4.5.1 golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744

镜像层: sha256:d412b9ccee4d813eddb753f0d4bd91cd9c1977093acf2e540bafb7ff787524d7

发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04
usr/bin/earth_debugger (gobinary)
低危漏洞:0 中危漏洞:9 高危漏洞:2 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2024-24790 严重 1.21.5 1.21.11, 1.22.4 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib CVE-2023-45288 高危 1.21.5 1.21.9, 1.22.2 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib CVE-2024-34156 高危 1.21.5 1.22.7, 1.23.1 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib CVE-2023-45289 中危 1.21.5 1.21.8, 1.22.1 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib CVE-2023-45290 中危 1.21.5 1.21.8, 1.22.1 golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib CVE-2024-24783 中危 1.21.5 1.21.8, 1.22.1 golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib CVE-2024-24784 中危 1.21.5 1.21.8, 1.22.1 golang: net/mail: comments in display names are incorrectly handled

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib CVE-2024-24785 中危 1.21.5 1.21.8, 1.22.1 golang: html/template: errors returned from MarshalJSON methods may break template escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24789 中危 1.21.5 1.21.11, 1.22.4 golang: archive/zip: Incorrect handling of certain ZIP files

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib CVE-2024-24791 中危 1.21.5 1.21.12, 1.22.5 net/http: Denial of service due to improper 100-continue handling in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib CVE-2024-34155 中危 1.21.5 1.22.7, 1.23.1 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib CVE-2024-34158 中危 1.21.5 1.22.7, 1.23.1 go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:7b3024492d6053746885fde3112a6d41fe4ed32a8937190a0eb666978230319a

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35