docker.io/elasticsearch:8.15.4 linux/amd64

docker.io/elasticsearch:8.15.4 - Trivy安全扫描结果 扫描时间: 2024-11-22 09:29
全部漏洞信息
低危漏洞:32 中危漏洞:14 高危漏洞:5 严重漏洞:0

系统OS: ubuntu 20.04 扫描引擎: Trivy 扫描时间: 2024-11-22 09:29

docker.io/elasticsearch:8.15.4 (ubuntu 20.04) (ubuntu)
低危漏洞:32 中危漏洞:13 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libgcrypt20 CVE-2024-2236 中危 1.8.5-5ubuntu1.1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
libgssapi-krb5-2 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libpam-modules CVE-2024-10041 中危 1.3.1-5ubuntu4.7 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15
libpam-modules CVE-2024-10963 中危 1.3.1-5ubuntu4.7 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam-modules-bin CVE-2024-10041 中危 1.3.1-5ubuntu4.7 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15
libpam-modules-bin CVE-2024-10963 中危 1.3.1-5ubuntu4.7 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam-runtime CVE-2024-10041 中危 1.3.1-5ubuntu4.7 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15
libpam-runtime CVE-2024-10963 中危 1.3.1-5ubuntu4.7 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam0g CVE-2024-10041 中危 1.3.1-5ubuntu4.7 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15
libpam0g CVE-2024-10963 中危 1.3.1-5ubuntu4.7 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libkrb5-3 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
coreutils CVE-2016-2781 低危 8.30-3ubuntu2 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libkrb5support0 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libncurses6 CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35
libncurses6 CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libncursesw6 CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35
libncursesw6 CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
gpgv CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libgssapi-krb5-2 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libgssapi-krb5-2 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libc-bin CVE-2016-20013 低危 2.31-0ubuntu9.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libk5crypto3 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libc6 CVE-2016-20013 低危 2.31-0ubuntu9.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libkrb5-3 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:fd95b84e4902092a7eb1a707ba8f1d8be52ad98996ca8c9d4fbfe69e18dc2ef3

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libpcre2-8-0 CVE-2022-41409 低危 10.34-7ubuntu0.1 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46
libpcre3 CVE-2017-11164 低危 2:8.39-12ubuntu0.1 pcre: OP_KETRMAX feature in the match function in pcre_exec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2017-07-11 03:29 修改: 2023-11-07 02:38
libsystemd0 CVE-2023-26604 低危 245.4-4ubuntu3.24 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
libsystemd0 CVE-2023-7008 低危 245.4-4ubuntu3.24 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16
libtinfo6 CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35
libtinfo6 CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libudev1 CVE-2023-26604 低危 245.4-4ubuntu3.24 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
libudev1 CVE-2023-7008 低危 245.4-4ubuntu3.24 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16
login CVE-2013-4235 低危 1:4.8.1-1ubuntu5.20.04.5 shadow-utils: TOCTOU race conditions by copying and removing directory trees

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2019-12-03 15:15 修改: 2023-02-13 00:28
login CVE-2023-29383 低危 1:4.8.1-1ubuntu5.20.04.5 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
ncurses-base CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35
ncurses-base CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
ncurses-bin CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35
ncurses-bin CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
passwd CVE-2013-4235 低危 1:4.8.1-1ubuntu5.20.04.5 shadow-utils: TOCTOU race conditions by copying and removing directory trees

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2019-12-03 15:15 修改: 2023-02-13 00:28
passwd CVE-2023-29383 低危 1:4.8.1-1ubuntu5.20.04.5 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:fffe76c64ef2dee2d80a8bb3ad13d65d596d04a45510b1956a976a69215dae92

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
Java (jar)
低危漏洞:0 中危漏洞:1 高危漏洞:5 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.23 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:9478191e3af3c91aa356a7595fef58e076c690e813c1b353387732ba73703800

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
io.netty:netty-common CVE-2024-47535 高危 4.1.109.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:9478191e3af3c91aa356a7595fef58e076c690e813c1b353387732ba73703800

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-common CVE-2024-47535 高危 4.1.109.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:9478191e3af3c91aa356a7595fef58e076c690e813c1b353387732ba73703800

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-common CVE-2024-47535 高危 4.1.109.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:9478191e3af3c91aa356a7595fef58e076c690e813c1b353387732ba73703800

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
net.minidev:json-smart CVE-2023-1370 高危 2.4.8 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:9478191e3af3c91aa356a7595fef58e076c690e813c1b353387732ba73703800

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
org.bouncycastle:bc-fips CVE-2024-29857 中危 1.0.2.4 1.0.2.5 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:9478191e3af3c91aa356a7595fef58e076c690e813c1b353387732ba73703800

发布日期: 2024-05-14 15:17 修改: 2024-08-15 19:35