docker.io/gitlab/gitlab-runner-helper:x86_64-v19.0.1-pwsh linux/amd64

docker.io/gitlab/gitlab-runner-helper:x86_64-v19.0.1-pwsh - Trivy安全扫描结果 扫描时间: 2026-06-17 19:44
全部漏洞信息
低危漏洞:1 中危漏洞:10 高危漏洞:11 严重漏洞:0

系统OS: alpine 3.21.7 扫描引擎: Trivy 扫描时间: 2026-06-17 19:44

docker.io/gitlab/gitlab-runner-helper:x86_64-v19.0.1-pwsh (alpine 3.21.7) (alpine)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
opt/microsoft/powershell/7/Modules/PSReadLine/_manifest/spdx_2.2/manifest.spdx.json (nuget)
低危漏洞:0 中危漏洞:0 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
System.Formats.Asn1 CVE-2024-38095 高危 6.0.0 6.0.1, 8.0.1 dotnet: DoS when parsing X.509 Content and ObjectIdentifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38095

镜像层: sha256:1686c17582063ac5a733f3f9e70a0143ff939385b814602a6c3c19edf0b19e0f

发布日期: 2024-07-09 17:15 修改: 2024-11-21 09:24
opt/microsoft/powershell/7/pwsh.deps.json (dotnet-core)
低危漏洞:0 中危漏洞:0 高危漏洞:2 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
System.Security.Cryptography.Xml CVE-2026-26171 高危 8.0.2 10.0.6, 9.0.15, 8.0.3 dotnet: .NET: Security Bypass and Denial of Service Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26171

镜像层: sha256:1686c17582063ac5a733f3f9e70a0143ff939385b814602a6c3c19edf0b19e0f

发布日期: 2026-04-14 18:16 修改: 2026-05-07 19:42
System.Security.Cryptography.Xml CVE-2026-33116 高危 8.0.2 10.0.6, 9.0.15, 8.0.3 dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33116

镜像层: sha256:1686c17582063ac5a733f3f9e70a0143ff939385b814602a6c3c19edf0b19e0f

发布日期: 2026-04-14 18:17 修改: 2026-05-06 15:19
usr/bin/gitlab-runner-helper (gobinary)
低危漏洞:1 中危漏洞:10 高危漏洞:8 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
github.com/docker/cli CVE-2025-15558 高危 v28.5.2+incompatible 29.2.0 docker/cli: Docker CLI for Windows: Privilege escalation via malicious plugin binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15558

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-03-04 17:16 修改: 2026-03-09 17:38
github.com/docker/docker CVE-2026-34040 高危 v28.5.2+incompatible 29.3.1 Moby: Moby: Authorization bypass vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34040

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-03-31 03:15 修改: 2026-06-16 14:47
github.com/docker/docker CVE-2026-41567 高危 v28.5.2+incompatible Moby is an open source container framework. In versions prior to 29.5. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41567

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-06-05 02:17 修改: 2026-06-05 16:01
github.com/docker/docker CVE-2026-42306 高危 v28.5.2+incompatible Moby is an open source container framework. In Docker Engine prior to ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42306

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-06-12 19:16 修改: 2026-06-16 18:31
github.com/go-git/go-billy/v5 CVE-2026-44973 高危 v5.8.0 5.9.0 Billy is an interface filesystem abstraction for Go. Prior to 5.9.0, m ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44973

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-05-28 22:16 修改: 2026-05-29 16:32
github.com/go-git/go-git/v5 CVE-2026-45022 高危 v5.18.0 5.19.0 go-git is an extensible git implementation library written in pure Go. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45022

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-05-27 15:16 修改: 2026-06-04 17:57
github.com/go-jose/go-jose/v4 CVE-2026-34986 高危 v4.1.3 4.1.4 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34986

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-04-06 17:17 修改: 2026-05-04 15:20
stdlib CVE-2026-42504 高危 v1.26.3 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream GHSA-xmrv-pmrh-hhx2 中危 v1.7.4 1.7.8 Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder

漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
github.com/go-git/go-billy/v5 CVE-2026-44740 中危 v5.8.0 5.9.0 Billy is an interface filesystem abstraction for Go. Prior to versions ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44740

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-06-01 17:17 修改: 2026-06-01 18:53
github.com/aws/aws-sdk-go-v2/service/s3 GHSA-xmrv-pmrh-hhx2 中危 v1.96.0 1.97.3 Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder

漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
github.com/go-git/go-git/v5 CVE-2026-45571 中危 v5.18.0 5.19.1 go-git is an extensible git implementation library written in pure Go. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45571

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-05-27 15:16 修改: 2026-06-04 18:01
github.com/go-git/go-git/v5 GHSA-w5pp-99ch-qj29 中危 v5.18.0 5.19.1 go-git: Malformed Git object data may cause panics or resource exhaustion

漏洞详情: https://github.com/advisories/GHSA-w5pp-99ch-qj29

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-05-29 19:43 修改: 2026-05-29 19:43
github.com/docker/docker CVE-2026-33997 中危 v28.5.2+incompatible 29.3.1 moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33997

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-03-31 03:15 修改: 2026-06-16 14:47
github.com/in-toto/in-toto-golang GHSA-pmwq-pjrm-6p5r 中危 v0.10.0 0.11.0 in-toto-golang and in-toto-python have inconsistent negation behavior

漏洞详情: https://github.com/advisories/GHSA-pmwq-pjrm-6p5r

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-05-08 22:24 修改: 2026-05-08 22:24
github.com/docker/docker CVE-2026-41568 中危 v28.5.2+incompatible Moby is an open source container framework. In Docker Engine prior to ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41568

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-06-12 19:16 修改: 2026-06-16 18:31
stdlib CVE-2026-27145 中危 v1.26.3 1.25.11, 1.26.4 *x509.Certificate).VerifyHostname previously called matchHostnames in ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib CVE-2026-42507 中危 v1.26.3 1.25.11, 1.26.4 When returning errors, functions in the net/textproto package would in ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
github.com/go-git/go-git/v5 CVE-2026-45570 低危 v5.18.0 5.19.1 go-git is an extensible git implementation library written in pure Go. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45570

镜像层: sha256:d79fcb3fa3c2bba31c8f0e185280404512887675f75dbd7dc0836803c2c7c3f5

发布日期: 2026-05-27 15:16 修改: 2026-06-04 18:00