docker.io/grafana/alloy:v1.17.0 linux/amd64

docker.io/grafana/alloy:v1.17.0 - Trivy安全扫描结果 扫描时间: 2026-06-24 16:12
全部漏洞信息
低危漏洞:5 中危漏洞:20 高危漏洞:3 严重漏洞:0

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2026-06-24 16:12

docker.io/grafana/alloy:v1.17.0 (ubuntu 24.04) (ubuntu)
低危漏洞:5 中危漏洞:18 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bsdutils CVE-2026-27456 中危 1:2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libblkid1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libc-bin CVE-2026-4046 中危 2.39-0ubuntu8.7 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
libc-bin CVE-2026-4437 中危 2.39-0ubuntu8.7 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc-bin CVE-2026-4438 中危 2.39-0ubuntu8.7 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc-bin CVE-2026-5435 中危 2.39-0ubuntu8.7 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
libc-bin CVE-2026-6238 中危 2.39-0ubuntu8.7 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
libc6 CVE-2026-4046 中危 2.39-0ubuntu8.7 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
libc6 CVE-2026-4437 中危 2.39-0ubuntu8.7 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc6 CVE-2026-4438 中危 2.39-0ubuntu8.7 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc6 CVE-2026-5435 中危 2.39-0ubuntu8.7 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
libc6 CVE-2026-6238 中危 2.39-0ubuntu8.7 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
libmount1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libsmartcols1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libuuid1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
mount CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
tar CVE-2025-45582 中危 1.35+dfsg-3build1 tar: Tar path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2025-07-11 17:15 修改: 2026-06-17 09:25
util-linux CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
login CVE-2024-56433 低危 1:4.13+dfsg1-4ubuntu3.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
libsystemd0 CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:c753a6ca6345d316cfa74d6044d414664f233cfb26995987490debfb36c060bf

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
passwd CVE-2024-56433 低危 1:4.13+dfsg1-4ubuntu3.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
libudev1 CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:c753a6ca6345d316cfa74d6044d414664f233cfb26995987490debfb36c060bf

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
libgcrypt20 CVE-2024-2236 低危 1.10.3-2ubuntu0.1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:c753a6ca6345d316cfa74d6044d414664f233cfb26995987490debfb36c060bf

发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24
usr/bin/alloy (gobinary)
低危漏洞:0 中危漏洞:2 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
github.com/docker/docker CVE-2026-34040 高危 v28.5.2+incompatible 29.3.1 Moby: Moby: Authorization bypass vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34040

镜像层: sha256:e57163a356ec835291083097eda3d8b494574912687cf629341702717f6ab3b6

发布日期: 2026-03-31 03:15 修改: 2026-06-17 10:38
github.com/docker/docker CVE-2026-41567 高危 v28.5.2+incompatible Moby is an open source container framework. In versions prior to 29.5. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41567

镜像层: sha256:e57163a356ec835291083097eda3d8b494574912687cf629341702717f6ab3b6

发布日期: 2026-06-05 02:17 修改: 2026-06-17 10:46
github.com/docker/docker CVE-2026-42306 高危 v28.5.2+incompatible Moby is an open source container framework. In Docker Engine prior to ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42306

镜像层: sha256:e57163a356ec835291083097eda3d8b494574912687cf629341702717f6ab3b6

发布日期: 2026-06-12 19:16 修改: 2026-06-17 10:47
github.com/docker/docker CVE-2026-33997 中危 v28.5.2+incompatible 29.3.1 moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33997

镜像层: sha256:e57163a356ec835291083097eda3d8b494574912687cf629341702717f6ab3b6

发布日期: 2026-03-31 03:15 修改: 2026-06-17 10:38
github.com/docker/docker CVE-2026-41568 中危 v28.5.2+incompatible github.com/docker/docker: github.com/moby/moby: Moby: Denial of Service via race condition in docker cp mount setup

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41568

镜像层: sha256:e57163a356ec835291083097eda3d8b494574912687cf629341702717f6ab3b6

发布日期: 2026-06-12 19:16 修改: 2026-06-17 10:46
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×