docker.io/grafana/alloy:v1.4.3 - Trivy镜像安全扫描结果

全部漏洞信息

低危漏洞:7

中危漏洞:1

高危漏洞:0

严重漏洞:0

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2024-11-07 15:24

docker.io/grafana/alloy:v1.4.3 (ubuntu 24.04) (ubuntu)

低危漏洞:6

中危漏洞:1

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	漏洞信息
libgcrypt20	CVE-2024-2236	中危	1.10.3-2build1	libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-03-06 22:15 修改: 2024-09-14 04:15
gpgv	CVE-2022-3219	低危	2.4.4-2ubuntu17	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libc-bin	CVE-2016-20013	低危	2.39-0ubuntu8.3	漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libc6	CVE-2016-20013	低危	2.39-0ubuntu8.3	漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
coreutils	CVE-2016-2781	低危	9.4-3ubuntu6	coreutils: Non-privileged session can escape to the parent session in chroot 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libssl3t64	CVE-2024-41996	低危	3.0.13-0ubuntu3.4	openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
openssl	CVE-2024-41996	低危	3.0.13-0ubuntu3.4	openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996 镜像层: sha256:c0f6dcb806340c118121aea6f41dc8aa58ba7e83565fc908c3050eb055443d1b 发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35

usr/bin/alloy (gobinary)

低危漏洞:1

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
github.com/golang-jwt/jwt/v4	CVE-2024-51744	低危	v4.5.0	4.5.1	golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744 镜像层: sha256:92a29c3d5ebe50897c0eea8a032ec40f97bd5828b5367adacca294ae9f8667e4 发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

github.com/golang-jwt/jwt/v4

CVE-2024-51744

低危

v4.5.0

4.5.1

golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744

镜像层: sha256:92a29c3d5ebe50897c0eea8a032ec40f97bd5828b5367adacca294ae9f8667e4

发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04

docker.io/grafana/alloy:v1.4.3 linux/amd64

全部漏洞信息

docker.io/grafana/alloy:v1.4.3 (ubuntu 24.04) (ubuntu)

usr/bin/alloy (gobinary)