docker.io/grafana/grafana-enterprise:10.3.12 linux/amd64

docker.io/grafana/grafana-enterprise:10.3.12 - Trivy安全扫描结果扫描时间: 2025-02-08 11:38

全部漏洞信息

低危漏洞:3

中危漏洞:5

高危漏洞:1

严重漏洞:2

系统OS: alpine 3.20.3 扫描引擎: Trivy 扫描时间: 2025-02-08 11:38

docker.io/grafana/grafana-enterprise:10.3.12 (alpine 3.20.3) (alpine)

低危漏洞:2

中危漏洞:4

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
curl	CVE-2024-11053	中危	8.10.1-r0	8.11.1-r0	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:3c8ecd5063ec69fb6974ea5792429ae95b496b4d4451c89adea6f1a582180485 发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
curl	CVE-2024-9681	中危	8.10.1-r0	8.11.0-r0	curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:3c8ecd5063ec69fb6974ea5792429ae95b496b4d4451c89adea6f1a582180485 发布日期: 2024-11-06 08:15 修改: 2024-12-13 14:15
libcurl	CVE-2024-11053	中危	8.10.1-r0	8.11.1-r0	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:3c8ecd5063ec69fb6974ea5792429ae95b496b4d4451c89adea6f1a582180485 发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
libcurl	CVE-2024-9681	中危	8.10.1-r0	8.11.0-r0	curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:3c8ecd5063ec69fb6974ea5792429ae95b496b4d4451c89adea6f1a582180485 发布日期: 2024-11-06 08:15 修改: 2024-12-13 14:15
libcrypto3	CVE-2024-9143	低危	3.3.2-r0	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:63ca1fbb43ae5034640e5e6cb3e083e05c290072c5366fcaa9d62435a4cced85 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3	CVE-2024-9143	低危	3.3.2-r0	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:63ca1fbb43ae5034640e5e6cb3e083e05c290072c5366fcaa9d62435a4cced85 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35

Node.js (node-pkg)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/share/grafana/bin/grafana (gobinary)

低危漏洞:1

中危漏洞:1

高危漏洞:1

严重漏洞:2

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
github.com/grafana/grafana-plugin-sdk-go	CVE-2024-8986	严重	v0.198.0	0.250.0	grafana-plugin-sdk-go: Information Leakage in grafana-plugin-sdk-go 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8986 镜像层: sha256:ca59c0807cf64f3e6845904ba0ece77049bfb75cbe0c4ffed672fefff791b44c 发布日期: 2024-09-19 11:15 修改: 2024-09-20 12:30
golang.org/x/crypto	CVE-2024-45337	严重	v0.27.0	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:ca59c0807cf64f3e6845904ba0ece77049bfb75cbe0c4ffed672fefff791b44c 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net	CVE-2024-45338	高危	v0.29.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:ca59c0807cf64f3e6845904ba0ece77049bfb75cbe0c4ffed672fefff791b44c 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
filippo.io/age	GHSA-32gq-x56h-299c	中危	v1.1.1	1.2.1	age vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution 漏洞详情: https://github.com/advisories/GHSA-32gq-x56h-299c 镜像层: sha256:ca59c0807cf64f3e6845904ba0ece77049bfb75cbe0c4ffed672fefff791b44c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/golang-jwt/jwt/v4	CVE-2024-51744	低危	v4.5.0	4.5.1	golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744 镜像层: sha256:ca59c0807cf64f3e6845904ba0ece77049bfb75cbe0c4ffed672fefff791b44c 发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04

usr/share/grafana/bin/grafana-cli (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/share/grafana/bin/grafana-server (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息