docker.io/hisatri/lrcapi:latest linux/arm64

docker.io/hisatri/lrcapi:latest - Trivy安全扫描结果 扫描时间: 2024-12-20 10:56 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:4 中危漏洞:26 高危漏洞:6 严重漏洞:4

系统OS: alpine 3.19.1 扫描引擎: Trivy 扫描时间: 2024-12-20 10:56

docker.io/hisatri/lrcapi:latest (alpine 3.19.1) (alpine)
低危漏洞:4 中危漏洞:22 高危漏洞:3 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libexpat CVE-2024-45491 严重 2.5.0-r2 2.6.3-r0 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:c10d7302df86220a45d827ea6216d8a70d9becd88680758823942add2e1db219

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat CVE-2024-45492 严重 2.5.0-r2 2.6.3-r0 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:c10d7302df86220a45d827ea6216d8a70d9becd88680758823942add2e1db219

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat CVE-2023-52425 高危 2.5.0-r2 2.6.0-r0 expat: parsing large tokens can trigger a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425

镜像层: sha256:c10d7302df86220a45d827ea6216d8a70d9becd88680758823942add2e1db219

发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35
libexpat CVE-2024-28757 高危 2.5.0-r2 2.6.2-r0 expat: XML Entity Expansion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757

镜像层: sha256:c10d7302df86220a45d827ea6216d8a70d9becd88680758823942add2e1db219

发布日期: 2024-03-10 05:15 修改: 2024-05-01 19:15
libexpat CVE-2024-45490 高危 2.5.0-r2 2.6.3-r0 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:c10d7302df86220a45d827ea6216d8a70d9becd88680758823942add2e1db219

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
busybox-binsh CVE-2023-42364 中危 1.36.1-r15 1.36.1-r19 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox-binsh CVE-2023-42365 中危 1.36.1-r15 1.36.1-r19 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox-binsh CVE-2023-42366 中危 1.36.1-r15 1.36.1-r16 busybox: A heap-buffer-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
libcrypto3 CVE-2024-4603 中危 3.1.4-r5 3.1.5-r0 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libcrypto3 CVE-2024-4741 中危 3.1.4-r5 3.1.6-r0 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
libcrypto3 CVE-2024-5535 中危 3.1.4-r5 3.1.6-r0 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libcrypto3 CVE-2024-6119 中危 3.1.4-r5 3.1.7-r0 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
busybox CVE-2023-42363 中危 1.36.1-r15 1.36.1-r17 busybox: use-after-free in awk

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
busybox CVE-2023-42364 中危 1.36.1-r15 1.36.1-r19 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox CVE-2023-42365 中危 1.36.1-r15 1.36.1-r19 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox CVE-2023-42366 中危 1.36.1-r15 1.36.1-r16 busybox: A heap-buffer-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
busybox-binsh CVE-2023-42363 中危 1.36.1-r15 1.36.1-r17 busybox: use-after-free in awk

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
libexpat CVE-2023-52426 中危 2.5.0-r2 2.6.0-r0 expat: recursive XML entity expansion vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52426

镜像层: sha256:c10d7302df86220a45d827ea6216d8a70d9becd88680758823942add2e1db219

发布日期: 2024-02-04 20:15 修改: 2024-03-07 17:15
libexpat CVE-2024-50602 中危 2.5.0-r2 2.6.4-r0 libexpat: expat: DoS via XML_ResumeParser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602

镜像层: sha256:c10d7302df86220a45d827ea6216d8a70d9becd88680758823942add2e1db219

发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
libssl3 CVE-2024-4603 中危 3.1.4-r5 3.1.5-r0 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libssl3 CVE-2024-4741 中危 3.1.4-r5 3.1.6-r0 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
libssl3 CVE-2024-5535 中危 3.1.4-r5 3.1.6-r0 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libssl3 CVE-2024-6119 中危 3.1.4-r5 3.1.7-r0 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
ssl_client CVE-2023-42363 中危 1.36.1-r15 1.36.1-r17 busybox: use-after-free in awk

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
ssl_client CVE-2023-42364 中危 1.36.1-r15 1.36.1-r19 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
ssl_client CVE-2023-42365 中危 1.36.1-r15 1.36.1-r19 busybox: use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
ssl_client CVE-2023-42366 中危 1.36.1-r15 1.36.1-r16 busybox: A heap-buffer-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
libcrypto3 CVE-2024-9143 低危 3.1.4-r5 3.1.7-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libcrypto3 CVE-2024-2511 低危 3.1.4-r5 3.1.4-r6 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libssl3 CVE-2024-2511 低危 3.1.4-r5 3.1.4-r6 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libssl3 CVE-2024-9143 低危 3.1.4-r5 3.1.7-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:b09314aec293bcd9a8ee5e643539437b3846f9e5e55f79e282e5f67e3026de5e

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
Python (python-pkg)
低危漏洞:0 中危漏洞:4 高危漏洞:3 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Pillow CVE-2023-50447 严重 10.1.0 10.2.0 pillow: Arbitrary Code Execution via the environment parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50447

镜像层: sha256:df22fafd5a9c80a04bb5893e559e9fd0eca86842cf194b67bcac65d95c29c48c

发布日期: 2024-01-19 20:15 修改: 2024-08-01 13:45
waitress CVE-2024-49768 严重 2.1.2 3.0.1 waitress: python-waitress: request processing race condition in HTTP pipelining with invalid first request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-49768

镜像层: sha256:df22fafd5a9c80a04bb5893e559e9fd0eca86842cf194b67bcac65d95c29c48c

发布日期: 2024-10-29 15:15 修改: 2024-11-07 17:28
setuptools CVE-2024-6345 高危 69.0.3 70.0.0 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:f812ce174d1f8a213068092a9454ac8ab540686daa9c844544c35f02201926da

发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
Pillow CVE-2024-28219 高危 10.1.0 10.3.0 python-pillow: buffer overflow in _imagingcms.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28219

镜像层: sha256:df22fafd5a9c80a04bb5893e559e9fd0eca86842cf194b67bcac65d95c29c48c

发布日期: 2024-04-03 03:15 修改: 2024-08-20 20:35
waitress CVE-2024-49769 高危 2.1.2 3.0.1 waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-49769

镜像层: sha256:df22fafd5a9c80a04bb5893e559e9fd0eca86842cf194b67bcac65d95c29c48c

发布日期: 2024-10-29 15:15 修改: 2024-11-07 17:29
requests CVE-2024-35195 中危 2.31.0 2.32.0 requests: subsequent requests to the same host ignore cert verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35195

镜像层: sha256:df22fafd5a9c80a04bb5893e559e9fd0eca86842cf194b67bcac65d95c29c48c

发布日期: 2024-05-20 21:15 修改: 2024-06-10 17:16
aiohttp CVE-2024-42367 中危 3.9.5 3.10.2 aiohttp: python-aiohttp: Compressed files as symlinks are not protected from path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42367

镜像层: sha256:df22fafd5a9c80a04bb5893e559e9fd0eca86842cf194b67bcac65d95c29c48c

发布日期: 2024-08-12 13:38 修改: 2024-08-12 13:41
aiohttp CVE-2024-52304 中危 3.9.5 3.10.11 aiohttp: aiohttp vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52304

镜像层: sha256:df22fafd5a9c80a04bb5893e559e9fd0eca86842cf194b67bcac65d95c29c48c

发布日期: 2024-11-18 21:15 修改: 2024-11-19 21:57
pip CVE-2023-5752 中危 23.2.1 23.3 pip: Mercurial configuration injectable in repo revision when installing via pip

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5752

镜像层: sha256:f812ce174d1f8a213068092a9454ac8ab540686daa9c844544c35f02201926da

发布日期: 2023-10-25 18:17 修改: 2024-06-10 18:15