docker.io/homeassistant/home-assistant:2025.1 linux/amd64

docker.io/homeassistant/home-assistant:2025.1 - Trivy安全扫描结果 扫描时间: 2025-01-21 11:24
全部漏洞信息
低危漏洞:3 中危漏洞:4 高危漏洞:1 严重漏洞:2

系统OS: alpine 3.21.0 扫描引擎: Trivy 扫描时间: 2025-01-21 11:24

docker.io/homeassistant/home-assistant:2025.1 (alpine 3.21.0) (alpine)
低危漏洞:2 中危漏洞:3 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
git CVE-2024-52006 中危 2.47.1-r0 2.47.2-r0 git: Newline confusion in credential helpers can lead to credential exfiltration in git

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52006

镜像层: sha256:66715de24f34b47693235a525b7e0516311094e9a77425244ef6517ac20abac1

发布日期: 2025-01-14 19:15 修改: 2025-01-14 19:15

git-init-template CVE-2024-52006 中危 2.47.1-r0 2.47.2-r0 git: Newline confusion in credential helpers can lead to credential exfiltration in git

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52006

镜像层: sha256:66715de24f34b47693235a525b7e0516311094e9a77425244ef6517ac20abac1

发布日期: 2025-01-14 19:15 修改: 2025-01-14 19:15

libsndfile CVE-2024-50612 中危 1.2.2-r0 1.2.2-r2 libsndfile: Segmentation fault error in ogg_vorbis.c:417 vorbis_analysis_wrote()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50612

镜像层: sha256:66715de24f34b47693235a525b7e0516311094e9a77425244ef6517ac20abac1

发布日期: 2024-10-27 22:15 修改: 2024-11-05 16:14

git-init-template CVE-2024-50349 低危 2.47.1-r0 2.47.2-r0 git: Git does not sanitize URLs when asking for credentials interactively

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50349

镜像层: sha256:66715de24f34b47693235a525b7e0516311094e9a77425244ef6517ac20abac1

发布日期: 2025-01-14 19:15 修改: 2025-01-14 19:15

git CVE-2024-50349 低危 2.47.1-r0 2.47.2-r0 git: Git does not sanitize URLs when asking for credentials interactively

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50349

镜像层: sha256:66715de24f34b47693235a525b7e0516311094e9a77425244ef6517ac20abac1

发布日期: 2025-01-14 19:15 修改: 2025-01-14 19:15

Python (python-pkg)
低危漏洞:1 中危漏洞:1 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
python-jose CVE-2024-33663 严重 3.3.0 python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33663

镜像层: sha256:13e5cb759f0c6b7daadabc3aca2a3a4cddf72d0e53951d1a065a5cb60235017e

发布日期: 2024-04-26 00:15 修改: 2024-09-03 20:15

Js2Py CVE-2024-28397 高危 0.74 js2py allows remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28397

镜像层: sha256:13e5cb759f0c6b7daadabc3aca2a3a4cddf72d0e53951d1a065a5cb60235017e

发布日期: 2024-06-20 17:15 修改: 2024-07-03 01:51

python-jose CVE-2024-33664 中危 3.3.0 python-jose: allows attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33664

镜像层: sha256:13e5cb759f0c6b7daadabc3aca2a3a4cddf72d0e53951d1a065a5cb60235017e

发布日期: 2024-04-26 00:15 修改: 2024-09-05 16:15

sentry-sdk CVE-2024-40647 低危 1.40.3 2.8.0 sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-40647

镜像层: sha256:13e5cb759f0c6b7daadabc3aca2a3a4cddf72d0e53951d1a065a5cb60235017e

发布日期: 2024-07-18 17:15 修改: 2024-07-19 13:01

usr/bin/tempio (gobinary)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2024-45337 严重 v0.26.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:6ac3cf7fa75becadc549728c7c9b4430660baa1e5ae534e6045149df10ed5cda

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15