docker.io/hslr/sun-panel:1.6.0 linux/amd64

docker.io/hslr/sun-panel:1.6.0 - Trivy安全扫描结果 扫描时间: 2024-11-13 20:18
全部漏洞信息
低危漏洞:2 中危漏洞:9 高危漏洞:2 严重漏洞:1

系统OS: alpine 3.20.3 扫描引擎: Trivy 扫描时间: 2024-11-13 20:18

docker.io/hslr/sun-panel:1.6.0 (alpine 3.20.3) (alpine)
低危漏洞:2 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libcrypto3 CVE-2024-9143 低危 3.3.2-r0 3.3.2-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:63ca1fbb43ae5034640e5e6cb3e083e05c290072c5366fcaa9d62435a4cced85

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3 CVE-2024-9143 低危 3.3.2-r0 3.3.2-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:63ca1fbb43ae5034640e5e6cb3e083e05c290072c5366fcaa9d62435a4cced85

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
app/sun-panel (gobinary)
低危漏洞:0 中危漏洞:9 高危漏洞:2 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2024-24790 严重 1.21.10 1.21.11, 1.22.4 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/image CVE-2024-24792 高危 v0.0.0-20190802002840-cff245a6509b 0.18.0 Parsing a corrupt or malicious image with invalid color indices can ca ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24792

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2024-06-27 18:15 修改: 2024-08-01 13:47
stdlib CVE-2024-34156 高危 1.21.10 1.22.7, 1.23.1 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/image CVE-2022-41727 中危 v0.0.0-20190802002840-cff245a6509b 0.5.0 golang.org/x/image: Uncontrolled Resource Consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41727

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
golang.org/x/image CVE-2023-29407 中危 v0.0.0-20190802002840-cff245a6509b 0.10.0 golang.org/x/image/tiff: excessive CPU consumption in decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29407

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:11
golang.org/x/image CVE-2023-29408 中危 v0.0.0-20190802002840-cff245a6509b 0.10.0 golang.org/x/image/tiff: TIFF decoder does not place a limit on the size of compressed tile data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29408

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:11
github.com/mojocn/base64Captcha CVE-2023-45292 中危 v1.3.5 1.3.6 Always incorrect control flow in github.com/mojocn/base64Captcha

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45292

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2023-12-11 22:15 修改: 2023-12-14 16:26
github.com/gin-gonic/gin CVE-2023-29401 中危 v1.9.0 1.9.1 golang-github-gin-gonic-gin: Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29401

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2023-06-08 21:15 修改: 2023-06-16 12:45
stdlib CVE-2024-24789 中危 1.21.10 1.21.11, 1.22.4 golang: archive/zip: Incorrect handling of certain ZIP files

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib CVE-2024-24791 中危 1.21.10 1.21.12, 1.22.5 net/http: Denial of service due to improper 100-continue handling in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib CVE-2024-34155 中危 1.21.10 1.22.7, 1.23.1 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib CVE-2024-34158 中危 1.21.10 1.22.7, 1.23.1 go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:ee566104813e63f7e3302f1d37e21b7c5866022d9d579581fe8690788f3085c8

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35