docker.io/hslr/sun-panel:latest linux/arm64

docker.io/hslr/sun-panel:latest - Trivy安全扫描结果 扫描时间: 2024-11-16 17:09 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:2 中危漏洞:9 高危漏洞:2 严重漏洞:1

系统OS: alpine 3.20.3 扫描引擎: Trivy 扫描时间: 2024-11-16 17:09

docker.io/hslr/sun-panel:latest (alpine 3.20.3) (alpine)
低危漏洞:2 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libcrypto3 CVE-2024-9143 低危 3.3.2-r0 3.3.2-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:16113d51b7181f20135f51e8ffbaead20a7671cd783017601f198748ce8a8ebf

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3 CVE-2024-9143 低危 3.3.2-r0 3.3.2-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:16113d51b7181f20135f51e8ffbaead20a7671cd783017601f198748ce8a8ebf

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
app/sun-panel (gobinary)
低危漏洞:0 中危漏洞:9 高危漏洞:2 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2024-24790 严重 1.21.10 1.21.11, 1.22.4 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/image CVE-2024-24792 高危 v0.0.0-20190802002840-cff245a6509b 0.18.0 Parsing a corrupt or malicious image with invalid color indices can ca ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24792

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2024-06-27 18:15 修改: 2024-08-01 13:47
stdlib CVE-2024-34156 高危 1.21.10 1.22.7, 1.23.1 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/image CVE-2022-41727 中危 v0.0.0-20190802002840-cff245a6509b 0.5.0 golang.org/x/image: Uncontrolled Resource Consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41727

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
golang.org/x/image CVE-2023-29407 中危 v0.0.0-20190802002840-cff245a6509b 0.10.0 golang.org/x/image/tiff: excessive CPU consumption in decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29407

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:11
golang.org/x/image CVE-2023-29408 中危 v0.0.0-20190802002840-cff245a6509b 0.10.0 golang.org/x/image/tiff: TIFF decoder does not place a limit on the size of compressed tile data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29408

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:11
github.com/mojocn/base64Captcha CVE-2023-45292 中危 v1.3.5 1.3.6 Always incorrect control flow in github.com/mojocn/base64Captcha

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45292

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2023-12-11 22:15 修改: 2023-12-14 16:26
github.com/gin-gonic/gin CVE-2023-29401 中危 v1.9.0 1.9.1 golang-github-gin-gonic-gin: Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29401

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2023-06-08 21:15 修改: 2023-06-16 12:45
stdlib CVE-2024-24789 中危 1.21.10 1.21.11, 1.22.4 golang: archive/zip: Incorrect handling of certain ZIP files

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib CVE-2024-24791 中危 1.21.10 1.21.12, 1.22.5 net/http: Denial of service due to improper 100-continue handling in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib CVE-2024-34155 中危 1.21.10 1.22.7, 1.23.1 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib CVE-2024-34158 中危 1.21.10 1.22.7, 1.23.1 go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:3cc8d0ce1dc53e49f31f296bc6c5eae1a8ec6c65ffa38609208fdc1e40d61de1

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35