docker.io/initialencounter/llonebot:latest linux/amd64

docker.io/initialencounter/llonebot:latest - Trivy安全扫描结果 扫描时间: 2026-06-26 19:29
全部漏洞信息
低危漏洞:2 中危漏洞:7 高危漏洞:20 严重漏洞:0

系统OS: 扫描引擎: Trivy 扫描时间: 2026-06-26 19:29

Node.js (node-pkg)
低危漏洞:1 中危漏洞:6 高危漏洞:20 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
@isaacs/brace-expansion CVE-2026-25547 高危 5.0.0 5.0.1 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25547

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-04 22:16 修改: 2026-06-17 10:24
glob CVE-2025-64756 高危 10.4.5 11.1.0, 10.5.0 glob: glob: Command Injection Vulnerability via Malicious Filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2025-11-17 18:15 修改: 2026-06-17 09:55
glob CVE-2025-64756 高危 11.0.3 11.1.0, 10.5.0 glob: glob: Command Injection Vulnerability via Malicious Filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2025-11-17 18:15 修改: 2026-06-17 09:55
minimatch CVE-2026-26996 高危 10.0.3 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-20 03:16 修改: 2026-06-17 10:26
minimatch CVE-2026-27903 高危 10.0.3 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-26 02:16 修改: 2026-06-17 10:27
minimatch CVE-2026-27904 高危 10.0.3 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-26 02:16 修改: 2026-06-17 10:27
minimatch CVE-2026-26996 高危 9.0.5 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-20 03:16 修改: 2026-06-17 10:26
minimatch CVE-2026-26996 高危 9.0.5 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-20 03:16 修改: 2026-06-17 10:26
minimatch CVE-2026-27903 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-26 02:16 修改: 2026-06-17 10:27
minimatch CVE-2026-27903 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-26 02:16 修改: 2026-06-17 10:27
minimatch CVE-2026-27904 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-26 02:16 修改: 2026-06-17 10:27
minimatch CVE-2026-27904 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-26 02:16 修改: 2026-06-17 10:27
picomatch CVE-2026-33671 高危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-03-26 22:16 修改: 2026-06-17 10:37
tar CVE-2026-23745 高危 7.5.1 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-01-16 22:16 修改: 2026-06-17 10:22
tar CVE-2026-23950 高危 7.5.1 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-01-20 01:15 修改: 2026-06-17 10:22
tar CVE-2026-24842 高危 7.5.1 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-01-28 01:16 修改: 2026-06-17 10:23
tar CVE-2026-26960 高危 7.5.1 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-20 02:16 修改: 2026-06-17 10:26
tar CVE-2026-29786 高危 7.5.1 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-03-07 16:15 修改: 2026-06-17 10:29
tar CVE-2026-31802 高危 7.5.1 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-03-10 07:44 修改: 2026-06-17 10:34
ws CVE-2026-48779 高危 8.20.0 5.2.5, 6.2.4, 7.5.11, 8.21.0 ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48779

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-06-17 13:20 修改: 2026-06-18 15:25
ip-address CVE-2026-42338 中危 10.0.1 10.1.1 ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-05-12 20:16 修改: 2026-06-17 10:47
picomatch CVE-2026-33672 中危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-03-26 22:16 修改: 2026-06-17 10:37
tar CVE-2025-64118 中危 7.5.1 7.5.2 node-tar: tar: node-tar: Information disclosure via reading a truncated tar file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64118

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2025-10-30 18:15 修改: 2026-06-17 09:53
tar CVE-2026-53655 中危 7.5.1 7.5.16 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (nod ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-06-22 16:16 修改: 2026-06-23 15:50
brace-expansion CVE-2026-33750 中危 2.0.2 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-03-27 15:16 修改: 2026-06-17 10:38
ws CVE-2026-45736 中危 8.20.0 8.20.1 ws: ws: Uninitialized memory disclosure via `websocket.close()` with `TypedArray`

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45736

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-05-15 15:16 修改: 2026-06-17 10:52
diff CVE-2026-24001 低危 8.0.2 8.0.3, 5.2.2, 4.0.4, 3.5.1 jsdiff: denial of service vulnerability in parsePatch and applyPatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-01-22 03:15 修改: 2026-06-17 10:22
Python (python-pkg)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
nix/store/y2gq1i1r8cxb5sarg3ybian6mcql3q1d-librsvg-2.60.0/bin/rsvg-convert (rustbinary)
低危漏洞:1 中危漏洞:1 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bytes CVE-2026-25541 中危 1.9.0 1.11.1 Bytes is a utility library for working with bytes. From version 1.2.1 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25541

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-02-04 22:16 修改: 2026-06-17 10:24
rand GHSA-cq8v-f236-94qc 低危 0.8.5 0.9.3, 0.10.1, 0.8.6 Rand is unsound with a custom logger using rand::rng()

漏洞详情: https://github.com/advisories/GHSA-cq8v-f236-94qc

镜像层: sha256:88872f4e361264211bc041559abe25a68916f2d5d69b25fe69953a4c948701f7

发布日期: 2026-04-14 01:03 修改: 2026-04-22 20:13
nix/store/y2gq1i1r8cxb5sarg3ybian6mcql3q1d-librsvg-2.60.0/lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader_svg.so (rustbinary)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×