docker.io/istio/proxyv2:1.24.2 linux/amd64

docker.io/istio/proxyv2:1.24.2 - Trivy安全扫描结果扫描时间: 2024-12-26 21:57

全部漏洞信息

低危漏洞:17

中危漏洞:12

高危漏洞:1

严重漏洞:1

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2024-12-26 21:57

docker.io/istio/proxyv2:1.24.2 (ubuntu 24.04) (ubuntu)

低危漏洞:17

中危漏洞:12

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libgssapi-krb5-2	CVE-2024-26462	中危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3	CVE-2024-26462	中危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3	CVE-2024-26462	中危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0	CVE-2024-26462	中危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libpam-modules	CVE-2024-10041	中危	1.5.3-5ubuntu5.1		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules	CVE-2024-10963	中危	1.5.3-5ubuntu5.1		pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam-modules-bin	CVE-2024-10041	中危	1.5.3-5ubuntu5.1		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules-bin	CVE-2024-10963	中危	1.5.3-5ubuntu5.1		pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam-runtime	CVE-2024-10041	中危	1.5.3-5ubuntu5.1		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-runtime	CVE-2024-10963	中危	1.5.3-5ubuntu5.1		pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam0g	CVE-2024-10041	中危	1.5.3-5ubuntu5.1		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam0g	CVE-2024-10963	中危	1.5.3-5ubuntu5.1		pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libk5crypto3	CVE-2024-26461	低危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
gpgv	CVE-2022-3219	低危	2.4.4-2ubuntu17		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libkrb5-3	CVE-2024-26458	低危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5-3	CVE-2024-26461	低危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libc-bin	CVE-2016-20013	低危	2.39-0ubuntu8.3		漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libkrb5support0	CVE-2024-26458	低危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5support0	CVE-2024-26461	低危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libc6	CVE-2016-20013	低危	2.39-0ubuntu8.3		漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libcurl4t64	CVE-2024-11053	低危	8.5.0-2ubuntu10.5	8.5.0-2ubuntu10.6	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
libgcrypt20	CVE-2024-2236	低危	1.10.3-2build1		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
coreutils	CVE-2016-2781	低危	9.4-3ubuntu6		coreutils: Non-privileged session can escape to the parent session in chroot 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libgssapi-krb5-2	CVE-2024-26458	低危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libgssapi-krb5-2	CVE-2024-26461	低危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
curl	CVE-2024-11053	低危	8.5.0-2ubuntu10.5	8.5.0-2ubuntu10.6	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
libk5crypto3	CVE-2024-26458	低危	1.20.1-6ubuntu2.2		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libssl3t64	CVE-2024-41996	低危	3.0.13-0ubuntu3.4		openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996 镜像层: sha256:27123a71e85e0540333291adccf7b9c340d089e8c3717c380d3b75cc8c7df90f 发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
openssl	CVE-2024-41996	低危	3.0.13-0ubuntu3.4		openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996 镜像层: sha256:0d0a0889682c9bc25860f0f852f6873c46e9bfaa4202d470b64e7e8343ecd26e 发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35

usr/local/bin/pilot-agent (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/crypto	CVE-2024-45337	严重	v0.27.0	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:fd66971a1e3ddf709738e2194e56ca850a732fe27c496893662685cbcdbe7bb4 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net	CVE-2024-45338	高危	v0.29.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:fd66971a1e3ddf709738e2194e56ca850a732fe27c496893662685cbcdbe7bb4 发布日期: 2024-12-18 21:15 修改: 2024-12-18 21:15

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

golang.org/x/crypto

CVE-2024-45337

严重

v0.27.0

0.31.0

golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto