docker.io/library/almalinux:8 linux/amd64

docker.io/library/almalinux:8 - Trivy安全扫描结果 扫描时间: 2025-02-05 10:55
全部漏洞信息
低危漏洞:3 中危漏洞:15 高危漏洞:2 严重漏洞:0

系统OS: alma 8.10 扫描引擎: Trivy 扫描时间: 2025-02-05 10:55

docker.io/library/almalinux:8 (alma 8.10) (alma)
低危漏洞:3 中危漏洞:15 高危漏洞:2 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
krb5-libs CVE-2024-3596 高危 1.18.2-29.el8_10 1.18.2-30.el8_10 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-07-09 12:15 修改: 2024-12-30 19:23
pam CVE-2024-10963 高危 1.3.1-34.el8_10 1.3.1-36.el8_10 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
expat CVE-2024-45492 中危 2.2.5-13.el8_10 2.2.5-15.el8_10 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
expat CVE-2024-50602 中危 2.2.5-13.el8_10 2.2.5-16.el8_10 libexpat: expat: DoS via XML_ResumeParser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
expat CVE-2024-45490 中危 2.2.5-13.el8_10 2.2.5-15.el8_10 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
expat CVE-2024-45491 中危 2.2.5-13.el8_10 2.2.5-15.el8_10 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
pam CVE-2024-10041 中危 1.3.1-34.el8_10 1.3.1-36.el8_10 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
platform-python CVE-2024-11168 中危 3.6.8-62.el8_10.alma.1 3.6.8-69.el8_10.alma.1 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
platform-python CVE-2024-4032 中危 3.6.8-62.el8_10.alma.1 3.6.8-67.el8_10.alma.1 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
platform-python CVE-2024-6232 中危 3.6.8-62.el8_10.alma.1 3.6.8-67.el8_10.alma.1 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
platform-python CVE-2024-6923 中危 3.6.8-62.el8_10.alma.1 3.6.8-67.el8_10.alma.1 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
platform-python CVE-2024-9287 中危 3.6.8-62.el8_10.alma.1 3.6.8-69.el8_10.alma.1 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
python3-libs CVE-2024-11168 中危 3.6.8-62.el8_10.alma.1 3.6.8-69.el8_10.alma.1 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
python3-libs CVE-2024-4032 中危 3.6.8-62.el8_10.alma.1 3.6.8-67.el8_10.alma.1 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3-libs CVE-2024-6232 中危 3.6.8-62.el8_10.alma.1 3.6.8-67.el8_10.alma.1 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3-libs CVE-2024-6923 中危 3.6.8-62.el8_10.alma.1 3.6.8-67.el8_10.alma.1 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
python3-libs CVE-2024-9287 中危 3.6.8-62.el8_10.alma.1 3.6.8-69.el8_10.alma.1 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
bzip2-libs CVE-2019-12900 低危 1.0.6-26.el8 1.0.6-27.el8_10 bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2019-06-19 23:15 修改: 2023-11-07 03:03
binutils CVE-2018-12699 低危 2.30-123.el8 2.30-125.el8_10 binutils: heap-based buffer overflow in finish_stab in stabs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12699

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2018-06-23 23:29 修改: 2019-08-03 13:15
openssl-libs CVE-2024-5535 低危 1:1.1.1k-12.el8_9 1:1.1.1k-14.el8_6 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:a5d3eecefb86d1288d1094060fe133cd2ad1b68a11d4b08161e6b1a009390edf

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15