docker.io/library/python:3.7-alpine linux/amd64

docker.io/library/python:3.7-alpine - Trivy安全扫描结果扫描时间: 2025-02-10 10:47

全部漏洞信息

低危漏洞:4

中危漏洞:32

高危漏洞:9

严重漏洞:3

系统OS: alpine 3.18.4 扫描引擎: Trivy 扫描时间: 2025-02-10 10:47

docker.io/library/python:3.7-alpine (alpine 3.18.4) (alpine)

低危漏洞:4

中危漏洞:31

高危漏洞:7

严重漏洞:3

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
krb5-libs	CVE-2024-37371	严重	1.20.1-r1	1.20.2-r1	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libexpat	CVE-2024-45491	严重	2.5.0-r1	2.6.3-r0	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat	CVE-2024-45492	严重	2.5.0-r1	2.6.3-r0	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
krb5-libs	CVE-2024-37370	高危	1.20.1-r1	1.20.2-r1	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libcrypto3	CVE-2023-5363	高危	3.1.3-r0	3.1.4-r0	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-10-25 18:17 修改: 2024-10-14 15:15
libexpat	CVE-2023-52425	高危	2.5.0-r1	2.6.0-r0	expat: parsing large tokens can trigger a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35
libexpat	CVE-2024-28757	高危	2.5.0-r1	2.6.2-r0	expat: XML Entity Expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2024-03-10 05:15 修改: 2024-05-01 19:15
libexpat	CVE-2024-45490	高危	2.5.0-r1	2.6.3-r0	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
libssl3	CVE-2023-5363	高危	3.1.3-r0	3.1.4-r0	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-10-25 18:17 修改: 2024-10-14 15:15
sqlite-libs	CVE-2023-7104	高危	3.41.2-r2	3.41.2-r3	sqlite: heap-buffer-overflow at sessionfuzz 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2023-12-29 10:15 修改: 2024-05-17 02:34
krb5-libs	CVE-2023-36054	中危	1.20.1-r1	1.20.2-r0	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2023-08-07 19:15 修改: 2023-11-15 03:23
busybox	CVE-2023-42365	中危	1.36.1-r2	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libcrypto3	CVE-2023-5678	中危	3.1.3-r0	3.1.4-r1	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2023-6129	中危	3.1.3-r0	3.1.4-r3	openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-01-09 17:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2023-6237	中危	3.1.3-r0	3.1.4-r4	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-04-25 07:15 修改: 2024-11-01 15:35
libcrypto3	CVE-2024-0727	中危	3.1.3-r0	3.1.4-r5	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2024-4603	中危	3.1.3-r0	3.1.5-r0	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2024-4741	中危	3.1.3-r0	3.1.6-r0	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
libcrypto3	CVE-2024-5535	中危	3.1.3-r0	3.1.6-r0	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libcrypto3	CVE-2024-6119	中危	3.1.3-r0	3.1.7-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
busybox	CVE-2023-42366	中危	1.36.1-r2	1.36.1-r6	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
busybox-binsh	CVE-2023-42363	中危	1.36.1-r2	1.36.1-r7	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
busybox-binsh	CVE-2023-42364	中危	1.36.1-r2	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox-binsh	CVE-2023-42365	中危	1.36.1-r2	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox-binsh	CVE-2023-42366	中危	1.36.1-r2	1.36.1-r6	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
libexpat	CVE-2023-52426	中危	2.5.0-r1	2.6.0-r0	expat: recursive XML entity expansion vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52426 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2024-02-04 20:15 修改: 2024-03-07 17:15
libexpat	CVE-2024-50602	中危	2.5.0-r1	2.6.4-r0	libexpat: expat: DoS via XML_ResumeParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602 镜像层: sha256:7f29b11ef9dde60100b31d6432750056282f7af6110bc2c21f7cde8473f28170 发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
busybox	CVE-2023-42363	中危	1.36.1-r2	1.36.1-r7	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
libssl3	CVE-2023-5678	中危	3.1.3-r0	3.1.4-r1	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
libssl3	CVE-2023-6129	中危	3.1.3-r0	3.1.4-r3	openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-01-09 17:15 修改: 2024-10-14 15:15
libssl3	CVE-2023-6237	中危	3.1.3-r0	3.1.4-r4	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-04-25 07:15 修改: 2024-11-01 15:35
libssl3	CVE-2024-0727	中危	3.1.3-r0	3.1.4-r5	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
libssl3	CVE-2024-4603	中危	3.1.3-r0	3.1.5-r0	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libssl3	CVE-2024-4741	中危	3.1.3-r0	3.1.6-r0	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
libssl3	CVE-2024-5535	中危	3.1.3-r0	3.1.6-r0	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libssl3	CVE-2024-6119	中危	3.1.3-r0	3.1.7-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
busybox	CVE-2023-42364	中危	1.36.1-r2	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
ssl_client	CVE-2023-42363	中危	1.36.1-r2	1.36.1-r7	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
ssl_client	CVE-2023-42364	中危	1.36.1-r2	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
ssl_client	CVE-2023-42365	中危	1.36.1-r2	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
ssl_client	CVE-2023-42366	中危	1.36.1-r2	1.36.1-r6	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
libcrypto3	CVE-2024-9143	低危	3.1.3-r0	3.1.7-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3	CVE-2024-2511	低危	3.1.3-r0	3.1.4-r6	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libssl3	CVE-2024-9143	低危	3.1.3-r0	3.1.7-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libcrypto3	CVE-2024-2511	低危	3.1.3-r0	3.1.4-r6	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15

Python (python-pkg)

低危漏洞:0

中危漏洞:1

高危漏洞:2

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
setuptools	CVE-2022-40897	高危	57.5.0	65.5.1	pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897 镜像层: sha256:ae2ed30791634cdd49b4f0f95fa7236e1dd46790d0038906f2a15040a370cf37 发布日期: 2022-12-23 00:15 修改: 2024-10-29 15:35
setuptools	CVE-2024-6345	高危	57.5.0	70.0.0	pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345 镜像层: sha256:ae2ed30791634cdd49b4f0f95fa7236e1dd46790d0038906f2a15040a370cf37 发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
pip	CVE-2023-5752	中危	23.0.1	23.3	pip: Mercurial configuration injectable in repo revision when installing via pip 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5752 镜像层: sha256:ae2ed30791634cdd49b4f0f95fa7236e1dd46790d0038906f2a15040a370cf37 发布日期: 2023-10-25 18:17 修改: 2024-06-10 18:15

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

setuptools

CVE-2022-40897

高危

57.5.0

65.5.1

pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py