docker.io/litellm/litellm:1.80.15-stable.1 linux/amd64

docker.io/litellm/litellm:1.80.15-stable.1 - Trivy安全扫描结果 扫描时间: 2026-01-23 11:02
全部漏洞信息
低危漏洞:2 中危漏洞:1 高危漏洞:7 严重漏洞:0

系统OS: wolfi 20230201 扫描引擎: Trivy 扫描时间: 2026-01-23 11:02

docker.io/litellm/litellm:1.80.15-stable.1 (wolfi 20230201) (wolfi)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Node.js (node-pkg)
低危漏洞:2 中危漏洞:1 高危漏洞:6 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
glob CVE-2025-64756 高危 10.4.5 11.1.0, 10.5.0 glob: glob: Command Injection Vulnerability via Malicious Filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756

镜像层: sha256:7b8cbf7f0d1ee0878e4b0b16de0e807d106f53c9b764f635d960703ccd820070

发布日期: 2025-11-17 18:15 修改: 2025-12-02 19:34
glob CVE-2025-64756 高危 11.0.3 11.1.0, 10.5.0 glob: glob: Command Injection Vulnerability via Malicious Filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756

镜像层: sha256:7b8cbf7f0d1ee0878e4b0b16de0e807d106f53c9b764f635d960703ccd820070

发布日期: 2025-11-17 18:15 修改: 2025-12-02 19:34
tar CVE-2026-23745 高危 7.5.1 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:7b8cbf7f0d1ee0878e4b0b16de0e807d106f53c9b764f635d960703ccd820070

发布日期: 2026-01-16 22:16 修改: 2026-01-16 22:16
tar CVE-2026-23950 高危 7.5.1 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:7b8cbf7f0d1ee0878e4b0b16de0e807d106f53c9b764f635d960703ccd820070

发布日期: 2026-01-20 01:15 修改: 2026-01-20 01:15
tar CVE-2026-23745 高危 7.5.2 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:927ecf3502db2e41dc5b04be37397e73e5266eab115de7b4f2a7efa06673e910

发布日期: 2026-01-16 22:16 修改: 2026-01-16 22:16
tar CVE-2026-23950 高危 7.5.2 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:927ecf3502db2e41dc5b04be37397e73e5266eab115de7b4f2a7efa06673e910

发布日期: 2026-01-20 01:15 修改: 2026-01-20 01:15
tar CVE-2025-64118 中危 7.5.1 7.5.2 node-tar: tar: node-tar: Information disclosure via reading a truncated tar file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64118

镜像层: sha256:7b8cbf7f0d1ee0878e4b0b16de0e807d106f53c9b764f635d960703ccd820070

发布日期: 2025-10-30 18:15 修改: 2025-11-04 15:41
diff CVE-2026-24001 低危 8.0.2 8.0.3, 5.2.2, 4.0.4 jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001

镜像层: sha256:7b8cbf7f0d1ee0878e4b0b16de0e807d106f53c9b764f635d960703ccd820070

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
diff CVE-2026-24001 低危 8.0.2 8.0.3, 5.2.2, 4.0.4 jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001

镜像层: sha256:927ecf3502db2e41dc5b04be37397e73e5266eab115de7b4f2a7efa06673e910

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
Python (python-pkg)
低危漏洞:0 中危漏洞:0 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
jaraco.context CVE-2026-23949 高危 5.3.0 6.1.0 jaraco.context: jaraco.context: Path traversal via malicious tar archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23949

镜像层: sha256:927ecf3502db2e41dc5b04be37397e73e5266eab115de7b4f2a7efa06673e910

发布日期: 2026-01-20 01:15 修改: 2026-01-20 01:15