docker.io/lpgonzalez/docker-volume-manager:3 linux/amd64

docker.io/lpgonzalez/docker-volume-manager:3 - Trivy安全扫描结果扫描时间: 2026-06-12 16:19

全部漏洞信息

低危漏洞:20

中危漏洞:9

高危漏洞:2

严重漏洞:0

系统OS: alpine 3.23.4 扫描引擎: Trivy 扫描时间: 2026-06-12 16:19

docker.io/lpgonzalez/docker-volume-manager:3 (alpine 3.23.4) (alpine)

低危漏洞:20

中危漏洞:8

高危漏洞:2

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libcrypto3	CVE-2026-45447	高危	3.5.6-r0	3.5.7-r0	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 15:16
libssl3	CVE-2026-45447	高危	3.5.6-r0	3.5.7-r0	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 15:16
libcrypto3	CVE-2026-34183	中危	3.5.6-r0	3.5.7-r0	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 16:17
libcrypto3	CVE-2026-42764	中危	3.5.6-r0	3.5.7-r0	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-45445	中危	3.5.6-r0	3.5.7-r0	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-34182	中危	3.5.6-r0	3.5.7-r0	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libssl3	CVE-2026-34182	中危	3.5.6-r0	3.5.7-r0	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libssl3	CVE-2026-34183	中危	3.5.6-r0	3.5.7-r0	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 16:17
libssl3	CVE-2026-42764	中危	3.5.6-r0	3.5.7-r0	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-45445	中危	3.5.6-r0	3.5.7-r0	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42769	低危	3.5.6-r0	3.5.7-r0	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42770	低危	3.5.6-r0	3.5.7-r0	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-45446	低危	3.5.6-r0	3.5.7-r0	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-7383	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-9076	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-34180	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-34181	低危	3.5.6-r0	3.5.7-r0	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libcrypto3	CVE-2026-42766	低危	3.5.6-r0	3.5.7-r0	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42767	低危	3.5.6-r0	3.5.7-r0	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42768	低危	3.5.6-r0	3.5.7-r0	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-34180	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-34181	低危	3.5.6-r0	3.5.7-r0	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libssl3	CVE-2026-42766	低危	3.5.6-r0	3.5.7-r0	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42767	低危	3.5.6-r0	3.5.7-r0	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42768	低危	3.5.6-r0	3.5.7-r0	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42769	低危	3.5.6-r0	3.5.7-r0	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42770	低危	3.5.6-r0	3.5.7-r0	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-45446	低危	3.5.6-r0	3.5.7-r0	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-7383	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-9076	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16

Python (python-pkg)

低危漏洞:0

中危漏洞:1

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
python-dotenv	CVE-2026-28684	中危	1.2.1	1.2.2	python-dotenv: python-dotenv: Arbitrary file overwrite via symbolic link following 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28684 镜像层: sha256:0294fc49c6086e2c41fd51bca734d21b871359ae5b6e91801ff6779b1c55a2ab 发布日期: 2026-04-20 17:16 修改: 2026-04-27 13:44

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

python-dotenv

CVE-2026-28684

中危

1.2.1

1.2.2

python-dotenv: python-dotenv: Arbitrary file overwrite via symbolic link following

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28684

镜像层: sha256:0294fc49c6086e2c41fd51bca734d21b871359ae5b6e91801ff6779b1c55a2ab

发布日期: 2026-04-20 17:16 修改: 2026-04-27 13:44