docker.io/lswl/vertex:latest linux/amd64

docker.io/lswl/vertex:latest - Trivy安全扫描结果 扫描时间: 2024-11-27 16:07
全部漏洞信息
低危漏洞:0 中危漏洞:14 高危漏洞:6 严重漏洞:0

系统OS: alpine 3.13.12 扫描引擎: Trivy 扫描时间: 2024-11-27 16:07

docker.io/lswl/vertex:latest (alpine 3.13.12) (alpine)
低危漏洞:0 中危漏洞:10 高危漏洞:5 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
expat CVE-2022-40674 高危 2.2.10-r6 2.2.10-r7 expat: a use-after-free in the doContent function in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40674

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-09-14 11:15 修改: 2023-11-07 03:52

expat CVE-2022-43680 高危 2.2.10-r6 2.2.10-r8 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43680

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-10-24 14:15 修改: 2024-01-21 02:08

libxml2 CVE-2022-40303 高危 2.9.14-r1 2.9.14-r2 libxml2: integer overflows with XML_PARSE_HUGE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40303

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-11-23 00:15 修改: 2023-11-07 03:52

libxml2 CVE-2022-40304 高危 2.9.14-r1 2.9.14-r2 libxml2: dict corruption caused by entity reference cycles

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40304

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-11-23 18:15 修改: 2023-11-07 03:52

pixman CVE-2022-44638 高危 0.40.0-r2 0.40.0-r3 pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44638

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-11-03 06:15 修改: 2023-11-07 03:54

dbus-libs CVE-2022-42012 中危 1.12.20-r1 1.12.24-r0 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-libs CVE-2022-42010 中危 1.12.20-r1 1.12.24-r0 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

nodejs CVE-2022-32213 中危 14.20.0-r0 14.20.1-r0 nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32213

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-07-14 15:15 修改: 2023-11-07 03:47

nodejs CVE-2022-32214 中危 14.20.0-r0 14.20.1-r0 nodejs: HTTP request smuggling due to improper delimiting of header fields

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32214

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-07-14 15:15 修改: 2023-07-19 00:55

nodejs CVE-2022-32215 中危 14.20.0-r0 14.20.1-r0 nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32215

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-07-14 15:15 修改: 2023-11-07 03:47

nodejs CVE-2022-35256 中危 14.20.0-r0 14.20.1-r0 nodejs: HTTP Request Smuggling due to incorrect parsing of header fields

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35256

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-12-05 22:15 修改: 2023-05-12 13:30

dbus-libs CVE-2022-42011 中危 1.12.20-r1 1.12.24-r0 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

tiff CVE-2022-2867 中危 4.3.0-r0 4.4.0-r0 libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2867

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-08-17 22:15 修改: 2023-11-07 03:47

tiff CVE-2022-2868 中危 4.3.0-r0 4.4.0-r0 libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2868

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-08-17 22:15 修改: 2023-11-07 03:47

tiff CVE-2022-2869 中危 4.3.0-r0 4.4.0-r0 libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2869

镜像层: sha256:75d30bea8d550037287a12b67208245797084978b2a0e6f5c6a9b59f2ad286f9

发布日期: 2022-08-17 22:15 修改: 2023-11-07 03:47

Node.js (node-pkg)
低危漏洞:0 中危漏洞:4 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
ws CVE-2024-37890 高危 8.5.0 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:a486c05c868533697132bf33baa5810893ed0adac296cf54a123a2bc6fbcf9e1

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44

request CVE-2023-28155 中危 2.88.2 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:a486c05c868533697132bf33baa5810893ed0adac296cf54a123a2bc6fbcf9e1

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15

tough-cookie CVE-2023-26136 中危 2.5.0 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:a486c05c868533697132bf33baa5810893ed0adac296cf54a123a2bc6fbcf9e1

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15

axios CVE-2023-45857 中危 0.27.2 1.6.0, 0.28.0 axios: exposure of confidential data stored in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45857

镜像层: sha256:a486c05c868533697132bf33baa5810893ed0adac296cf54a123a2bc6fbcf9e1

发布日期: 2023-11-08 21:15 修改: 2024-06-21 19:15

xml2js CVE-2023-0842 中危 0.4.23 0.5.0 node-xml2js: xml2js is vulnerable to prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0842

镜像层: sha256:a486c05c868533697132bf33baa5810893ed0adac296cf54a123a2bc6fbcf9e1

发布日期: 2023-04-05 20:15 修改: 2024-03-14 21:15