docker.io/mouday/domain-admin:v1.6.53 linux/amd64

docker.io/mouday/domain-admin:v1.6.53 - Trivy安全扫描结果 扫描时间: 2024-10-29 01:27
全部漏洞信息
低危漏洞:0 中危漏洞:16 高危漏洞:10 严重漏洞:0

系统OS: alpine 3.16.3 扫描引擎: Trivy 扫描时间: 2024-10-29 01:27

docker.io/mouday/domain-admin:v1.6.53 (alpine 3.16.3) (alpine)
低危漏洞:0 中危漏洞:3 高危漏洞:7 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
expat CVE-2023-52425 高危 2.5.0-r0 2.6.0-r0 expat: parsing large tokens can trigger a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425

镜像层: sha256:fff68df5095ce8cae623459755566fb082412fdd4624b3c547e6b44d61a83469

发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35
expat CVE-2024-28757 高危 2.5.0-r0 2.6.2-r0 expat: XML Entity Expansion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757

镜像层: sha256:fff68df5095ce8cae623459755566fb082412fdd4624b3c547e6b44d61a83469

发布日期: 2024-03-10 05:15 修改: 2024-05-01 19:15
krb5-libs CVE-2022-42898 高危 1.19.3-r0 1.19.4-r0 krb5: integer overflow vulnerabilities in PAC parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898

镜像层: sha256:fff68df5095ce8cae623459755566fb082412fdd4624b3c547e6b44d61a83469

发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libcom_err CVE-2022-1304 高危 1.46.5-r0 1.46.6-r0 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:fff68df5095ce8cae623459755566fb082412fdd4624b3c547e6b44d61a83469

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
ncurses-libs CVE-2023-29491 高危 6.3_p20220521-r0 6.3_p20220521-r1 ncurses: Local users can trigger security-relevant memory corruption via malformed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491

镜像层: sha256:fff68df5095ce8cae623459755566fb082412fdd4624b3c547e6b44d61a83469

发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
ncurses-terminfo-base CVE-2023-29491 高危 6.3_p20220521-r0 6.3_p20220521-r1 ncurses: Local users can trigger security-relevant memory corruption via malformed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491

镜像层: sha256:fff68df5095ce8cae623459755566fb082412fdd4624b3c547e6b44d61a83469

发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
sqlite-libs CVE-2023-7104 高危 3.38.5-r0 3.40.1-r1 sqlite: heap-buffer-overflow at sessionfuzz

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104

镜像层: sha256:fff68df5095ce8cae623459755566fb082412fdd4624b3c547e6b44d61a83469

发布日期: 2023-12-29 10:15 修改: 2024-05-17 02:34
expat CVE-2023-52426 中危 2.5.0-r0 2.6.0-r0 expat: recursive XML entity expansion vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52426

镜像层: sha256:fff68df5095ce8cae623459755566fb082412fdd4624b3c547e6b44d61a83469

发布日期: 2024-02-04 20:15 修改: 2024-03-07 17:15
busybox CVE-2023-42366 中危 1.35.0-r17 1.35.0-r18 busybox: A heap-buffer-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366

镜像层: sha256:e5e13b0c77cbb769548077189c3da2f0a764ceca06af49d8d558e759f5c232bd

发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
ssl_client CVE-2023-42366 中危 1.35.0-r17 1.35.0-r18 busybox: A heap-buffer-overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366

镜像层: sha256:e5e13b0c77cbb769548077189c3da2f0a764ceca06af49d8d558e759f5c232bd

发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
Node.js (node-pkg)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Python (python-pkg)
低危漏洞:0 中危漏洞:13 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Werkzeug CVE-2024-34069 高危 2.2.3 3.0.3 python-werkzeug: user may execute code on a developer's machine

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34069

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-05-06 15:15 修改: 2024-06-14 13:15
aiohttp CVE-2024-30251 高危 3.8.6 3.9.4 aiohttp: DoS when trying to parse malformed POST requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30251

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-05-02 14:15 修改: 2024-05-02 18:00
setuptools CVE-2024-6345 高危 68.0.0 70.0.0 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
Werkzeug CVE-2024-49767 中危 2.2.3 3.0.6 werkzeug: python-werkzeug: Werkzeug possible resource exhaustion when parsing file data in forms

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-49767

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-10-25 20:15 修改: 2024-10-25 20:15
Werkzeug CVE-2023-46136 中危 2.2.3 3.0.1, 2.3.8 python-werkzeug: high resource consumption leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46136

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2023-10-25 18:17 修改: 2024-01-10 18:58
aiohttp CVE-2023-49081 中危 3.8.6 3.9.0 aiohttp: HTTP request modification

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49081

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2023-11-30 07:15 修改: 2024-01-29 14:15
aiohttp CVE-2023-49082 中危 3.8.6 3.9.0 aiohttp: CRLF injection if user controls the HTTP method using aiohttp client

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49082

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2023-11-29 20:15 修改: 2024-01-29 14:15
aiohttp CVE-2024-23334 中危 3.8.6 3.9.2 aiohttp: follow_symlinks directory traversal vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23334

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-01-29 23:15 修改: 2024-02-09 03:15
aiohttp CVE-2024-23829 中危 3.8.6 3.9.2 python-aiohttp: http request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23829

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-01-29 23:15 修改: 2024-02-09 03:15
aiohttp CVE-2024-27306 中危 3.8.6 3.9.4 aiohttp: XSS on index pages for static file handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27306

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-04-18 15:15 修改: 2024-05-02 03:15
aiohttp CVE-2024-42367 中危 3.8.6 3.10.2 aiohttp: python-aiohttp: Compressed files as symlinks are not protected from path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42367

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-08-12 13:38 修改: 2024-08-12 13:41
dnspython CVE-2023-29483 中危 2.3.0 2.6.1 dnspython: denial of service in stub resolver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29483

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-04-11 14:15 修改: 2024-08-27 19:35
requests CVE-2024-35195 中危 2.31.0 2.32.0 requests: subsequent requests to the same host ignore cert verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35195

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-05-20 21:15 修改: 2024-06-10 17:16
Werkzeug CVE-2024-49766 中危 2.2.3 3.0.6 werkzeug: python-werkzeug: Werkzeug safe_join not safe on Windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-49766

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-10-25 20:15 修改: 2024-10-25 20:15
urllib3 CVE-2024-37891 中危 2.0.7 1.26.19, 2.2.2 urllib3: proxy-authorization request header is not stripped during cross-origin redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37891

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
zipp CVE-2024-5569 中危 3.15.0 3.19.1 github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5569

镜像层: sha256:847c51679d20dea8cba202d32d8183a318a3ff4edbcf611ebf45d97f1c894685

发布日期: 2024-07-09 00:15 修改: 2024-07-09 18:19
/app/domain_admin/public/js/index.0c11f5a0.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/domain_admin/public/m/assets/index-9c365a03.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息