docker.io/openebs/mayastor-io-engine:v2.10.0 linux/amd64

docker.io/openebs/mayastor-io-engine:v2.10.0 - Trivy安全扫描结果 扫描时间: 2026-05-18 09:40
全部漏洞信息
低危漏洞:8 中危漏洞:6 高危漏洞:2 严重漏洞:0

系统OS: 扫描引擎: Trivy 扫描时间: 2026-05-18 09:40

Python (python-pkg)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bin/io-engine (rustbinary)
低危漏洞:4 中危漏洞:3 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
rustls-webpki GHSA-82j2-j2ch-gfr8 高危 0.102.8 0.103.13, 0.104.0-alpha.7 rustls-webpki: Denial of service via panic on malformed CRL BIT STRING

漏洞详情: https://github.com/advisories/GHSA-82j2-j2ch-gfr8

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-04-24 16:20 修改: 2026-04-24 16:20
bytes CVE-2026-25541 中危 1.8.0 1.11.1 Bytes is a utility library for working with bytes. From version 1.2.1 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25541

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-02-04 22:16 修改: 2026-02-27 20:13
rustls-webpki GHSA-pwjx-qhcg-rvj4 中危 0.102.8 0.103.10, 0.104.0-alpha.5 webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic

漏洞详情: https://github.com/advisories/GHSA-pwjx-qhcg-rvj4

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-03-20 21:51 修改: 2026-03-25 19:56
time CVE-2026-25727 中危 0.3.36 0.3.47 time: time affected by a stack exhaustion denial of service attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25727

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-02-06 20:16 修改: 2026-02-24 15:23
rustls-webpki GHSA-965h-392x-2mh5 低危 0.102.8 0.103.12, 0.104.0-alpha.6 webpki: Name constraints for URI names were incorrectly accepted

漏洞详情: https://github.com/advisories/GHSA-965h-392x-2mh5

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-04-16 21:16 修改: 2026-04-16 21:16
rustls-webpki GHSA-xgp8-3hg3-c2mh 低危 0.102.8 0.103.12, 0.104.0-alpha.6 webpki: Name constraints were accepted for certificates asserting a wildcard name

漏洞详情: https://github.com/advisories/GHSA-xgp8-3hg3-c2mh

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-04-16 21:17 修改: 2026-04-16 21:17
rand GHSA-cq8v-f236-94qc 低危 0.8.5 0.9.3, 0.10.1, 0.8.6 Rand is unsound with a custom logger using rand::rng()

漏洞详情: https://github.com/advisories/GHSA-cq8v-f236-94qc

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-04-14 01:03 修改: 2026-04-22 20:13
tracing-subscriber CVE-2025-58160 低危 0.3.18 0.3.20 tracing-subscriber: Tracing log pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58160

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2025-08-29 22:15 修改: 2026-04-15 00:35
bin/io-engine-client (rustbinary)
低危漏洞:4 中危漏洞:3 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
rustls-webpki GHSA-82j2-j2ch-gfr8 高危 0.102.8 0.103.13, 0.104.0-alpha.7 rustls-webpki: Denial of service via panic on malformed CRL BIT STRING

漏洞详情: https://github.com/advisories/GHSA-82j2-j2ch-gfr8

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-04-24 16:20 修改: 2026-04-24 16:20
bytes CVE-2026-25541 中危 1.8.0 1.11.1 Bytes is a utility library for working with bytes. From version 1.2.1 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25541

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-02-04 22:16 修改: 2026-02-27 20:13
rustls-webpki GHSA-pwjx-qhcg-rvj4 中危 0.102.8 0.103.10, 0.104.0-alpha.5 webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic

漏洞详情: https://github.com/advisories/GHSA-pwjx-qhcg-rvj4

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-03-20 21:51 修改: 2026-03-25 19:56
time CVE-2026-25727 中危 0.3.36 0.3.47 time: time affected by a stack exhaustion denial of service attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25727

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-02-06 20:16 修改: 2026-02-24 15:23
rustls-webpki GHSA-965h-392x-2mh5 低危 0.102.8 0.103.12, 0.104.0-alpha.6 webpki: Name constraints for URI names were incorrectly accepted

漏洞详情: https://github.com/advisories/GHSA-965h-392x-2mh5

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-04-16 21:16 修改: 2026-04-16 21:16
rustls-webpki GHSA-xgp8-3hg3-c2mh 低危 0.102.8 0.103.12, 0.104.0-alpha.6 webpki: Name constraints were accepted for certificates asserting a wildcard name

漏洞详情: https://github.com/advisories/GHSA-xgp8-3hg3-c2mh

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-04-16 21:17 修改: 2026-04-16 21:17
rand GHSA-cq8v-f236-94qc 低危 0.8.5 0.9.3, 0.10.1, 0.8.6 Rand is unsound with a custom logger using rand::rng()

漏洞详情: https://github.com/advisories/GHSA-cq8v-f236-94qc

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2026-04-14 01:03 修改: 2026-04-22 20:13
tracing-subscriber CVE-2025-58160 低危 0.3.18 0.3.20 tracing-subscriber: Tracing log pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58160

镜像层: sha256:2085176245bf08cd853138e1247686573f85d505bf5f0b489450d4c566ab80b3

发布日期: 2025-08-29 22:15 修改: 2026-04-15 00:35