docker.io/openim/openim-chat:release-v1.7 - Trivy镜像安全扫描结果

全部漏洞信息

低危漏洞:7

中危漏洞:117

高危漏洞:25

严重漏洞:25

系统OS: alpine 3.20.0 扫描引擎: Trivy 扫描时间: 2024-11-15 15:02

docker.io/openim/openim-chat:release-v1.7 (alpine 3.20.0) (alpine)

低危漏洞:2

中危漏洞:12

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
busybox	CVE-2023-42364	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox	CVE-2023-42365	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox-binsh	CVE-2023-42364	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox-binsh	CVE-2023-42365	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libcrypto3	CVE-2024-4741	中危	3.3.0-r2	3.3.0-r3	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcrypto3	CVE-2024-5535	中危	3.3.0-r2	3.3.1-r1	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libcrypto3	CVE-2024-6119	中危	3.3.0-r2	3.3.2-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
libssl3	CVE-2024-4741	中危	3.3.0-r2	3.3.0-r3	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libssl3	CVE-2024-5535	中危	3.3.0-r2	3.3.1-r1	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libssl3	CVE-2024-6119	中危	3.3.0-r2	3.3.2-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
ssl_client	CVE-2023-42364	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
ssl_client	CVE-2023-42365	中危	1.36.1-r28	1.36.1-r29	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libcrypto3	CVE-2024-9143	低危	3.3.0-r2	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3	CVE-2024-9143	低危	3.3.0-r2	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:02f2bcb26af5ea6d185dcf509dc795746d907ae10c53918b6944ac85447a0c72 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35

Node.js (node-pkg)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

openim-chat/_output/bin/platforms/linux/amd64/admin-api (gobinary)

低危漏洞:1

中危漏洞:5

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2023-45288	中危	v0.22.0	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
github.com/golang-jwt/jwt/v4	CVE-2024-51744	低危	v4.5.0	4.5.1	golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04

openim-chat/_output/bin/platforms/linux/amd64/admin-rpc (gobinary)

低危漏洞:1

中危漏洞:5

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2023-45288	中危	v0.22.0	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
github.com/golang-jwt/jwt/v4	CVE-2024-51744	低危	v4.5.0	4.5.1	golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04

openim-chat/_output/bin/platforms/linux/amd64/chat-api (gobinary)

低危漏洞:1

中危漏洞:5

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2023-45288	中危	v0.22.0	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
github.com/golang-jwt/jwt/v4	CVE-2024-51744	低危	v4.5.0	4.5.1	golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04

openim-chat/_output/bin/platforms/linux/amd64/chat-rpc (gobinary)

低危漏洞:1

中危漏洞:5

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2023-45288	中危	v0.22.0	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
github.com/golang-jwt/jwt/v4	CVE-2024-51744	低危	v4.5.0	4.5.1	golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04

openim-chat/_output/bin/tools/linux/amd64/check-component (gobinary)

低危漏洞:1

中危漏洞:5

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2023-45288	中危	v0.22.0	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
github.com/golang-jwt/jwt/v4	CVE-2024-51744	低危	v4.5.0	4.5.1	golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744 镜像层: sha256:126778983dae1f718c4935cebfbb55fcc6f0e6e7a1a55c6dd8ca5893dd867cf8 发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04

usr/local/bin/mage (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:4e5b4e5e22bfabadc2d57deaab00b60c0f3d080fa834bb26a90926f231d682a8 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:4e5b4e5e22bfabadc2d57deaab00b60c0f3d080fa834bb26a90926f231d682a8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:4e5b4e5e22bfabadc2d57deaab00b60c0f3d080fa834bb26a90926f231d682a8 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:4e5b4e5e22bfabadc2d57deaab00b60c0f3d080fa834bb26a90926f231d682a8 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:4e5b4e5e22bfabadc2d57deaab00b60c0f3d080fa834bb26a90926f231d682a8 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:4e5b4e5e22bfabadc2d57deaab00b60c0f3d080fa834bb26a90926f231d682a8 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/bin/go (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/bin/gofmt (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/addr2line (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/asm (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/buildid (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/cgo (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/compile (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/covdata (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/cover (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/doc (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/fix (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/link (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/nm (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/objdump (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/pack (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/pprof (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/test2json (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/trace (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

usr/local/go/pkg/tool/linux_amd64/vet (gobinary)

低危漏洞:0

中危漏洞:4

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.10	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2024-34156	高危	1.21.10	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2024-24789	中危	1.21.10	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.10	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.10	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.21.10	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:30696ad20e72a3b813f3d1779f943ea26709bc8a0651df289f0f4b9ff8fb2a18 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

docker.io/openim/openim-chat:release-v1.7 linux/amd64

全部漏洞信息

docker.io/openim/openim-chat:release-v1.7 (alpine 3.20.0) (alpine)

Node.js (node-pkg)

openim-chat/_output/bin/platforms/linux/amd64/admin-api (gobinary)

openim-chat/_output/bin/platforms/linux/amd64/admin-rpc (gobinary)

openim-chat/_output/bin/platforms/linux/amd64/chat-api (gobinary)

openim-chat/_output/bin/platforms/linux/amd64/chat-rpc (gobinary)

openim-chat/_output/bin/tools/linux/amd64/check-component (gobinary)

usr/local/bin/mage (gobinary)

usr/local/go/bin/go (gobinary)

usr/local/go/bin/gofmt (gobinary)

usr/local/go/pkg/tool/linux_amd64/addr2line (gobinary)

usr/local/go/pkg/tool/linux_amd64/asm (gobinary)

usr/local/go/pkg/tool/linux_amd64/buildid (gobinary)

usr/local/go/pkg/tool/linux_amd64/cgo (gobinary)

usr/local/go/pkg/tool/linux_amd64/compile (gobinary)

usr/local/go/pkg/tool/linux_amd64/covdata (gobinary)

usr/local/go/pkg/tool/linux_amd64/cover (gobinary)

usr/local/go/pkg/tool/linux_amd64/doc (gobinary)

usr/local/go/pkg/tool/linux_amd64/fix (gobinary)

usr/local/go/pkg/tool/linux_amd64/link (gobinary)

usr/local/go/pkg/tool/linux_amd64/nm (gobinary)

usr/local/go/pkg/tool/linux_amd64/objdump (gobinary)

usr/local/go/pkg/tool/linux_amd64/pack (gobinary)

usr/local/go/pkg/tool/linux_amd64/pprof (gobinary)

usr/local/go/pkg/tool/linux_amd64/test2json (gobinary)

usr/local/go/pkg/tool/linux_amd64/trace (gobinary)

usr/local/go/pkg/tool/linux_amd64/vet (gobinary)