docker.io/opensearchproject/opensearch:3.7.0 linux/amd64

docker.io/opensearchproject/opensearch:3.7.0 - Trivy安全扫描结果 扫描时间: 2026-06-23 11:44
全部漏洞信息
低危漏洞:0 中危漏洞:9 高危漏洞:7 严重漏洞:0

系统OS: amazon 2023.11.20260526 (Amazon Linux) 扫描引擎: Trivy 扫描时间: 2026-06-23 11:44

docker.io/opensearchproject/opensearch:3.7.0 (amazon 2023.11.20260526 (Amazon Linux)) (amazon)
低危漏洞:0 中危漏洞:2 高危漏洞:4 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libsolv CVE-2026-48863 高危 0.7.22-1.amzn2023.0.3 0.7.22-1.amzn2023.0.4 libsolv: Stack-based buffer overflow in libsolv EdDSA PGP signature verification allows denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48863

镜像层: sha256:a6195db8fc666e89cec28319c3b190b5f3256c86cc4159e064ba6dac671ebb54

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libsolv CVE-2026-48864 高危 0.7.22-1.amzn2023.0.3 0.7.22-1.amzn2023.0.4 libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48864

镜像层: sha256:a6195db8fc666e89cec28319c3b190b5f3256c86cc4159e064ba6dac671ebb54

发布日期: 2026-05-26 17:16 修改: 2026-05-28 19:22
libsolv CVE-2026-9149 高危 0.7.22-1.amzn2023.0.3 0.7.22-1.amzn2023.0.4 libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9149

镜像层: sha256:a6195db8fc666e89cec28319c3b190b5f3256c86cc4159e064ba6dac671ebb54

发布日期: 2026-05-21 00:16 修改: 2026-06-02 01:21
libsolv CVE-2026-9150 高危 0.7.22-1.amzn2023.0.3 0.7.22-1.amzn2023.0.4 libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9150

镜像层: sha256:a6195db8fc666e89cec28319c3b190b5f3256c86cc4159e064ba6dac671ebb54

发布日期: 2026-05-20 23:16 修改: 2026-06-02 18:57
python3 CVE-2026-6019 中危 3.9.25-1.amzn2023.0.5 3.9.25-1.amzn2023.0.6 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:a6195db8fc666e89cec28319c3b190b5f3256c86cc4159e064ba6dac671ebb54

发布日期: 2026-04-22 20:16 修改: 2026-05-28 19:15
python3-libs CVE-2026-6019 中危 3.9.25-1.amzn2023.0.5 3.9.25-1.amzn2023.0.6 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:a6195db8fc666e89cec28319c3b190b5f3256c86cc4159e064ba6dac671ebb54

发布日期: 2026-04-22 20:16 修改: 2026-05-28 19:15
Java (jar)
低危漏洞:0 中危漏洞:7 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
io.netty:netty-handler CVE-2026-44249 高危 4.1.133.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:e689346de473723cb0d48ec2df0d4ff11c38cddfd36caa9fd80adfaf3d9bdca3

发布日期: 2026-06-11 22:16 修改: 2026-06-15 02:30
io.netty:netty-handler CVE-2026-45416 高危 4.1.133.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:e689346de473723cb0d48ec2df0d4ff11c38cddfd36caa9fd80adfaf3d9bdca3

发布日期: 2026-06-12 15:16 修改: 2026-06-15 02:15
io.netty:netty-handler CVE-2026-50010 高危 4.1.133.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:e689346de473723cb0d48ec2df0d4ff11c38cddfd36caa9fd80adfaf3d9bdca3

发布日期: 2026-06-12 16:16 修改: 2026-06-15 02:31
io.netty:netty-codec-http2 CVE-2026-50560 中危 4.1.133.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560

镜像层: sha256:e689346de473723cb0d48ec2df0d4ff11c38cddfd36caa9fd80adfaf3d9bdca3

发布日期: 2026-06-12 16:16 修改: 2026-06-15 02:30
io.netty:netty-codec-http CVE-2026-50020 中危 4.1.133.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:e689346de473723cb0d48ec2df0d4ff11c38cddfd36caa9fd80adfaf3d9bdca3

发布日期: 2026-06-12 16:16 修改: 2026-06-15 02:31
io.netty:netty-codec-http2 CVE-2026-47244 中危 4.1.133.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244

镜像层: sha256:e689346de473723cb0d48ec2df0d4ff11c38cddfd36caa9fd80adfaf3d9bdca3

发布日期: 2026-06-12 15:16 修改: 2026-06-15 02:11
io.netty:netty-codec-http2 CVE-2026-48043 中危 4.1.133.Final 4.1.135.Final, 4.2.15.Final netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043

镜像层: sha256:e689346de473723cb0d48ec2df0d4ff11c38cddfd36caa9fd80adfaf3d9bdca3

发布日期: 2026-06-12 16:16 修改: 2026-06-15 01:56
org.bouncycastle:bc-fips CVE-2026-8149 中危 2.1.2 Bouncy Castle has a vulnerability in program files gcm128w, gcm512w

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8149

镜像层: sha256:e689346de473723cb0d48ec2df0d4ff11c38cddfd36caa9fd80adfaf3d9bdca3

发布日期: 2026-05-08 07:16 修改: 2026-05-19 00:16
org.bouncycastle:bc-fips CVE-2026-8149 中危 2.1.2 Bouncy Castle has a vulnerability in program files gcm128w, gcm512w

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8149

镜像层: sha256:e689346de473723cb0d48ec2df0d4ff11c38cddfd36caa9fd80adfaf3d9bdca3

发布日期: 2026-05-08 07:16 修改: 2026-05-19 00:16
org.bouncycastle:bc-fips CVE-2026-8149 中危 2.1.2 Bouncy Castle has a vulnerability in program files gcm128w, gcm512w

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8149

镜像层: sha256:e689346de473723cb0d48ec2df0d4ff11c38cddfd36caa9fd80adfaf3d9bdca3

发布日期: 2026-05-08 07:16 修改: 2026-05-19 00:16
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×