docker.io/pingcap/pd:v8.1.0 linux/amd64

docker.io/pingcap/pd:v8.1.0 - Trivy安全扫描结果 扫描时间: 2024-10-27 08:31
全部漏洞信息
低危漏洞:1 中危漏洞:51 高危漏洞:30 严重漏洞:5

系统OS: rocky 9.3 扫描引擎: Trivy 扫描时间: 2024-10-27 08:31

docker.io/pingcap/pd:v8.1.0 (rocky 9.3) (rocky)
低危漏洞:1 中危漏洞:12 高危漏洞:20 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
glibc CVE-2024-2961 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
glibc CVE-2024-33599 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc CVE-2024-33600 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc CVE-2024-33601 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc CVE-2024-33602 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common CVE-2024-2961 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
glibc-common CVE-2024-33599 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common CVE-2024-33600 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common CVE-2024-33601 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common CVE-2024-33602 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-minimal-langpack CVE-2024-2961 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
glibc-minimal-langpack CVE-2024-33599 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-minimal-langpack CVE-2024-33600 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-minimal-langpack CVE-2024-33601 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-minimal-langpack CVE-2024-33602 高危 2.34-83.el9.7 2.34-100.el9_4.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
less CVE-2024-32487 高危 590-2.el9_2 590-4.el9_4 less: OS command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32487

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-04-13 15:15 修改: 2024-07-08 14:18
python3 CVE-2023-6597 高危 3.9.18-1.el9_3 3.9.18-3.el9_4.1 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3 CVE-2024-0450 高危 3.9.18-1.el9_3 3.9.18-3.el9_4.1 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3-libs CVE-2023-6597 高危 3.9.18-1.el9_3 3.9.18-3.el9_4.1 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3-libs CVE-2024-0450 高危 3.9.18-1.el9_3 3.9.18-3.el9_4.1 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
gnutls CVE-2024-28835 中危 3.7.6-23.el9 3.8.3-4.el9_4 gnutls: potential crash during chain building/verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28835

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-03-21 06:15 修改: 2024-09-16 19:16
glib2 CVE-2024-34397 中危 2.68.4-11.el9 2.68.4-14.el9_4.1 glib2: Signal subscription vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-05-07 18:15 修改: 2024-06-10 18:15
less CVE-2022-48624 中危 590-2.el9_2 590-3.el9_3 less: missing quoting of shell metacharacters in LESSCLOSE handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48624

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-02-19 01:15 修改: 2024-06-10 18:15
libnghttp2 CVE-2024-28182 中危 1.43.0-5.el9_3.1 1.43.0-5.el9_4.3 nghttp2: CONTINUATION frames DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-04-04 15:15 修改: 2024-05-01 18:15
libxml2 CVE-2024-25062 中危 2.9.13-4.el9 2.9.13-6.el9_4 libxml2: use-after-free in XMLReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-02-04 16:15 修改: 2024-02-13 00:40
openssl CVE-2024-6119 中危 1:3.0.7-24.el9 1:3.0.7-28.el9_4 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
openssl-libs CVE-2024-6119 中危 1:3.0.7-24.el9 1:3.0.7-28.el9_4 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
expat CVE-2024-45490 中危 2.5.0-1.el9 2.5.0-2.el9_4.1 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
expat CVE-2024-45491 中危 2.5.0-1.el9 2.5.0-2.el9_4.1 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
expat CVE-2024-45492 中危 2.5.0-1.el9 2.5.0-2.el9_4.1 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
gnutls CVE-2024-28834 中危 3.7.6-23.el9 3.8.3-4.el9_4 gnutls: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2024-03-21 14:15 修改: 2024-09-12 20:15
systemd-libs CVE-2023-7008 中危 252-18.el9 252-32.el9_4 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16
file-libs CVE-2022-48554 低危 5.39-14.el9 5.39-16.el9 file: stack-based buffer over-read in file_copystr in funcs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48554

镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1

发布日期: 2023-08-22 19:16 修改: 2024-03-13 22:15
pd-ctl (gobinary)
低危漏洞:0 中危漏洞:13 高危漏洞:3 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
github.com/gin-contrib/cors CVE-2019-25211 严重 v1.4.0 1.6.0 github.com/gin-contrib/cors: Gin mishandles a wildcard in the origin string in github.com/gin-contrib/cors

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25211

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-06-29 00:15 修改: 2024-08-01 13:41
stdlib CVE-2024-24790 严重 1.21.4 1.21.11, 1.22.4 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
go.etcd.io/etcd CVE-2020-15114 高危 v0.5.0-alpha.5.0.20240320135013-950cd5fbe6ca 3.4.10, 3.3.23 etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15114

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2020-08-06 23:15 修改: 2023-11-07 03:17
stdlib CVE-2023-45288 高危 1.21.4 1.21.9, 1.22.2 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib CVE-2024-34156 高危 1.21.4 1.22.7, 1.23.1 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
go.etcd.io/etcd CVE-2018-1099 中危 v0.5.0-alpha.5.0.20240320135013-950cd5fbe6ca 3.4.0 etcd: DNS rebinding vulnerability in etcd server

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1099

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2018-04-03 16:29 修改: 2023-11-07 02:55
go.etcd.io/etcd CVE-2020-15136 中危 v0.5.0-alpha.5.0.20240320135013-950cd5fbe6ca 3.4.10, 3.3.23 etcd: no authentication is performed against endpoints provided in the --endpoints flag

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15136

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2020-08-06 23:15 修改: 2023-11-07 03:17
golang.org/x/net CVE-2023-45288 中危 v0.22.0 0.23.0 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib CVE-2023-39326 中危 1.21.4 1.20.12, 1.21.5 golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib CVE-2023-45289 中危 1.21.4 1.21.8, 1.22.1 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2023-45290 中危 1.21.4 1.21.8, 1.22.1 golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24783 中危 1.21.4 1.21.8, 1.22.1 golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24784 中危 1.21.4 1.21.8, 1.22.1 golang: net/mail: comments in display names are incorrectly handled

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib CVE-2024-24785 中危 1.21.4 1.21.8, 1.22.1 golang: html/template: errors returned from MarshalJSON methods may break template escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24789 中危 1.21.4 1.21.11, 1.22.4 golang: archive/zip: Incorrect handling of certain ZIP files

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib CVE-2024-24791 中危 1.21.4 1.21.12, 1.22.5 net/http: Denial of service due to improper 100-continue handling in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib CVE-2024-34155 中危 1.21.4 1.22.7, 1.23.1 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-09-06 21:15 修改: 2024-09-09 13:03
stdlib CVE-2024-34158 中危 1.21.4 1.22.7, 1.23.1 go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:36fb1cb5df177c464bc433d1dd6061114341bc3623fac1d533d0a667e124305e

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
pd-recover (gobinary)
低危漏洞:0 中危漏洞:13 高危漏洞:3 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2024-24790 严重 1.21.4 1.21.11, 1.22.4 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
go.etcd.io/etcd CVE-2020-15114 高危 v0.5.0-alpha.5.0.20240320135013-950cd5fbe6ca 3.4.10, 3.3.23 etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15114

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2020-08-06 23:15 修改: 2023-11-07 03:17
stdlib CVE-2023-45288 高危 1.21.4 1.21.9, 1.22.2 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib CVE-2024-34156 高危 1.21.4 1.22.7, 1.23.1 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
go.etcd.io/etcd CVE-2018-1099 中危 v0.5.0-alpha.5.0.20240320135013-950cd5fbe6ca 3.4.0 etcd: DNS rebinding vulnerability in etcd server

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1099

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2018-04-03 16:29 修改: 2023-11-07 02:55
go.etcd.io/etcd CVE-2020-15136 中危 v0.5.0-alpha.5.0.20240320135013-950cd5fbe6ca 3.4.10, 3.3.23 etcd: no authentication is performed against endpoints provided in the --endpoints flag

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15136

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2020-08-06 23:15 修改: 2023-11-07 03:17
golang.org/x/net CVE-2023-45288 中危 v0.22.0 0.23.0 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib CVE-2023-39326 中危 1.21.4 1.20.12, 1.21.5 golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib CVE-2023-45289 中危 1.21.4 1.21.8, 1.22.1 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2023-45290 中危 1.21.4 1.21.8, 1.22.1 golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24783 中危 1.21.4 1.21.8, 1.22.1 golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24784 中危 1.21.4 1.21.8, 1.22.1 golang: net/mail: comments in display names are incorrectly handled

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib CVE-2024-24785 中危 1.21.4 1.21.8, 1.22.1 golang: html/template: errors returned from MarshalJSON methods may break template escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24789 中危 1.21.4 1.21.11, 1.22.4 golang: archive/zip: Incorrect handling of certain ZIP files

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib CVE-2024-24791 中危 1.21.4 1.21.12, 1.22.5 net/http: Denial of service due to improper 100-continue handling in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib CVE-2024-34155 中危 1.21.4 1.22.7, 1.23.1 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-09-06 21:15 修改: 2024-09-09 13:03
stdlib CVE-2024-34158 中危 1.21.4 1.22.7, 1.23.1 go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:8bdabcc1814e85bea452fa69ce322a63e15220aaeb67f312e673997667535d0c

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
pd-server (gobinary)
低危漏洞:0 中危漏洞:13 高危漏洞:4 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
github.com/gin-contrib/cors CVE-2019-25211 严重 v1.4.0 1.6.0 github.com/gin-contrib/cors: Gin mishandles a wildcard in the origin string in github.com/gin-contrib/cors

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25211

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-06-29 00:15 修改: 2024-08-01 13:41
stdlib CVE-2024-24790 严重 1.21.4 1.21.11, 1.22.4 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/image CVE-2024-24792 高危 v0.10.0 0.18.0 Parsing a corrupt or malicious image with invalid color indices can ca ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24792

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-06-27 18:15 修改: 2024-08-01 13:47
go.etcd.io/etcd CVE-2020-15114 高危 v0.5.0-alpha.5.0.20240320135013-950cd5fbe6ca 3.4.10, 3.3.23 etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15114

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2020-08-06 23:15 修改: 2023-11-07 03:17
stdlib CVE-2023-45288 高危 1.21.4 1.21.9, 1.22.2 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib CVE-2024-34156 高危 1.21.4 1.22.7, 1.23.1 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
go.etcd.io/etcd CVE-2020-15136 中危 v0.5.0-alpha.5.0.20240320135013-950cd5fbe6ca 3.4.10, 3.3.23 etcd: no authentication is performed against endpoints provided in the --endpoints flag

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15136

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2020-08-06 23:15 修改: 2023-11-07 03:17
go.etcd.io/etcd CVE-2018-1099 中危 v0.5.0-alpha.5.0.20240320135013-950cd5fbe6ca 3.4.0 etcd: DNS rebinding vulnerability in etcd server

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1099

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2018-04-03 16:29 修改: 2023-11-07 02:55
golang.org/x/net CVE-2023-45288 中危 v0.22.0 0.23.0 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib CVE-2023-39326 中危 1.21.4 1.20.12, 1.21.5 golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib CVE-2023-45289 中危 1.21.4 1.21.8, 1.22.1 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2023-45290 中危 1.21.4 1.21.8, 1.22.1 golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24783 中危 1.21.4 1.21.8, 1.22.1 golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24784 中危 1.21.4 1.21.8, 1.22.1 golang: net/mail: comments in display names are incorrectly handled

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib CVE-2024-24785 中危 1.21.4 1.21.8, 1.22.1 golang: html/template: errors returned from MarshalJSON methods may break template escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24789 中危 1.21.4 1.21.11, 1.22.4 golang: archive/zip: Incorrect handling of certain ZIP files

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib CVE-2024-24791 中危 1.21.4 1.21.12, 1.22.5 net/http: Denial of service due to improper 100-continue handling in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib CVE-2024-34155 中危 1.21.4 1.22.7, 1.23.1 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-09-06 21:15 修改: 2024-09-09 13:03
stdlib CVE-2024-34158 中危 1.21.4 1.22.7, 1.23.1 go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:c5b72bf7e17f6274e40f87559cfb8ce36d70b43de09809f90dec61f6814eb61e

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35