docker.io/pingcap/pd:v8.5.0 linux/amd64

docker.io/pingcap/pd:v8.5.0 - Trivy安全扫描结果 扫描时间: 2024-12-24 00:57
全部漏洞信息
低危漏洞:3 中危漏洞:0 高危漏洞:3 严重漏洞:3

系统OS: rocky 9.4 扫描引擎: Trivy 扫描时间: 2024-12-24 00:57

docker.io/pingcap/pd:v8.5.0 (rocky 9.4) (rocky)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
pd-ctl (gobinary)
低危漏洞:1 中危漏洞:0 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2024-45337 严重 v0.23.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:8f1de9d736d507fb53fb412a3142b822e8460d74ff5aca59a329d1e4ef72f466

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net CVE-2024-45338 高危 v0.25.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:8f1de9d736d507fb53fb412a3142b822e8460d74ff5aca59a329d1e4ef72f466

发布日期: 2024-12-18 21:15 修改: 2024-12-18 21:15
github.com/golang-jwt/jwt/v4 CVE-2024-51744 低危 v4.4.2 4.5.1 golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744

镜像层: sha256:8f1de9d736d507fb53fb412a3142b822e8460d74ff5aca59a329d1e4ef72f466

发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04
pd-recover (gobinary)
低危漏洞:1 中危漏洞:0 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2024-45337 严重 v0.23.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:ce07f9ccdb7173ac6afd52dc0bd65a328e42a432c4a9b74e9c134408819e2ff0

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net CVE-2024-45338 高危 v0.25.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:ce07f9ccdb7173ac6afd52dc0bd65a328e42a432c4a9b74e9c134408819e2ff0

发布日期: 2024-12-18 21:15 修改: 2024-12-18 21:15
github.com/golang-jwt/jwt/v4 CVE-2024-51744 低危 v4.4.2 4.5.1 golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744

镜像层: sha256:ce07f9ccdb7173ac6afd52dc0bd65a328e42a432c4a9b74e9c134408819e2ff0

发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04
pd-server (gobinary)
低危漏洞:1 中危漏洞:0 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2024-45337 严重 v0.23.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:569404fa04c98a347a0ac33087843d531a5ae64075796383dda061497613eccc

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net CVE-2024-45338 高危 v0.25.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:569404fa04c98a347a0ac33087843d531a5ae64075796383dda061497613eccc

发布日期: 2024-12-18 21:15 修改: 2024-12-18 21:15
github.com/golang-jwt/jwt/v4 CVE-2024-51744 低危 v4.4.2 4.5.1 golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744

镜像层: sha256:569404fa04c98a347a0ac33087843d531a5ae64075796383dda061497613eccc

发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04