docker.io/pingcap/tiflash:v8.1.0 linux/amd64

docker.io/pingcap/tiflash:v8.1.0 - Trivy安全扫描结果扫描时间: 2024-10-27 08:12

全部漏洞信息

低危漏洞:1

中危漏洞:12

高危漏洞:20

严重漏洞:0

系统OS: rocky 9.3 扫描引擎: Trivy 扫描时间: 2024-10-27 08:12

docker.io/pingcap/tiflash:v8.1.0 (rocky 9.3) (rocky)

低危漏洞:1

中危漏洞:12

高危漏洞:20

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
glibc	CVE-2024-2961	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
glibc	CVE-2024-33599	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc	CVE-2024-33600	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc	CVE-2024-33601	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc	CVE-2024-33602	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common	CVE-2024-2961	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
glibc-common	CVE-2024-33599	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common	CVE-2024-33600	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common	CVE-2024-33601	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common	CVE-2024-33602	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-minimal-langpack	CVE-2024-2961	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
glibc-minimal-langpack	CVE-2024-33599	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-minimal-langpack	CVE-2024-33600	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-minimal-langpack	CVE-2024-33601	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-minimal-langpack	CVE-2024-33602	高危	2.34-83.el9.7	2.34-100.el9_4.2	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
less	CVE-2024-32487	高危	590-2.el9_2	590-4.el9_4	less: OS command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32487 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-04-13 15:15 修改: 2024-07-08 14:18
python3	CVE-2023-6597	高危	3.9.18-1.el9_3	3.9.18-3.el9_4.1	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3	CVE-2024-0450	高危	3.9.18-1.el9_3	3.9.18-3.el9_4.1	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3-libs	CVE-2023-6597	高危	3.9.18-1.el9_3	3.9.18-3.el9_4.1	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3-libs	CVE-2024-0450	高危	3.9.18-1.el9_3	3.9.18-3.el9_4.1	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
gnutls	CVE-2024-28835	中危	3.7.6-23.el9	3.8.3-4.el9_4	gnutls: potential crash during chain building/verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28835 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-03-21 06:15 修改: 2024-09-16 19:16
glib2	CVE-2024-34397	中危	2.68.4-11.el9	2.68.4-14.el9_4.1	glib2: Signal subscription vulnerabilities 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-05-07 18:15 修改: 2024-06-10 18:15
less	CVE-2022-48624	中危	590-2.el9_2	590-3.el9_3	less: missing quoting of shell metacharacters in LESSCLOSE handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48624 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-02-19 01:15 修改: 2024-06-10 18:15
libnghttp2	CVE-2024-28182	中危	1.43.0-5.el9_3.1	1.43.0-5.el9_4.3	nghttp2: CONTINUATION frames DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-04-04 15:15 修改: 2024-05-01 18:15
libxml2	CVE-2024-25062	中危	2.9.13-4.el9	2.9.13-6.el9_4	libxml2: use-after-free in XMLReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-02-04 16:15 修改: 2024-02-13 00:40
openssl	CVE-2024-6119	中危	1:3.0.7-24.el9	1:3.0.7-28.el9_4	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
openssl-libs	CVE-2024-6119	中危	1:3.0.7-24.el9	1:3.0.7-28.el9_4	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
expat	CVE-2024-45490	中危	2.5.0-1.el9	2.5.0-2.el9_4.1	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
expat	CVE-2024-45491	中危	2.5.0-1.el9	2.5.0-2.el9_4.1	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
expat	CVE-2024-45492	中危	2.5.0-1.el9	2.5.0-2.el9_4.1	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
gnutls	CVE-2024-28834	中危	3.7.6-23.el9	3.8.3-4.el9_4	gnutls: vulnerable to Minerva side-channel information leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2024-03-21 14:15 修改: 2024-09-12 20:15
systemd-libs	CVE-2023-7008	中危	252-18.el9	252-32.el9_4	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16
file-libs	CVE-2022-48554	低危	5.39-14.el9	5.39-16.el9	file: stack-based buffer over-read in file_copystr in funcs.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48554 镜像层: sha256:c4bc4a1387e82c199a05c950a61d31aba8e1481a94c63196b82e25ac8367e5d1 发布日期: 2023-08-22 19:16 修改: 2024-03-13 22:15