docker.io/python:3.6.15-alpine linux/amd64

docker.io/python:3.6.15-alpine - Trivy安全扫描结果 扫描时间: 2024-10-27 20:30
全部漏洞信息
低危漏洞:0 中危漏洞:17 高危漏洞:35 严重漏洞:8

系统OS: alpine 3.15.0 扫描引擎: Trivy 扫描时间: 2024-10-27 20:30

docker.io/python:3.6.15-alpine (alpine 3.15.0) (alpine)
低危漏洞:0 中危漏洞:16 高危漏洞:32 严重漏洞:8
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
expat CVE-2022-22822 严重 2.4.1-r0 2.4.3-r0 expat: Integer overflow in addBinding in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22822

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-01-10 14:12 修改: 2022-10-06 15:29
expat CVE-2022-22823 严重 2.4.1-r0 2.4.3-r0 expat: Integer overflow in build_model in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22823

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
expat CVE-2022-22824 严重 2.4.1-r0 2.4.3-r0 expat: Integer overflow in defineAttribute in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22824

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
expat CVE-2022-23852 严重 2.4.1-r0 2.4.4-r0 expat: Integer overflow in function XML_GetBuffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23852

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-01-24 02:15 修改: 2022-10-29 02:44
expat CVE-2022-25235 严重 2.4.1-r0 2.4.5-r0 expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25235

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44
expat CVE-2022-25236 严重 2.4.1-r0 2.4.5-r0 expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25236

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44
expat CVE-2022-25315 严重 2.4.1-r0 2.4.5-r0 expat: Integer overflow in storeRawNames()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25315

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44
zlib CVE-2022-37434 严重 1.2.11-r3 1.2.12-r2 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2022-08-05 07:15 修改: 2023-07-19 00:56
expat CVE-2021-45960 高危 2.4.1-r0 2.4.3-r0 expat: Large number of prefixed XML attributes on a single tag can crash libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45960

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-01-01 19:15 修改: 2022-10-06 19:08
expat CVE-2021-46143 高危 2.4.1-r0 2.4.3-r0 expat: Integer overflow in doProlog in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46143

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-01-06 04:15 修改: 2022-10-06 19:11
expat CVE-2022-22825 高危 2.4.1-r0 2.4.3-r0 expat: Integer overflow in lookup in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22825

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
expat CVE-2022-22826 高危 2.4.1-r0 2.4.3-r0 expat: Integer overflow in nextScaffoldPart in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22826

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:44
expat CVE-2022-22827 高危 2.4.1-r0 2.4.3-r0 expat: Integer overflow in storeAtts in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22827

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:52
expat CVE-2022-23990 高危 2.4.1-r0 2.4.4-r0 expat: integer overflow in the doProlog function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23990

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-01-26 19:15 修改: 2023-11-07 03:44
expat CVE-2022-25314 高危 2.4.1-r0 2.4.5-r0 expat: Integer overflow in copyString()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25314

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44
expat CVE-2022-40674 高危 2.4.1-r0 2.4.9-r0 expat: a use-after-free in the doContent function in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40674

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-09-14 11:15 修改: 2023-11-07 03:52
expat CVE-2022-43680 高危 2.4.1-r0 2.5.0-r0 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43680

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-10-24 14:15 修改: 2024-01-21 02:08
krb5-libs CVE-2022-42898 高危 1.19.2-r4 1.19.4-r0 krb5: integer overflow vulnerabilities in PAC parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libcom_err CVE-2022-1304 高危 1.46.4-r0 1.46.6-r0 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
libcrypto1.1 CVE-2022-0778 高危 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
libcrypto1.1 CVE-2022-4450 高危 1.1.1l-r7 1.1.1t-r0 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
libcrypto1.1 CVE-2023-0215 高危 1.1.1l-r7 1.1.1t-r0 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-02-08 20:15 修改: 2024-06-21 19:15
libcrypto1.1 CVE-2023-0286 高危 1.1.1l-r7 1.1.1t-r0 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
libcrypto1.1 CVE-2023-0464 高危 1.1.1l-r7 1.1.1t-r2 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15
libretls CVE-2022-0778 高危 3.3.4-r2 3.3.4-r3 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
libssl1.1 CVE-2022-0778 高危 1.1.1l-r7 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
libssl1.1 CVE-2022-4450 高危 1.1.1l-r7 1.1.1t-r0 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
libssl1.1 CVE-2023-0215 高危 1.1.1l-r7 1.1.1t-r0 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-02-08 20:15 修改: 2024-06-21 19:15
libssl1.1 CVE-2023-0286 高危 1.1.1l-r7 1.1.1t-r0 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
libssl1.1 CVE-2023-0464 高危 1.1.1l-r7 1.1.1t-r2 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15
libtirpc CVE-2021-46828 高危 1.3.2-r0 1.3.2-r1 libtirpc: DoS vulnerability with lots of connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46828

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-07-20 06:15 修改: 2023-11-07 03:40
libtirpc-conf CVE-2021-46828 高危 1.3.2-r0 1.3.2-r1 libtirpc: DoS vulnerability with lots of connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46828

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-07-20 06:15 修改: 2023-11-07 03:40
ncurses-libs CVE-2022-29458 高危 6.3_p20211120-r0 6.3_p20211120-r1 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
ncurses-libs CVE-2023-29491 高危 6.3_p20211120-r0 6.3_p20211120-r2 ncurses: Local users can trigger security-relevant memory corruption via malformed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
ncurses-terminfo-base CVE-2022-29458 高危 6.3_p20211120-r0 6.3_p20211120-r1 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
ncurses-terminfo-base CVE-2023-29491 高危 6.3_p20211120-r0 6.3_p20211120-r2 ncurses: Local users can trigger security-relevant memory corruption via malformed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
ssl_client CVE-2022-28391 高危 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28391

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2022-04-03 21:15 修改: 2022-08-11 18:44
xz-libs CVE-2022-1271 高危 5.2.5-r0 5.2.5-r1 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
busybox CVE-2022-28391 高危 1.34.1-r3 1.34.1-r5 busybox: remote attackers may execute arbitrary code if netstat is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28391

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2022-04-03 21:15 修改: 2022-08-11 18:44
zlib CVE-2018-25032 高危 1.2.11-r3 1.2.12-r0 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56
libssl1.1 CVE-2022-4304 中危 1.1.1l-r7 1.1.1t-r0 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
libssl1.1 CVE-2023-0465 中危 1.1.1l-r7 1.1.1t-r2 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
libssl1.1 CVE-2023-2650 中危 1.1.1l-r7 1.1.1u-r0 openssl: Possible DoS translating ASN.1 object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15
libssl1.1 CVE-2023-3446 中危 1.1.1l-r7 1.1.1u-r2 openssl: Excessive time spent checking DH keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15
libssl1.1 CVE-2023-3817 中危 1.1.1l-r7 1.1.1v-r0 OpenSSL: Excessive time spent checking DH q parameter value

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15
libssl1.1 CVE-2023-5678 中危 1.1.1l-r7 1.1.1w-r1 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
libcrypto1.1 CVE-2023-3446 中危 1.1.1l-r7 1.1.1u-r2 openssl: Excessive time spent checking DH keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15
libcrypto1.1 CVE-2023-3817 中危 1.1.1l-r7 1.1.1v-r0 OpenSSL: Excessive time spent checking DH q parameter value

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15
libcrypto1.1 CVE-2023-5678 中危 1.1.1l-r7 1.1.1w-r1 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
expat CVE-2022-25313 中危 2.4.1-r0 2.4.5-r0 expat: Stack exhaustion in doctype parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25313

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44
krb5-libs CVE-2021-37750 中危 1.19.2-r4 1.19.3-r0 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750

镜像层: sha256:671e3248113cc5479cb7fad8a05e164e54469ddba2a1ef5ff15274408398f862

发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libcrypto1.1 CVE-2022-2097 中危 1.1.1l-r7 1.1.1q-r0 openssl: AES OCB fails to encrypt some bytes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2022-07-05 11:15 修改: 2024-06-21 19:15
libcrypto1.1 CVE-2022-4304 中危 1.1.1l-r7 1.1.1t-r0 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
libcrypto1.1 CVE-2023-0465 中危 1.1.1l-r7 1.1.1t-r2 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
libcrypto1.1 CVE-2023-2650 中危 1.1.1l-r7 1.1.1u-r0 openssl: Possible DoS translating ASN.1 object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15
libssl1.1 CVE-2022-2097 中危 1.1.1l-r7 1.1.1q-r0 openssl: AES OCB fails to encrypt some bytes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097

镜像层: sha256:8d3ac3489996423f53d6087c81180006263b79f206d3fdec9e66f0e27ceb8759

发布日期: 2022-07-05 11:15 修改: 2024-06-21 19:15
Python (python-pkg)
低危漏洞:0 中危漏洞:1 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
setuptools CVE-2022-40897 高危 57.5.0 65.5.1 pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897

镜像层: sha256:3156423bd38f1fb1e2a56d70c87029f4b57bbe7507ec6f728d76d698af231d90

发布日期: 2022-12-23 00:15 修改: 2024-06-21 19:15
setuptools CVE-2024-6345 高危 57.5.0 70.0.0 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:3156423bd38f1fb1e2a56d70c87029f4b57bbe7507ec6f728d76d698af231d90

发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
wheel CVE-2022-40898 高危 0.37.0 0.38.1 python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40898

镜像层: sha256:3156423bd38f1fb1e2a56d70c87029f4b57bbe7507ec6f728d76d698af231d90

发布日期: 2022-12-23 00:15 修改: 2022-12-30 22:15
pip CVE-2023-5752 中危 21.2.4 23.3 pip: Mercurial configuration injectable in repo revision when installing via pip

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5752

镜像层: sha256:3156423bd38f1fb1e2a56d70c87029f4b57bbe7507ec6f728d76d698af231d90

发布日期: 2023-10-25 18:17 修改: 2024-06-10 18:15