docker.io/rancher/fleet:v0.15.1 linux/amd64

docker.io/rancher/fleet:v0.15.1 - Trivy安全扫描结果扫描时间: 2026-05-16 19:50

全部漏洞信息

低危漏洞:0

中危漏洞:6

高危漏洞:12

严重漏洞:0

系统OS: sles 15.7 扫描引擎: Trivy 扫描时间: 2026-05-16 19:50

docker.io/rancher/fleet:v0.15.1 (sles 15.7) (sles)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/bin/fleet (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:6

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
github.com/go-git/go-git/v5	CVE-2026-45022	高危	v5.18.0	5.19.0	go-git's improper parsing of specially crafted objects may lead to inconsistent interpretation compared to upstream Git 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45022 镜像层: sha256:2aebb3cc74481652e22a98df75bc60faa989dd2acb929bded9c073be9531096f 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
stdlib	CVE-2026-33811	高危	v1.25.9	1.25.10, 1.26.3	When using LookupCNAME with the cgo DNS resolver, a very long CNAME re ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:2aebb3cc74481652e22a98df75bc60faa989dd2acb929bded9c073be9531096f 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.9	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:2aebb3cc74481652e22a98df75bc60faa989dd2acb929bded9c073be9531096f 发布日期: 2026-05-07 20:16 修改: 2026-05-08 19:16
stdlib	CVE-2026-39820	高危	v1.25.9	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:2aebb3cc74481652e22a98df75bc60faa989dd2acb929bded9c073be9531096f 发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16
stdlib	CVE-2026-39836	高危	v1.25.9	1.25.10, 1.26.3	Panic in Dial and LookupPort when handling NUL byte on Windows in net 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:2aebb3cc74481652e22a98df75bc60faa989dd2acb929bded9c073be9531096f 发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
stdlib	CVE-2026-42499	高危	v1.25.9	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:2aebb3cc74481652e22a98df75bc60faa989dd2acb929bded9c073be9531096f 发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
stdlib	CVE-2026-39823	中危	v1.25.9	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:2aebb3cc74481652e22a98df75bc60faa989dd2acb929bded9c073be9531096f 发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16
stdlib	CVE-2026-39825	中危	v1.25.9	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:2aebb3cc74481652e22a98df75bc60faa989dd2acb929bded9c073be9531096f 发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
stdlib	CVE-2026-39826	中危	v1.25.9	1.25.10, 1.26.3	If a trusted template author were to write a <script> tag containing a ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:2aebb3cc74481652e22a98df75bc60faa989dd2acb929bded9c073be9531096f 发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16

usr/bin/fleetcontroller (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:6

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
github.com/go-git/go-git/v5	CVE-2026-45022	高危	v5.18.0	5.19.0	go-git's improper parsing of specially crafted objects may lead to inconsistent interpretation compared to upstream Git 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45022 镜像层: sha256:186bffa8dc3847e3d1a49b534f3082231e02ebafdbed3098a7c093bef77325b5 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
stdlib	CVE-2026-33811	高危	v1.25.9	1.25.10, 1.26.3	When using LookupCNAME with the cgo DNS resolver, a very long CNAME re ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:186bffa8dc3847e3d1a49b534f3082231e02ebafdbed3098a7c093bef77325b5 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.9	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:186bffa8dc3847e3d1a49b534f3082231e02ebafdbed3098a7c093bef77325b5 发布日期: 2026-05-07 20:16 修改: 2026-05-08 19:16
stdlib	CVE-2026-39820	高危	v1.25.9	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:186bffa8dc3847e3d1a49b534f3082231e02ebafdbed3098a7c093bef77325b5 发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16
stdlib	CVE-2026-39836	高危	v1.25.9	1.25.10, 1.26.3	Panic in Dial and LookupPort when handling NUL byte on Windows in net 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:186bffa8dc3847e3d1a49b534f3082231e02ebafdbed3098a7c093bef77325b5 发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
stdlib	CVE-2026-42499	高危	v1.25.9	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:186bffa8dc3847e3d1a49b534f3082231e02ebafdbed3098a7c093bef77325b5 发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
stdlib	CVE-2026-39823	中危	v1.25.9	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:186bffa8dc3847e3d1a49b534f3082231e02ebafdbed3098a7c093bef77325b5 发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16
stdlib	CVE-2026-39825	中危	v1.25.9	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:186bffa8dc3847e3d1a49b534f3082231e02ebafdbed3098a7c093bef77325b5 发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
stdlib	CVE-2026-39826	中危	v1.25.9	1.25.10, 1.26.3	If a trusted template author were to write a <script> tag containing a ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:186bffa8dc3847e3d1a49b534f3082231e02ebafdbed3098a7c093bef77325b5 发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16