docker.io/rancher/hardened-kubernetes:v1.31.3-rke2r1-build20241121 linux/amd64

docker.io/rancher/hardened-kubernetes:v1.31.3-rke2r1-build20241121 - Trivy安全扫描结果 扫描时间: 2025-01-30 01:30
全部漏洞信息
低危漏洞:0 中危漏洞:8 高危漏洞:8 严重漏洞:6

系统OS: suse linux enterprise server 15.5 扫描引擎: Trivy 扫描时间: 2025-01-30 01:30

docker.io/rancher/hardened-kubernetes:v1.31.3-rke2r1-build20241121 (suse linux enterprise server 15.5) (suse linux enterprise server)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
usr/local/bin/kube-apiserver (gobinary)
低危漏洞:0 中危漏洞:2 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2024-45337 严重 v0.24.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net CVE-2024-45338 高危 v0.26.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
github.com/opencontainers/runc CVE-2024-45310 中危 v1.1.13 1.1.14, 1.2.0-rc.3 runc: runc can be tricked into creating empty files/directories on host

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45310

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-09-03 19:15 修改: 2024-09-03 19:40
gopkg.in/square/go-jose.v2 CVE-2024-28180 中危 v2.6.0 jose-go: improper handling of highly compressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28180

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-03-09 01:15 修改: 2024-06-12 02:15
usr/local/bin/kube-controller-manager (gobinary)
低危漏洞:0 中危漏洞:2 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2024-45337 严重 v0.24.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net CVE-2024-45338 高危 v0.26.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
github.com/opencontainers/runc CVE-2024-45310 中危 v1.1.13 1.1.14, 1.2.0-rc.3 runc: runc can be tricked into creating empty files/directories on host

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45310

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-09-03 19:15 修改: 2024-09-03 19:40
gopkg.in/square/go-jose.v2 CVE-2024-28180 中危 v2.6.0 jose-go: improper handling of highly compressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28180

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-03-09 01:15 修改: 2024-06-12 02:15
usr/local/bin/kube-proxy (gobinary)
低危漏洞:0 中危漏洞:1 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2024-45337 严重 v0.24.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net CVE-2024-45338 高危 v0.26.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
github.com/opencontainers/runc CVE-2024-45310 中危 v1.1.13 1.1.14, 1.2.0-rc.3 runc: runc can be tricked into creating empty files/directories on host

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45310

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-09-03 19:15 修改: 2024-09-03 19:40
usr/local/bin/kube-scheduler (gobinary)
低危漏洞:0 中危漏洞:1 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2024-45337 严重 v0.24.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net CVE-2024-45338 高危 v0.26.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
github.com/opencontainers/runc CVE-2024-45310 中危 v1.1.13 1.1.14, 1.2.0-rc.3 runc: runc can be tricked into creating empty files/directories on host

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45310

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-09-03 19:15 修改: 2024-09-03 19:40
usr/local/bin/kubeadm (gobinary)
低危漏洞:0 中危漏洞:1 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2024-45337 严重 v0.24.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net CVE-2024-45338 高危 v0.26.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
gopkg.in/square/go-jose.v2 CVE-2024-28180 中危 v2.6.0 jose-go: improper handling of highly compressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28180

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-03-09 01:15 修改: 2024-06-12 02:15
usr/local/bin/kubectl (gobinary)
低危漏洞:0 中危漏洞:0 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/net CVE-2024-45338 高危 v0.26.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
usr/local/bin/kubelet (gobinary)
低危漏洞:0 中危漏洞:1 高危漏洞:2 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2024-45337 严重 v0.24.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful CVE-2023-45142 高危 v0.42.0 0.44.0 opentelemetry: DoS vulnerability in otelhttp

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45142

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2023-10-12 17:15 修改: 2024-02-19 03:15
golang.org/x/net CVE-2024-45338 高危 v0.26.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
github.com/opencontainers/runc CVE-2024-45310 中危 v1.1.13 1.1.14, 1.2.0-rc.3 runc: runc can be tricked into creating empty files/directories on host

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45310

镜像层: sha256:f3f13b88268e18e183934bad3a60e070a1463672b2e4dfe5b97b5faf1d0392bc

发布日期: 2024-09-03 19:15 修改: 2024-09-03 19:40