docker.io/redis:6.2.4-alpine linux/amd64

docker.io/redis:6.2.4-alpine - Trivy安全扫描结果 扫描时间: 2024-10-27 20:41
全部漏洞信息
低危漏洞:0 中危漏洞:10 高危漏洞:34 严重漏洞:4

系统OS: alpine 3.14.0 扫描引擎: Trivy 扫描时间: 2024-10-27 20:41

docker.io/redis:6.2.4-alpine (alpine 3.14.0) (alpine)
低危漏洞:0 中危漏洞:10 高危漏洞:34 严重漏洞:4
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
apk-tools CVE-2021-36159 严重 2.12.5-r1 2.12.6-r0 libfetch: an out of boundary read while libfetch uses strtol to parse the relevant numbers into address bytes leads to information leak or crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36159

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-08-03 14:15 修改: 2023-11-07 03:36

libcrypto1.1 CVE-2021-3711 严重 1.1.1k-r0 1.1.1l-r0 openssl: SM2 Decryption Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3711

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

libssl1.1 CVE-2021-3711 严重 1.1.1k-r0 1.1.1l-r0 openssl: SM2 Decryption Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3711

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

zlib CVE-2022-37434 严重 1.2.11-r3 1.2.12-r2 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2022-08-05 07:15 修改: 2023-07-19 00:56

busybox CVE-2021-42381 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42381

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

busybox CVE-2021-42382 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42382

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

busybox CVE-2021-42383 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42383

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

busybox CVE-2021-42384 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42384

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

busybox CVE-2021-42385 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42385

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

busybox CVE-2021-42386 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42386

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

busybox CVE-2022-28391 高危 1.33.1-r2 1.33.1-r7 busybox: remote attackers may execute arbitrary code if netstat is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28391

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2022-04-03 21:15 修改: 2022-08-11 18:44

busybox CVE-2021-42378 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42378

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

libcrypto1.1 CVE-2021-3712 高危 1.1.1k-r0 1.1.1l-r0 openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

libcrypto1.1 CVE-2022-0778 高危 1.1.1k-r0 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15

libcrypto1.1 CVE-2022-4450 高危 1.1.1k-r0 1.1.1t-r0 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

libcrypto1.1 CVE-2023-0215 高危 1.1.1k-r0 1.1.1t-r0 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-02-08 20:15 修改: 2024-06-21 19:15

libcrypto1.1 CVE-2023-0286 高危 1.1.1k-r0 1.1.1t-r0 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

libcrypto1.1 CVE-2023-0464 高危 1.1.1k-r0 1.1.1t-r1 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15

libretls CVE-2022-0778 高危 3.3.3-r0 3.3.3p1-r3 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15

busybox CVE-2021-42379 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42379

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

libssl1.1 CVE-2021-3712 高危 1.1.1k-r0 1.1.1l-r0 openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

libssl1.1 CVE-2022-0778 高危 1.1.1k-r0 1.1.1n-r0 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15

libssl1.1 CVE-2022-4450 高危 1.1.1k-r0 1.1.1t-r0 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

libssl1.1 CVE-2023-0215 高危 1.1.1k-r0 1.1.1t-r0 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-02-08 20:15 修改: 2024-06-21 19:15

libssl1.1 CVE-2023-0286 高危 1.1.1k-r0 1.1.1t-r0 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

libssl1.1 CVE-2023-0464 高危 1.1.1k-r0 1.1.1t-r1 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15

ssl_client CVE-2021-42378 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42378

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

ssl_client CVE-2021-42379 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42379

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

ssl_client CVE-2021-42380 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42380

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

ssl_client CVE-2021-42381 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42381

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

ssl_client CVE-2021-42382 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42382

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

ssl_client CVE-2021-42383 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42383

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

ssl_client CVE-2021-42384 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42384

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

ssl_client CVE-2021-42385 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42385

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

ssl_client CVE-2021-42386 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42386

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

ssl_client CVE-2022-28391 高危 1.33.1-r2 1.33.1-r7 busybox: remote attackers may execute arbitrary code if netstat is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28391

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2022-04-03 21:15 修改: 2022-08-11 18:44

busybox CVE-2021-42380 高危 1.33.1-r2 1.33.1-r6 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42380

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

zlib CVE-2018-25032 高危 1.2.11-r3 1.2.12-r0 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56

libcrypto1.1 CVE-2022-2097 中危 1.1.1k-r0 1.1.1q-r0 openssl: AES OCB fails to encrypt some bytes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2022-07-05 11:15 修改: 2024-06-21 19:15

libssl1.1 CVE-2022-2097 中危 1.1.1k-r0 1.1.1q-r0 openssl: AES OCB fails to encrypt some bytes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2022-07-05 11:15 修改: 2024-06-21 19:15

libssl1.1 CVE-2022-4304 中危 1.1.1k-r0 1.1.1t-r0 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

libssl1.1 CVE-2023-0465 中危 1.1.1k-r0 1.1.1t-r2 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15

libcrypto1.1 CVE-2022-4304 中危 1.1.1k-r0 1.1.1t-r0 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

libcrypto1.1 CVE-2023-0465 中危 1.1.1k-r0 1.1.1t-r2 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15

ssl_client CVE-2021-42374 中危 1.33.1-r2 1.33.1-r4 busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42374

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

ssl_client CVE-2021-42375 中危 1.33.1-r2 1.33.1-r5 busybox: incorrect handling of a special element in ash applet leads to denial of service when processing a crafted shell command

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42375

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

busybox CVE-2021-42375 中危 1.33.1-r2 1.33.1-r5 busybox: incorrect handling of a special element in ash applet leads to denial of service when processing a crafted shell command

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42375

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39

busybox CVE-2021-42374 中危 1.33.1-r2 1.33.1-r4 busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42374

镜像层: sha256:72e830a4dff5f0d5225cdc0a320e85ab1ce06ea5673acfe8d83a7645cbd0e9cf

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39