docker.io/robustadev/grafana-renderer:7 linux/amd64

docker.io/robustadev/grafana-renderer:7 - Trivy安全扫描结果 扫描时间: 2025-01-02 15:34
全部漏洞信息
低危漏洞:5 中危漏洞:6 高危漏洞:30 严重漏洞:1

系统OS: alpine 3.11.12 扫描引擎: Trivy 扫描时间: 2025-01-02 15:34

docker.io/robustadev/grafana-renderer:7 (alpine 3.11.12) (alpine)
低危漏洞:0 中危漏洞:3 高危漏洞:19 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
zlib CVE-2022-37434 严重 1.2.11-r3 1.2.11-r4 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2022-08-05 07:15 修改: 2023-07-19 00:56
busybox CVE-2021-42379 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42379

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
busybox CVE-2021-42380 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42380

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
busybox CVE-2021-42381 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42381

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
busybox CVE-2021-42382 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42382

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
busybox CVE-2021-42383 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42383

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
busybox CVE-2021-42384 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42384

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
busybox CVE-2021-42385 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42385

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
busybox CVE-2021-42386 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42386

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
libvpx CVE-2020-0034 高危 1.8.1-r0 1.8.2-r0 libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-0034

镜像层: sha256:5635ad924bb94e25de72ddf84929fe86e3d756c56d04688eb4ac2c4f34436be0

发布日期: 2020-03-10 20:15 修改: 2021-11-29 17:26
ssl_client CVE-2021-42378 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42378

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
ssl_client CVE-2021-42379 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42379

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
ssl_client CVE-2021-42380 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42380

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
ssl_client CVE-2021-42381 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42381

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
ssl_client CVE-2021-42382 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42382

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
ssl_client CVE-2021-42383 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42383

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
ssl_client CVE-2021-42384 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42384

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
ssl_client CVE-2021-42385 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42385

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
ssl_client CVE-2021-42386 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42386

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
busybox CVE-2021-42378 高危 1.31.1-r10 1.31.1-r11 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42378

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
busybox CVE-2021-42374 中危 1.31.1-r10 1.31.1-r11 busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42374

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
ssl_client CVE-2021-42374 中危 1.31.1-r10 1.31.1-r11 busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42374

镜像层: sha256:39982b2a789afc156fff00c707d0ff1c6ab4af8f1666a8df4787714059ce24e7

发布日期: 2021-11-15 21:15 修改: 2023-11-07 03:39
avahi-libs CVE-2021-3468 中危 0.7-r5 0.8-r1 avahi: Local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3468

镜像层: sha256:5635ad924bb94e25de72ddf84929fe86e3d756c56d04688eb4ac2c4f34436be0

发布日期: 2021-06-02 16:15 修改: 2023-06-22 02:15
Node.js (node-pkg)
低危漏洞:5 中危漏洞:3 高危漏洞:11 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
ansi-regex CVE-2021-3807 高危 3.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:ba4ffd658470dfb20b88dbd28a22af83049091a5992fc20742ecf9786fbbcb90

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
ansi-regex CVE-2021-3807 高危 5.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:ba4ffd658470dfb20b88dbd28a22af83049091a5992fc20742ecf9786fbbcb90

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01
body-parser CVE-2024-45590 高危 1.20.0 1.20.3 body-parser: Denial of Service Vulnerability in body-parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45590

镜像层: sha256:d606ca5d231fb992bbdfdb6a8997e89385ce0f90cafa085d29aeeea41add9db0

发布日期: 2024-09-10 16:15 修改: 2024-09-20 16:26
http-cache-semantics CVE-2022-25881 高危 4.1.0 4.1.1 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25881

镜像层: sha256:ba4ffd658470dfb20b88dbd28a22af83049091a5992fc20742ecf9786fbbcb90

发布日期: 2023-01-31 05:15 修改: 2023-11-07 03:44
ip CVE-2024-29415 高危 1.1.5 node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:ba4ffd658470dfb20b88dbd28a22af83049091a5992fc20742ecf9786fbbcb90

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
minimatch CVE-2022-3517 高危 3.0.4 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:ba4ffd658470dfb20b88dbd28a22af83049091a5992fc20742ecf9786fbbcb90

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51
npm CVE-2022-29244 高危 8.1.0 8.11.0 nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29244

镜像层: sha256:ba4ffd658470dfb20b88dbd28a22af83049091a5992fc20742ecf9786fbbcb90

发布日期: 2022-06-13 14:15 修改: 2022-10-27 16:25
path-to-regexp CVE-2024-45296 高危 0.1.7 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:d606ca5d231fb992bbdfdb6a8997e89385ce0f90cafa085d29aeeea41add9db0

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:d606ca5d231fb992bbdfdb6a8997e89385ce0f90cafa085d29aeeea41add9db0

发布日期: 2023-06-21 05:15 修改: 2024-12-06 17:15
semver CVE-2022-25883 高危 7.3.5 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:ba4ffd658470dfb20b88dbd28a22af83049091a5992fc20742ecf9786fbbcb90

发布日期: 2023-06-21 05:15 修改: 2024-12-06 17:15
ws CVE-2024-37890 高危 8.5.0 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:d606ca5d231fb992bbdfdb6a8997e89385ce0f90cafa085d29aeeea41add9db0

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
path-to-regexp CVE-2024-52798 中危 0.1.7 0.1.12 path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52798

镜像层: sha256:d606ca5d231fb992bbdfdb6a8997e89385ce0f90cafa085d29aeeea41add9db0

发布日期: 2024-12-05 23:15 修改: 2024-12-05 23:15
tar CVE-2024-28863 中危 6.1.11 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:ba4ffd658470dfb20b88dbd28a22af83049091a5992fc20742ecf9786fbbcb90

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
express CVE-2024-29041 中危 4.18.1 4.19.2, 5.0.0-beta.3 express: cause malformed URLs to be evaluated

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29041

镜像层: sha256:d606ca5d231fb992bbdfdb6a8997e89385ce0f90cafa085d29aeeea41add9db0

发布日期: 2024-03-25 21:15 修改: 2024-03-26 12:55
ip CVE-2023-42282 低危 1.1.5 2.0.1, 1.1.9 nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:ba4ffd658470dfb20b88dbd28a22af83049091a5992fc20742ecf9786fbbcb90

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14
send CVE-2024-43799 低危 0.18.0 0.19.0 send: Code Execution Vulnerability in Send Library

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799

镜像层: sha256:d606ca5d231fb992bbdfdb6a8997e89385ce0f90cafa085d29aeeea41add9db0

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
serve-static CVE-2024-43800 低危 1.15.0 1.16.0, 2.1.0 serve-static: Improper Sanitization in serve-static

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43800

镜像层: sha256:d606ca5d231fb992bbdfdb6a8997e89385ce0f90cafa085d29aeeea41add9db0

发布日期: 2024-09-10 15:15 修改: 2024-09-20 17:36
cookie CVE-2024-47764 低危 0.5.0 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:d606ca5d231fb992bbdfdb6a8997e89385ce0f90cafa085d29aeeea41add9db0

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48
express CVE-2024-43796 低危 4.18.1 4.20.0, 5.0.0 express: Improper Input Handling in Express Redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43796

镜像层: sha256:d606ca5d231fb992bbdfdb6a8997e89385ce0f90cafa085d29aeeea41add9db0

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:07