docker.io/runcitadel/prepare:dev linux/arm64

docker.io/runcitadel/prepare:dev - Trivy安全扫描结果扫描时间: 2025-02-19 17:14 温馨提示: 这是一个 linux/arm64 系统架构镜像

全部漏洞信息

低危漏洞:6

中危漏洞:43

高危漏洞:31

严重漏洞:9

系统OS: photon 5.0 扫描引擎: Trivy 扫描时间: 2025-02-19 17:14

docker.io/runcitadel/prepare:dev (photon 5.0) (photon)

低危漏洞:5

中危漏洞:43

高危漏洞:30

严重漏洞:9

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
expat	CVE-2024-45491	严重	2.5.0-1.ph5	2.6.0-3.ph5	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
expat	CVE-2024-45492	严重	2.5.0-1.ph5	2.6.0-3.ph5	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
expat-libs	CVE-2024-45491	严重	2.5.0-1.ph5	2.6.0-3.ph5	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
expat-libs	CVE-2024-45492	严重	2.5.0-1.ph5	2.6.0-3.ph5	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
glibc	CVE-2023-6780	严重	2.36-8.ph5	2.36-9.ph5	glibc: integer overflow in __vsyslog_internal() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6780 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-01-31 14:15 修改: 2024-03-26 16:15
glibc-libs	CVE-2023-6780	严重	2.36-8.ph5	2.36-9.ph5	glibc: integer overflow in __vsyslog_internal() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6780 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-01-31 14:15 修改: 2024-03-26 16:15
krb5	CVE-2024-37371	严重	1.20.2-1.ph5	1.20.2-4.ph5	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
openssl	CVE-2024-5535	严重	3.0.9-8.ph5	3.0.14-3.ph5	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
openssl-libs	CVE-2024-5535	严重	3.0.9-8.ph5	3.0.14-3.ph5	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
curl-libs	CVE-2024-2398	高危	8.1.2-7.ph5	8.1.2-8.ph5	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
curl-libs	CVE-2024-6197	高危	8.1.2-7.ph5	8.7.1-2.ph5	curl: freeing stack buffer in utf8asn1str 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6197 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-07-24 08:15 修改: 2024-11-29 12:15
expat-libs	CVE-2023-52425	高危	2.5.0-1.ph5	2.6.0-1.ph5	expat: parsing large tokens can trigger a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35
expat-libs	CVE-2024-28757	高危	2.5.0-1.ph5	2.6.0-2.ph5	expat: XML Entity Expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-03-10 05:15 修改: 2024-05-01 19:15
expat-libs	CVE-2024-45490	高危	2.5.0-1.ph5	2.6.0-3.ph5	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
curl	CVE-2024-2398	高危	8.1.2-7.ph5	8.1.2-8.ph5	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
glibc	CVE-2023-6246	高危	2.36-8.ph5	2.36-9.ph5	glibc: heap-based buffer overflow in __vsyslog_internal() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6246 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-01-31 14:15 修改: 2024-02-16 13:15
glibc	CVE-2023-6779	高危	2.36-8.ph5	2.36-9.ph5	glibc: off-by-one heap-based buffer overflow in __vsyslog_internal() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6779 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-01-31 14:15 修改: 2024-02-27 17:26
glibc	CVE-2024-2961	高危	2.36-8.ph5	2.36-10.ph5	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
curl	CVE-2024-6197	高危	8.1.2-7.ph5	8.7.1-2.ph5	curl: freeing stack buffer in utf8asn1str 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6197 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-07-24 08:15 修改: 2024-11-29 12:15
glibc-libs	CVE-2023-6246	高危	2.36-8.ph5	2.36-9.ph5	glibc: heap-based buffer overflow in __vsyslog_internal() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6246 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-01-31 14:15 修改: 2024-02-16 13:15
glibc-libs	CVE-2023-6779	高危	2.36-8.ph5	2.36-9.ph5	glibc: off-by-one heap-based buffer overflow in __vsyslog_internal() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6779 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-01-31 14:15 修改: 2024-02-27 17:26
glibc-libs	CVE-2024-2961	高危	2.36-8.ph5	2.36-10.ph5	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
expat	CVE-2023-52425	高危	2.5.0-1.ph5	2.6.0-1.ph5	expat: parsing large tokens can trigger a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35
krb5	CVE-2024-37370	高危	1.20.2-1.ph5	1.20.2-4.ph5	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
nss	CVE-2023-0767	高危	3.78-5.ph5	3.78-6.ph5	nss: Arbitrary memory write via PKCS 12 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767 镜像层: sha256:d195c8748f5ea7dc5530aa1dd284dd2385438cd236b01b046747948641ca0932 发布日期: 2023-06-02 17:15 修改: 2023-08-02 16:45
nss	CVE-2024-0743	高危	3.78-5.ph5	3.78-9.ph5	Mozilla: Crash in NSS TLS method 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0743 镜像层: sha256:d195c8748f5ea7dc5530aa1dd284dd2385438cd236b01b046747948641ca0932 发布日期: 2024-01-23 14:15 修改: 2024-03-25 17:15
nss-libs	CVE-2023-0767	高危	3.78-5.ph5	3.78-6.ph5	nss: Arbitrary memory write via PKCS 12 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2023-06-02 17:15 修改: 2023-08-02 16:45
nss-libs	CVE-2024-0743	高危	3.78-5.ph5	3.78-9.ph5	Mozilla: Crash in NSS TLS method 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0743 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-01-23 14:15 修改: 2024-03-25 17:15
expat	CVE-2024-28757	高危	2.5.0-1.ph5	2.6.0-2.ph5	expat: XML Entity Expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-03-10 05:15 修改: 2024-05-01 19:15
openssl	CVE-2024-2511	高危	3.0.9-8.ph5	3.0.13-4.ph5	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
expat	CVE-2024-45490	高危	2.5.0-1.ph5	2.6.0-3.ph5	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
openssl-libs	CVE-2024-2511	高危	3.0.9-8.ph5	3.0.13-4.ph5	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
python3	CVE-2024-6232	高危	3.11.0-10.ph5	3.11.9-4.ph5	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3-libs	CVE-2024-6232	高危	3.11.0-10.ph5	3.11.9-4.ph5	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3-pip	CVE-2024-6232	高危	3.11.0-10.ph5	3.11.9-4.ph5	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3-setuptools	CVE-2024-6232	高危	3.11.0-10.ph5	3.11.9-4.ph5	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3-xml	CVE-2024-6232	高危	3.11.0-10.ph5	3.11.9-4.ph5	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
sqlite-libs	CVE-2023-7104	高危	3.40.1-2.ph5	3.40.1-3.ph5	sqlite: heap-buffer-overflow at sessionfuzz 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2023-12-29 10:15 修改: 2024-05-17 02:34
util-linux-libs	CVE-2024-28085	高危	2.38-3.ph5	2.38-4.ph5	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
expat	CVE-2023-52426	中危	2.5.0-1.ph5	2.6.0-1.ph5	expat: recursive XML entity expansion vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52426 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-02-04 20:15 修改: 2024-03-07 17:15
expat	CVE-2024-50602	中危	2.5.0-1.ph5	2.6.0-6.ph5	libexpat: expat: DoS via XML_ResumeParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
glibc-libs	CVE-2024-33599	中危	2.36-8.ph5	2.36-11.ph5	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-libs	CVE-2024-33600	中危	2.36-8.ph5	2.36-11.ph5	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-libs	CVE-2024-33601	中危	2.36-8.ph5	2.36-11.ph5	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-libs	CVE-2024-33602	中危	2.36-8.ph5	2.36-11.ph5	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
curl	CVE-2023-46218	中危	8.1.2-7.ph5	8.7.1-1.ph5	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15
curl-libs	CVE-2023-46218	中危	8.1.2-7.ph5	8.7.1-1.ph5	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15
krb5	CVE-2024-26458	中危	1.20.2-1.ph5	1.20.2-3.ph5	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
krb5	CVE-2024-26461	中危	1.20.2-1.ph5	1.20.2-3.ph5	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
krb5	CVE-2024-26462	中危	1.20.2-1.ph5	1.20.2-3.ph5	krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libssh2	CVE-2023-48795	中危	1.11.0-1.ph5	1.11.0-2.ph5	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
curl-libs	CVE-2023-46219	中危	8.1.2-7.ph5	8.7.1-1.ph5	curl: excessively long file name may lead to unknown HSTS status 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46219 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2023-12-12 02:15 修改: 2024-01-19 16:15
curl-libs	CVE-2024-2004	中危	8.1.2-7.ph5	8.1.2-8.ph5	curl: Usage of disabled protocol 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2004 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-03-27 08:15 修改: 2024-10-29 16:35
nss	CVE-2023-5388	中危	3.78-5.ph5	3.78-8.ph5	nss: timing attack against RSA decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5388 镜像层: sha256:d195c8748f5ea7dc5530aa1dd284dd2385438cd236b01b046747948641ca0932 发布日期: 2024-03-19 12:15 修改: 2024-11-14 22:35
curl-libs	CVE-2024-7264	中危	8.1.2-7.ph5	8.7.1-3.ph5	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
expat-libs	CVE-2023-52426	中危	2.5.0-1.ph5	2.6.0-1.ph5	expat: recursive XML entity expansion vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52426 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-02-04 20:15 修改: 2024-03-07 17:15
nss-libs	CVE-2023-5388	中危	3.78-5.ph5	3.78-8.ph5	nss: timing attack against RSA decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5388 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-03-19 12:15 修改: 2024-11-14 22:35
expat-libs	CVE-2024-50602	中危	2.5.0-1.ph5	2.6.0-6.ph5	libexpat: expat: DoS via XML_ResumeParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
curl-libs	CVE-2024-9681	中危	8.1.2-7.ph5	8.7.1-4.ph5	curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-11-06 08:15 修改: 2024-12-13 14:15
openssl	CVE-2024-0727	中危	3.0.9-8.ph5	3.0.9-10.ph5	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
openssl	CVE-2024-4741	中危	3.0.9-8.ph5	3.0.14-1.ph5	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
curl	CVE-2023-46219	中危	8.1.2-7.ph5	8.7.1-1.ph5	curl: excessively long file name may lead to unknown HSTS status 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46219 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2023-12-12 02:15 修改: 2024-01-19 16:15
curl	CVE-2024-2004	中危	8.1.2-7.ph5	8.1.2-8.ph5	curl: Usage of disabled protocol 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2004 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-03-27 08:15 修改: 2024-10-29 16:35
openssl-libs	CVE-2024-0727	中危	3.0.9-8.ph5	3.0.9-10.ph5	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
openssl-libs	CVE-2024-4741	中危	3.0.9-8.ph5	3.0.14-1.ph5	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
curl	CVE-2024-7264	中危	8.1.2-7.ph5	8.7.1-3.ph5	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
python3	CVE-2023-27043	中危	3.11.0-10.ph5	3.11.9-4.ph5	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3	CVE-2024-6923	中危	3.11.0-10.ph5	3.11.9-3.ph5	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
glibc	CVE-2024-33599	中危	2.36-8.ph5	2.36-11.ph5	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
python3-libs	CVE-2023-27043	中危	3.11.0-10.ph5	3.11.9-4.ph5	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3-libs	CVE-2024-6923	中危	3.11.0-10.ph5	3.11.9-3.ph5	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
glibc	CVE-2024-33600	中危	2.36-8.ph5	2.36-11.ph5	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
python3-pip	CVE-2023-27043	中危	3.11.0-10.ph5	3.11.9-4.ph5	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3-pip	CVE-2024-6923	中危	3.11.0-10.ph5	3.11.9-3.ph5	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
glibc	CVE-2024-33601	中危	2.36-8.ph5	2.36-11.ph5	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
python3-setuptools	CVE-2023-27043	中危	3.11.0-10.ph5	3.11.9-4.ph5	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3-setuptools	CVE-2024-6923	中危	3.11.0-10.ph5	3.11.9-3.ph5	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
glibc	CVE-2024-33602	中危	2.36-8.ph5	2.36-11.ph5	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
python3-xml	CVE-2023-27043	中危	3.11.0-10.ph5	3.11.9-4.ph5	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3-xml	CVE-2024-6923	中危	3.11.0-10.ph5	3.11.9-3.ph5	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
curl	CVE-2024-9681	中危	8.1.2-7.ph5	8.7.1-4.ph5	curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:cf9c53ee798936bd8c840f55118614a85f064400e6f07d1a1eb3d6259a1f3672 发布日期: 2024-11-06 08:15 修改: 2024-12-13 14:15
apr	CVE-2023-49582	中危	1.7.4-2.ph5	1.7.5-1.ph5	APR: Lax permissions in Apache Portable Runtime shared memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49582 镜像层: sha256:d195c8748f5ea7dc5530aa1dd284dd2385438cd236b01b046747948641ca0932 发布日期: 2024-08-26 14:15 修改: 2024-08-27 16:04
python3	CVE-2024-4032	低危	3.11.0-10.ph5	3.11.7-4.ph5	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3-pip	CVE-2024-4032	低危	3.11.0-10.ph5	3.11.7-4.ph5	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3-xml	CVE-2024-4032	低危	3.11.0-10.ph5	3.11.7-4.ph5	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3-setuptools	CVE-2024-4032	低危	3.11.0-10.ph5	3.11.7-4.ph5	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3-libs	CVE-2024-4032	低危	3.11.0-10.ph5	3.11.7-4.ph5	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:99588199270c644b1e32aba3ae7fb745c63ffac663ba2b6da3c8b7234ef6c37e 发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35

Python (python-pkg)

低危漏洞:1

中危漏洞:0

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
virtualenv	CVE-2024-53899	高危	20.25.0	20.26.6	virtualenv: potential command injection via virtual environment activation scripts 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-53899 镜像层: sha256:b47f50829fedd7aa4ad492f1b309b713e0b64a2cd2898e5c39af548b69ce74db 发布日期: 2024-11-24 16:15 修改: 2024-11-26 18:23
certifi	CVE-2024-39689	低危	2023.11.17	2024.07.04	python-certifi: Remove root certificates from `GLOBALTRUST` from the root store 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39689 镜像层: sha256:b47f50829fedd7aa4ad492f1b309b713e0b64a2cd2898e5c39af548b69ce74db 发布日期: 2024-07-05 19:15 修改: 2024-12-06 14:15

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

virtualenv

CVE-2024-53899

高危

20.25.0

20.26.6

virtualenv: potential command injection via virtual environment activation scripts