docker.io/sameersbn/gitlab:latest - Trivy镜像安全扫描结果

全部漏洞信息

低危漏洞:72

中危漏洞:58

高危漏洞:33

严重漏洞:12

系统OS: ubuntu 22.04 扫描引擎: Trivy 扫描时间: 2025-02-14 11:44

docker.io/sameersbn/gitlab:latest (ubuntu 22.04) (ubuntu)

低危漏洞:70

中危漏洞:36

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	漏洞信息
gcc-12-base	CVE-2023-4039	中危	12.3.0-1ubuntu1~22.04	gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libatomic1	CVE-2023-4039	中危	12.3.0-1ubuntu1~22.04	gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libde265-0	CVE-2023-51792	中危	1.0.8-1ubuntu0.3	Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attac ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51792 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-04-19 17:15 修改: 2024-07-03 01:43
libde265-0	CVE-2024-38949	中危	1.0.8-1ubuntu0.3	Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attacker ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38949 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-06-26 20:15 修改: 2024-07-08 14:18
libde265-0	CVE-2024-38950	中危	1.0.8-1ubuntu0.3	Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attacker ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38950 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-06-26 20:15 修改: 2024-08-12 18:35
libfreetype6	CVE-2025-23022	中危	2.11.1+dfsg-1ubuntu0.2	freetype: signed integer overflow in cf2_doFlex 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23022 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2025-01-10 15:15 修改: 2025-01-16 21:12
libgcc-s1	CVE-2023-4039	中危	12.3.0-1ubuntu1~22.04	gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libgomp1	CVE-2023-4039	中危	12.3.0-1ubuntu1~22.04	gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libgssapi-krb5-2	CVE-2024-26462	中危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libheif1	CVE-2023-0996	中危	1.12.0-2build1	There is a vulnerability in the strided image data parsing code in the ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0996 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-02-24 04:15 修改: 2023-11-07 04:02
libheif1	CVE-2023-29659	中危	1.12.0-2build1	A Segmentation fault caused by a floating point exception exists in li ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29659 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-05-05 16:15 修改: 2023-11-07 04:11
libk5crypto3	CVE-2024-26462	中危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3	CVE-2024-26462	中危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0	CVE-2024-26462	中危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libpam-modules	CVE-2024-10041	中危	1.4.0-11ubuntu2.5	pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules-bin	CVE-2024-10041	中危	1.4.0-11ubuntu2.5	pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-runtime	CVE-2024-10041	中危	1.4.0-11ubuntu2.5	pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam0g	CVE-2024-10041	中危	1.4.0-11ubuntu2.5	pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpython3.10-minimal	CVE-2024-11168	中危	3.10.12-1~22.04.8	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
libpython3.10-stdlib	CVE-2024-11168	中危	3.10.12-1~22.04.8	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
libstdc++6	CVE-2023-4039	中危	12.3.0-1ubuntu1~22.04	gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
login	CVE-2024-56433	中危	1:4.8.1-2ubuntu2.2	shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2024-12-26 09:15 修改: 2024-12-26 09:15
nodejs	CVE-2022-40735	中危	20.18.3-1nodesource1	漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40735 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2022-11-14 23:15 修改: 2024-04-23 07:15
nodejs	CVE-2023-5363	中危	20.18.3-1nodesource1	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-10-25 18:17 修改: 2024-10-14 15:15
nodejs	CVE-2024-6119	中危	20.18.3-1nodesource1	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
passwd	CVE-2024-56433	中危	1:4.8.1-2ubuntu2.2	shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2024-12-26 09:15 修改: 2024-12-26 09:15
python3.10	CVE-2024-11168	中危	3.10.12-1~22.04.8	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
python3.10-minimal	CVE-2024-11168	中危	3.10.12-1~22.04.8	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
redis-tools	CVE-2022-24736	中危	5:6.0.16-1ubuntu1	redis: Malformed Lua script can crash Redis 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24736 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2022-04-27 20:15 修改: 2023-11-07 03:44
redis-tools	CVE-2022-24834	中危	5:6.0.16-1ubuntu1	redis: heap overflow in the lua cjson and cmsgpack libraries 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24834 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-07-13 15:15 修改: 2023-08-14 19:15
redis-tools	CVE-2022-35977	中危	5:6.0.16-1ubuntu1	redis: Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands may result with false OOM panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35977 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-01-20 19:15 修改: 2023-02-02 14:28
redis-tools	CVE-2022-36021	中危	5:6.0.16-1ubuntu1	redis: Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36021 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-03-01 16:15 修改: 2023-11-07 03:49
redis-tools	CVE-2023-25155	中危	5:6.0.16-1ubuntu1	redis: String matching commands (like SCAN or KEYS) with a specially crafted pattern to trigger a denial-of-service attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25155 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-03-02 04:15 修改: 2023-03-10 05:02
redis-tools	CVE-2023-28856	中危	5:6.0.16-1ubuntu1	redis: Insufficient validation of HINCRBYFLOAT command 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28856 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-04-18 21:15 修改: 2023-06-01 14:15
redis-tools	CVE-2023-45145	中危	5:6.0.16-1ubuntu1	redis: possible bypass of Unix socket permissions on startup 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45145 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-10-18 21:15 修改: 2024-01-21 02:30
wget	CVE-2021-31879	中危	1.21.2-2ubuntu1.1	wget: authorization header disclosure on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52
libk5crypto3	CVE-2024-26458	低危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libk5crypto3	CVE-2024-26461	低危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
gpgconf	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libkrb5-3	CVE-2024-26458	低危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5-3	CVE-2024-26461	低危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
gpgsm	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libkrb5support0	CVE-2024-26458	低危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5support0	CVE-2024-26461	低危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libncurses6	CVE-2023-45918	低危	6.3-2ubuntu0.1	ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libncurses6	CVE-2023-50495	低危	6.3-2ubuntu0.1	ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libncursesw6	CVE-2023-45918	低危	6.3-2ubuntu0.1	ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libncursesw6	CVE-2023-50495	低危	6.3-2ubuntu0.1	ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
gpgv	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
graphicsmagick	CVE-2017-13736	低危	1.4+really1.3.38-1ubuntu0.1	There are lots of memory leaks in the GMCommand function in magick/com ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13736 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2017-08-29 06:29 修改: 2023-11-07 02:38
dirmngr	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libatomic1	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04	binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libpcre2-8-0	CVE-2022-41409	低危	10.39-3ubuntu0.1	pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46
libpcre3	CVE-2017-11164	低危	2:8.39-13ubuntu0.22.04.1	pcre: OP_KETRMAX feature in the match function in pcre_exec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2017-07-11 03:29 修改: 2023-11-07 02:38
libc-bin	CVE-2016-20013	低危	2.35-0ubuntu3.9	漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libc6	CVE-2016-20013	低危	2.35-0ubuntu3.9	漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libssl3	CVE-2024-41996	低危	3.0.2-0ubuntu1.18	openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
coreutils	CVE-2016-2781	低危	8.32-4.1ubuntu1.2	coreutils: Non-privileged session can escape to the parent session in chroot 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libstdc++6	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04	binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libsystemd0	CVE-2023-7008	低危	249.11-0ubuntu3.12	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-12-23 13:15 修改: 2024-11-22 12:15
libtiff5	CVE-2024-6716	低危	4.3.0-6ubuntu0.10	漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6716 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-07-15 15:15 修改: 2024-09-04 14:15
libtinfo6	CVE-2023-45918	低危	6.3-2ubuntu0.1	ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libtinfo6	CVE-2023-50495	低危	6.3-2ubuntu0.1	ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libudev1	CVE-2023-7008	低危	249.11-0ubuntu3.12	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-12-23 13:15 修改: 2024-11-22 12:15
libzstd1	CVE-2022-4899	低危	1.4.8+dfsg-3build1	zstd: mysql: buffer overrun in util.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-03-31 20:15 修改: 2023-11-07 03:59
locales	CVE-2016-20013	低危	2.35-0ubuntu3.9	漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
gcc-12-base	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04	binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
login	CVE-2023-29383	低危	1:4.8.1-2ubuntu2.2	shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
ncurses-base	CVE-2023-45918	低危	6.3-2ubuntu0.1	ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
ncurses-base	CVE-2023-50495	低危	6.3-2ubuntu0.1	ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
ncurses-bin	CVE-2023-45918	低危	6.3-2ubuntu0.1	ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
ncurses-bin	CVE-2023-50495	低危	6.3-2ubuntu0.1	ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
gnupg	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gnupg-l10n	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gnupg-utils	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
nodejs	CVE-2019-1563	低危	20.18.3-1nodesource1	openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1563 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2019-09-10 17:15 修改: 2023-11-07 03:08
nodejs	CVE-2021-23840	低危	20.18.3-1nodesource1	openssl: integer overflow in CipherUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
nodejs	CVE-2023-0464	低危	20.18.3-1nodesource1	openssl: Denial of service by excessive resource usage in verifying X509 policy constraints 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15
nodejs	CVE-2023-0465	低危	20.18.3-1nodesource1	openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
nodejs	CVE-2023-0466	低危	20.18.3-1nodesource1	openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
nodejs	CVE-2023-1255	低危	20.18.3-1nodesource1	openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1255 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-04-20 17:15 修改: 2023-09-08 17:15
nodejs	CVE-2023-2975	低危	20.18.3-1nodesource1	openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2975 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-07-14 12:15 修改: 2024-10-14 15:15
nodejs	CVE-2023-3446	低危	20.18.3-1nodesource1	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15
nodejs	CVE-2023-3817	低危	20.18.3-1nodesource1	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15
nodejs	CVE-2023-5678	低危	20.18.3-1nodesource1	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
nodejs	CVE-2023-6129	低危	20.18.3-1nodesource1	openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-01-09 17:15 修改: 2024-10-14 15:15
nodejs	CVE-2023-6237	低危	20.18.3-1nodesource1	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-04-25 07:15 修改: 2024-11-01 15:35
nodejs	CVE-2024-0727	低危	20.18.3-1nodesource1	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
nodejs	CVE-2024-2511	低危	20.18.3-1nodesource1	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
nodejs	CVE-2024-4603	低危	20.18.3-1nodesource1	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
nodejs	CVE-2024-4741	低危	20.18.3-1nodesource1	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
nodejs	CVE-2024-5535	低危	20.18.3-1nodesource1	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
nodejs	CVE-2024-9143	低危	20.18.3-1nodesource1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
openssl	CVE-2024-41996	低危	3.0.2-0ubuntu1.18	openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
libgcc-s1	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04	binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
passwd	CVE-2023-29383	低危	1:4.8.1-2ubuntu2.2	shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
libgcrypt20	CVE-2024-2236	低危	1.9.4-3ubuntu3	libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465 发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
gnupg2	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libgomp1	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04	binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libgraphicsmagick-q16-3	CVE-2017-13736	低危	1.4+really1.3.38-1ubuntu0.1	There are lots of memory leaks in the GMCommand function in magick/com ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13736 镜像层: sha256:afe41ac51cb3e05b05f560955c6d2c75e10b04f69e82792eb13adc24731fa938 发布日期: 2017-08-29 06:29 修改: 2023-11-07 02:38
gpg	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libgssapi-krb5-2	CVE-2024-26458	低危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libgssapi-krb5-2	CVE-2024-26461	低危	1.19.2-2ubuntu0.5	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
gpg-agent	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpg-wks-client	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpg-wks-server	CVE-2022-3219	低危	2.2.27-3ubuntu2.1	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:e77baab737627b6876e1ea16312867806c078b9af59bf7b8fb7a04dd15875b43 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

Java (jar)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

Node.js (node-pkg)

低危漏洞:2

中危漏洞:5

高危漏洞:13

严重漏洞:3

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
handlebars	CVE-2019-19919	严重	1.0.0	4.3.0, 3.0.8	nodejs-handlebars: prototype pollution leading to remote code execution via crafted payloads 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19919 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2019-12-20 23:15 修改: 2022-06-03 18:48
handlebars	CVE-2021-23369	严重	1.0.0	4.7.7	nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23369 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2021-04-12 14:15 修改: 2021-06-08 13:54
handlebars	CVE-2021-23383	严重	1.0.0	4.7.7	nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23383 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2021-05-04 09:15 修改: 2021-12-03 19:59
diff	GHSA-h6ch-v84p-w6p9	高危	1.0.0	3.5.0	Regular Expression Denial of Service (ReDoS) 漏洞详情: https://github.com/advisories/GHSA-h6ch-v84p-w6p9 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
handlebars	CVE-2019-20920	高危	1.0.0	3.0.8, 4.5.3	nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20920 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2020-09-30 18:15 修改: 2020-10-15 17:35
handlebars	GHSA-2cf5-4w76-r9qv	高危	1.0.0	3.0.8, 4.5.2	Arbitrary Code Execution in handlebars 漏洞详情: https://github.com/advisories/GHSA-2cf5-4w76-r9qv 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
handlebars	GHSA-g9r4-xpmj-mj65	高危	1.0.0	3.0.8, 4.5.3	Prototype Pollution in handlebars 漏洞详情: https://github.com/advisories/GHSA-g9r4-xpmj-mj65 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
handlebars	GHSA-q2c6-c6pm-g3gh	高危	1.0.0	3.0.8, 4.5.3	Arbitrary Code Execution in handlebars 漏洞详情: https://github.com/advisories/GHSA-q2c6-c6pm-g3gh 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
handlebars	GHSA-q42p-pg8m-cqh6	高危	1.0.0	4.1.2, 4.0.14, 3.0.7	Prototype Pollution in handlebars 漏洞详情: https://github.com/advisories/GHSA-q42p-pg8m-cqh6 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
ini	CVE-2020-7788	高危	1.0.0	1.3.6	nodejs-ini: Prototype pollution via malicious INI file 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7788 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2020-12-11 11:15 修改: 2022-12-02 19:40
json	CVE-2020-7712	高危	1.0.0	10.0.0	trentm/json vulnerable to command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7712 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2020-08-30 08:15 修改: 2023-11-07 03:26
npm	CVE-2018-7408	高危	1.0.1	5.7.1	Incorrect Permission Assignment for Critical Resource in NPM 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7408 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2018-02-22 18:29 修改: 2019-10-03 00:03
npm	CVE-2019-16775	高危	1.0.1	6.13.3	npm: Symlink reference outside of node_modules folder through the bin field upon installation 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16775 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
npm	CVE-2019-16776	高危	1.0.1	6.13.3	npm: Arbitrary file write via constructed entry in the package.json bin field 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16776 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
npm	CVE-2019-16777	高危	1.0.1	6.13.4	npm: Global node_modules Binary Overwrite 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16777 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
pug	CVE-2021-21353	高危	1.0.0	3.0.1	pug: user provided objects as input to pug templates can achieve remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21353 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2021-03-03 02:15 修改: 2021-03-09 15:35
handlebars	NSWG-ECO-519	中危	1.0.0	>=4.6.0	Denial of Service 漏洞详情: https://hackerone.com/reports/726364 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
npm	CVE-2016-3956	中危	1.0.1	>= 2.15.1 <= 3.0.0, >= 3.8.3	npm: bearer token leak to non-registry hosts 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3956 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2016-07-02 14:59 修改: 2021-06-15 16:30
npm	CVE-2020-15095	中危	1.0.1	6.14.6	npm: sensitive information exposure through logs 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15095 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2020-07-07 19:15 修改: 2023-11-07 03:17
handlebars	CVE-2015-8861	中危	1.0.0	>=4.0.0	The handlebars package before 4.0.0 for Node.js allows remote attacker ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8861 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2017-01-23 21:59 修改: 2020-04-22 12:54
pug	CVE-2024-36361	中危	1.0.0	3.0.3	Pug allows JavaScript code execution if an application accepts untrusted input 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36361 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-05-24 06:15 修改: 2024-08-02 04:17
markdown	GHSA-wx77-rp39-c6vg	低危	1.0.0		Regular Expression Denial of Service in markdown 漏洞详情: https://github.com/advisories/GHSA-wx77-rp39-c6vg 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
npm	CVE-2013-4116	低危	1.0.1	>=1.3.3	npm: Insecure temporary directory generation 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4116 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2014-04-22 14:23 修改: 2020-10-14 13:21

Ruby (gemspec)

低危漏洞:0

中危漏洞:7

高危漏洞:2

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
rexml	CVE-2024-49761	高危	3.3.1	>= 3.3.9	rexml: REXML ReDoS vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-49761 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-10-28 15:15 修改: 2024-12-27 16:15
webrick	CVE-2024-47220	高危	1.8.1	>= 1.8.2	WEBrick: HTTP request smuggling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47220 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-09-22 01:15 修改: 2025-01-09 18:15
devise-two-factor	CVE-2024-8796	中危	4.1.1	>= 6.0.0	Under the default configuration, Devise-Two-Factor versions >= 2.2.0 & ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8796 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-09-17 18:15 修改: 2024-09-30 14:10
carrierwave	CVE-2023-49090	中危	1.3.4	~> 2.2.5, >= 3.0.5	CarrierWave is a solution for file uploads for Rails, Sinatra and othe ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49090 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2023-11-29 15:15 修改: 2023-12-05 16:25
rexml	CVE-2024-39908	中危	3.3.1	>= 3.3.2	rexml: DoS vulnerability in REXML 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39908 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-07-16 18:15 修改: 2025-01-17 20:15
rexml	CVE-2024-41123	中危	3.3.1	>= 3.3.3	rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]> 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41123 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-08-01 15:15 修改: 2024-12-27 16:15
rexml	CVE-2024-41946	中危	3.3.1	>= 3.3.3	rexml: DoS vulnerability in REXML 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41946 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-08-01 15:15 修改: 2025-01-17 20:15
rexml	CVE-2024-43398	中危	3.3.1	>= 3.3.6	rexml: DoS vulnerability in REXML 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43398 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-08-22 15:15 修改: 2025-01-03 12:15
carrierwave	CVE-2024-29034	中危	1.3.4	~> 2.2.6, >= 3.0.7	CarrierWave content-Type allowlist bypass vulnerability which possibly leads to XSS remained 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29034 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-03-24 20:15 修改: 2024-03-25 01:51

home/git/gitlab-shell/bin/gitlab-shell (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/net	CVE-2024-45338	高危	v0.26.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

golang.org/x/net

CVE-2024-45338

高危

v0.26.0

0.33.0

golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

home/git/gitlab-shell/bin/gitlab-shell-authorized-keys-check (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/net	CVE-2024-45338	高危	v0.26.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

golang.org/x/net

CVE-2024-45338

高危

v0.26.0

0.33.0

golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

home/git/gitlab-shell/bin/gitlab-shell-authorized-principals-check (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/net	CVE-2024-45338	高危	v0.26.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

golang.org/x/net

CVE-2024-45338

高危

v0.26.0

0.33.0

golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

home/git/gitlab-shell/bin/gitlab-shell-check (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/net	CVE-2024-45338	高危	v0.26.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

golang.org/x/net

CVE-2024-45338

高危

v0.26.0

0.33.0

golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

home/git/gitlab-shell/bin/gitlab-sshd (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/crypto	CVE-2024-45337	严重	v0.26.0	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net	CVE-2024-45338	高危	v0.26.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

golang.org/x/crypto

CVE-2024-45337

严重

v0.26.0

0.31.0

golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15

golang.org/x/net

CVE-2024-45338

高危

v0.26.0

0.33.0

golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

home/git/gitlab/vendor/bundle/ruby/3.2.0/gems/devfile-0.1.1-x86_64-linux/bin/devfile (gobinary)

低危漏洞:0

中危漏洞:10

高危漏洞:5

严重漏洞:3

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
github.com/go-git/go-git/v5	CVE-2025-21613	严重	v5.11.0	5.13.0	go-git: argument injection via the URL field 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-21613 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2025-01-06 17:15 修改: 2025-01-06 17:15
golang.org/x/crypto	CVE-2024-45337	严重	v0.21.0	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
stdlib	CVE-2024-24790	严重	1.22.0	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2024-45338	高危	v0.22.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
github.com/go-git/go-git/v5	CVE-2025-21614	高危	v5.11.0	5.13.0	go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-21614 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2025-01-06 17:15 修改: 2025-01-06 17:15
stdlib	CVE-2023-45288	高危	1.22.0	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-24788	高危	1.22.0	1.22.3	golang: net: malformed DNS message can cause infinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24788 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-05-08 16:15 修改: 2024-06-14 13:15
stdlib	CVE-2024-34156	高危	1.22.0	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2023-45288	中危	v0.22.0	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2023-45289	中危	1.22.0	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.22.0	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.22.0	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.22.0	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.22.0	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.22.0	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.22.0	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.22.0	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.22.0	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

home/git/gitlab/vendor/bundle/ruby/3.2.0/gems/gitlab-glfm-markdown-0.0.23-x86_64-linux/Cargo.lock (cargo)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

home/git/gitlab/vendor/bundle/ruby/3.2.0/gems/prometheus-client-mmap-1.1.1-x86_64-linux/ext/fast_mmaped_file_rs/Cargo.lock (cargo)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/gitaly (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:2

严重漏洞:2

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
github.com/go-git/go-git/v5	CVE-2025-21613	严重	v5.11.0	5.13.0	go-git: argument injection via the URL field 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-21613 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2025-01-06 17:15 修改: 2025-01-06 17:15
golang.org/x/crypto	CVE-2024-45337	严重	v0.30.0	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
github.com/go-git/go-git/v5	CVE-2025-21614	高危	v5.11.0	5.13.0	go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-21614 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2025-01-06 17:15 修改: 2025-01-06 17:15
golang.org/x/net	CVE-2024-45338	高危	v0.32.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

usr/local/bin/gitaly-backup (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/crypto	CVE-2024-45337	严重	v0.30.0	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
golang.org/x/net	CVE-2024-45338	高危	v0.32.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

golang.org/x/crypto

CVE-2024-45337

严重

v0.30.0

0.31.0

golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15

golang.org/x/net

CVE-2024-45338

高危

v0.32.0

0.33.0

golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

usr/local/bin/gitaly-blackbox (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/net	CVE-2024-45338	高危	v0.32.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

golang.org/x/net

CVE-2024-45338

高危

v0.32.0

0.33.0

golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

usr/local/bin/gitaly-debug (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/net	CVE-2024-45338	高危	v0.32.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

golang.org/x/net

CVE-2024-45338

高危

v0.32.0

0.33.0

golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

usr/local/bin/gitaly-wrapper (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/net	CVE-2024-45338	高危	v0.32.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

golang.org/x/net

CVE-2024-45338

高危

v0.32.0

0.33.0

golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3

发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

usr/local/bin/gitlab-pages (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/gitlab-resize-image (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/gitlab-workhorse (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/gitlab-zip-cat (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/gitlab-zip-metadata (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/praefect (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:2

严重漏洞:2

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
github.com/go-git/go-git/v5	CVE-2025-21613	严重	v5.11.0	5.13.0	go-git: argument injection via the URL field 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-21613 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2025-01-06 17:15 修改: 2025-01-06 17:15
golang.org/x/crypto	CVE-2024-45337	严重	v0.30.0	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
github.com/go-git/go-git/v5	CVE-2025-21614	高危	v5.11.0	5.13.0	go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-21614 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2025-01-06 17:15 修改: 2025-01-06 17:15
golang.org/x/net	CVE-2024-45338	高危	v0.32.0	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:37a07a7c080473a5d84e2ac6dedf2252777799e9dd5a2bd9bad7a17b96a4e0c3 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16

/home/git/gitlab/spec/factories/integrations.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/etc/ssh/ssh_host_ed25519_key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/etc/ssh/ssh_host_rsa_key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/config/secrets.yml ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/qa/tls_certificates/client/client.key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/factories/pages_domains.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/fixtures/clusters/sample_key.key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/lib/json_web_token/rsa_token_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/app/models/integrations/prometheus.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/doc/api/openapi/openapi_v2.yaml ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/qa/tls_certificates/authority/ca.key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/lib/gitlab/auth/ldap/config_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/qa/tls_certificates/authority/ca.pem ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/lib/gitlab/middleware/handle_malformed_strings_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/fixtures/ssl_key.pem ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/fixtures/x509_certificate_pk.key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/frontend/diffs/store/actions_spec.js ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/frontend/lib/utils/secret_detection_spec.js ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/frontend/notes/components/comment_form_spec.js ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/etc/ssl/private/ssl-cert-snakeoil.key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/features/profiles/user_edit_profile_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/fixtures/service_account.json ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/frontend/notes/components/noteable_note_spec.js ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/models/integrations/prometheus_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/support/helpers/gpg_helpers.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/config/gitleaks.toml ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/gems/gitlab-secret_detection/spec/lib/gitlab/secret_detection/scan_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/fixtures/auth_key.p8 ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/models/integrations/diffblue_cover_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/app/models/integrations/diffblue_cover.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/frontend/issuable/issuable_form_spec.js ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/frontend/lib/utils/mock_data.js ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/frontend/diffs/stores/legacy_diffs/actions_spec.js ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/frontend/issues/show/components/app_spec.js ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/etc/ssh/ssh_host_ecdsa_key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/qa/tls_certificates/client/client.pem ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/features/projects/integrations/user_activates_slack_notifications_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

docker.io/sameersbn/gitlab:latest linux/amd64

全部漏洞信息

docker.io/sameersbn/gitlab:latest (ubuntu 22.04) (ubuntu)

Java (jar)

Node.js (node-pkg)

Ruby (gemspec)

home/git/gitlab-shell/bin/gitlab-shell (gobinary)

home/git/gitlab-shell/bin/gitlab-shell-authorized-keys-check (gobinary)

home/git/gitlab-shell/bin/gitlab-shell-authorized-principals-check (gobinary)

home/git/gitlab-shell/bin/gitlab-shell-check (gobinary)

home/git/gitlab-shell/bin/gitlab-sshd (gobinary)

home/git/gitlab/vendor/bundle/ruby/3.2.0/gems/devfile-0.1.1-x86_64-linux/bin/devfile (gobinary)

home/git/gitlab/vendor/bundle/ruby/3.2.0/gems/gitlab-glfm-markdown-0.0.23-x86_64-linux/Cargo.lock (cargo)

home/git/gitlab/vendor/bundle/ruby/3.2.0/gems/prometheus-client-mmap-1.1.1-x86_64-linux/ext/fast_mmaped_file_rs/Cargo.lock (cargo)

usr/local/bin/gitaly (gobinary)

usr/local/bin/gitaly-backup (gobinary)

usr/local/bin/gitaly-blackbox (gobinary)

usr/local/bin/gitaly-debug (gobinary)

usr/local/bin/gitaly-wrapper (gobinary)

usr/local/bin/gitlab-pages (gobinary)

usr/local/bin/gitlab-resize-image (gobinary)

usr/local/bin/gitlab-workhorse (gobinary)

usr/local/bin/gitlab-zip-cat (gobinary)

usr/local/bin/gitlab-zip-metadata (gobinary)

usr/local/bin/praefect (gobinary)

/home/git/gitlab/spec/factories/integrations.rb ()

/etc/ssh/ssh_host_ed25519_key ()

/etc/ssh/ssh_host_rsa_key ()

/home/git/gitlab/config/secrets.yml ()

/home/git/gitlab/qa/tls_certificates/client/client.key ()

/home/git/gitlab/spec/factories/pages_domains.rb ()

/home/git/gitlab/spec/fixtures/clusters/sample_key.key ()

/home/git/gitlab/spec/lib/json_web_token/rsa_token_spec.rb ()

/home/git/gitlab/app/models/integrations/prometheus.rb ()

/home/git/gitlab/doc/api/openapi/openapi_v2.yaml ()

/home/git/gitlab/qa/tls_certificates/authority/ca.key ()

/home/git/gitlab/spec/lib/gitlab/auth/ldap/config_spec.rb ()

/home/git/gitlab/qa/tls_certificates/authority/ca.pem ()

/home/git/gitlab/spec/lib/gitlab/middleware/handle_malformed_strings_spec.rb ()

/home/git/gitlab/spec/fixtures/ssl_key.pem ()

/home/git/gitlab/spec/fixtures/x509_certificate_pk.key ()

/home/git/gitlab/spec/frontend/diffs/store/actions_spec.js ()

/home/git/gitlab/spec/frontend/lib/utils/secret_detection_spec.js ()

/home/git/gitlab/spec/frontend/notes/components/comment_form_spec.js ()

/etc/ssl/private/ssl-cert-snakeoil.key ()

/home/git/gitlab/spec/features/profiles/user_edit_profile_spec.rb ()

/home/git/gitlab/spec/fixtures/service_account.json ()

/home/git/gitlab/spec/frontend/notes/components/noteable_note_spec.js ()

/home/git/gitlab/spec/models/integrations/prometheus_spec.rb ()

/home/git/gitlab/spec/support/helpers/gpg_helpers.rb ()

/home/git/gitlab/config/gitleaks.toml ()

/home/git/gitlab/gems/gitlab-secret_detection/spec/lib/gitlab/secret_detection/scan_spec.rb ()

/home/git/gitlab/spec/fixtures/auth_key.p8 ()

/home/git/gitlab/spec/models/integrations/diffblue_cover_spec.rb ()

/home/git/gitlab/app/models/integrations/diffblue_cover.rb ()

/home/git/gitlab/spec/frontend/issuable/issuable_form_spec.js ()

/home/git/gitlab/spec/frontend/lib/utils/mock_data.js ()

/home/git/gitlab/spec/frontend/diffs/stores/legacy_diffs/actions_spec.js ()

/home/git/gitlab/spec/frontend/issues/show/components/app_spec.js ()

/etc/ssh/ssh_host_ecdsa_key ()

/home/git/gitlab/qa/tls_certificates/client/client.pem ()

/home/git/gitlab/spec/features/projects/integrations/user_activates_slack_notifications_spec.rb ()