docker.io/sonarsource/sonar-scanner-cli:11.1.1.1661_6.2.1 linux/amd64

docker.io/sonarsource/sonar-scanner-cli:11.1.1.1661_6.2.1 - Trivy安全扫描结果 扫描时间: 2025-01-24 15:24
全部漏洞信息
低危漏洞:1 中危漏洞:23 高危漏洞:30 严重漏洞:0

系统OS: amazon 2023.5.20240916 (Amazon Linux) 扫描引擎: Trivy 扫描时间: 2025-01-24 15:24

docker.io/sonarsource/sonar-scanner-cli:11.1.1.1661_6.2.1 (amazon 2023.5.20240916 (Amazon Linux)) (amazon)
低危漏洞:0 中危漏洞:22 高危漏洞:30 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
expat CVE-2023-52425 高危 2.5.0-1.amzn2023.0.4 2.6.3-1.amzn2023.0.1 expat: parsing large tokens can trigger a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35
expat CVE-2024-45490 高危 2.5.0-1.amzn2023.0.4 2.6.3-1.amzn2023.0.1 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
java-17-amazon-corretto CVE-2024-21208 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: HTTP client improper handling of maxHeaderSize (8328286)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21208

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
java-17-amazon-corretto CVE-2024-21210 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Array indexing integer overflow (8328544)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21210

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
java-17-amazon-corretto CVE-2024-21217 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Unbounded allocation leads to out-of-memory error (8331446)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21217

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:29
java-17-amazon-corretto CVE-2024-21235 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Integer conversion error leads to incorrect range check (8332644)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21235

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:30
java-17-amazon-corretto-devel CVE-2024-21208 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: HTTP client improper handling of maxHeaderSize (8328286)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21208

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
java-17-amazon-corretto-devel CVE-2024-21210 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Array indexing integer overflow (8328544)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21210

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
java-17-amazon-corretto-devel CVE-2024-21217 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Unbounded allocation leads to out-of-memory error (8331446)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21217

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:29
java-17-amazon-corretto-devel CVE-2024-21235 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Integer conversion error leads to incorrect range check (8332644)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21235

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:30
java-17-amazon-corretto-headless CVE-2024-21208 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: HTTP client improper handling of maxHeaderSize (8328286)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21208

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
java-17-amazon-corretto-headless CVE-2024-21210 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Array indexing integer overflow (8328544)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21210

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
java-17-amazon-corretto-headless CVE-2024-21217 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Unbounded allocation leads to out-of-memory error (8331446)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21217

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:29
java-17-amazon-corretto-headless CVE-2024-21235 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Integer conversion error leads to incorrect range check (8332644)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21235

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:30
java-17-amazon-corretto-jmods CVE-2024-21208 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: HTTP client improper handling of maxHeaderSize (8328286)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21208

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
java-17-amazon-corretto-jmods CVE-2024-21210 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Array indexing integer overflow (8328544)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21210

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
java-17-amazon-corretto-jmods CVE-2024-21217 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Unbounded allocation leads to out-of-memory error (8331446)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21217

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:29
java-17-amazon-corretto-jmods CVE-2024-21235 高危 1:17.0.12+7-1.amzn2023.1 1:17.0.13+11-1.amzn2023.1 JDK: Integer conversion error leads to incorrect range check (8332644)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21235

镜像层: sha256:2bcd07fc97ace4b6dc77d1b8d335da6e04a4619c1366ecd3376c6b19bde2fe1a

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:30
libarchive CVE-2024-48957 高危 3.7.4-2.amzn2023.0.1 3.7.4-2.amzn2023.0.2 libarchive: Out-of-bounds access in libarchive's archive file handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-48957

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-10-10 02:15 修改: 2024-12-02 14:58
libarchive CVE-2024-48958 高危 3.7.4-2.amzn2023.0.1 3.7.4-2.amzn2023.0.2 libarchive: Out-of-bounds access in libarchive's RAR file handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-48958

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-10-10 02:15 修改: 2024-12-02 14:58
python3 CVE-2024-4032 高危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3 CVE-2024-6232 高危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3 CVE-2024-6923 高危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
python3 CVE-2024-7592 高危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 cpython: python: Uncontrolled CPU resource consumption when in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
python3 CVE-2024-8088 高危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
python3-libs CVE-2024-4032 高危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3-libs CVE-2024-6232 高危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3-libs CVE-2024-6923 高危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
python3-libs CVE-2024-7592 高危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 cpython: python: Uncontrolled CPU resource consumption when in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
python3-libs CVE-2024-8088 高危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
nodejs-libs CVE-2024-28863 中危 1:18.20.2-1.amzn2023.0.1 1:18.20.4-1.amzn2023.0.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
nodejs-npm CVE-2024-21538 中危 1:10.5.0-1.18.20.2.1.amzn2023.0.1 1:10.8.2-1.18.20.5.1.amzn2023.0.1 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
nodejs-npm CVE-2024-28863 中危 1:10.5.0-1.18.20.2.1.amzn2023.0.1 1:10.7.0-1.18.20.4.1.amzn2023.0.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
openssl CVE-2024-41996 中危 1:3.0.8-1.amzn2023.0.14 1:3.0.8-1.amzn2023.0.16 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
openssl CVE-2024-6119 中危 1:3.0.8-1.amzn2023.0.14 1:3.0.8-1.amzn2023.0.15 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
openssl-libs CVE-2024-41996 中危 1:3.0.8-1.amzn2023.0.14 1:3.0.8-1.amzn2023.0.16 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
openssl-libs CVE-2024-6119 中危 1:3.0.8-1.amzn2023.0.14 1:3.0.8-1.amzn2023.0.15 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
expat CVE-2024-50602 中危 2.5.0-1.amzn2023.0.4 2.6.3-1.amzn2023.0.2 libexpat: expat: DoS via XML_ResumeParser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
libgcrypt CVE-2024-2236 中危 1.10.2-1.amzn2023.0.1 1.10.2-1.amzn2023.0.2 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
libxml2 CVE-2024-34459 中危 2.10.4-1.amzn2023.0.6 2.10.4-1.amzn2023.0.7 libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-05-14 15:39 修改: 2024-08-22 18:35
nodejs CVE-2024-21538 中危 1:18.20.2-1.amzn2023.0.1 1:18.20.5-1.amzn2023.0.1 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
nodejs CVE-2024-28863 中危 1:18.20.2-1.amzn2023.0.1 1:18.20.4-1.amzn2023.0.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
python3 CVE-2023-27043 中危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
nodejs-docs CVE-2024-21538 中危 1:18.20.2-1.amzn2023.0.1 1:18.20.5-1.amzn2023.0.1 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
nodejs-docs CVE-2024-28863 中危 1:18.20.2-1.amzn2023.0.1 1:18.20.4-1.amzn2023.0.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
nodejs-full-i18n CVE-2024-21538 中危 1:18.20.2-1.amzn2023.0.1 1:18.20.5-1.amzn2023.0.1 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
nodejs-full-i18n CVE-2024-28863 中危 1:18.20.2-1.amzn2023.0.1 1:18.20.4-1.amzn2023.0.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
nodejs-libs CVE-2024-21538 中危 1:18.20.2-1.amzn2023.0.1 1:18.20.5-1.amzn2023.0.1 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:a0c41c4fc2fb65dceba6735befd36289590f382e8363e9082542f7562129e631

发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
python3-libs CVE-2023-27043 中危 3.9.16-1.amzn2023.0.9 3.9.20-1.amzn2023.0.2 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3-pip-wheel CVE-2024-35195 中危 21.3.1-2.amzn2023.0.7 21.3.1-2.amzn2023.0.10 requests: subsequent requests to the same host ignore cert verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35195

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-05-20 21:15 修改: 2024-06-10 17:16
python3-pip-wheel CVE-2024-3651 中危 21.3.1-2.amzn2023.0.7 21.3.1-2.amzn2023.0.9 python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3651

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-07-07 18:15 修改: 2024-07-11 14:58
python3-pip-wheel CVE-2024-37891 中危 21.3.1-2.amzn2023.0.7 21.3.1-2.amzn2023.0.8 urllib3: proxy-authorization request header is not stripped during cross-origin redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37891

镜像层: sha256:c7e5c6d6328d49c187936300d79d2500d7ca36275f32f2035be6dad9b21f7a87

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
Java (jar)
低危漏洞:1 中危漏洞:1 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
ch.qos.logback:logback-core CVE-2024-12798 中危 1.5.8 1.5.13, 1.3.15 logback-core: arbitrary code execution via JaninoEventEvaluator

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798

镜像层: sha256:0446b97dd97f632190bdaf3d815ccb4d960cd94001a25090ab36f2fcc02df68a

发布日期: 2024-12-19 16:15 修改: 2025-01-03 14:15
ch.qos.logback:logback-core CVE-2024-12801 低危 1.5.8 1.5.13, 1.3.15 logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801

镜像层: sha256:0446b97dd97f632190bdaf3d815ccb4d960cd94001a25090ab36f2fcc02df68a

发布日期: 2024-12-19 17:15 修改: 2025-01-03 14:15