docker.io/stirlingtools/stirling-pdf:latest - Trivy镜像安全扫描结果

全部漏洞信息

低危漏洞:4

中危漏洞:9

高危漏洞:2

严重漏洞:0

系统OS: alpine 3.20.3 扫描引擎: Trivy 扫描时间: 2024-12-20 17:19

docker.io/stirlingtools/stirling-pdf:latest (alpine 3.20.3) (alpine)

低危漏洞:4

中危漏洞:8

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
cups-libs	CVE-2024-47175	高危	2.4.9-r1	2.4.10-r1	cups: libppd: remote command injection via attacker controlled data in PPD file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47175 镜像层: sha256:6be2634e4b9ac42c01c4560c38bdebae50866f530e0806821e582866cb8b8d4e 发布日期: 2024-09-26 22:15 修改: 2024-09-30 12:46
busybox	CVE-2023-42365	中危	1.36.1-r29	1.36.1-r30	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox-binsh	CVE-2023-42364	中危	1.36.1-r29	1.36.1-r30	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox-binsh	CVE-2023-42365	中危	1.36.1-r29	1.36.1-r30	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox	CVE-2023-42364	中危	1.36.1-r29	1.36.1-r30	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
qt6-qtbase	CVE-2024-39936	中危	6.6.3-r1	6.7.2-r1	qtbase: qtbase: Delay any communication until encrypted() can be responded to 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39936 镜像层: sha256:6be2634e4b9ac42c01c4560c38bdebae50866f530e0806821e582866cb8b8d4e 发布日期: 2024-07-04 21:15 修改: 2024-07-08 16:41
qt6-qtbase-x11	CVE-2024-39936	中危	6.6.3-r1	6.7.2-r1	qtbase: qtbase: Delay any communication until encrypted() can be responded to 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39936 镜像层: sha256:6be2634e4b9ac42c01c4560c38bdebae50866f530e0806821e582866cb8b8d4e 发布日期: 2024-07-04 21:15 修改: 2024-07-08 16:41
ssl_client	CVE-2023-42364	中危	1.36.1-r29	1.36.1-r30	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
ssl_client	CVE-2023-42365	中危	1.36.1-r29	1.36.1-r30	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libcrypto3	CVE-2024-9143	低危	3.3.2-r1	3.3.2-r3	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:6be2634e4b9ac42c01c4560c38bdebae50866f530e0806821e582866cb8b8d4e 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3	CVE-2024-9143	低危	3.3.2-r1	3.3.2-r3	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:6be2634e4b9ac42c01c4560c38bdebae50866f530e0806821e582866cb8b8d4e 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
openssl	CVE-2024-9143	低危	3.3.2-r1	3.3.2-r3	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:6be2634e4b9ac42c01c4560c38bdebae50866f530e0806821e582866cb8b8d4e 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
openssl-dev	CVE-2024-9143	低危	3.3.2-r1	3.3.2-r3	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:6be2634e4b9ac42c01c4560c38bdebae50866f530e0806821e582866cb8b8d4e 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35

Java (jar)

低危漏洞:0

中危漏洞:1

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
org.apache.commons:commons-compress	CVE-2024-25710	高危	1.21	1.26.0	commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710 镜像层: sha256:d5ab35a34b5840d3175aad4cc2c63ef92e2118a9d469148d6f565e690576d17e 发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress	CVE-2024-26308	中危	1.21	1.26.0	commons-compress: OutOfMemoryError unpacking broken Pack200 file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308 镜像层: sha256:d5ab35a34b5840d3175aad4cc2c63ef92e2118a9d469148d6f565e690576d17e 发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

org.apache.commons:commons-compress

CVE-2024-25710

高危

1.21

1.26.0

commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:d5ab35a34b5840d3175aad4cc2c63ef92e2118a9d469148d6f565e690576d17e

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15

org.apache.commons:commons-compress

CVE-2024-26308

中危

1.21

1.26.0

commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:d5ab35a34b5840d3175aad4cc2c63ef92e2118a9d469148d6f565e690576d17e

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54

Python (python-pkg)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

docker.io/stirlingtools/stirling-pdf:latest linux/amd64

全部漏洞信息

docker.io/stirlingtools/stirling-pdf:latest (alpine 3.20.3) (alpine)

Java (jar)

Python (python-pkg)