docker.io/tanner23456/playlistdl:v2 - Trivy镜像安全扫描结果

全部漏洞信息

低危漏洞:2

中危漏洞:9

高危漏洞:6

严重漏洞:0

系统OS: alpine 3.20.3 扫描引擎: Trivy 扫描时间: 2024-12-29 19:26

docker.io/tanner23456/playlistdl:v2 (alpine 3.20.3) (alpine)

低危漏洞:2

中危漏洞:7

高危漏洞:5

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
pyc	CVE-2024-12254	高危	3.12.7-r0	3.12.8-r1	python: Unbounded memory buffering in SelectorSocketTransport.writelines() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12254 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-12-06 16:15 修改: 2024-12-06 19:15
python3	CVE-2024-12254	高危	3.12.7-r0	3.12.8-r1	python: Unbounded memory buffering in SelectorSocketTransport.writelines() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12254 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-12-06 16:15 修改: 2024-12-06 19:15
python3-dev	CVE-2024-12254	高危	3.12.7-r0	3.12.8-r1	python: Unbounded memory buffering in SelectorSocketTransport.writelines() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12254 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-12-06 16:15 修改: 2024-12-06 19:15
python3-pyc	CVE-2024-12254	高危	3.12.7-r0	3.12.8-r1	python: Unbounded memory buffering in SelectorSocketTransport.writelines() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12254 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-12-06 16:15 修改: 2024-12-06 19:15
python3-pycache-pyc0	CVE-2024-12254	高危	3.12.7-r0	3.12.8-r1	python: Unbounded memory buffering in SelectorSocketTransport.writelines() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12254 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-12-06 16:15 修改: 2024-12-06 19:15
python3	CVE-2024-9287	中危	3.12.7-r0	3.12.8-r0	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
curl	CVE-2024-11053	中危	8.11.0-r1	8.11.1-r0	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
python3-dev	CVE-2024-9287	中危	3.12.7-r0	3.12.8-r0	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
pyc	CVE-2024-9287	中危	3.12.7-r0	3.12.8-r0	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
python3-pyc	CVE-2024-9287	中危	3.12.7-r0	3.12.8-r0	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
libcurl	CVE-2024-11053	中危	8.11.0-r1	8.11.1-r0	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
python3-pycache-pyc0	CVE-2024-9287	中危	3.12.7-r0	3.12.8-r0	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:4e08ef2f4de95950d667191e9195ef7d4c177f79d1427c4e2c0bc6e5bc77d32d 发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
libcrypto3	CVE-2024-9143	低危	3.3.2-r0	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:63ca1fbb43ae5034640e5e6cb3e083e05c290072c5366fcaa9d62435a4cced85 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3	CVE-2024-9143	低危	3.3.2-r0	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:63ca1fbb43ae5034640e5e6cb3e083e05c290072c5366fcaa9d62435a4cced85 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35

Python (python-pkg)

低危漏洞:0

中危漏洞:2

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
starlette	CVE-2024-47874	高危	0.27.0	0.40.0	starlette: Starlette Denial of service (DoS) via multipart/form-data 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47874 镜像层: sha256:bb13e9086e6ef85d06078d8839ae07507a85ae07bb64aa1c7c2b65d2cdd289e2 发布日期: 2024-10-15 16:15 修改: 2024-10-16 16:38
Jinja2	CVE-2024-56326	中危	3.1.4	3.1.5	jinja2: Jinja has a sandbox breakout through indirect reference to format method 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56326 镜像层: sha256:bb13e9086e6ef85d06078d8839ae07507a85ae07bb64aa1c7c2b65d2cdd289e2 发布日期: 2024-12-23 16:15 修改: 2024-12-27 18:15
Jinja2	CVE-2024-56201	中危	3.1.4	3.1.5	jinja2: Jinja has a sandbox breakout through malicious filenames 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56201 镜像层: sha256:bb13e9086e6ef85d06078d8839ae07507a85ae07bb64aa1c7c2b65d2cdd289e2 发布日期: 2024-12-23 16:15 修改: 2024-12-24 02:15

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

starlette

CVE-2024-47874

高危

0.27.0

0.40.0

starlette: Starlette Denial of service (DoS) via multipart/form-data

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47874

镜像层: sha256:bb13e9086e6ef85d06078d8839ae07507a85ae07bb64aa1c7c2b65d2cdd289e2

发布日期: 2024-10-15 16:15 修改: 2024-10-16 16:38

Jinja2

CVE-2024-56326

中危

3.1.4

3.1.5

jinja2: Jinja has a sandbox breakout through indirect reference to format method

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56326

镜像层: sha256:bb13e9086e6ef85d06078d8839ae07507a85ae07bb64aa1c7c2b65d2cdd289e2

发布日期: 2024-12-23 16:15 修改: 2024-12-27 18:15

Jinja2

CVE-2024-56201

中危

3.1.4

3.1.5

jinja2: Jinja has a sandbox breakout through malicious filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56201

镜像层: sha256:bb13e9086e6ef85d06078d8839ae07507a85ae07bb64aa1c7c2b65d2cdd289e2

发布日期: 2024-12-23 16:15 修改: 2024-12-24 02:15

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/pycache/adultswim.cpython-312.pyc ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/pycache/cloudflarestream.cpython-312.pyc ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/adultswim.py ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/cloudflarestream.py ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/shahid.py ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

docker.io/tanner23456/playlistdl:v2 linux/amd64

全部漏洞信息

docker.io/tanner23456/playlistdl:v2 (alpine 3.20.3) (alpine)

Python (python-pkg)

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/__pycache__/adultswim.cpython-312.pyc ()

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/__pycache__/cloudflarestream.cpython-312.pyc ()

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/adultswim.py ()

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/cloudflarestream.py ()

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/shahid.py ()

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/pycache/adultswim.cpython-312.pyc ()

/opt/venv/lib/python3.12/site-packages/yt_dlp/extractor/pycache/cloudflarestream.cpython-312.pyc ()