docker.io/trinodb/trino:466 linux/amd64

docker.io/trinodb/trino:466 - Trivy安全扫描结果 扫描时间: 2024-11-29 08:55
全部漏洞信息
低危漏洞:27 中危漏洞:19 高危漏洞:3 严重漏洞:0

系统OS: redhat 9.5 扫描引擎: Trivy 扫描时间: 2024-11-29 08:55

docker.io/trinodb/trino:466 (redhat 9.5) (redhat)
低危漏洞:27 中危漏洞:5 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
glib2 CVE-2024-52533 中危 2.68.4-14.el9_4.1 glib: buffer overflow in set_connect_msg()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52533

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-11-11 23:15 修改: 2024-11-23 21:15
libarchive CVE-2023-30571 中危 3.5.3-4.el9 libarchive: Race condition in multi-threaded use of archive_write_disk_header() on posix based systems

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-30571

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-05-29 20:15 修改: 2023-06-05 16:40
libyaml CVE-2024-35325 中危 0.2.5-7.el9 libyaml: double-free in yaml_event_delete in /src/libyaml/src/api.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35325

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-06-13 17:15 修改: 2024-08-28 16:15
systemd-libs CVE-2021-3997 中危 252-46.el9_5.2 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15
tar CVE-2005-2541 中危 2:1.34-7.el9 tar: does not properly warn the user when extracting setuid or setgid files

漏洞详情: https://avd.aquasec.com/nvd/cve-2005-2541

镜像层: sha256:62528e19b0b681471faf9021bbbd15bebb91a10c621005b18133b36bf1c197b2

发布日期: 2005-08-10 04:00 修改: 2023-11-07 01:57
gnupg2 CVE-2022-3219 低危 2.3.3-4.el9 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
curl-minimal CVE-2024-7264 低危 7.76.1-31.el9 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
libcurl-minimal CVE-2024-7264 低危 7.76.1-31.el9 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
libgcc CVE-2022-27943 低危 11.5.0-2.el9 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libstdc++ CVE-2022-27943 低危 11.5.0-2.el9 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libxml2 CVE-2023-45322 低危 2.9.13-6.el9_4 libxml2: use-after-free in xmlUnlinkNode() in tree.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45322

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-10-06 22:15 修改: 2024-08-02 21:15
libxml2 CVE-2024-34459 低危 2.9.13-6.el9_4 libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-05-14 15:39 修改: 2024-08-22 18:35
gawk CVE-2023-4156 低危 5.1.0-6.el9 gawk: heap out of bound read in builtin.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4156

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-09-25 18:15 修改: 2023-11-07 04:22
libzstd CVE-2022-4899 低危 1.5.1-2.el9 zstd: mysql: buffer overrun in util.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-03-31 20:15 修改: 2023-11-07 03:59
ncurses-base CVE-2022-29458 低危 6.2-10.20210508.el9 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
ncurses-base CVE-2023-45918 低危 6.2-10.20210508.el9 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
ncurses-base CVE-2023-50495 低危 6.2-10.20210508.el9 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
ncurses-libs CVE-2022-29458 低危 6.2-10.20210508.el9 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
ncurses-libs CVE-2023-45918 低危 6.2-10.20210508.el9 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
ncurses-libs CVE-2023-50495 低危 6.2-10.20210508.el9 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
openldap CVE-2023-2953 低危 2.6.6-3.el9 openldap: null pointer dereference in ber_memalloc_x function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-05-30 22:15 修改: 2023-08-02 16:46
openssl-libs CVE-2024-2511 低危 1:3.2.2-6.el9_5 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
openssl-libs CVE-2024-41996 低危 1:3.2.2-6.el9_5 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
openssl-libs CVE-2024-4741 低危 1:3.2.2-6.el9_5 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
openssl-libs CVE-2024-5535 低危 1:3.2.2-6.el9_5 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
pcre2 CVE-2022-41409 低危 10.40-6.el9 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46
pcre2-syntax CVE-2022-41409 低危 10.40-6.el9 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46
sqlite-libs CVE-2023-36191 低危 3.34.1-7.el9_3 sqlite: CLI fault on missing -nonce

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36191

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-06-23 02:15 修改: 2023-11-07 04:16
sqlite-libs CVE-2024-0232 低危 3.34.1-7.el9_3 sqlite: use-after-free bug in jsonParseAddNodeArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0232

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2024-01-16 14:15 修改: 2024-09-28 04:15
bzip2-libs CVE-2019-12900 低危 1.0.8-8.el9 bzip2: out-of-bounds write in function BZ2_decompress

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2019-06-19 23:15 修改: 2023-11-07 03:03
glib2 CVE-2023-32636 低危 2.68.4-14.el9_4.1 glib: Timeout in fuzz_variant_text

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32636

镜像层: sha256:f4f838f0e5f5719a99d336d22b6c92f2f633066cb56228a317bfc5f6cc2347b4

发布日期: 2023-09-14 20:15 修改: 2024-01-12 22:09
tar CVE-2023-39804 低危 2:1.34-7.el9 tar: Incorrectly handled extension attributes in PAX archives can lead to a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39804

镜像层: sha256:62528e19b0b681471faf9021bbbd15bebb91a10c621005b18133b36bf1c197b2

发布日期: 2024-03-27 04:15 修改: 2024-11-12 19:35
Java (jar)
低危漏洞:0 中危漏洞:14 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.12 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30
io.netty:netty-common CVE-2024-47535 高危 4.1.110.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
org.elasticsearch:elasticsearch CVE-2023-31418 高危 7.10.2 7.17.13, 8.9.0 elasticsearch: uncontrolled resource consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31418

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2023-10-26 18:15 修改: 2023-11-30 22:15
net.snowflake:snowflake-jdbc CVE-2024-43382 中危 3.19.1 3.20.0 Snowflake JDBC Security Advisory

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43382

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2024-10-30 21:15 修改: 2024-11-01 12:57
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2024-03-21 09:15 修改: 2024-08-28 15:35
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
org.elasticsearch.client:elasticsearch-rest-client CVE-2021-22145 中危 7.10.2 7.13.4 elasticsearch: memory disclosure in error reporting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22145

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2021-07-21 15:15 修改: 2022-05-10 15:25
com.squareup.okio:okio CVE-2023-3635 中危 1.17.5 3.4.0, 1.17.6 okio: GzipSource class improper exception handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3635

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2023-07-12 19:15 修改: 2023-10-25 15:17
org.elasticsearch:elasticsearch CVE-2021-22134 中危 7.10.2 7.11.0 elasticsearch: requests do not properly apply security permissions when executing a query against a recently updated document

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22134

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2021-03-08 21:15 修改: 2022-10-25 18:06
org.elasticsearch:elasticsearch CVE-2021-22135 中危 7.10.2 7.11.2, 6.8.15 elasticsearch: Document disclosure flaw in the Elasticsearch suggester

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22135

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2021-05-13 18:15 修改: 2021-09-07 22:06
org.elasticsearch:elasticsearch CVE-2021-22144 中危 7.10.2 6.8.17, 7.13.3 elasticsearch: uncontrolled recursion in Grok parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22144

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2021-07-26 12:15 修改: 2022-05-10 18:02
org.elasticsearch:elasticsearch CVE-2023-31417 中危 7.10.2 7.17.13, 8.9.2 elasticsearch: Sensitive information in audit logs

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31417

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2023-10-26 18:15 修改: 2024-01-03 19:02
org.elasticsearch:elasticsearch CVE-2023-31419 中危 7.10.2 7.17.13, 8.9.1 elasticsearch: StackOverflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31419

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2023-10-26 18:15 修改: 2024-02-01 02:16
org.elasticsearch:elasticsearch CVE-2023-46673 中危 7.10.2 7.17.14, 8.10.3 elasticsearch: Improper Handling of Exceptional Conditions

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46673

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2023-11-22 10:15 修改: 2023-11-30 20:22
org.elasticsearch:elasticsearch CVE-2023-49921 中危 7.10.2 7.17.16, 8.11.2 elasticsearch: Insertion of Sensitive Information into Log File

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49921

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2024-07-26 05:15 修改: 2024-09-11 14:09
org.elasticsearch:elasticsearch CVE-2024-23444 中危 7.10.2 8.13.0, 7.17.23 Elasticsearch stores private key on disk unencrypted

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23444

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2024-07-31 18:15 修改: 2024-08-01 12:42
org.elasticsearch:elasticsearch CVE-2024-23450 中危 7.10.2 7.17.19, 8.13.0 elasticsearch: Possible denial of service when processing documents in a deeply nested pipeline

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23450

镜像层: sha256:9687a7a4ac3220b7125e511b0123301526b7ab443e5aae2b3f0679597053569e

发布日期: 2024-03-27 17:15 修改: 2024-06-10 17:16