docker.io/tungshuaishuai/ambari-repo:2.7.6.3 linux/amd64

docker.io/tungshuaishuai/ambari-repo:2.7.6.3 - Trivy安全扫描结果扫描时间: 2026-06-09 03:57

全部漏洞信息

低危漏洞:24

中危漏洞:43

高危漏洞:24

严重漏洞:8

系统OS: alpine 3.18.0 扫描引擎: Trivy 扫描时间: 2026-06-09 03:57

docker.io/tungshuaishuai/ambari-repo:2.7.6.3 (alpine 3.18.0) (alpine)

低危漏洞:23

中危漏洞:41

高危漏洞:21

严重漏洞:7

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
busybox	CVE-2022-48174	严重	1.36.0-r9	1.36.1-r1	busybox: stack overflow vulnerability in ash.c leads to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48174 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-08-22 19:16 修改: 2025-12-18 18:20
busybox-binsh	CVE-2022-48174	严重	1.36.0-r9	1.36.1-r1	busybox: stack overflow vulnerability in ash.c leads to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48174 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-08-22 19:16 修改: 2025-12-18 18:20
libcurl	CVE-2023-38545	严重	8.0.1-r2	8.4.0-r0	curl: heap based buffer overflow in the SOCKS5 proxy handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38545 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
libexpat	CVE-2024-45491	严重	2.5.0-r1	2.6.3-r0	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
libexpat	CVE-2024-45492	严重	2.5.0-r1	2.6.3-r0	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
libxml2	CVE-2024-56171	严重	2.11.2-r0	2.11.8-r1	libxml2: Use-After-Free in libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56171 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2025-02-18 22:15 修改: 2025-11-03 21:17
ssl_client	CVE-2022-48174	严重	1.36.0-r9	1.36.1-r1	busybox: stack overflow vulnerability in ash.c leads to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48174 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-08-22 19:16 修改: 2025-12-18 18:20
libcurl	CVE-2024-6197	高危	8.0.1-r2	8.9.0-r0	curl: freeing stack buffer in utf8asn1str 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6197 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-07-24 08:15 修改: 2024-11-29 12:15
libcrypto3	CVE-2024-6119	高危	3.1.0-r4	3.1.7-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-09-03 16:15 修改: 2026-05-12 12:17
libcrypto3	CVE-2023-5363	高危	3.1.0-r4	3.1.4-r0	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-10-25 18:17 修改: 2026-05-12 11:16
libexpat	CVE-2023-52425	高危	2.5.0-r1	2.6.0-r0	expat: parsing large tokens can trigger a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2024-02-04 20:15 修改: 2025-11-04 19:16
libexpat	CVE-2024-28757	高危	2.5.0-r1	2.6.2-r0	expat: XML Entity Expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2024-03-10 05:15 修改: 2025-11-04 22:15
libexpat	CVE-2024-45490	高危	2.5.0-r1	2.6.3-r0	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
libssl3	CVE-2023-5363	高危	3.1.0-r4	3.1.4-r0	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-10-25 18:17 修改: 2026-05-12 11:16
libssl3	CVE-2024-6119	高危	3.1.0-r4	3.1.7-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-09-03 16:15 修改: 2026-05-12 12:17
libcurl	CVE-2023-28319	高危	8.0.1-r2	8.1.0-r0	curl: use after free in SSH sha256 fingerprint check 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28319 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libxml2	CVE-2024-25062	高危	2.11.2-r0	2.11.7-r0	libxml2: use-after-free in XMLReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-02-04 16:15 修改: 2025-11-03 22:16
libxml2	CVE-2025-24928	高危	2.11.2-r0	2.11.8-r1	libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24928 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2025-02-18 23:15 修改: 2025-11-03 22:18
libxml2	CVE-2025-27113	高危	2.11.2-r0	2.11.8-r2	libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27113 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2025-02-18 23:15 修改: 2025-11-03 22:18
libxml2	CVE-2025-32414	高危	2.11.2-r0	2.11.8-r3	libxml2: Out-of-Bounds Read in libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2025-04-08 03:15 修改: 2025-11-03 20:18
libxml2	CVE-2025-32415	高危	2.11.2-r0	2.11.8-r3	libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2025-04-17 17:15 修改: 2025-11-03 20:18
musl	CVE-2025-26519	高危	1.2.4-r0	1.2.4-r3	musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26519 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2025-02-14 04:15 修改: 2025-12-10 20:03
musl-utils	CVE-2025-26519	高危	1.2.4-r0	1.2.4-r3	musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26519 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2025-02-14 04:15 修改: 2025-12-10 20:03
nghttp2-libs	CVE-2023-44487	高危	1.53.0-r0	1.57.0-r0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2023-10-10 14:15 修改: 2026-05-12 15:10
perl	CVE-2023-47038	高危	5.36.1-r1	5.36.2-r0	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl	CVE-2024-56406	高危	5.36.1-r1	5.36.2-r1	perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56406 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2025-04-13 14:15 修改: 2025-10-16 14:15
libcurl	CVE-2023-38039	高危	8.0.1-r2	8.3.0-r0	curl: out of heap memory issue due to missing limit on header quantity 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38039 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2023-09-15 04:15 修改: 2025-12-02 20:15
xz-libs	CVE-2025-31115	高危	5.4.3-r0	5.4.3-r1	xz: XZ has a heap-use-after-free bug in threaded .xz decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-31115 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2025-04-03 17:15 修改: 2026-05-12 13:16
libcurl	CVE-2024-0853	中危	8.0.1-r2	8.6.0-r0	curl: OCSP verification bypass with TLS session reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0853 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-02-03 14:15 修改: 2025-06-20 20:15
libcurl	CVE-2024-2398	中危	8.0.1-r2	8.7.1-r0	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libcurl	CVE-2024-2466	中危	8.0.1-r2	8.7.1-r0	curl: TLS certificate check bypass with mbedTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2466 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libcurl	CVE-2024-6874	中危	8.0.1-r2	8.9.0-r0	curl: macidn punycode buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6874 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-07-24 08:15 修改: 2024-11-21 09:50
libcurl	CVE-2024-7264	中危	8.0.1-r2	8.9.1-r0	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-07-31 08:15 修改: 2025-11-03 23:17
libcurl	CVE-2024-8096	中危	8.0.1-r2	8.10.0-r0	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-09-11 10:15 修改: 2025-07-30 19:42
libcurl	CVE-2024-9681	中危	8.0.1-r2	8.11.0-r0	curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-11-06 08:15 修改: 2025-11-03 21:18
busybox-binsh	CVE-2023-42364	中危	1.36.0-r9	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
busybox-binsh	CVE-2023-42365	中危	1.36.0-r9	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
busybox-binsh	CVE-2023-42366	中危	1.36.0-r9	1.36.1-r6	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
busybox	CVE-2023-42363	中危	1.36.0-r9	1.36.1-r7	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 22:15 修改: 2024-11-21 08:22
busybox	CVE-2023-42364	中危	1.36.0-r9	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
libexpat	CVE-2023-52426	中危	2.5.0-r1	2.6.0-r0	expat: recursive XML entity expansion vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52426 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2024-02-04 20:15 修改: 2025-11-04 19:16
libexpat	CVE-2024-50602	中危	2.5.0-r1	2.6.4-r0	libexpat: expat: DoS via XML_ResumeParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2024-10-27 05:15 修改: 2025-10-15 17:54
libexpat	CVE-2024-8176	中危	2.5.0-r1	2.7.0-r0	libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8176 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2025-03-14 09:15 修改: 2026-04-15 00:35
libcrypto3	CVE-2023-2650	中危	3.1.0-r4	3.1.1-r0	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-05-30 14:15 修改: 2025-03-19 16:15
libcrypto3	CVE-2023-2975	中危	3.1.0-r4	3.1.1-r2	openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2975 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-07-14 12:15 修改: 2025-04-23 17:16
libssl3	CVE-2023-2650	中危	3.1.0-r4	3.1.1-r0	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-05-30 14:15 修改: 2025-03-19 16:15
libssl3	CVE-2023-2975	中危	3.1.0-r4	3.1.1-r2	openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2975 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-07-14 12:15 修改: 2025-04-23 17:16
libssl3	CVE-2023-3446	中危	3.1.0-r4	3.1.1-r3	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-07-19 12:15 修改: 2025-04-23 17:16
libssl3	CVE-2023-3817	中危	3.1.0-r4	3.1.2-r0	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-07-31 16:15 修改: 2025-05-05 16:15
libssl3	CVE-2023-5678	中危	3.1.0-r4	3.1.4-r1	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-06 16:15 修改: 2026-05-12 11:16
libssl3	CVE-2023-6129	中危	3.1.0-r4	3.1.4-r3	openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-01-09 17:15 修改: 2026-05-12 11:16
libssl3	CVE-2024-0727	中危	3.1.0-r4	3.1.4-r5	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-01-26 09:15 修改: 2026-05-12 12:16
libcrypto3	CVE-2023-3446	中危	3.1.0-r4	3.1.1-r3	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-07-19 12:15 修改: 2025-04-23 17:16
libcrypto3	CVE-2023-3817	中危	3.1.0-r4	3.1.2-r0	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-07-31 16:15 修改: 2025-05-05 16:15
libcrypto3	CVE-2023-5678	中危	3.1.0-r4	3.1.4-r1	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-06 16:15 修改: 2026-05-12 11:16
libcrypto3	CVE-2023-6129	中危	3.1.0-r4	3.1.4-r3	openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-01-09 17:15 修改: 2026-05-12 11:16
libcrypto3	CVE-2024-0727	中危	3.1.0-r4	3.1.4-r5	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-01-26 09:15 修改: 2026-05-12 12:16
busybox	CVE-2023-42365	中危	1.36.0-r9	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
busybox	CVE-2023-42366	中危	1.36.0-r9	1.36.1-r6	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
apr	CVE-2023-49582	中危	1.7.4-r0	1.7.5-r0	APR: Lax permissions in Apache Portable Runtime shared memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49582 镜像层: sha256:62b03e3606b9b1c2d1c38bcaf525e49ae915c5e3028f2be3412e6e5d65af0f51 发布日期: 2024-08-26 14:15 修改: 2025-03-13 15:15
busybox-binsh	CVE-2023-42363	中危	1.36.0-r9	1.36.1-r7	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 22:15 修改: 2024-11-21 08:22
libcurl	CVE-2023-28320	中危	8.0.1-r2	8.1.0-r0	curl: siglongjmp race condition may lead to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28320 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libcurl	CVE-2023-28321	中危	8.0.1-r2	8.1.0-r0	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libcurl	CVE-2023-46218	中危	8.0.1-r2	8.5.0-r0	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2023-12-07 01:15 修改: 2026-05-12 11:16
ssl_client	CVE-2023-42363	中危	1.36.0-r9	1.36.1-r7	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 22:15 修改: 2024-11-21 08:22
ssl_client	CVE-2023-42364	中危	1.36.0-r9	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
ssl_client	CVE-2023-42365	中危	1.36.0-r9	1.36.1-r7	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 23:15 修改: 2025-11-03 21:16
ssl_client	CVE-2023-42366	中危	1.36.0-r9	1.36.1-r6	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
libcurl	CVE-2023-46219	中危	8.0.1-r2	8.5.0-r0	curl: excessively long file name may lead to unknown HSTS status 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46219 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2023-12-12 02:15 修改: 2026-05-12 11:16
libssl3	CVE-2024-2511	低危	3.1.0-r4	3.1.4-r6	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-04-08 14:15 修改: 2026-05-12 12:16
libssl3	CVE-2024-4603	低危	3.1.0-r4	3.1.5-r0	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-05-16 16:15 修改: 2026-04-15 00:35
libssl3	CVE-2024-4741	低危	3.1.0-r4	3.1.6-r0	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-11-13 11:15 修改: 2026-04-15 00:35
libssl3	CVE-2024-5535	低危	3.1.0-r4	3.1.6-r0	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
libssl3	CVE-2024-9143	低危	3.1.0-r4	3.1.7-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-10-16 17:15 修改: 2026-05-12 12:17
libcrypto3	CVE-2024-4603	低危	3.1.0-r4	3.1.5-r0	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-05-16 16:15 修改: 2026-04-15 00:35
libcrypto3	CVE-2024-4741	低危	3.1.0-r4	3.1.6-r0	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-11-13 11:15 修改: 2026-04-15 00:35
libcrypto3	CVE-2024-5535	低危	3.1.0-r4	3.1.6-r0	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
libcrypto3	CVE-2024-9143	低危	3.1.0-r4	3.1.7-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-10-16 17:15 修改: 2026-05-12 12:17
libcrypto3	CVE-2023-6237	低危	3.1.0-r4	3.1.4-r4	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-04-25 07:15 修改: 2026-05-12 11:16
libcurl	CVE-2023-28322	低危	8.0.1-r2	8.1.0-r0	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2023-05-26 21:15 修改: 2026-02-13 20:16
libxml2	CVE-2024-34459	低危	2.11.2-r0	2.11.8-r0	libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-05-14 15:39 修改: 2025-11-04 22:16
libcurl	CVE-2023-38546	低危	8.0.1-r2	8.4.0-r0	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
libcurl	CVE-2024-11053	低危	8.0.1-r2	8.11.1-r0	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-12-11 08:15 修改: 2025-11-03 21:16
libcurl	CVE-2024-2004	低危	8.0.1-r2	8.7.1-r0	curl: Usage of disabled protocol 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2004 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libcurl	CVE-2024-2379	低危	8.0.1-r2	8.7.1-r0	curl: QUIC certificate check bypass with wolfSSL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libcurl	CVE-2025-0167	低危	8.0.1-r2	8.12.0-r0	When asked to use a `.netrc` file for credentials and to follow HT ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2025-02-05 10:15 修改: 2025-07-30 19:41
libcurl	CVE-2025-0665	低危	8.0.1-r2	8.12.0-r0	libcurl: Double Close of Eventfd in libcurl 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0665 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2025-02-05 10:15 修改: 2026-03-17 18:16
libcurl	CVE-2025-0725	低危	8.0.1-r2	8.12.0-r0	libcurl: Buffer Overflow in libcurl via zlib Integer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0725 镜像层: sha256:9e2cb215930ac3b0d04b6c50af3fc0040b66dc5b153a88dd197470bb80de2c7f 发布日期: 2025-02-05 10:15 修改: 2025-06-27 19:24
libcrypto3	CVE-2024-13176	低危	3.1.0-r4	3.1.8-r0	openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
libcrypto3	CVE-2024-2511	低危	3.1.0-r4	3.1.4-r6	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-04-08 14:15 修改: 2026-05-12 12:16
libssl3	CVE-2023-6237	低危	3.1.0-r4	3.1.4-r4	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2024-04-25 07:15 修改: 2026-05-12 11:16
libssl3	CVE-2024-13176	低危	3.1.0-r4	3.1.8-r0	openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:bb01bd7e32b58b6694c8c3622c230171f1cec24001a82068a8d30d338f420d6c 发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35

Java (jar)

低危漏洞:1

中危漏洞:2

高危漏洞:3

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
org.postgresql:postgresql	CVE-2024-1597	严重	42.2.14	42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2	pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1597 镜像层: sha256:a62d8ddb2f384ce0514297891be160a479a5d10bd92907e59b47468ce0ce28db 发布日期: 2024-02-19 13:15 修改: 2025-11-03 22:16
org.postgresql:postgresql	CVE-2022-21724	高危	42.2.14	42.2.25, 42.3.2	jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21724 镜像层: sha256:a62d8ddb2f384ce0514297891be160a479a5d10bd92907e59b47468ce0ce28db 发布日期: 2022-02-02 12:15 修改: 2025-05-05 17:17
org.postgresql:postgresql	CVE-2022-31197	高危	42.2.14	42.2.26, 42.4.1, 42.3.7	postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31197 镜像层: sha256:a62d8ddb2f384ce0514297891be160a479a5d10bd92907e59b47468ce0ce28db 发布日期: 2022-08-03 19:15 修改: 2025-11-03 22:15
org.postgresql:postgresql	CVE-2026-42198	高危	42.2.14	42.7.11	jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42198 镜像层: sha256:a62d8ddb2f384ce0514297891be160a479a5d10bd92907e59b47468ce0ce28db 发布日期: 2026-04-29 16:16 修改: 2026-05-01 12:51
org.postgresql:postgresql	CVE-2022-41946	中危	42.2.14	42.2.27, 42.3.8, 42.4.3, 42.5.1	postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41946 镜像层: sha256:a62d8ddb2f384ce0514297891be160a479a5d10bd92907e59b47468ce0ce28db 发布日期: 2022-11-23 20:15 修改: 2025-11-03 22:16
org.postgresql:postgresql	GHSA-673j-qm5f-xpv8	中危	42.2.14	42.3.3	pgjdbc Arbitrary File Write Vulnerability 漏洞详情: https://github.com/advisories/GHSA-673j-qm5f-xpv8 镜像层: sha256:a62d8ddb2f384ce0514297891be160a479a5d10bd92907e59b47468ce0ce28db 发布日期: 2022-02-16 00:08 修改: 2024-01-22 19:35
org.postgresql:postgresql	CVE-2022-26520	低危	42.2.14	42.3.3	postgresql-jdbc: Arbitrary File Write Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26520 镜像层: sha256:a62d8ddb2f384ce0514297891be160a479a5d10bd92907e59b47468ce0ce28db 发布日期: 2022-03-10 17:47 修改: 2024-11-21 06:54