gcr.io/knative-releases/knative.dev/operator/cmd/operator:v1.22.1 linux/amd64

gcr.io/knative-releases/knative.dev/operator/cmd/operator:v1.22.1 - Trivy安全扫描结果扫描时间: 2026-06-25 20:51

全部漏洞信息

低危漏洞:0

中危漏洞:2

高危漏洞:15

严重漏洞:0

系统OS: debian 13.4 扫描引擎: Trivy 扫描时间: 2026-06-25 20:51

gcr.io/knative-releases/knative.dev/operator/cmd/operator:v1.22.1 (debian 13.4) (debian)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

ko-app/operator (gobinary)

低危漏洞:0

中危漏洞:2

高危漏洞:15

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/net	CVE-2026-25680	高危	v0.53.0	0.55.0	Parsing arbitrary HTML can consume excessive CPU time, possibly leadin ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25
golang.org/x/net	CVE-2026-25681	高危	v0.53.0	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25
golang.org/x/net	CVE-2026-27136	高危	v0.53.0	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26
golang.org/x/net	CVE-2026-39821	高危	v0.53.0	0.55.0	golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:42
golang.org/x/net	CVE-2026-42502	高危	v0.53.0	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47
golang.org/x/net	CVE-2026-42506	高危	v0.53.0	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47
stdlib	CVE-2026-27145	高危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:26
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:47
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
golang.org/x/sys	CVE-2026-39824	未知	v0.43.0	0.44.0	Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824 镜像层: sha256:a4cf0ca1457477e60438176d47b9ef16a1eeb3bf000a88d4044507abcfbe64d9 发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42