ghcr.io/apache/skywalking/oap:latest linux/amd64

ghcr.io/apache/skywalking/oap:latest - Trivy安全扫描结果 扫描时间: 2024-10-24 20:04
全部漏洞信息
低危漏洞:16 中危漏洞:9 高危漏洞:4 严重漏洞:1

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2024-10-24 20:04

ghcr.io/apache/skywalking/oap:latest (ubuntu 24.04) (ubuntu)
低危漏洞:16 中危漏洞:6 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libgcrypt20 CVE-2024-2236 中危 1.10.3-2build1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:b15b682e901dd27efdf436ce837a94c729c0b78c44431d5b5ca3ccca1bed40da

发布日期: 2024-03-06 22:15 修改: 2024-09-14 04:15

libgssapi-krb5-2 CVE-2024-26462 中危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libk5crypto3 CVE-2024-26462 中危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5-3 CVE-2024-26462 中危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5support0 CVE-2024-26462 中危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

wget CVE-2021-31879 中危 1.21.4-1ubuntu4.1 wget: authorization header disclosure on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52

libgssapi-krb5-2 CVE-2024-26458 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libgssapi-krb5-2 CVE-2024-26461 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

libc-bin CVE-2016-20013 低危 2.39-0ubuntu8.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:b15b682e901dd27efdf436ce837a94c729c0b78c44431d5b5ca3ccca1bed40da

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43

libk5crypto3 CVE-2024-26458 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libk5crypto3 CVE-2024-26461 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

libc6 CVE-2016-20013 低危 2.39-0ubuntu8.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:b15b682e901dd27efdf436ce837a94c729c0b78c44431d5b5ca3ccca1bed40da

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43

libkrb5-3 CVE-2024-26458 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5-3 CVE-2024-26461 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

coreutils CVE-2016-2781 低危 9.4-3ubuntu6 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:b15b682e901dd27efdf436ce837a94c729c0b78c44431d5b5ca3ccca1bed40da

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32

libkrb5support0 CVE-2024-26458 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5support0 CVE-2024-26461 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

libpng16-16t64 CVE-2022-3857 低危 1.6.43-5build1 libpng: Null pointer dereference leads to segmentation fault

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3857

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2023-03-06 23:15 修改: 2024-10-09 04:15

libssl3t64 CVE-2024-41996 低危 3.0.13-0ubuntu3.4 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35

locales CVE-2016-20013 低危 2.39-0ubuntu8.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43

openssl CVE-2024-41996 低危 3.0.13-0ubuntu3.4 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:233f93770e00e41b7302fd22cd8cd6dc131971c2cb4a09fd7b3fd3de88b169cd

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35

gpgv CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:b15b682e901dd27efdf436ce837a94c729c0b78c44431d5b5ca3ccca1bed40da

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

Java (jar)
低危漏洞:0 中危漏洞:3 高危漏洞:4 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
org.apache.zookeeper:zookeeper CVE-2023-44981 严重 3.5.7 3.7.2, 3.8.3, 3.9.1 zookeeper: Authorization Bypass in Apache ZooKeeper

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44981

镜像层: sha256:892ec032aa020f37c864d45843b3b8f43829259be8657e2fea5c469484d2a5c2

发布日期: 2023-10-11 12:15 修改: 2024-06-21 19:15

commons-io:commons-io CVE-2024-47554 高危 2.7 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:892ec032aa020f37c864d45843b3b8f43829259be8657e2fea5c469484d2a5c2

发布日期: 2024-10-03 12:15 修改: 2024-10-04 13:50

com.h2database:h2 CVE-2022-45868 高危 2.1.212 2.2.220 The web-based admin console in H2 Database Engine before 2.2.220 can b ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45868

镜像层: sha256:892ec032aa020f37c864d45843b3b8f43829259be8657e2fea5c469484d2a5c2

发布日期: 2022-11-23 21:15 修改: 2024-08-03 15:15

org.xerial.snappy:snappy-java CVE-2023-34455 高危 1.1.8.4 1.1.10.1 snappy-java: Unchecked chunk length leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455

镜像层: sha256:892ec032aa020f37c864d45843b3b8f43829259be8657e2fea5c469484d2a5c2

发布日期: 2023-06-15 18:15 修改: 2024-02-01 14:17

org.xerial.snappy:snappy-java CVE-2023-43642 高危 1.1.8.4 1.1.10.4 snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642

镜像层: sha256:892ec032aa020f37c864d45843b3b8f43829259be8657e2fea5c469484d2a5c2

发布日期: 2023-09-25 20:15 修改: 2023-09-26 15:46

com.squareup.okio:okio CVE-2023-3635 中危 1.17.2 3.4.0, 1.17.6 okio: GzipSource class improper exception handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3635

镜像层: sha256:892ec032aa020f37c864d45843b3b8f43829259be8657e2fea5c469484d2a5c2

发布日期: 2023-07-12 19:15 修改: 2023-10-25 15:17

org.xerial.snappy:snappy-java CVE-2023-34453 中危 1.1.8.4 1.1.10.1 snappy-java: Integer overflow in shuffle leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453

镜像层: sha256:892ec032aa020f37c864d45843b3b8f43829259be8657e2fea5c469484d2a5c2

发布日期: 2023-06-15 17:15 修改: 2023-06-27 15:59

org.xerial.snappy:snappy-java CVE-2023-34454 中危 1.1.8.4 1.1.10.1 snappy-java: Integer overflow in compress leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454

镜像层: sha256:892ec032aa020f37c864d45843b3b8f43829259be8657e2fea5c469484d2a5c2

发布日期: 2023-06-15 17:15 修改: 2023-06-27 16:04