ghcr.io/berriai/litellm-database:v1.85.0 linux/amd64

ghcr.io/berriai/litellm-database:v1.85.0 - Trivy安全扫描结果 扫描时间: 2026-05-20 19:18
全部漏洞信息
低危漏洞:0 中危漏洞:3 高危漏洞:7 严重漏洞:0

系统OS: wolfi 20230201 扫描引擎: Trivy 扫描时间: 2026-05-20 19:18

ghcr.io/berriai/litellm-database:v1.85.0 (wolfi 20230201) (wolfi)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Node.js (node-pkg)
低危漏洞:0 中危漏洞:3 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
picomatch CVE-2026-33671 高危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671

镜像层: sha256:37a092f08259b4928b9f9f04e52b361807bca515436b46c8fbc612ca670ab678

发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:45
ip-address CVE-2026-42338 中危 10.1.0 10.1.1 ip-address has XSS in Address6 HTML-emitting methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:37a092f08259b4928b9f9f04e52b361807bca515436b46c8fbc612ca670ab678

发布日期: 2026-05-12 20:16 修改: 2026-05-12 20:16
brace-expansion CVE-2026-33750 中危 5.0.4 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:37a092f08259b4928b9f9f04e52b361807bca515436b46c8fbc612ca670ab678

发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
picomatch CVE-2026-33672 中危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672

镜像层: sha256:37a092f08259b4928b9f9f04e52b361807bca515436b46c8fbc612ca670ab678

发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:44
Python (python-pkg)
低危漏洞:0 中危漏洞:0 高危漏洞:6 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
setuptools CVE-2024-6345 高危 68.1.2 70.0.0 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:1a1f2e96f5a04a1bc263131f5c3cf4a3903928052c78495c00c4a79343415223

发布日期: 2024-07-15 01:15 修改: 2026-04-15 00:35
setuptools CVE-2025-47273 高危 68.1.2 78.1.1 setuptools: Path Traversal Vulnerability in setuptools PackageIndex

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47273

镜像层: sha256:1a1f2e96f5a04a1bc263131f5c3cf4a3903928052c78495c00c4a79343415223

发布日期: 2025-05-17 16:15 修改: 2025-06-12 16:29
urllib3 CVE-2026-44431 高危 2.6.3 2.7.0 urllib3: Sensitive headers forwarded across origins in proxied low-level redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44431

镜像层: sha256:b3def06cc7306a48701f522b37c5f02af0ec52f2bb1bdc5091cc42d8f37dc608

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
urllib3 CVE-2026-44431 高危 2.6.3 2.7.0 urllib3: Sensitive headers forwarded across origins in proxied low-level redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44431

镜像层: sha256:1a1f2e96f5a04a1bc263131f5c3cf4a3903928052c78495c00c4a79343415223

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
urllib3 CVE-2026-44432 高危 2.6.3 2.7.0 urllib3: Decompression-bomb safeguards bypassed in parts of the streaming API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44432

镜像层: sha256:b3def06cc7306a48701f522b37c5f02af0ec52f2bb1bdc5091cc42d8f37dc608

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
urllib3 CVE-2026-44432 高危 2.6.3 2.7.0 urllib3: Decompression-bomb safeguards bypassed in parts of the streaming API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44432

镜像层: sha256:1a1f2e96f5a04a1bc263131f5c3cf4a3903928052c78495c00c4a79343415223

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
root/.cache/uv/archive-v0/DbyyfoJX6tULHrujqy0NZ/uv_build-0.11.8.data/scripts/uv-build (rustbinary)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息