ghcr.io/estrellaxd/auto_bangumi:latest linux/amd64

ghcr.io/estrellaxd/auto_bangumi:latest - Trivy安全扫描结果扫描时间: 2024-10-24 20:35

全部漏洞信息

低危漏洞:4

中危漏洞:7

高危漏洞:4

严重漏洞:0

系统OS: alpine 3.18.9 扫描引擎: Trivy 扫描时间: 2024-10-24 20:35

ghcr.io/estrellaxd/auto_bangumi:latest (alpine 3.18.9) (alpine)

低危漏洞:3

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libcrypto3	CVE-2024-9143	低危	3.1.7-r0	3.1.7-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:4aeaa0e7d41fd419e3152bd151de17bcdd813a26287429b91503d1422a9470aa 发布日期: 2024-10-16 17:15 修改: 2024-10-18 12:53
libssl3	CVE-2024-9143	低危	3.1.7-r0	3.1.7-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:4aeaa0e7d41fd419e3152bd151de17bcdd813a26287429b91503d1422a9470aa 发布日期: 2024-10-16 17:15 修改: 2024-10-18 12:53
openssl	CVE-2024-9143	低危	3.1.7-r0	3.1.7-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2024-10-16 17:15 修改: 2024-10-18 12:53

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

libcrypto3

CVE-2024-9143

低危

3.1.7-r0

3.1.7-r1

openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:4aeaa0e7d41fd419e3152bd151de17bcdd813a26287429b91503d1422a9470aa

发布日期: 2024-10-16 17:15 修改: 2024-10-18 12:53

libssl3

CVE-2024-9143

低危

3.1.7-r0

3.1.7-r1

openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:4aeaa0e7d41fd419e3152bd151de17bcdd813a26287429b91503d1422a9470aa

发布日期: 2024-10-16 17:15 修改: 2024-10-18 12:53

openssl

CVE-2024-9143

低危

3.1.7-r0

3.1.7-r1

openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825

发布日期: 2024-10-16 17:15 修改: 2024-10-18 12:53

Python (python-pkg)

低危漏洞:1

中危漏洞:7

高危漏洞:4

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
certifi	CVE-2023-37920	高危	2023.5.7	2023.7.22	python-certifi: Removal of e-Tugra root certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37920 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2023-07-25 21:15 修改: 2023-08-12 06:16
python-jose	CVE-2024-33663	高危	3.3.0		python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33663 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2024-04-26 00:15 修改: 2024-09-03 20:15
python-multipart	CVE-2024-24762	高危	0.0.6	0.0.7	`python-multipart` is a streaming multipart parser for Python. When us ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24762 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2024-02-05 15:15 修改: 2024-02-17 02:15
starlette	CVE-2024-47874	高危	0.27.0	0.40.0	starlette: Starlette Denial of service (DoS) via multipart/form-data 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47874 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2024-10-15 16:15 修改: 2024-10-16 16:38
python-jose	CVE-2024-33664	中危	3.3.0		python-jose: allows attackers to cause a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33664 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2024-04-26 00:15 修改: 2024-09-05 16:15
Jinja2	CVE-2024-22195	中危	3.1.2	3.1.3	jinja2: HTML attribute injection when passing user input as keys to xmlattr filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22195 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2024-01-11 03:15 修改: 2024-01-27 03:15
requests	CVE-2024-35195	中危	2.31.0	2.32.0	requests: subsequent requests to the same host ignore cert verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35195 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2024-05-20 21:15 修改: 2024-06-10 17:16
Jinja2	CVE-2024-34064	中危	3.1.2	3.1.4	jinja2: accepts keys containing non-attribute characters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34064 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2024-05-06 15:15 修改: 2024-06-10 18:15
urllib3	CVE-2023-43804	中危	2.0.3	2.0.6, 1.26.17	python-urllib3: Cookie request header isn't stripped during cross-origin redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43804 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2023-10-04 17:15 修改: 2024-02-01 00:55
urllib3	CVE-2023-45803	中危	2.0.3	2.0.7, 1.26.18	urllib3: Request body not stripped after redirect from 303 status changes request method to GET 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45803 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2023-10-17 20:15 修改: 2023-11-03 22:15
urllib3	CVE-2024-37891	中危	2.0.3	1.26.19, 2.2.2	urllib3: proxy-authorization request header is not stripped during cross-origin redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37891 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
certifi	CVE-2024-39689	低危	2023.5.7	2024.07.04	python-certifi: Remove root certificates from `GLOBALTRUST` from the root store 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39689 镜像层: sha256:bf8a65d263a80128d1075bedf8e3f9cc3155c08895c5652ba49743b3ed584825 发布日期: 2024-07-05 19:15 修改: 2024-07-08 15:49