ghcr.io/home-assistant/home-assistant:2024.3.3 linux/386

ghcr.io/home-assistant/home-assistant:2024.3.3 - Trivy安全扫描结果扫描时间: 2024-10-24 10:26 温馨提示: 这是一个 linux/386 系统架构镜像

全部漏洞信息

低危漏洞:12

中危漏洞:76

高危漏洞:77

严重漏洞:7

系统OS: alpine 3.19.1 扫描引擎: Trivy 扫描时间: 2024-10-24 10:26

ghcr.io/home-assistant/home-assistant:2024.3.3 (alpine 3.19.1) (alpine)

低危漏洞:7

中危漏洞:38

高危漏洞:26

严重漏洞:3

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
git	CVE-2024-32002	严重	2.43.0-r0	2.43.4-r0	git: Recursive clones RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32002 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-05-14 19:15 修改: 2024-06-26 10:15
libexpat	CVE-2024-45491	严重	2.6.0-r0	2.6.3-r0	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:159f6fb4cb851ab8664fa4a9be7c305604934452d56379c9b5b4e984ff4c9660 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat	CVE-2024-45492	严重	2.6.0-r0	2.6.3-r0	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:159f6fb4cb851ab8664fa4a9be7c305604934452d56379c9b5b4e984ff4c9660 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
bind-libs	CVE-2023-5517	高危	9.18.19-r1	9.18.24-r0	bind9: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5517 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-13 14:15 修改: 2024-10-22 14:09
bind-libs	CVE-2023-5679	高危	9.18.19-r1	9.18.24-r0	bind9: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5679 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-13 14:15 修改: 2024-10-22 13:58
bind-libs	CVE-2023-6516	高危	9.18.19-r1	9.18.24-r0	bind9: Specific recursive query patterns may lead to an out-of-memory condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6516 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-13 14:15 修改: 2024-10-22 18:14
bind-tools	CVE-2023-4408	高危	9.18.19-r1	9.18.24-r0	bind9: Parsing large DNS messages may cause excessive CPU load 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4408 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-13 14:15 修改: 2024-10-21 21:02
bind-tools	CVE-2023-50387	高危	9.18.19-r1	9.18.24-r0	bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
bind-tools	CVE-2023-50868	高危	9.18.19-r1	9.18.24-r0	bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
bind-tools	CVE-2023-5517	高危	9.18.19-r1	9.18.24-r0	bind9: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5517 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-13 14:15 修改: 2024-10-22 14:09
bind-tools	CVE-2023-5679	高危	9.18.19-r1	9.18.24-r0	bind9: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5679 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-13 14:15 修改: 2024-10-22 13:58
bind-tools	CVE-2023-6516	高危	9.18.19-r1	9.18.24-r0	bind9: Specific recursive query patterns may lead to an out-of-memory condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6516 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-13 14:15 修改: 2024-10-22 18:14
curl	CVE-2024-2398	高危	8.5.0-r0	8.7.1-r0	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
curl	CVE-2024-6197	高危	8.5.0-r0	8.9.0-r0	curl: freeing stack buffer in utf8asn1str 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6197 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-07-24 08:15 修改: 2024-08-26 15:25
giflib	CVE-2021-40633	高危	5.2.1-r5	5.2.2-r0	A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40633 镜像层: sha256:4351b2f4884e7f3085ef85b5d3922003efa40a19cde2bf4763ca716b0c4f5c6c 发布日期: 2022-06-14 11:15 修改: 2022-06-23 14:20
giflib	CVE-2023-48161	高危	5.2.1-r5	5.2.2-r0	giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48161 镜像层: sha256:4351b2f4884e7f3085ef85b5d3922003efa40a19cde2bf4763ca716b0c4f5c6c 发布日期: 2023-11-22 06:15 修改: 2023-11-29 18:48
bind-libs	CVE-2023-4408	高危	9.18.19-r1	9.18.24-r0	bind9: Parsing large DNS messages may cause excessive CPU load 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4408 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-13 14:15 修改: 2024-10-21 21:02
git	CVE-2024-32004	高危	2.43.0-r0	2.43.4-r0	git: RCE while cloning local repos 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32004 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-05-14 19:15 修改: 2024-06-26 10:15
git	CVE-2024-32465	高危	2.43.0-r0	2.43.4-r0	git: additional local RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32465 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-05-14 20:15 修改: 2024-06-26 10:15
libcurl	CVE-2024-2398	高危	8.5.0-r0	8.7.1-r0	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
libcurl	CVE-2024-6197	高危	8.5.0-r0	8.9.0-r0	curl: freeing stack buffer in utf8asn1str 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6197 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-07-24 08:15 修改: 2024-08-26 15:25
bind-libs	CVE-2023-50387	高危	9.18.19-r1	9.18.24-r0	bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
bind-libs	CVE-2023-50868	高危	9.18.19-r1	9.18.24-r0	bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
libexpat	CVE-2024-28757	高危	2.6.0-r0	2.6.2-r0	expat: XML Entity Expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757 镜像层: sha256:159f6fb4cb851ab8664fa4a9be7c305604934452d56379c9b5b4e984ff4c9660 发布日期: 2024-03-10 05:15 修改: 2024-05-01 19:15
libexpat	CVE-2024-45490	高危	2.6.0-r0	2.6.3-r0	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:159f6fb4cb851ab8664fa4a9be7c305604934452d56379c9b5b4e984ff4c9660 发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
libxml2	CVE-2024-25062	高危	2.11.6-r0	2.11.7-r0	libxml2: use-after-free in XMLReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-04 16:15 修改: 2024-02-13 00:40
openssh-client-common	CVE-2024-6387	高危	9.6_p1-r0	9.6_p1-r1	openssh: regreSSHion - race condition in SSH allows RCE/DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
openssh-client-default	CVE-2024-6387	高危	9.6_p1-r0	9.6_p1-r1	openssh: regreSSHion - race condition in SSH allows RCE/DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
openssh-keygen	CVE-2024-6387	高危	9.6_p1-r0	9.6_p1-r1	openssh: regreSSHion - race condition in SSH allows RCE/DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
curl	CVE-2024-6874	中危	8.5.0-r0	8.9.0-r0	curl: macidn punycode buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6874 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-07-24 08:15 修改: 2024-09-10 15:27
busybox	CVE-2023-42363	中危	1.36.1-r15	1.36.1-r17	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
busybox	CVE-2023-42364	中危	1.36.1-r15	1.36.1-r19	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
giflib	CVE-2023-39742	中危	5.2.1-r5	5.2.2-r0	giflib: segfault via getarg.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39742 镜像层: sha256:4351b2f4884e7f3085ef85b5d3922003efa40a19cde2bf4763ca716b0c4f5c6c 发布日期: 2023-08-25 14:15 修改: 2023-11-07 04:17
busybox	CVE-2023-42365	中危	1.36.1-r15	1.36.1-r19	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox	CVE-2023-42366	中危	1.36.1-r15	1.36.1-r16	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox-binsh	CVE-2023-42363	中危	1.36.1-r15	1.36.1-r17	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
libcrypto3	CVE-2024-4603	中危	3.1.4-r5	3.1.5-r0	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2024-4741	中危	3.1.4-r5	3.1.6-r0	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcrypto3	CVE-2024-5535	中危	3.1.4-r5	3.1.6-r0	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libcrypto3	CVE-2024-6119	中危	3.1.4-r5	3.1.7-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
busybox-binsh	CVE-2023-42364	中危	1.36.1-r15	1.36.1-r19	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox-binsh	CVE-2023-42365	中危	1.36.1-r15	1.36.1-r19	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libcurl	CVE-2024-0853	中危	8.5.0-r0	8.6.0-r0	curl: OCSP verification bypass with TLS session reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0853 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-03 14:15 修改: 2024-05-03 13:15
libcurl	CVE-2024-2004	中危	8.5.0-r0	8.7.1-r0	curl: Usage of disabled protocol 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2004 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
libcurl	CVE-2024-2379	中危	8.5.0-r0	8.7.1-r0	curl: QUIC certificate check bypass with wolfSSL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
libcurl	CVE-2024-2466	中危	8.5.0-r0	8.7.1-r0	curl: TLS certificate check bypass with mbedTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2466 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-27 08:15 修改: 2024-08-23 19:35
libcurl	CVE-2024-6874	中危	8.5.0-r0	8.9.0-r0	curl: macidn punycode buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6874 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-07-24 08:15 修改: 2024-09-10 15:27
busybox-binsh	CVE-2023-42366	中危	1.36.1-r15	1.36.1-r16	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
c-ares	CVE-2024-25629	中危	1.24.0-r1	1.27.0-r0	c-ares: Out of bounds read in ares__read_line() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25629 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-23 15:15 修改: 2024-04-19 23:15
bind-libs	CVE-2023-5680	中危	9.18.19-r1	9.18.24-r0	bind9: Cleaning an ECS-enabled cache may cause excessive CPU load 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5680 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-13 14:15 修改: 2024-10-22 13:53
bind-tools	CVE-2023-5680	中危	9.18.19-r1	9.18.24-r0	bind9: Cleaning an ECS-enabled cache may cause excessive CPU load 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5680 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-13 14:15 修改: 2024-10-22 13:53
libssl3	CVE-2024-4603	中危	3.1.4-r5	3.1.5-r0	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libssl3	CVE-2024-4741	中危	3.1.4-r5	3.1.6-r0	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libssl3	CVE-2024-5535	中危	3.1.4-r5	3.1.6-r0	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libssl3	CVE-2024-6119	中危	3.1.4-r5	3.1.7-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
curl	CVE-2024-0853	中危	8.5.0-r0	8.6.0-r0	curl: OCSP verification bypass with TLS session reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0853 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-02-03 14:15 修改: 2024-05-03 13:15
libxml2	CVE-2024-34459	中危	2.11.6-r0	2.11.8-r0	libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-05-14 15:39 修改: 2024-08-22 18:35
mbedtls	CVE-2024-28960	中危	2.28.7-r0	2.28.8-r0	mbedtls: Insecure handling of shared memory in PSA Crypto APIs 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28960 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-03-29 06:15 修改: 2024-07-03 01:51
mbedtls	CVE-2024-45157	中危	2.28.7-r0	2.28.9-r0	An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45157 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-09-05 19:15 修改: 2024-09-12 16:29
curl	CVE-2024-2004	中危	8.5.0-r0	8.7.1-r0	curl: Usage of disabled protocol 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2004 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
curl	CVE-2024-2379	中危	8.5.0-r0	8.7.1-r0	curl: QUIC certificate check bypass with wolfSSL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
curl	CVE-2024-2466	中危	8.5.0-r0	8.7.1-r0	curl: TLS certificate check bypass with mbedTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2466 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-27 08:15 修改: 2024-08-23 19:35
orc	CVE-2024-40897	中危	0.4.34-r0	0.4.39-r0	orc: Stack-based buffer overflow vulnerability in ORC 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-40897 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-07-26 06:15 修改: 2024-08-27 13:52
ssl_client	CVE-2023-42363	中危	1.36.1-r15	1.36.1-r17	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
ssl_client	CVE-2023-42364	中危	1.36.1-r15	1.36.1-r19	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
ssl_client	CVE-2023-42365	中危	1.36.1-r15	1.36.1-r19	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
ssl_client	CVE-2023-42366	中危	1.36.1-r15	1.36.1-r16	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libssl3	CVE-2024-2511	低危	3.1.4-r5	3.1.4-r6	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libssl3	CVE-2024-9143	低危	3.1.4-r5	3.1.7-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2024-10-16 17:15 修改: 2024-10-18 12:53
git	CVE-2024-32021	低危	2.43.0-r0	2.43.4-r0	git: symlink bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32021 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-05-14 20:15 修改: 2024-06-26 10:15
glib	CVE-2024-34397	低危	2.78.4-r0	2.78.5-r0	glib2: Signal subscription vulnerabilities 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-05-07 18:15 修改: 2024-06-10 18:15
git	CVE-2024-32020	低危	2.43.0-r0	2.43.4-r0	git: insecure hardlinks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32020 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-05-14 19:15 修改: 2024-06-10 18:15
libcrypto3	CVE-2024-2511	低危	3.1.4-r5	3.1.4-r6	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2024-9143	低危	3.1.4-r5	3.1.7-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:72c06eca0d42d013af591706f7a2daee01131555396b59dfc9ef59d60cb9cabf 发布日期: 2024-10-16 17:15 修改: 2024-10-18 12:53
libdav1d	CVE-2024-1580	未知	1.3.0-r0	1.3.0-r1	An integer overflow in dav1d AV1 decoder that can occur when decoding ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1580 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-02-19 11:15 修改: 2024-03-27 18:15

Python (python-pkg)

低危漏洞:4

中危漏洞:14

高危漏洞:11

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
Authlib	CVE-2024-37568	高危	1.3.0	1.3.1	lepture Authlib before 1.3.1 has algorithm confusion with asymmetric p ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37568 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-06-09 19:15 修改: 2024-08-15 16:35
Js2Py	CVE-2024-28397	高危	0.74		js2py allows remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28397 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-06-20 17:15 修改: 2024-07-03 01:51
RestrictedPython	CVE-2024-47532	高危	7.0	7.3	RestrictedPython is a restricted execution environment for Python to r ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47532 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-09-30 16:15 修改: 2024-10-04 13:51
Werkzeug	CVE-2024-34069	高危	3.0.1	3.0.3	python-werkzeug: user may execute code on a developer's machine 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34069 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-05-06 15:15 修改: 2024-06-14 13:15
aiohttp	CVE-2024-30251	高危	3.9.3	3.9.4	aiohttp: DoS when trying to parse malformed POST requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30251 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-05-02 14:15 修改: 2024-05-02 18:00
ecdsa	CVE-2024-23342	高危	0.18.0		python-ecdsa: vulnerable to the Minerva attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23342 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-01-23 00:15 修改: 2024-02-06 18:36
python-jose	CVE-2024-33663	高危	3.3.0		python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33663 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-04-26 00:15 修改: 2024-09-03 20:15
setuptools	CVE-2024-6345	高危	69.0.3	70.0.0	pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345 镜像层: sha256:7dff9c20441b080f9ac5077de26fb5b25e21249361c1e5e35ba9047cab0bb7d1 发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
sqlparse	CVE-2024-4340	高危	0.4.4	0.5.0	sqlparse: parsing heavily nested list leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4340 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-04-30 15:15 修改: 2024-04-30 17:52
yt-dlp	CVE-2024-22423	高危	2023.11.16	2024.04.09	yt-dlp: `--exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581) 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22423 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-04-09 18:15 修改: 2024-04-10 16:15
yt-dlp	CVE-2024-38519	高危	2023.11.16	2024.07.01	`yt-dlp` and `youtube-dl` are command-line audio/video downloaders. Pr ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38519 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-07-02 14:15 修改: 2024-07-04 00:15
idna	CVE-2024-3651	中危	3.6	3.7	python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3651 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-07-07 18:15 修改: 2024-07-11 14:58
paramiko	CVE-2023-48795	中危	3.3.1	3.4.0	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2023-12-18 16:15 修改: 2024-05-01 18:15
pillow	CVE-2024-28219	中危	10.2.0	10.3.0	python-pillow: buffer overflow in _imagingcms.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28219 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-04-03 03:15 修改: 2024-08-20 20:35
pydantic	CVE-2024-3772	中危	1.10.12	2.4.0, 1.10.13	python-pydantic: regular expression denial of service via crafted email string 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3772 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-04-15 03:16 修改: 2024-04-26 02:15
aiohttp	CVE-2024-27306	中危	3.9.3	3.9.4	aiohttp: XSS on index pages for static file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27306 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-04-18 15:15 修改: 2024-05-02 03:15
python-jose	CVE-2024-33664	中危	3.3.0		python-jose: allows attackers to cause a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33664 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-04-26 00:15 修改: 2024-09-05 16:15
requests	CVE-2024-35195	中危	2.31.0	2.32.0	requests: subsequent requests to the same host ignore cert verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35195 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-05-20 21:15 修改: 2024-06-10 17:16
aiohttp	CVE-2024-42367	中危	3.9.3	3.10.2	aiohttp: python-aiohttp: Compressed files as symlinks are not protected from path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42367 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-08-12 13:38 修改: 2024-08-12 13:41
aiosmtpd	CVE-2024-34083	中危	1.4.5	1.4.6	aiosmptd is a reimplementation of the Python stdlib smtpd.py based on ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34083 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-05-18 19:15 修改: 2024-05-20 13:00
tornado	GHSA-753j-mpmx-qq6g	中危	6.4	6.4.1	Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado 漏洞详情: https://github.com/advisories/GHSA-753j-mpmx-qq6g 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tornado	GHSA-w235-7p84-xx57	中危	6.4	6.4.1	Tornado has a CRLF injection in CurlAsyncHTTPClient headers 漏洞详情: https://github.com/advisories/GHSA-w235-7p84-xx57 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
urllib3	CVE-2024-37891	中危	1.26.18	1.26.19, 2.2.2	urllib3: proxy-authorization request header is not stripped during cross-origin redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37891 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
cryptography	GHSA-h4gh-qq45-vh27	中危	42.0.5	43.0.1	pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels 漏洞详情: https://github.com/advisories/GHSA-h4gh-qq45-vh27 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
Jinja2	CVE-2024-34064	中危	3.1.3	3.1.4	jinja2: accepts keys containing non-attribute characters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34064 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-05-06 15:15 修改: 2024-06-10 18:15
certifi	CVE-2024-39689	低危	2024.2.2	2024.07.04	python-certifi: Remove root certificates from `GLOBALTRUST` from the root store 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39689 镜像层: sha256:552693b7cd753fc0aa852cca53755b5208d307f3ed3017f486e5ed8654d7b655 发布日期: 2024-07-05 19:15 修改: 2024-07-08 15:49
sentry-sdk	CVE-2024-40647	低危	1.40.3	2.8.0	sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-40647 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-07-18 17:15 修改: 2024-07-19 13:01
tqdm	CVE-2024-34062	低危	4.66.2	4.66.3	python-tqdm: non-boolean CLI arguments may lead to local code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34062 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 2024-05-03 10:15 修改: 2024-06-10 17:16
yt-dlp	GHSA-3v33-3wmw-3785	低危	2023.11.16	2024.07.07	yt-dlp has dependency on potentially malicious third-party code in Douyu extractors 漏洞详情: https://github.com/advisories/GHSA-3v33-3wmw-3785 镜像层: sha256:0e389906b2951a8e1f968bbad9cc6ba34dc6d90045ef24f8f583d4a3d21f735c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

usr/bin/tempio (gobinary)

低危漏洞:1

中危漏洞:23

高危漏洞:40

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17.1	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17.1	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17.1	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17.1	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/crypto	CVE-2021-43565	高危	v0.0.0-20201221181555-eec23a3978ad	0.0.0-20211202192323-5770296d904e	golang.org/x/crypto: empty plaintext packet causes panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43565 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:39
golang.org/x/crypto	CVE-2022-27191	高危	v0.0.0-20201221181555-eec23a3978ad	0.0.0-20220314234659-1baeb1ce4c0b	golang: crash in a golang.org/x/crypto/ssh server 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27191 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-03-18 07:15 修改: 2023-11-07 03:45
stdlib	CVE-2021-41771	高危	1.17.1	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17.1	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17.1	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17.1	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17.1	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17.1	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17.1	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17.1	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17.1	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17.1	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17.1	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17.1	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17.1	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17.1	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17.1	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17.1	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17.1	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17.1	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17.1	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17.1	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17.1	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17.1	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-11-02 16:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41720	高危	1.17.1	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17.1	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17.1	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17.1	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17.1	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17.1	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17.1	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17.1	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24539	高危	1.17.1	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29400	高危	1.17.1	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:11
stdlib	CVE-2023-29403	高危	1.17.1	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-06-08 21:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39325	高危	1.17.1	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17.1	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17.1	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17.1	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17.1	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/crypto	CVE-2023-48795	中危	v0.0.0-20201221181555-eec23a3978ad	0.17.0	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-12-18 16:15 修改: 2024-05-01 18:15
stdlib	CVE-2021-44717	中危	1.17.1	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17.1	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17.1	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17.1	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17.1	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17.1	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17.1	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17.1	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17.1	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17.1	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17.1	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17.1	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17.1	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17.1	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2023-45290	中危	1.17.1	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24783	中危	1.17.1	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24784	中危	1.17.1	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17.1	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17.1	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17.1	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17.1	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-09-06 21:15 修改: 2024-09-09 13:03
stdlib	CVE-2024-34158	中危	1.17.1	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17.1	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:f2538449c12b1345b0ebdf5cfb74871fe9922fd242f3010f7bbd693c6c6f0489 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/lib/libdovi.so.3.2.0 (rustbinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/lib/librav1e.so.0.6.6 (rustbinary)

低危漏洞:0

中危漏洞:1

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
rustix	CVE-2024-43806	中危	0.37.19	0.35.15, 0.36.16, 0.37.25, 0.38.19	Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using `r ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43806 镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5 发布日期: 2024-08-26 19:15 修改: 2024-08-27 13:02

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

rustix

CVE-2024-43806

中危

0.37.19

0.35.15, 0.36.16, 0.37.25, 0.38.19

Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using `r ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43806

镜像层: sha256:dc94917952391edc3e1fbd2d5d6775c6dfd612b43420726a71d9ad229a7637a5

发布日期: 2024-08-26 19:15 修改: 2024-08-27 13:02