ghcr.io/iflytek/skillhub-scanner:v0.2.13 linux/amd64

ghcr.io/iflytek/skillhub-scanner:v0.2.13 - Trivy安全扫描结果 扫描时间: 2026-07-14 09:27
全部漏洞信息
低危漏洞:1 中危漏洞:4 高危漏洞:3 严重漏洞:0

系统OS: alpine 3.24.1 扫描引擎: Trivy 扫描时间: 2026-07-14 09:27

ghcr.io/iflytek/skillhub-scanner:v0.2.13 (alpine 3.24.1) (alpine)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Python (python-pkg)
低危漏洞:1 中危漏洞:4 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
jaraco.context CVE-2026-23949 高危 5.3.0 6.1.0 jaraco.context: jaraco.context: Path traversal via malicious tar archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23949

镜像层: sha256:35a407ceec45c048323a39a16aa3be6e9425c181c42329a76017a46d0546adaa

发布日期: 2026-01-20 01:15 修改: 2026-06-17 10:22

wheel CVE-2026-24049 高危 0.45.1 0.46.2 wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24049

镜像层: sha256:35a407ceec45c048323a39a16aa3be6e9425c181c42329a76017a46d0546adaa

发布日期: 2026-01-22 05:16 修改: 2026-07-01 13:16

wheel CVE-2026-24049 高危 0.45.1 0.46.2 wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24049

镜像层: sha256:35a407ceec45c048323a39a16aa3be6e9425c181c42329a76017a46d0546adaa

发布日期: 2026-01-22 05:16 修改: 2026-07-01 13:16

pip CVE-2026-6357 中危 24.0 26.1 pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357

镜像层: sha256:35a407ceec45c048323a39a16aa3be6e9425c181c42329a76017a46d0546adaa

发布日期: 2026-04-27 15:16 修改: 2026-06-17 11:00

pip CVE-2026-8643 中危 24.0 26.1.2 python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8643

镜像层: sha256:35a407ceec45c048323a39a16aa3be6e9425c181c42329a76017a46d0546adaa

发布日期: 2026-06-01 17:17 修改: 2026-07-10 12:17

pip CVE-2025-8869 中危 24.0 25.3 pip: pip missing checks on symbolic link extraction

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8869

镜像层: sha256:35a407ceec45c048323a39a16aa3be6e9425c181c42329a76017a46d0546adaa

发布日期: 2025-09-24 15:15 修改: 2026-06-17 10:07

pip CVE-2026-3219 中危 24.0 26.1 pip: pip: Incorrect file installation due to improper archive handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219

镜像层: sha256:35a407ceec45c048323a39a16aa3be6e9425c181c42329a76017a46d0546adaa

发布日期: 2026-04-20 16:16 修改: 2026-06-17 10:43

pip CVE-2026-1703 低危 24.0 26.0 pip: pip: Information disclosure via path traversal when installing crafted wheel archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703

镜像层: sha256:35a407ceec45c048323a39a16aa3be6e9425c181c42329a76017a46d0546adaa

发布日期: 2026-02-02 15:16 修改: 2026-06-17 10:16

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×