ghcr.io/openshift-psap/llm-load-test:latest linux/amd64

ghcr.io/openshift-psap/llm-load-test:latest - Trivy安全扫描结果 扫描时间: 2026-05-19 17:16
全部漏洞信息
低危漏洞:1 中危漏洞:5 高危漏洞:10 严重漏洞:0

系统OS: centos-stream 9 扫描引擎: Trivy 扫描时间: 2026-05-19 17:16

Python (python-pkg)
低危漏洞:1 中危漏洞:5 高危漏洞:10 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
protobuf CVE-2026-0994 高危 6.31.1 6.33.5, 5.29.6 python: protobuf: Protobuf: Denial of Service due to recursion depth bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0994

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2026-01-23 15:16 修改: 2026-04-09 14:19
pyasn1 CVE-2026-23490 高危 0.6.1 0.6.2 pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23490

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2026-01-16 19:16 修改: 2026-03-13 14:19
pyasn1 CVE-2026-30922 高危 0.6.1 0.6.3 pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-30922

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2026-03-18 04:17 修改: 2026-05-01 17:16
setuptools CVE-2022-40897 高危 53.0.0 65.5.1 pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2022-12-23 00:15 修改: 2025-11-04 16:15
setuptools CVE-2024-6345 高危 53.0.0 70.0.0 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2024-07-15 01:15 修改: 2026-04-15 00:35
setuptools CVE-2025-47273 高危 53.0.0 78.1.1 setuptools: Path Traversal Vulnerability in setuptools PackageIndex

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47273

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2025-05-17 16:15 修改: 2025-06-12 16:29
urllib3 CVE-2025-66418 高危 2.5.0 2.6.0 urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66418

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2025-12-05 16:15 修改: 2025-12-10 16:08
urllib3 CVE-2025-66471 高危 2.5.0 2.6.0 urllib3: urllib3 Streaming API improperly handles highly compressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66471

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2025-12-05 17:16 修改: 2025-12-10 16:10
urllib3 CVE-2026-21441 高危 2.5.0 2.6.3 urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21441

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2026-01-07 22:15 修改: 2026-01-23 09:15
urllib3 CVE-2026-44431 高危 2.5.0 2.7.0 urllib3: Sensitive headers forwarded across origins in proxied low-level redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44431

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
pip CVE-2025-8869 中危 21.3.1 25.3 pip: pip missing checks on symbolic link extraction

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8869

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2025-09-24 15:15 修改: 2026-04-15 00:35
pip CVE-2026-3219 中危 21.3.1 pip: pip: Incorrect file installation due to improper archive handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2026-04-20 16:16 修改: 2026-04-20 21:16
requests CVE-2026-25645 中危 2.32.4 2.33.0 requests: Requests: Security bypass due to predictable temporary file creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25645

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2026-03-25 17:16 修改: 2026-03-30 14:23
pip CVE-2026-6357 中危 21.3.1 26.1 pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2026-04-27 15:16 修改: 2026-04-27 23:16
pip CVE-2023-5752 中危 21.3.1 23.3 pip: Mercurial configuration injectable in repo revision when installing via pip

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5752

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2023-10-25 18:17 修改: 2025-11-03 18:15
pip CVE-2026-1703 低危 21.3.1 26.0 pip: pip: Information disclosure via path traversal when installing crafted wheel archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703

镜像层: sha256:5a7c3a57fef141e6a1e540902894bc08c30d46c1d94b09be6386a27447af1e94

发布日期: 2026-02-02 15:16 修改: 2026-04-15 00:35