ghcr.io/prefix-dev/pixi:0.68.1-noble linux/amd64

ghcr.io/prefix-dev/pixi:0.68.1-noble - Trivy安全扫描结果 扫描时间: 2026-05-14 16:35
全部漏洞信息
低危漏洞:3 中危漏洞:18 高危漏洞:0 严重漏洞:0

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2026-05-14 16:35

ghcr.io/prefix-dev/pixi:0.68.1-noble (ubuntu 24.04) (ubuntu)
低危漏洞:3 中危漏洞:18 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bsdutils CVE-2026-27456 中危 1:2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
dpkg CVE-2026-2219 中危 1.22.6ubuntu6.5 1.22.6ubuntu6.6 It was discovered that dpkg-deb (a component of dpkg, the Debian packa ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2219

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-07 09:16 修改: 2026-03-09 15:15
libblkid1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libc-bin CVE-2026-4046 中危 2.39-0ubuntu8.7 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-bin CVE-2026-4437 中危 2.39-0ubuntu8.7 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc-bin CVE-2026-4438 中危 2.39-0ubuntu8.7 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libc6 CVE-2026-4046 中危 2.39-0ubuntu8.7 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc6 CVE-2026-4437 中危 2.39-0ubuntu8.7 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc6 CVE-2026-4438 中危 2.39-0ubuntu8.7 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libcap2 CVE-2026-4878 中危 1:2.66-5ubuntu2.2 1:2.66-5ubuntu2.4 libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-09 16:16 修改: 2026-05-07 22:16
libmount1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libsmartcols1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libuuid1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
mount CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
sed CVE-2026-5958 中危 4.9-2build1 4.9-2ubuntu0.24.04.1 When sed is invoked with both -i (in-place edit) and --follow-symlinks ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-20 12:16 修改: 2026-04-20 19:05
tar CVE-2025-45582 中危 1.35+dfsg-3build1 tar: Tar path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
tar CVE-2026-5704 中危 1.35+dfsg-3build1 tar: tar: Hidden file injection via crafted archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:08
util-linux CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libgcrypt20 CVE-2024-2236 低危 1.10.3-2build1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
passwd CVE-2024-56433 低危 1:4.13+dfsg1-4ubuntu3.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
login CVE-2024-56433 低危 1:4.13+dfsg1-4ubuntu3.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:538812a4b9bd45adaac2b5e5b967daa6999aa44eb110aa32ae7c69702b906475

发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35