ghcr.io/varun-raj/immich-power-tools:latest - Trivy镜像安全扫描结果

全部漏洞信息

低危漏洞:3

中危漏洞:1

高危漏洞:4

严重漏洞:0

系统OS: alpine 3.20.3 扫描引擎: Trivy 扫描时间: 2024-12-19 21:11

ghcr.io/varun-raj/immich-power-tools:latest (alpine 3.20.3) (alpine)

低危漏洞:2

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libcrypto3	CVE-2024-9143	低危	3.3.2-r0	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3	CVE-2024-9143	低危	3.3.2-r0	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

libcrypto3

CVE-2024-9143

低危

3.3.2-r0

3.3.2-r1

openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35

libssl3

CVE-2024-9143

低危

3.3.2-r0

3.3.2-r1

openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35

Node.js (node-pkg)

低危漏洞:1

中危漏洞:1

高危漏洞:4

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
chrono-node	CVE-2021-23371	高危	1.4.9	2.2.4	Denial of service in chrono-node 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23371 镜像层: sha256:d2969f91c3d41be052878629bc2f25010ca9fd25f802931b317cf57e78e9160d 发布日期: 2021-04-12 13:15 修改: 2021-04-20 00:14
cross-spawn	CVE-2024-21538	高危	7.0.3	7.0.5, 6.0.6	cross-spawn: regular expression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538 镜像层: sha256:83ada9b02fd6a718e75515321c3b091a840e44c8911285764e4cb6f2f2084551 发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
next	CVE-2024-46982	高危	14.2.5	13.5.7, 14.2.10	Next.js Cache Poisoning 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-46982 镜像层: sha256:d2969f91c3d41be052878629bc2f25010ca9fd25f802931b317cf57e78e9160d 发布日期: 2024-09-17 22:15 修改: 2024-09-20 12:30
next	CVE-2024-51479	高危	14.2.5	14.2.15	next.js: next: authorization bypass in Next.js 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51479 镜像层: sha256:d2969f91c3d41be052878629bc2f25010ca9fd25f802931b317cf57e78e9160d 发布日期: 2024-12-17 19:15 修改: 2024-12-17 19:15
next	CVE-2024-47831	中危	14.2.5	14.2.7	next.js: Next.js image optimization has Denial of Service condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47831 镜像层: sha256:d2969f91c3d41be052878629bc2f25010ca9fd25f802931b317cf57e78e9160d 发布日期: 2024-10-14 18:15 修改: 2024-11-08 15:39
cookie	CVE-2024-47764	低危	0.6.0	0.7.0	cookie: cookie accepts cookie name, path, and domain with out of bounds characters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764 镜像层: sha256:d2969f91c3d41be052878629bc2f25010ca9fd25f802931b317cf57e78e9160d 发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48

ghcr.io/varun-raj/immich-power-tools:latest linux/amd64

全部漏洞信息

ghcr.io/varun-raj/immich-power-tools:latest (alpine 3.20.3) (alpine)

Node.js (node-pkg)