quay.io/biocontainers/edta:2.2.0--hdfd78af_1 linux/amd64

quay.io/biocontainers/edta:2.2.0--hdfd78af_1 - Trivy安全扫描结果扫描时间: 2024-11-05 00:52

全部漏洞信息

低危漏洞:6

中危漏洞:96

高危漏洞:129

严重漏洞:14

系统OS: debian 12.2 扫描引擎: Trivy 扫描时间: 2024-11-05 00:52

quay.io/biocontainers/edta:2.2.0--hdfd78af_1 (debian 12.2) (debian)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

Node.js (node-pkg)

低危漏洞:1

中危漏洞:1

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
ip	CVE-2024-29415	高危	2.0.0		node-ip: Incomplete fix for CVE-2023-42282 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35
tar	CVE-2024-28863	中危	6.1.15	6.2.1	node-tar: denial of service while parsing a tar file due to lack of folders depth validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16
ip	CVE-2023-42282	低危	2.0.0	2.0.1, 1.1.9	nodejs-ip: arbitrary code execution via the isPublic() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

CVE-2024-29415

高危

2.0.0

node-ip: Incomplete fix for CVE-2023-42282

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29415

镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721

发布日期: 2024-05-27 20:15 修改: 2024-08-16 14:35

tar

CVE-2024-28863

中危

6.1.15

6.2.1

node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16

CVE-2023-42282

低危

2.0.0

2.0.1, 1.1.9

nodejs-ip: arbitrary code execution via the isPublic() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42282

镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721

发布日期: 2024-02-08 17:15 修改: 2024-10-09 15:14

Python (python-pkg)

低危漏洞:2

中危漏洞:17

高危漏洞:5

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
pyarrow	CVE-2023-47248	严重	13.0.0	14.0.1	PyArrow: Arbitrary code execution when loading a malicious data file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47248 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-11-09 09:15 修改: 2023-11-29 03:15
aiohttp	CVE-2024-30251	高危	3.9.1	3.9.4	aiohttp: DoS when trying to parse malformed POST requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30251 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-05-02 14:15 修改: 2024-05-02 18:00
cryptography	CVE-2023-50782	高危	41.0.7	42.0.0	python-cryptography: Bleichenbacher timing oracle attack against RSA decryption - incomplete fix for CVE-2020-25659 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50782 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-02-05 21:15 修改: 2024-09-27 19:15
cryptography	CVE-2024-26130	高危	41.0.7	42.0.4	python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26130 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-02-21 17:15 修改: 2024-02-22 19:07
Werkzeug	CVE-2024-34069	高危	3.0.1	3.0.3	python-werkzeug: user may execute code on a developer's machine 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34069 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-05-06 15:15 修改: 2024-06-14 13:15
setuptools	CVE-2024-6345	高危	69.0.3	70.0.0	pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
aiohttp	CVE-2024-23829	中危	3.9.1	3.9.2	python-aiohttp: http request smuggling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23829 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-01-29 23:15 修改: 2024-02-09 03:15
aiohttp	CVE-2024-27306	中危	3.9.1	3.9.4	aiohttp: XSS on index pages for static file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27306 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-04-18 15:15 修改: 2024-05-02 03:15
aiohttp	CVE-2024-42367	中危	3.9.1	3.10.2	aiohttp: python-aiohttp: Compressed files as symlinks are not protected from path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42367 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-08-12 13:38 修改: 2024-08-12 13:41
Werkzeug	CVE-2024-49766	中危	3.0.1	3.0.6	werkzeug: python-werkzeug: Werkzeug safe_join not safe on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-49766 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-10-25 20:15 修改: 2024-10-28 13:58
Werkzeug	CVE-2024-49767	中危	3.0.1	3.0.6	werkzeug: python-werkzeug: Werkzeug possible resource exhaustion when parsing file data in forms 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-49767 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-10-25 20:15 修改: 2024-10-28 13:58
cryptography	CVE-2024-0727	中危	41.0.7	42.0.2	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
cryptography	GHSA-h4gh-qq45-vh27	中危	41.0.7	43.0.1	pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels 漏洞详情: https://github.com/advisories/GHSA-h4gh-qq45-vh27 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
idna	CVE-2024-3651	中危	3.6	3.7	python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3651 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-07-07 18:15 修改: 2024-07-11 14:58
pillow	CVE-2024-28219	中危	10.2.0	10.3.0	python-pillow: buffer overflow in _imagingcms.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28219 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-04-03 03:15 修改: 2024-08-20 20:35
Jinja2	CVE-2024-34064	中危	3.1.3	3.1.4	jinja2: accepts keys containing non-attribute characters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34064 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-05-06 15:15 修改: 2024-06-10 18:15
requests	CVE-2024-35195	中危	2.31.0	2.32.0	requests: subsequent requests to the same host ignore cert verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35195 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-05-20 21:15 修改: 2024-06-10 17:16
scikit-learn	CVE-2024-5206	中危	1.3.2	1.5.0	scikit-learn: Possible sensitive data leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5206 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-06-06 19:16 修改: 2024-10-24 19:48
aiohttp	CVE-2024-23334	中危	3.9.1	3.9.2	aiohttp: follow_symlinks directory traversal vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23334 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-01-29 23:15 修改: 2024-02-09 03:15
tornado	GHSA-753j-mpmx-qq6g	中危	6.3.3	6.4.1	Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado 漏洞详情: https://github.com/advisories/GHSA-753j-mpmx-qq6g 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tornado	GHSA-w235-7p84-xx57	中危	6.3.3	6.4.1	Tornado has a CRLF injection in CurlAsyncHTTPClient headers 漏洞详情: https://github.com/advisories/GHSA-w235-7p84-xx57 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
urllib3	CVE-2024-37891	中危	2.1.0	1.26.19, 2.2.2	urllib3: proxy-authorization request header is not stripped during cross-origin redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37891 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
zipp	CVE-2024-5569	中危	3.17.0	3.19.1	github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5569 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-07-09 00:15 修改: 2024-07-09 18:19
certifi	CVE-2024-39689	低危	2023.11.17	2024.07.04	python-certifi: Remove root certificates from `GLOBALTRUST` from the root store 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39689 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-07-05 19:15 修改: 2024-07-08 15:49
tqdm	CVE-2024-34062	低危	4.66.1	4.66.3	python-tqdm: non-boolean CLI arguments may lead to local code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34062 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-05-03 10:15 修改: 2024-06-10 17:16

usr/local/bin/rchive.Linux (gobinary)

低危漏洞:1

中危漏洞:22

高危漏洞:40

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/text	CVE-2022-32149	高危	v0.3.7	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:11
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-06-08 21:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 13:03
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/transmute.Linux (gobinary)

低危漏洞:1

中危漏洞:22

高危漏洞:40

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/text	CVE-2022-32149	高危	v0.3.7	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:11
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-06-08 21:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 13:03
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/xtract.Linux (gobinary)

低危漏洞:1

中危漏洞:23

高危漏洞:40

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/text	CVE-2022-32149	高危	v0.3.7	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:11
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-06-08 21:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20200223170610-d5e6a3e2c0ae	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 13:03
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/libexec/mafft/dash_client (gobinary)

低危漏洞:0

中危漏洞:11

高危漏洞:3

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2024-24790	严重	1.21.3	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2023-45283	高危	1.21.3	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45288	高危	1.21.3	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.21.3	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2023-39326	中危	1.21.3	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.21.3	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.21.3	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2023-45290	中危	1.21.3	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24783	中危	1.21.3	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24784	中危	1.21.3	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.21.3	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.21.3	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.21.3	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.21.3	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 13:03
stdlib	CVE-2024-34158	中危	1.21.3	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:f0353efd089b24d563d1b75532a4e5fc20177aff730467aaaf00e7024a120721 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35