registry.k8s.io/ingress-nginx/controller:v1.7.0 linux/amd64

registry.k8s.io/ingress-nginx/controller:v1.7.0 - Trivy安全扫描结果扫描时间: 2024-11-09 19:25

全部漏洞信息

低危漏洞:12

中危漏洞:131

高危漏洞:48

严重漏洞:11

系统OS: alpine 3.17.2 扫描引擎: Trivy 扫描时间: 2024-11-09 19:25

registry.k8s.io/ingress-nginx/controller:v1.7.0 (alpine 3.17.2) (alpine)

低危漏洞:10

中危漏洞:77

高危漏洞:15

严重漏洞:2

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
curl	CVE-2023-38545	严重	7.88.1-r1	8.4.0-r0	curl: heap based buffer overflow in the SOCKS5 proxy handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38545 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-10-18 04:15 修改: 2024-10-17 22:35
libcurl	CVE-2023-38545	严重	7.88.1-r1	8.4.0-r0	curl: heap based buffer overflow in the SOCKS5 proxy handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38545 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-10-18 04:15 修改: 2024-10-17 22:35
curl	CVE-2023-38039	高危	7.88.1-r1	8.3.0-r0	curl: out of heap memory issue due to missing limit on header quantity 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38039 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-09-15 04:15 修改: 2024-04-01 15:45
curl	CVE-2024-2398	高危	7.88.1-r1	8.7.1-r0	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
curl	CVE-2024-6197	高危	7.88.1-r1	8.9.0-r0	curl: freeing stack buffer in utf8asn1str 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6197 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-07-24 08:15 修改: 2024-08-26 15:25
libcrypto3	CVE-2023-5363	高危	3.0.8-r1	3.0.12-r0	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-10-25 18:17 修改: 2024-10-14 15:15
curl	CVE-2023-28319	高危	7.88.1-r1	8.1.0-r0	curl: use after free in SSH sha256 fingerprint check 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28319 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-26 21:15 修改: 2023-10-20 18:42
libcurl	CVE-2023-28319	高危	7.88.1-r1	8.1.0-r0	curl: use after free in SSH sha256 fingerprint check 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28319 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-26 21:15 修改: 2023-10-20 18:42
libcurl	CVE-2023-38039	高危	7.88.1-r1	8.3.0-r0	curl: out of heap memory issue due to missing limit on header quantity 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38039 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-09-15 04:15 修改: 2024-04-01 15:45
libcurl	CVE-2024-2398	高危	7.88.1-r1	8.7.1-r0	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
libcurl	CVE-2024-6197	高危	7.88.1-r1	8.9.0-r0	curl: freeing stack buffer in utf8asn1str 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6197 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-07-24 08:15 修改: 2024-08-26 15:25
libssl3	CVE-2023-5363	高危	3.0.8-r1	3.0.12-r0	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-10-25 18:17 修改: 2024-10-14 15:15
ncurses-libs	CVE-2023-29491	高危	6.3_p20221119-r0	6.3_p20221119-r1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:13b3477869009cd6f8666d686b0be67a9dd6cfae8ab448acf56b6166831653da 发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
ncurses-terminfo-base	CVE-2023-29491	高危	6.3_p20221119-r0	6.3_p20221119-r1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:13b3477869009cd6f8666d686b0be67a9dd6cfae8ab448acf56b6166831653da 发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
nghttp2-libs	CVE-2023-35945	高危	1.51.0-r0	1.51.0-r1	envoy: HTTP/2 memory leak in nghttp2 codec 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-35945 镜像层: sha256:13b3477869009cd6f8666d686b0be67a9dd6cfae8ab448acf56b6166831653da 发布日期: 2023-07-13 21:15 修改: 2023-10-24 17:26
nghttp2-libs	CVE-2023-44487	高危	1.51.0-r0	1.51.0-r2	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:13b3477869009cd6f8666d686b0be67a9dd6cfae8ab448acf56b6166831653da 发布日期: 2023-10-10 14:15 修改: 2024-08-14 19:57
openssl	CVE-2023-5363	高危	3.0.8-r1	3.0.12-r0	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-10-25 18:17 修改: 2024-10-14 15:15
curl	CVE-2024-0853	中危	7.88.1-r1	8.6.0-r0	curl: OCSP verification bypass with TLS session reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0853 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-02-03 14:15 修改: 2024-05-03 13:15
curl	CVE-2024-2004	中危	7.88.1-r1	8.7.1-r0	curl: Usage of disabled protocol 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2004 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-03-27 08:15 修改: 2024-10-29 16:35
curl	CVE-2024-2379	中危	7.88.1-r1	8.7.1-r0	curl: QUIC certificate check bypass with wolfSSL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
curl	CVE-2024-2466	中危	7.88.1-r1	8.7.1-r0	curl: TLS certificate check bypass with mbedTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2466 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-03-27 08:15 修改: 2024-08-23 19:35
curl	CVE-2024-6874	中危	7.88.1-r1	8.9.0-r0	curl: macidn punycode buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6874 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-07-24 08:15 修改: 2024-09-10 15:27
busybox-binsh	CVE-2023-42364	中危	1.35.0-r29	1.35.0-r31	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
libcrypto3	CVE-2023-0465	中危	3.0.8-r1	3.0.8-r2	openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
libcrypto3	CVE-2023-0466	中危	3.0.8-r1	3.0.8-r3	openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
libcrypto3	CVE-2023-1255	中危	3.0.8-r1	3.0.8-r4	openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1255 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-04-20 17:15 修改: 2023-09-08 17:15
libcrypto3	CVE-2023-2650	中危	3.0.8-r1	3.0.9-r0	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15
libcrypto3	CVE-2023-2975	中危	3.0.8-r1	3.0.9-r2	openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2975 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-07-14 12:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2023-3446	中危	3.0.8-r1	3.0.9-r3	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2023-3817	中危	3.0.8-r1	3.0.10-r0	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2023-5678	中危	3.0.8-r1	3.0.12-r1	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2023-6129	中危	3.0.8-r1	3.0.12-r2	mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-01-09 17:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2023-6237	中危	3.0.8-r1	3.0.12-r3	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-04-25 07:15 修改: 2024-11-01 15:35
libcrypto3	CVE-2024-0727	中危	3.0.8-r1	3.0.12-r4	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2024-4603	中危	3.0.8-r1	3.0.13-r0	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2024-4741	中危	3.0.8-r1	3.0.14-r0	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcrypto3	CVE-2024-5535	中危	3.0.8-r1	3.0.14-r0	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libcrypto3	CVE-2024-6119	中危	3.0.8-r1	3.0.15-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
busybox-binsh	CVE-2023-42365	中危	1.35.0-r29	1.35.0-r31	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox-binsh	CVE-2023-42366	中危	1.35.0-r29	1.35.0-r30	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
busybox	CVE-2023-42363	中危	1.35.0-r29	1.35.0-r31	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
busybox	CVE-2023-42364	中危	1.35.0-r29	1.35.0-r31	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
busybox	CVE-2023-42365	中危	1.35.0-r29	1.35.0-r31	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libcurl	CVE-2023-28320	中危	7.88.1-r1	8.1.0-r0	curl: siglongjmp race condition may lead to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28320 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-26 21:15 修改: 2023-10-20 18:42
libcurl	CVE-2023-28321	中危	7.88.1-r1	8.1.0-r0	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-26 21:15 修改: 2023-11-07 04:10
libcurl	CVE-2023-46218	中危	7.88.1-r1	8.5.0-r0	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15
libcurl	CVE-2023-46219	中危	7.88.1-r1	8.5.0-r0	curl: excessively long file name may lead to unknown HSTS status 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46219 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-12-12 02:15 修改: 2024-01-19 16:15
libcurl	CVE-2024-0853	中危	7.88.1-r1	8.6.0-r0	curl: OCSP verification bypass with TLS session reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0853 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-02-03 14:15 修改: 2024-05-03 13:15
libcurl	CVE-2024-2004	中危	7.88.1-r1	8.7.1-r0	curl: Usage of disabled protocol 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2004 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-03-27 08:15 修改: 2024-10-29 16:35
libcurl	CVE-2024-2379	中危	7.88.1-r1	8.7.1-r0	curl: QUIC certificate check bypass with wolfSSL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
libcurl	CVE-2024-2466	中危	7.88.1-r1	8.7.1-r0	curl: TLS certificate check bypass with mbedTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2466 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-03-27 08:15 修改: 2024-08-23 19:35
libcurl	CVE-2024-6874	中危	7.88.1-r1	8.9.0-r0	curl: macidn punycode buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6874 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-07-24 08:15 修改: 2024-09-10 15:27
busybox	CVE-2023-42366	中危	1.35.0-r29	1.35.0-r30	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libssl3	CVE-2023-0465	中危	3.0.8-r1	3.0.8-r2	openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
libssl3	CVE-2023-0466	中危	3.0.8-r1	3.0.8-r3	openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
libssl3	CVE-2023-1255	中危	3.0.8-r1	3.0.8-r4	openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1255 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-04-20 17:15 修改: 2023-09-08 17:15
libssl3	CVE-2023-2650	中危	3.0.8-r1	3.0.9-r0	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15
libssl3	CVE-2023-2975	中危	3.0.8-r1	3.0.9-r2	openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2975 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-07-14 12:15 修改: 2024-10-14 15:15
libssl3	CVE-2023-3446	中危	3.0.8-r1	3.0.9-r3	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15
libssl3	CVE-2023-3817	中危	3.0.8-r1	3.0.10-r0	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15
libssl3	CVE-2023-5678	中危	3.0.8-r1	3.0.12-r1	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
libssl3	CVE-2023-6129	中危	3.0.8-r1	3.0.12-r2	mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-01-09 17:15 修改: 2024-10-14 15:15
libssl3	CVE-2023-6237	中危	3.0.8-r1	3.0.12-r3	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-04-25 07:15 修改: 2024-11-01 15:35
libssl3	CVE-2024-0727	中危	3.0.8-r1	3.0.12-r4	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
libssl3	CVE-2024-4603	中危	3.0.8-r1	3.0.13-r0	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libssl3	CVE-2024-4741	中危	3.0.8-r1	3.0.14-r0	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libssl3	CVE-2024-5535	中危	3.0.8-r1	3.0.14-r0	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libssl3	CVE-2024-6119	中危	3.0.8-r1	3.0.15-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
libxml2	CVE-2023-28484	中危	2.10.3-r1	2.10.4-r0	libxml2: NULL dereference in xmlSchemaFixupComplexType 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28484 镜像层: sha256:13b3477869009cd6f8666d686b0be67a9dd6cfae8ab448acf56b6166831653da 发布日期: 2023-04-24 21:15 修改: 2024-02-01 17:15
libxml2	CVE-2023-29469	中危	2.10.3-r1	2.10.4-r0	libxml2: Hashing of empty dict strings isn't deterministic 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29469 镜像层: sha256:13b3477869009cd6f8666d686b0be67a9dd6cfae8ab448acf56b6166831653da 发布日期: 2023-04-24 21:15 修改: 2023-06-01 14:15
busybox-binsh	CVE-2023-42363	中危	1.35.0-r29	1.35.0-r31	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
curl	CVE-2023-28320	中危	7.88.1-r1	8.1.0-r0	curl: siglongjmp race condition may lead to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28320 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-26 21:15 修改: 2023-10-20 18:42
curl	CVE-2023-28321	中危	7.88.1-r1	8.1.0-r0	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-26 21:15 修改: 2023-11-07 04:10
curl	CVE-2023-46218	中危	7.88.1-r1	8.5.0-r0	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15
curl	CVE-2023-46219	中危	7.88.1-r1	8.5.0-r0	curl: excessively long file name may lead to unknown HSTS status 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46219 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-12-12 02:15 修改: 2024-01-19 16:15
openssl	CVE-2023-0465	中危	3.0.8-r1	3.0.8-r2	openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
openssl	CVE-2023-0466	中危	3.0.8-r1	3.0.8-r3	openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
openssl	CVE-2023-1255	中危	3.0.8-r1	3.0.8-r4	openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1255 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-04-20 17:15 修改: 2023-09-08 17:15
openssl	CVE-2023-2650	中危	3.0.8-r1	3.0.9-r0	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15
openssl	CVE-2023-2975	中危	3.0.8-r1	3.0.9-r2	openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2975 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-07-14 12:15 修改: 2024-10-14 15:15
openssl	CVE-2023-3446	中危	3.0.8-r1	3.0.9-r3	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15
openssl	CVE-2023-3817	中危	3.0.8-r1	3.0.10-r0	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15
openssl	CVE-2023-5678	中危	3.0.8-r1	3.0.12-r1	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
openssl	CVE-2023-6129	中危	3.0.8-r1	3.0.12-r2	mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-01-09 17:15 修改: 2024-10-14 15:15
openssl	CVE-2023-6237	中危	3.0.8-r1	3.0.12-r3	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-04-25 07:15 修改: 2024-11-01 15:35
openssl	CVE-2024-0727	中危	3.0.8-r1	3.0.12-r4	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
openssl	CVE-2024-4603	中危	3.0.8-r1	3.0.13-r0	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
openssl	CVE-2024-4741	中危	3.0.8-r1	3.0.14-r0	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
openssl	CVE-2024-5535	中危	3.0.8-r1	3.0.14-r0	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
openssl	CVE-2024-6119	中危	3.0.8-r1	3.0.15-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
ssl_client	CVE-2023-42363	中危	1.35.0-r29	1.35.0-r31	busybox: use-after-free in awk 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42363 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 22:15 修改: 2023-11-30 05:06
ssl_client	CVE-2023-42364	中危	1.35.0-r29	1.35.0-r31	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42364 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 23:15 修改: 2024-10-11 21:36
ssl_client	CVE-2023-42365	中危	1.35.0-r29	1.35.0-r31	busybox: use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42365 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
ssl_client	CVE-2023-42366	中危	1.35.0-r29	1.35.0-r30	busybox: A heap-buffer-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366 镜像层: sha256:7cd52847ad775a5ddc4b58326cf884beee34544296402c6292ed76474c686d39 发布日期: 2023-11-27 23:15 修改: 2023-11-30 05:08
libcrypto3	CVE-2024-2511	低危	3.0.8-r1	3.0.12-r5	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libcrypto3	CVE-2024-9143	低危	3.0.8-r1	3.0.15-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
curl	CVE-2023-28322	低危	7.88.1-r1	8.1.0-r0	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15
curl	CVE-2023-38546	低危	7.88.1-r1	8.4.0-r0	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15
openssl	CVE-2024-2511	低危	3.0.8-r1	3.0.12-r5	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
openssl	CVE-2024-9143	低危	3.0.8-r1	3.0.15-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3	CVE-2024-2511	低危	3.0.8-r1	3.0.12-r5	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libssl3	CVE-2024-9143	低危	3.0.8-r1	3.0.15-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libcurl	CVE-2023-28322	低危	7.88.1-r1	8.1.0-r0	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15
libcurl	CVE-2023-38546	低危	7.88.1-r1	8.4.0-r0	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:82918812d50222183a7ea99d0e5b08541b9d6fe10874140c909f1988a5bd742e 发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15

dbg (gobinary)

低危漏洞:0

中危漏洞:16

高危漏洞:10

严重漏洞:3

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2023-24538	严重	1.20.1	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.20.1	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.20.1	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2023-24534	高危	1.20.1	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.20.1	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.20.1	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24539	高危	1.20.1	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29400	高危	1.20.1	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:11
stdlib	CVE-2023-29403	高危	1.20.1	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-06-08 21:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39325	高危	1.20.1	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.20.1	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45288	高危	1.20.1	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.20.1	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2023-24532	中危	1.20.1	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.20.1	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.20.1	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.20.1	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.20.1	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.20.1	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.20.1	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.20.1	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.20.1	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.20.1	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.20.1	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.20.1	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.20.1	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.20.1	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.20.1	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.20.1	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:b361bfd863f866a1f97aec6b51a32759a7277b9d6eefa1281bf49fccd85443a6 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35

nginx-ingress-controller (gobinary)

低危漏洞:2

中危漏洞:22

高危漏洞:13

严重漏洞:3

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2023-24538	严重	1.20.1	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.20.1	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.20.1	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
github.com/opencontainers/runc	CVE-2023-27561	高危	v1.1.4	1.1.5	runc: volume mount race condition (regression of CVE-2019-19921) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27561 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-03-03 19:15 修改: 2024-07-03 01:39
github.com/opencontainers/runc	CVE-2024-21626	高危	v1.1.4	1.1.12	runc: file descriptor leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21626 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-01-31 22:15 修改: 2024-02-19 03:15
golang.org/x/net	CVE-2023-39325	高危	v0.8.0	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-24534	高危	1.20.1	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.20.1	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.20.1	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24539	高危	1.20.1	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29400	高危	1.20.1	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:11
stdlib	CVE-2023-29403	高危	1.20.1	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-06-08 21:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39325	高危	1.20.1	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.20.1	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45288	高危	1.20.1	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.20.1	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
github.com/cyphar/filepath-securejoin	GHSA-6xv5-86q9-7xr8	中危	v0.2.3	0.2.4	SecureJoin: on windows, paths outside of the rootfs could be inadvertently produced 漏洞详情: https://github.com/advisories/GHSA-6xv5-86q9-7xr8 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
golang.org/x/net	CVE-2023-3978	中危	v0.8.0	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
golang.org/x/net	CVE-2023-44487	中危	v0.8.0	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-10-10 14:15 修改: 2024-08-14 19:57
golang.org/x/net	CVE-2023-45288	中危	v0.8.0	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
google.golang.org/protobuf	CVE-2024-24786	中危	v1.28.1	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
github.com/opencontainers/runc	CVE-2023-28642	中危	v1.1.4	1.1.5	runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28642 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-03-29 19:15 修改: 2023-11-07 04:10
stdlib	CVE-2023-24532	中危	1.20.1	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.20.1	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.20.1	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.20.1	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.20.1	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.20.1	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.20.1	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.20.1	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.20.1	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.20.1	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.20.1	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.20.1	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.20.1	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.20.1	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.20.1	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.20.1	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
github.com/opencontainers/runc	CVE-2023-25809	低危	v1.1.4	1.1.5	runc: Rootless runc makes `/sys/fs/cgroup` writable 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25809 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2023-03-29 19:15 修改: 2023-11-07 04:09
github.com/opencontainers/runc	CVE-2024-45310	低危	v1.1.4	1.1.14, 1.2.0-rc.3	runc: runc can be tricked into creating empty files/directories on host 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45310 镜像层: sha256:ad660b02164db8d7bd49ddfff77acd750bb57a2c9348f6090783e1db77366f04 发布日期: 2024-09-03 19:15 修改: 2024-09-03 19:40

wait-shutdown (gobinary)

低危漏洞:0

中危漏洞:16

高危漏洞:10

严重漏洞:3

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2023-24538	严重	1.20.1	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.20.1	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.20.1	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2023-24534	高危	1.20.1	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.20.1	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.20.1	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24539	高危	1.20.1	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29400	高危	1.20.1	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:11
stdlib	CVE-2023-29403	高危	1.20.1	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-06-08 21:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39325	高危	1.20.1	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.20.1	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45288	高危	1.20.1	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.20.1	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib	CVE-2023-24532	中危	1.20.1	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.20.1	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.20.1	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.20.1	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.20.1	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.20.1	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.20.1	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.20.1	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.20.1	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.20.1	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.20.1	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.20.1	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.20.1	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.20.1	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.20.1	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.20.1	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:1aacd9bcace76e63e8c506ef19b3400058d3456454a619374de1419da5e0929f 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35