registry.k8s.io/kube-proxy:v1.36.2 linux/amd64

registry.k8s.io/kube-proxy:v1.36.2 - Trivy安全扫描结果扫描时间: 2026-06-15 16:09

全部漏洞信息

低危漏洞:23

中危漏洞:6

高危漏洞:2

严重漏洞:0

系统OS: debian 12.14 扫描引擎: Trivy 扫描时间: 2026-06-15 16:09

registry.k8s.io/kube-proxy:v1.36.2 (debian 12.14) (debian)

低危漏洞:23

中危漏洞:6

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libssl3	CVE-2026-45447	高危	3.0.20-1~deb12u1	3.0.20-1~deb12u2	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-06-09 17:17 修改: 2026-06-10 15:16
libc6	CVE-2026-5450	中危	2.36-9+deb12u14		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
libc6	CVE-2026-5928	中危	2.36-9+deb12u14		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
libc6	CVE-2026-6238	中危	2.36-9+deb12u14		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libc6	CVE-2026-5435	中危	2.36-9+deb12u14		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libssl3	CVE-2026-34182	中危	3.0.20-1~deb12u1	3.0.20-1~deb12u2	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libssl3	CVE-2026-45445	中危	3.0.20-1~deb12u1	3.0.20-1~deb12u2	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
iptables	CVE-2012-2663	低危	1.8.9-2		iptables: --syn flag bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2012-2663 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2014-02-15 14:57 修改: 2026-04-29 01:13
libc6	CVE-2010-4756	低危	2.36-9+deb12u14		glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions 漏洞详情: https://avd.aquasec.com/nvd/cve-2010-4756 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2011-03-02 20:00 修改: 2026-04-29 01:13
libc6	CVE-2018-20796	低危	2.36-9+deb12u14		glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20796 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2019-02-26 02:29 修改: 2024-11-21 04:02
libc6	CVE-2019-1010022	低危	2.36-9+deb12u14		glibc: stack guard protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010022 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libc6	CVE-2019-1010023	低危	2.36-9+deb12u14		glibc: running ldd on malicious ELF leads to code execution because of wrong size computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010023 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libc6	CVE-2019-1010024	低危	2.36-9+deb12u14		glibc: ASLR bypass using cache of thread stack and heap 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010024 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libc6	CVE-2019-1010025	低危	2.36-9+deb12u14		glibc: information disclosure of heap addresses of pthread_created thread 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010025 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libc6	CVE-2019-9192	低危	2.36-9+deb12u14		glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9192 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2019-02-26 18:29 修改: 2024-11-21 04:51
libip4tc2	CVE-2012-2663	低危	1.8.9-2		iptables: --syn flag bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2012-2663 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2014-02-15 14:57 修改: 2026-04-29 01:13
libip6tc2	CVE-2012-2663	低危	1.8.9-2		iptables: --syn flag bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2012-2663 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2014-02-15 14:57 修改: 2026-04-29 01:13
libjansson4	CVE-2020-36325	低危	2.14-2		jansson: out-of-bounds read in json_loads() due to a parsing error 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36325 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2021-04-26 18:15 修改: 2024-11-21 05:29
coreutils	CVE-2016-2781	低危	9.1-1		coreutils: Non-privileged session can escape to the parent session in chroot 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2017-02-07 15:59 修改: 2026-05-13 00:24
coreutils	CVE-2017-18018	低危	9.1-1		coreutils: race condition vulnerability in chown and chgrp 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18018 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2018-01-04 04:29 修改: 2025-06-09 16:15
coreutils	CVE-2025-5278	低危	9.1-1		coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2025-05-27 21:15 修改: 2026-05-19 17:16
libssl3	CVE-2025-27587	低危	3.0.20-1~deb12u1		OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27587 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2025-06-16 22:15 修改: 2026-04-15 00:35
libssl3	CVE-2026-34180	低危	3.0.20-1~deb12u1	3.0.20-1~deb12u2	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42766	低危	3.0.20-1~deb12u1	3.0.20-1~deb12u2	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42767	低危	3.0.20-1~deb12u1		openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42770	低危	3.0.20-1~deb12u1	3.0.20-1~deb12u2	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-45446	低危	3.0.20-1~deb12u1	3.0.20-1~deb12u2	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-7383	低危	3.0.20-1~deb12u1	3.0.20-1~deb12u2	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-9076	低危	3.0.20-1~deb12u1	3.0.20-1~deb12u2	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libxtables12	CVE-2012-2663	低危	1.8.9-2		iptables: --syn flag bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2012-2663 镜像层: sha256:d95ece87c1e398fe2325e8e3412719a44691004fa4178ef7c7903dc791f98df0 发布日期: 2014-02-15 14:57 修改: 2026-04-29 01:13

go-runner (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/kube-log-runner (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/kube-proxy (gobinary)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
go.opentelemetry.io/otel/sdk	CVE-2026-39883	高危	v1.40.0	1.43.0	github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Arbitrary code execution via PATH hijacking on BSD/Solaris 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39883 镜像层: sha256:187aa53bcc5160330ef508f06e46e89adadd8ba7321cabb4ac009550c9781526 发布日期: 2026-04-08 21:17 修改: 2026-04-10 21:16

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

go.opentelemetry.io/otel/sdk

CVE-2026-39883

高危

v1.40.0

1.43.0

github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Arbitrary code execution via PATH hijacking on BSD/Solaris

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39883

镜像层: sha256:187aa53bcc5160330ef508f06e46e89adadd8ba7321cabb4ac009550c9781526

发布日期: 2026-04-08 21:17 修改: 2026-04-10 21:16