ehz-mom.tencentcloudcr.com/ehzcloud/hz_python:edgeprotocol_v1.2_fix.rc.32-202508071040-95bd3e5 (debian 12.7) - Trivy Report - 2025-08-07 10:46:04.852797354 +0800 CST m=+2.901445088

debian
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
libc-bin	CVE-2025-4802	HIGH	2.36-9+deb12u8		http://www.openwall.com/lists/oss-security/2025/05/16/7 http://www.openwall.com/lists/oss-security/2025/05/17/2 https://access.redhat.com/errata/RHSA-2025:8655 https://access.redhat.com/security/cve/CVE-2025-4802 https://bugzilla.redhat.com/2367468 https://bugzilla.redhat.com/show_bug.cgi?id=2367468 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802 https://errata.almalinux.org/9/ALSA-2025-8655.html https://errata.rockylinux.org/RLSA-2025:8686 https://linux.oracle.com/cve/CVE-2025-4802.html https://linux.oracle.com/errata/ELSA-2025-8686.html https://nvd.nist.gov/vuln/detail/CVE-2025-4802 https://sourceware.org/bugzilla/show_bug.cgi?id=32976 https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e https://sourceware.org/cgit/glibc/commit/?id=5451fa962cd0a90a0e2ec1d8910a559ace02bba0 https://ubuntu.com/security/notices/USN-7541-1 https://www.cve.org/CVERecord?id=CVE-2025-4802 https://www.openwall.com/lists/oss-security/2025/05/16/7 https://www.openwall.com/lists/oss-security/2025/05/17/2
libc6	CVE-2025-4802	HIGH	2.36-9+deb12u8		http://www.openwall.com/lists/oss-security/2025/05/16/7 http://www.openwall.com/lists/oss-security/2025/05/17/2 https://access.redhat.com/errata/RHSA-2025:8655 https://access.redhat.com/security/cve/CVE-2025-4802 https://bugzilla.redhat.com/2367468 https://bugzilla.redhat.com/show_bug.cgi?id=2367468 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802 https://errata.almalinux.org/9/ALSA-2025-8655.html https://errata.rockylinux.org/RLSA-2025:8686 https://linux.oracle.com/cve/CVE-2025-4802.html https://linux.oracle.com/errata/ELSA-2025-8686.html https://nvd.nist.gov/vuln/detail/CVE-2025-4802 https://sourceware.org/bugzilla/show_bug.cgi?id=32976 https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e https://sourceware.org/cgit/glibc/commit/?id=5451fa962cd0a90a0e2ec1d8910a559ace02bba0 https://ubuntu.com/security/notices/USN-7541-1 https://www.cve.org/CVERecord?id=CVE-2025-4802 https://www.openwall.com/lists/oss-security/2025/05/16/7 https://www.openwall.com/lists/oss-security/2025/05/17/2
libexpat1	CVE-2023-52425	HIGH	2.5.0-1+deb12u1		http://www.openwall.com/lists/oss-security/2024/03/20/5 https://access.redhat.com/errata/RHSA-2024:1530 https://access.redhat.com/security/cve/CVE-2023-52425 https://bugzilla.redhat.com/2262877 https://bugzilla.redhat.com/2268766 https://bugzilla.redhat.com/show_bug.cgi?id=2262877 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52425 https://errata.almalinux.org/9/ALSA-2024-1530.html https://errata.rockylinux.org/RLSA-2024:1615 https://github.com/libexpat/libexpat/pull/789 https://linux.oracle.com/cve/CVE-2023-52425.html https://linux.oracle.com/errata/ELSA-2024-4259.html https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ https://nvd.nist.gov/vuln/detail/CVE-2023-52425 https://security.netapp.com/advisory/ntap-20240614-0003/ https://ubuntu.com/security/notices/USN-6694-1 https://www.cve.org/CVERecord?id=CVE-2023-52425
libexpat1	CVE-2024-8176	HIGH	2.5.0-1+deb12u1		http://www.openwall.com/lists/oss-security/2025/03/15/1 https://access.redhat.com/errata/RHSA-2025:3531 https://access.redhat.com/errata/RHSA-2025:3734 https://access.redhat.com/errata/RHSA-2025:3913 https://access.redhat.com/errata/RHSA-2025:4048 https://access.redhat.com/errata/RHSA-2025:4446 https://access.redhat.com/errata/RHSA-2025:4447 https://access.redhat.com/errata/RHSA-2025:4448 https://access.redhat.com/errata/RHSA-2025:4449 https://access.redhat.com/errata/RHSA-2025:7444 https://access.redhat.com/errata/RHSA-2025:7512 https://access.redhat.com/errata/RHSA-2025:8385 https://access.redhat.com/security/cve/CVE-2024-8176 https://blog.hartwork.org/posts/expat-2-7-0-released/ https://bugzilla.redhat.com/2310137 https://bugzilla.redhat.com/show_bug.cgi?id=2310137 https://bugzilla.suse.com/show_bug.cgi?id=1239618 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8176 https://errata.almalinux.org/9/ALSA-2025-7444.html https://errata.rockylinux.org/RLSA-2025:4048 https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52 https://github.com/libexpat/libexpat/issues/893 https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53 https://linux.oracle.com/cve/CVE-2024-8176.html https://linux.oracle.com/errata/ELSA-2025-7512.html https://nvd.nist.gov/vuln/detail/CVE-2024-8176 https://security-tracker.debian.org/tracker/CVE-2024-8176 https://security.netapp.com/advisory/ntap-20250328-0009/ https://ubuntu.com/security/CVE-2024-8176 https://ubuntu.com/security/notices/USN-7424-1 https://www.cve.org/CVERecord?id=CVE-2024-8176 https://www.kb.cert.org/vuls/id/760160
liblzma5	CVE-2025-31115	HIGH	5.4.1-0.2	5.4.1-1	http://www.openwall.com/lists/oss-security/2025/04/03/1 http://www.openwall.com/lists/oss-security/2025/04/03/2 http://www.openwall.com/lists/oss-security/2025/04/03/3 https://access.redhat.com/errata/RHSA-2025:7524 https://access.redhat.com/security/cve/CVE-2025-31115 https://bugzilla.redhat.com/2357249 https://errata.almalinux.org/10/ALSA-2025-7524.html https://github.com/tukaani-project/xz/commit/d5a2ffe41bb77b918a8c96084885d4dbe4bf6480 https://github.com/tukaani-project/xz/security/advisories/GHSA-6cc8-p5mm-29w2 https://linux.oracle.com/cve/CVE-2025-31115.html https://linux.oracle.com/errata/ELSA-2025-7524.html https://nvd.nist.gov/vuln/detail/CVE-2025-31115 https://tukaani.org/xz/xz-cve-2025-31115.patch https://ubuntu.com/security/notices/USN-7414-1 https://www.cve.org/CVERecord?id=CVE-2025-31115
libpam-modules	CVE-2025-6020	HIGH	1.5.2-6+deb12u1		http://www.openwall.com/lists/oss-security/2025/06/17/1 https://access.redhat.com/errata/RHSA-2025:10024 https://access.redhat.com/errata/RHSA-2025:10027 https://access.redhat.com/errata/RHSA-2025:10180 https://access.redhat.com/errata/RHSA-2025:10354 https://access.redhat.com/errata/RHSA-2025:10357 https://access.redhat.com/errata/RHSA-2025:10358 https://access.redhat.com/errata/RHSA-2025:10359 https://access.redhat.com/errata/RHSA-2025:10361 https://access.redhat.com/errata/RHSA-2025:10362 https://access.redhat.com/errata/RHSA-2025:10735 https://access.redhat.com/errata/RHSA-2025:10823 https://access.redhat.com/errata/RHSA-2025:11386 https://access.redhat.com/errata/RHSA-2025:11487 https://access.redhat.com/errata/RHSA-2025:9526 https://access.redhat.com/security/cve/CVE-2025-6020 https://bugzilla.redhat.com/2372512 https://bugzilla.redhat.com/show_bug.cgi?id=2372512 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020 https://errata.almalinux.org/9/ALSA-2025-9526.html https://errata.rockylinux.org/RLSA-2025:10027 https://linux.oracle.com/cve/CVE-2025-6020.html https://linux.oracle.com/errata/ELSA-2025-9526.html https://nvd.nist.gov/vuln/detail/CVE-2025-6020 https://ubuntu.com/security/notices/USN-7580-1 https://www.cve.org/CVERecord?id=CVE-2025-6020 https://www.openwall.com/lists/oss-security/2025/06/17/1
libpam-modules-bin	CVE-2025-6020	HIGH	1.5.2-6+deb12u1		http://www.openwall.com/lists/oss-security/2025/06/17/1 https://access.redhat.com/errata/RHSA-2025:10024 https://access.redhat.com/errata/RHSA-2025:10027 https://access.redhat.com/errata/RHSA-2025:10180 https://access.redhat.com/errata/RHSA-2025:10354 https://access.redhat.com/errata/RHSA-2025:10357 https://access.redhat.com/errata/RHSA-2025:10358 https://access.redhat.com/errata/RHSA-2025:10359 https://access.redhat.com/errata/RHSA-2025:10361 https://access.redhat.com/errata/RHSA-2025:10362 https://access.redhat.com/errata/RHSA-2025:10735 https://access.redhat.com/errata/RHSA-2025:10823 https://access.redhat.com/errata/RHSA-2025:11386 https://access.redhat.com/errata/RHSA-2025:11487 https://access.redhat.com/errata/RHSA-2025:9526 https://access.redhat.com/security/cve/CVE-2025-6020 https://bugzilla.redhat.com/2372512 https://bugzilla.redhat.com/show_bug.cgi?id=2372512 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020 https://errata.almalinux.org/9/ALSA-2025-9526.html https://errata.rockylinux.org/RLSA-2025:10027 https://linux.oracle.com/cve/CVE-2025-6020.html https://linux.oracle.com/errata/ELSA-2025-9526.html https://nvd.nist.gov/vuln/detail/CVE-2025-6020 https://ubuntu.com/security/notices/USN-7580-1 https://www.cve.org/CVERecord?id=CVE-2025-6020 https://www.openwall.com/lists/oss-security/2025/06/17/1
libpam-runtime	CVE-2025-6020	HIGH	1.5.2-6+deb12u1		http://www.openwall.com/lists/oss-security/2025/06/17/1 https://access.redhat.com/errata/RHSA-2025:10024 https://access.redhat.com/errata/RHSA-2025:10027 https://access.redhat.com/errata/RHSA-2025:10180 https://access.redhat.com/errata/RHSA-2025:10354 https://access.redhat.com/errata/RHSA-2025:10357 https://access.redhat.com/errata/RHSA-2025:10358 https://access.redhat.com/errata/RHSA-2025:10359 https://access.redhat.com/errata/RHSA-2025:10361 https://access.redhat.com/errata/RHSA-2025:10362 https://access.redhat.com/errata/RHSA-2025:10735 https://access.redhat.com/errata/RHSA-2025:10823 https://access.redhat.com/errata/RHSA-2025:11386 https://access.redhat.com/errata/RHSA-2025:11487 https://access.redhat.com/errata/RHSA-2025:9526 https://access.redhat.com/security/cve/CVE-2025-6020 https://bugzilla.redhat.com/2372512 https://bugzilla.redhat.com/show_bug.cgi?id=2372512 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020 https://errata.almalinux.org/9/ALSA-2025-9526.html https://errata.rockylinux.org/RLSA-2025:10027 https://linux.oracle.com/cve/CVE-2025-6020.html https://linux.oracle.com/errata/ELSA-2025-9526.html https://nvd.nist.gov/vuln/detail/CVE-2025-6020 https://ubuntu.com/security/notices/USN-7580-1 https://www.cve.org/CVERecord?id=CVE-2025-6020 https://www.openwall.com/lists/oss-security/2025/06/17/1
libpam0g	CVE-2025-6020	HIGH	1.5.2-6+deb12u1		http://www.openwall.com/lists/oss-security/2025/06/17/1 https://access.redhat.com/errata/RHSA-2025:10024 https://access.redhat.com/errata/RHSA-2025:10027 https://access.redhat.com/errata/RHSA-2025:10180 https://access.redhat.com/errata/RHSA-2025:10354 https://access.redhat.com/errata/RHSA-2025:10357 https://access.redhat.com/errata/RHSA-2025:10358 https://access.redhat.com/errata/RHSA-2025:10359 https://access.redhat.com/errata/RHSA-2025:10361 https://access.redhat.com/errata/RHSA-2025:10362 https://access.redhat.com/errata/RHSA-2025:10735 https://access.redhat.com/errata/RHSA-2025:10823 https://access.redhat.com/errata/RHSA-2025:11386 https://access.redhat.com/errata/RHSA-2025:11487 https://access.redhat.com/errata/RHSA-2025:9526 https://access.redhat.com/security/cve/CVE-2025-6020 https://bugzilla.redhat.com/2372512 https://bugzilla.redhat.com/show_bug.cgi?id=2372512 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020 https://errata.almalinux.org/9/ALSA-2025-9526.html https://errata.rockylinux.org/RLSA-2025:10027 https://linux.oracle.com/cve/CVE-2025-6020.html https://linux.oracle.com/errata/ELSA-2025-9526.html https://nvd.nist.gov/vuln/detail/CVE-2025-6020 https://ubuntu.com/security/notices/USN-7580-1 https://www.cve.org/CVERecord?id=CVE-2025-6020 https://www.openwall.com/lists/oss-security/2025/06/17/1
libsqlite3-0	CVE-2025-6965	CRITICAL	3.40.1-2+deb12u1		https://access.redhat.com/errata/RHSA-2025:11992 https://access.redhat.com/security/cve/CVE-2025-6965 https://bugzilla.redhat.com/2380149 https://bugzilla.redhat.com/show_bug.cgi?id=2380149 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6965 https://errata.almalinux.org/9/ALSA-2025-11992.html https://errata.rockylinux.org/RLSA-2025:12010 https://linux.oracle.com/cve/CVE-2025-6965.html https://linux.oracle.com/errata/ELSA-2025-12010.html https://nvd.nist.gov/vuln/detail/CVE-2025-6965 https://ubuntu.com/security/notices/USN-7676-1 https://ubuntu.com/security/notices/USN-7679-1 https://www.cve.org/CVERecord?id=CVE-2025-6965 https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8
perl-base	CVE-2023-31484	HIGH	5.36.0-7+deb12u1		http://www.openwall.com/lists/oss-security/2023/04/29/1 http://www.openwall.com/lists/oss-security/2023/05/03/3 http://www.openwall.com/lists/oss-security/2023/05/03/5 http://www.openwall.com/lists/oss-security/2023/05/07/2 https://access.redhat.com/errata/RHSA-2023:6539 https://access.redhat.com/security/cve/CVE-2023-31484 https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/ https://bugzilla.redhat.com/2218667 https://bugzilla.redhat.com/show_bug.cgi?id=2218667 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31484 https://errata.almalinux.org/9/ALSA-2023-6539.html https://errata.rockylinux.org/RLSA-2023:6539 https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 (2.35-TRIAL) https://github.com/andk/cpanpm/pull/175 https://linux.oracle.com/cve/CVE-2023-31484.html https://linux.oracle.com/errata/ELSA-2024-3094.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/ https://metacpan.org/dist/CPAN/changes https://nvd.nist.gov/vuln/detail/CVE-2023-31484 https://security.netapp.com/advisory/ntap-20240621-0007/ https://ubuntu.com/security/notices/USN-6112-1 https://ubuntu.com/security/notices/USN-6112-2 https://www.cve.org/CVERecord?id=CVE-2023-31484 https://www.openwall.com/lists/oss-security/2023/04/18/14
perl-base	CVE-2024-56406	HIGH	5.36.0-7+deb12u1	5.36.0-7+deb12u2	http://www.openwall.com/lists/oss-security/2025/04/13/3 http://www.openwall.com/lists/oss-security/2025/04/13/4 http://www.openwall.com/lists/oss-security/2025/04/13/5 https://access.redhat.com/errata/RHSA-2025:7500 https://access.redhat.com/security/cve/CVE-2024-56406 https://bugzilla.redhat.com/2359290 https://errata.almalinux.org/10/ALSA-2025-7500.html https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch https://linux.oracle.com/cve/CVE-2024-56406.html https://linux.oracle.com/errata/ELSA-2025-7500.html https://metacpan.org/release/SHAY/perl-5.38.4/changes https://metacpan.org/release/SHAY/perl-5.40.2/changes https://nvd.nist.gov/vuln/detail/CVE-2024-56406 https://ubuntu.com/security/notices/USN-7434-1 https://ubuntu.com/security/notices/USN-7434-2 https://www.cve.org/CVERecord?id=CVE-2024-56406
zlib1g	CVE-2023-45853	CRITICAL	1:1.2.13.dfsg-1		http://www.openwall.com/lists/oss-security/2023/10/20/9 http://www.openwall.com/lists/oss-security/2024/01/24/10 https://access.redhat.com/security/cve/CVE-2023-45853 https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356 https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61 https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4 https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c https://github.com/madler/zlib/pull/843 https://github.com/smihica/pyminizip https://github.com/smihica/pyminizip/blob/master/zlib-1.2.11/contrib/minizip/zip.c https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html https://nvd.nist.gov/vuln/detail/CVE-2023-45853 https://pypi.org/project/pyminizip/#history https://security.gentoo.org/glsa/202401-18 https://security.netapp.com/advisory/ntap-20231130-0009 https://security.netapp.com/advisory/ntap-20231130-0009/ https://ubuntu.com/security/notices/USN-7107-1 https://www.cve.org/CVERecord?id=CVE-2023-45853 https://www.winimage.com/zLibDll/minizip.html
No Misconfigurations found
python-pkg
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
setuptools	CVE-2025-47273	HIGH	70.0.0	78.1.1	https://access.redhat.com/errata/RHSA-2025:11463 https://access.redhat.com/security/cve/CVE-2025-47273 https://bugzilla.redhat.com/2366982 https://bugzilla.redhat.com/show_bug.cgi?id=2366982 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47273 https://errata.almalinux.org/9/ALSA-2025-11463.html https://errata.rockylinux.org/RLSA-2025:11036 https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2025-49.yaml https://github.com/pypa/setuptools https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b https://github.com/pypa/setuptools/issues/4946 https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf https://linux.oracle.com/cve/CVE-2025-47273.html https://linux.oracle.com/errata/ELSA-2025-9940.html https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html https://nvd.nist.gov/vuln/detail/CVE-2025-47273 https://ubuntu.com/security/notices/USN-7544-1 https://www.cve.org/CVERecord?id=CVE-2025-47273
No Misconfigurations found