docker.elastic.co/elasticsearch/elasticsearch:7.11.2 linux/amd64

docker.elastic.co/elasticsearch/elasticsearch:7.11.2 - Trivy安全扫描结果 扫描时间: 2024-11-06 14:58
全部漏洞信息
低危漏洞:301 中危漏洞:458 高危漏洞:89 严重漏洞:5

系统OS: centos 8.3.2011 扫描引擎: Trivy 扫描时间: 2024-11-06 14:58

docker.elastic.co/elasticsearch/elasticsearch:7.11.2 (centos 8.3.2011) (centos)
低危漏洞:296 中危漏洞:403 高危漏洞:67 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bind-export-libs CVE-2021-25215 高危 32:9.11.20-5.el8_3.1 32:9.11.26-4.el8_4 bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25215

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-04-29 01:15 修改: 2023-11-07 03:31

bind-export-libs CVE-2022-38177 高危 32:9.11.20-5.el8_3.1 32:9.11.36-3.el8_6.1 bind: memory leak in ECDSA DNSSEC verification code

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38177

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:50

bind-export-libs CVE-2022-38178 高危 32:9.11.20-5.el8_3.1 32:9.11.36-3.el8_6.1 bind: memory leaks in EdDSA DNSSEC verification code

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38178

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:50

bind-export-libs CVE-2023-2828 高危 32:9.11.20-5.el8_3.1 32:9.11.36-8.el8_8.1 bind: named's configured cache size limit can be significantly exceeded

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2828

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-06-21 17:15 修改: 2023-07-21 19:19

bind-export-libs CVE-2023-3341 高危 32:9.11.20-5.el8_3.1 32:9.11.36-8.el8_8.2 bind: stack exhaustion in control channel code may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3341

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-09-20 13:15 修改: 2024-02-16 18:39

bind-export-libs CVE-2023-4408 高危 32:9.11.20-5.el8_3.1 32:9.11.36-14.el8_10 bind9: Parsing large DNS messages may cause excessive CPU load

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4408

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-02-13 14:15 修改: 2024-10-21 21:02

bind-export-libs CVE-2023-50387 高危 32:9.11.20-5.el8_3.1 32:9.11.36-14.el8_10 bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16

bind-export-libs CVE-2023-50868 高危 32:9.11.20-5.el8_3.1 32:9.11.36-14.el8_10 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16

bind-export-libs CVE-2024-1737 高危 32:9.11.20-5.el8_3.1 32:9.11.36-16.el8_10.2 bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1737

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-07-23 15:15 修改: 2024-08-01 13:46

bind-export-libs CVE-2024-1975 高危 32:9.11.20-5.el8_3.1 32:9.11.36-16.el8_10.2 bind9: bind: SIG(0) can be used to exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1975

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-07-23 15:15 修改: 2024-08-01 13:46

cyrus-sasl-lib CVE-2022-24407 高危 2.1.27-5.el8 2.1.27-6.el8_5 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44

dhcp-client CVE-2021-25217 高危 12:4.3.6-41.el8 12:4.3.6-44.el8_4.1 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-26 22:15 修改: 2023-11-07 03:31

dhcp-client CVE-2024-3661 高危 12:4.3.6-41.el8 DHCP: DHCP routing options can manipulate interface-based VPN traffic

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3661

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 19:15 修改: 2024-07-01 15:15

dhcp-common CVE-2021-25217 高危 12:4.3.6-41.el8 12:4.3.6-44.el8_4.1 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-26 22:15 修改: 2023-11-07 03:31

dhcp-common CVE-2024-3661 高危 12:4.3.6-41.el8 DHCP: DHCP routing options can manipulate interface-based VPN traffic

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3661

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 19:15 修改: 2024-07-01 15:15

dhcp-libs CVE-2021-25217 高危 12:4.3.6-41.el8 12:4.3.6-44.el8_4.1 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-26 22:15 修改: 2023-11-07 03:31

dhcp-libs CVE-2024-3661 高危 12:4.3.6-41.el8 DHCP: DHCP routing options can manipulate interface-based VPN traffic

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3661

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 19:15 修改: 2024-07-01 15:15

expat CVE-2022-25235 高危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25235

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44

expat CVE-2022-25236 高危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25236

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44

expat CVE-2022-25315 高危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in storeRawNames()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25315

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44

expat CVE-2022-40674 高危 2.2.5-4.el8 2.2.5-8.el8_6.3 expat: a use-after-free in the doContent function in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40674

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-14 11:15 修改: 2023-11-07 03:52

glib2 CVE-2021-27219 高危 2.56.4-8.el8 2.56.4-10.el8_4 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-11-07 03:31

glibc CVE-2023-4911 高危 2.28-127.el8 2.28-225.el8_8.6 glibc: buffer overflow in ld.so leading to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-03 18:15 修改: 2024-09-17 19:46

glibc CVE-2024-2961 高危 2.28-127.el8 2.28-251.el8_10.1 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15

glibc CVE-2024-33599 高危 2.28-127.el8 2.28-251.el8_10.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

glibc-common CVE-2023-4911 高危 2.28-127.el8 2.28-225.el8_8.6 glibc: buffer overflow in ld.so leading to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-03 18:15 修改: 2024-09-17 19:46

glibc-common CVE-2024-2961 高危 2.28-127.el8 2.28-251.el8_10.1 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15

glibc-common CVE-2024-33599 高危 2.28-127.el8 2.28-251.el8_10.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

glibc-minimal-langpack CVE-2023-4911 高危 2.28-127.el8 2.28-225.el8_8.6 glibc: buffer overflow in ld.so leading to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-03 18:15 修改: 2024-09-17 19:46

glibc-minimal-langpack CVE-2024-2961 高危 2.28-127.el8 2.28-251.el8_10.1 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15

glibc-minimal-langpack CVE-2024-33599 高危 2.28-127.el8 2.28-251.el8_10.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

gnutls CVE-2021-20305 高危 3.6.14-7.el8_3 3.6.14-8.el8_3 nettle: Out of bounds memory access in signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20305

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-04-05 22:15 修改: 2023-11-07 03:29

gzip CVE-2022-1271 高危 1.9-9.el8 1.9-13.el8_5 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47

krb5-libs CVE-2022-42898 高危 1.18.2-5.el8 1.18.2-25.el8_8 krb5: integer overflow vulnerabilities in PAC parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15

krb5-libs CVE-2024-3596 高危 1.18.2-5.el8 1.18.2-30.el8_10 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-07-09 12:15 修改: 2024-07-23 09:15

less CVE-2024-32487 高危 530-1.el8 530-3.el8_10 less: OS command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32487

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-04-13 15:15 修改: 2024-07-08 14:18

libksba CVE-2022-3515 高危 1.3.5-7.el8 1.3.5-8.el8_6 libksba: integer overflow may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3515

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-12 15:15 修改: 2023-07-06 19:15

libksba CVE-2022-47629 高危 1.3.5-7.el8 1.3.5-9.el8_7 libksba: integer overflow to code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47629

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-20 23:15 修改: 2023-11-07 03:56

libnghttp2 CVE-2023-44487 高危 1.33.0-3.el8_2.1 1.33.0-5.el8_8 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-10 14:15 修改: 2024-08-14 19:57

nettle CVE-2021-20305 高危 3.4.1-2.el8 3.4.1-4.el8_3 nettle: Out of bounds memory access in signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20305

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-05 22:15 修改: 2023-11-07 03:29

openssl CVE-2021-3449 高危 1:1.1.1g-12.el8_3 1:1.1.1g-15.el8_3 openssl: NULL pointer dereference in signature_algorithms processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3449

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-03-25 15:15 修改: 2024-06-21 19:15

openssl CVE-2021-3450 高危 1:1.1.1g-12.el8_3 1:1.1.1g-15.el8_3 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3450

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-03-25 15:15 修改: 2023-11-07 03:38

openssl CVE-2022-0778 高危 1:1.1.1g-12.el8_3 1:1.1.1k-6.el8_5 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15

openssl CVE-2023-0286 高危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

openssl-libs CVE-2021-3449 高危 1:1.1.1g-12.el8_3 1:1.1.1g-15.el8_3 openssl: NULL pointer dereference in signature_algorithms processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3449

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-03-25 15:15 修改: 2024-06-21 19:15

openssl-libs CVE-2021-3450 高危 1:1.1.1g-12.el8_3 1:1.1.1g-15.el8_3 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3450

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-03-25 15:15 修改: 2023-11-07 03:38

openssl-libs CVE-2022-0778 高危 1:1.1.1g-12.el8_3 1:1.1.1k-6.el8_5 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15

openssl-libs CVE-2023-0286 高危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

platform-python CVE-2023-24329 高危 3.6.8-31.el8 3.6.8-51.el8_8.1 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08

platform-python CVE-2023-40217 高危 3.6.8-31.el8 3.6.8-51.el8_8.2 python: TLS handshake bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-25 01:15 修改: 2023-11-07 04:20

platform-python CVE-2023-6597 高危 3.6.8-31.el8 3.6.8-62.el8_10 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15

platform-python-setuptools CVE-2024-6345 高危 39.2.0-6.el8 39.2.0-8.el8_10 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00

python3-libs CVE-2023-24329 高危 3.6.8-31.el8 3.6.8-51.el8_8.1 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08

python3-libs CVE-2023-40217 高危 3.6.8-31.el8 3.6.8-51.el8_8.2 python: TLS handshake bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-25 01:15 修改: 2023-11-07 04:20

python3-libs CVE-2023-6597 高危 3.6.8-31.el8 3.6.8-62.el8_10 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15

python3-setuptools-wheel CVE-2024-6345 高危 39.2.0-6.el8 39.2.0-8.el8_10 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00

systemd CVE-2021-33910 高危 239-41.el8_3.1 239-45.el8_4.2 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35

systemd CVE-2022-2526 高危 239-41.el8_3.1 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17

systemd-libs CVE-2021-33910 高危 239-41.el8_3.1 239-45.el8_4.2 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35

systemd-libs CVE-2022-2526 高危 239-41.el8_3.1 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17

systemd-pam CVE-2021-33910 高危 239-41.el8_3.1 239-45.el8_4.2 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35

systemd-pam CVE-2022-2526 高危 239-41.el8_3.1 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17

systemd-udev CVE-2021-33910 高危 239-41.el8_3.1 239-45.el8_4.2 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35

systemd-udev CVE-2022-2526 高危 239-41.el8_3.1 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17

xz CVE-2022-1271 高危 5.2.4-3.el8 5.2.4-4.el8_6 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47

xz-libs CVE-2022-1271 高危 5.2.4-3.el8 5.2.4-4.el8_6 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47

zlib CVE-2018-25032 高危 1.2.11-16.el8_2 1.2.11-18.el8_5 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56

dbus-tools CVE-2022-42011 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-tools CVE-2022-42012 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-tools CVE-2023-34969 中危 1:1.12.8-11.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36

bind-export-libs CVE-2021-25219 中危 32:9.11.20-5.el8_3.1 32:9.11.36-3.el8 bind: Lame cache can be abused to severely degrade resolver performance

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25219

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-10-27 21:15 修改: 2023-11-07 03:31

bind-export-libs CVE-2021-25220 中危 32:9.11.20-5.el8_3.1 32:9.11.36-5.el8 bind: DNS forwarders - cache poisoning vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25220

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-03-23 13:15 修改: 2023-11-09 14:44

dhcp-client CVE-2022-2928 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2928

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

dhcp-client CVE-2022-2929 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: DHCP memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2929

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

bind-export-libs CVE-2022-2795 中危 32:9.11.20-5.el8_3.1 32:9.11.36-8.el8 bind: processing large delegations may severely degrade resolver performance

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2795

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:46

bind-export-libs CVE-2022-3094 中危 32:9.11.20-5.el8_3.1 32:9.11.36-11.el8_9 bind: flooding with UPDATE requests may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3094

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-01-26 21:15 修改: 2023-11-07 03:50

dhcp-common CVE-2022-2928 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2928

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

dhcp-common CVE-2022-2929 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: DHCP memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2929

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

binutils CVE-2018-1000876 中危 2.30-79.el8 binutils: integer overflow leads to heap-based buffer overflow in objdump

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000876

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-20 17:29 修改: 2023-11-07 02:51

binutils CVE-2018-20623 中危 2.30-79.el8 binutils: Use-after-free in the error function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20623

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-31 19:29 修改: 2019-10-31 01:15

dhcp-libs CVE-2022-2928 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2928

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

dhcp-libs CVE-2022-2929 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: DHCP memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2929

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

dnf CVE-2021-3445 中危 4.2.23-4.el8 4.7.0-4.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

dnf-data CVE-2021-3445 中危 4.2.23-4.el8 4.7.0-4.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

binutils CVE-2018-20671 中危 2.30-79.el8 binutils: Integer overflow in load_specific_debug_section function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20671

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-04 16:29 修改: 2023-11-07 02:56

binutils CVE-2019-9075 中危 2.30-79.el8 binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9075

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-24 00:29 修改: 2021-12-10 20:19

binutils CVE-2019-9077 中危 2.30-79.el8 binutils: heap-based buffer overflow in function process_mips_specific in readelf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9077

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-24 00:29 修改: 2023-08-16 14:17

binutils CVE-2021-20197 中危 2.30-79.el8 2.30-108.el8 binutils: Race window allows users to own arbitrary files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20197

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

expat CVE-2021-45960 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Large number of prefixed XML attributes on a single tag can crash libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45960

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-01 19:15 修改: 2022-10-06 19:08

expat CVE-2021-46143 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in doProlog in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46143

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-06 04:15 修改: 2022-10-06 19:11

expat CVE-2022-22822 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in addBinding in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22822

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 15:29

expat CVE-2022-22823 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in build_model in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22823

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47

expat CVE-2022-22824 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in defineAttribute in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22824

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47

expat CVE-2022-22825 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in lookup in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22825

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47

expat CVE-2022-22826 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in nextScaffoldPart in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22826

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:44

expat CVE-2022-22827 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in storeAtts in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22827

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:52

expat CVE-2022-23852 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in function XML_GetBuffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23852

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-24 02:15 修改: 2022-10-29 02:44

expat CVE-2022-23990 中危 2.2.5-4.el8 expat: integer overflow in the doProlog function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23990

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-26 19:15 修改: 2023-11-07 03:44

expat CVE-2022-25313 中危 2.2.5-4.el8 2.2.5-8.el8_6.2 expat: Stack exhaustion in doctype parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25313

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44

expat CVE-2022-25314 中危 2.2.5-4.el8 2.2.5-8.el8_6.2 expat: Integer overflow in copyString()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25314

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44

expat CVE-2022-43680 中危 2.2.5-4.el8 2.2.5-10.el8_7.1 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43680

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-24 14:15 修改: 2024-01-21 02:08

expat CVE-2023-52425 中危 2.2.5-4.el8 2.2.5-11.el8_9.1 expat: parsing large tokens can trigger a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35

expat CVE-2024-45490 中危 2.2.5-4.el8 2.2.5-15.el8_10 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24

expat CVE-2024-45491 中危 2.2.5-4.el8 2.2.5-15.el8_10 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28

expat CVE-2024-45492 中危 2.2.5-4.el8 2.2.5-15.el8_10 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28

expat CVE-2024-50602 中危 2.2.5-4.el8 libexpat: expat: DoS via XML_ResumeParser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35

file-libs CVE-2019-18218 中危 5.33-16.el8 5.33-20.el8 file: heap-based buffer overflow in cdf_read_property_info in cdf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-18218

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-21 05:15 修改: 2023-11-07 03:06

binutils CVE-2021-42574 中危 2.30-79.el8 2.30-108.el8_5.1 environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-01 04:15 修改: 2024-08-04 04:16

glib2 CVE-2020-13543 中危 2.56.4-8.el8 2.56.4-9.el8 webkitgtk: use-after-free may lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13543

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-03 17:15 修改: 2022-05-10 15:46

glib2 CVE-2020-13584 中危 2.56.4-8.el8 2.56.4-9.el8 webkitgtk: use-after-free may lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13584

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:16

glib2 CVE-2020-9948 中危 2.56.4-8.el8 2.56.4-9.el8 webkitgtk: type confusion may lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9948

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-16 17:15 修改: 2022-07-23 10:06

glib2 CVE-2020-9951 中危 2.56.4-8.el8 2.56.4-9.el8 webkitgtk: use-after-free may lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9951

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-16 17:15 修改: 2022-07-23 10:14

glib2 CVE-2020-9983 中危 2.56.4-8.el8 2.56.4-9.el8 webkitgtk: out-of-bounds write may lead to code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9983

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-16 17:15 修改: 2023-11-07 03:27

glib2 CVE-2021-1817 中危 2.56.4-8.el8 2.56.4-9.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2021-1820 中危 2.56.4-8.el8 2.56.4-9.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2021-1825 中危 2.56.4-8.el8 2.56.4-9.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2021-1826 中危 2.56.4-8.el8 2.56.4-9.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2021-27218 中危 2.56.4-8.el8 2.56.4-10.el8_4.1 glib: integer overflow in g_byte_array_new_take function when called with a buffer of 4GB or more on a 64-bit platform

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27218

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-11-07 03:31

glib2 CVE-2021-30661 中危 2.56.4-8.el8 2.56.4-9.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2021-3800 中危 2.56.4-8.el8 2.56.4-156.el8 glib2: Possible privilege escalation thourgh pkexec and aliases

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3800

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 16:15 修改: 2023-04-25 15:42

glib2 CVE-2022-22624 中危 2.56.4-8.el8 2.56.4-159.el8 webkitgtk: Use-after-free leading to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22624

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-23 19:15 修改: 2022-09-28 12:03

glib2 CVE-2022-22628 中危 2.56.4-8.el8 2.56.4-159.el8 webkitgtk: Use-after-free leading to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22628

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-23 19:15 修改: 2022-09-28 12:06

glib2 CVE-2022-22629 中危 2.56.4-8.el8 2.56.4-159.el8 webkitgtk: Buffer overflow leading to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22629

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-23 20:15 修改: 2022-09-27 04:48

glib2 CVE-2022-22662 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26700 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26709 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26710 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26716 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26717 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26719 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-30293 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-32792 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-32816 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-32891 中危 2.56.4-8.el8 2.56.4-159.el8 webkitgtk: UI spoofing while Visiting a website that frames malicious content

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32891

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-02-27 20:15 修改: 2023-05-30 06:15

glib2 CVE-2024-34397 中危 2.56.4-8.el8 glib2: Signal subscription vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-07 18:15 修改: 2024-06-10 18:15

binutils CVE-2021-45078 中危 2.30-79.el8 binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45078

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-15 20:15 修改: 2023-11-07 03:39

binutils CVE-2022-4285 中危 2.30-79.el8 2.30-119.el8_8.2 binutils: NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4285

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-27 18:15 修改: 2023-11-07 03:57

cpio CVE-2019-14866 中危 2.12-8.el8 2.12-10.el8 cpio: improper input validation when writing tar header fields leads to unexpected tar generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14866

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-01-07 17:15 修改: 2023-06-04 22:15

glibc CVE-2019-25013 中危 2.28-127.el8 2.28-151.el8 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44

glibc CVE-2019-9169 中危 2.28-127.el8 2.28-151.el8 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9169

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-26 02:29 修改: 2023-11-07 03:13

glibc CVE-2021-3326 中危 2.28-127.el8 2.28-151.el8 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3326

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-27 20:15 修改: 2023-11-07 03:37

glibc CVE-2021-35942 中危 2.28-127.el8 2.28-164.el8 glibc: Arbitrary read in wordexp()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35942

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-22 18:15 修改: 2023-11-07 03:36

glibc CVE-2021-3999 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Off-by-one buffer overflow/underflow in getcwd()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2023-02-12 23:43

glibc CVE-2022-23218 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:37

glibc CVE-2022-23219 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:32

glibc CVE-2023-4527 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: Stack read overflow in getaddrinfo in no-aaaa mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc CVE-2023-4806 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in getaddrinfo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc CVE-2023-4813 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in gaih_inet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15

glibc CVE-2024-33600 中危 2.28-127.el8 2.28-251.el8_10.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

cpio CVE-2021-38185 中危 2.12-8.el8 2.12-11.el8 cpio: integer overflow in ds_fgetstr() in dstring.c can lead to an out-of-bounds write via a crafted pattern file

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38185

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-08-08 00:15 修改: 2023-06-04 22:15

cpio CVE-2023-7207 中危 2.12-8.el8 cpio: path traversal vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7207

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-29 01:42 修改: 2024-02-29 13:49

cryptsetup-libs CVE-2021-4122 中危 2.3.3-2.el8 2.3.3-4.el8_5.1 cryptsetup: disable encryption via header rewrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4122

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2022-08-29 14:28

glibc-common CVE-2019-25013 中危 2.28-127.el8 2.28-151.el8 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44

glibc-common CVE-2019-9169 中危 2.28-127.el8 2.28-151.el8 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9169

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-26 02:29 修改: 2023-11-07 03:13

glibc-common CVE-2021-3326 中危 2.28-127.el8 2.28-151.el8 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3326

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-27 20:15 修改: 2023-11-07 03:37

glibc-common CVE-2021-35942 中危 2.28-127.el8 2.28-164.el8 glibc: Arbitrary read in wordexp()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35942

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-22 18:15 修改: 2023-11-07 03:36

glibc-common CVE-2021-3999 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Off-by-one buffer overflow/underflow in getcwd()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2023-02-12 23:43

glibc-common CVE-2022-23218 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:37

glibc-common CVE-2022-23219 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:32

glibc-common CVE-2023-4527 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: Stack read overflow in getaddrinfo in no-aaaa mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc-common CVE-2023-4806 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in getaddrinfo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc-common CVE-2023-4813 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in gaih_inet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15

glibc-common CVE-2024-33600 中危 2.28-127.el8 2.28-251.el8_10.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

curl CVE-2020-8284 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: FTP PASV command response can cause curl to connect to arbitrary host

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50

curl CVE-2020-8285 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

curl CVE-2020-8286 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Inferior OCSP verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

glibc-minimal-langpack CVE-2019-25013 中危 2.28-127.el8 2.28-151.el8 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44

glibc-minimal-langpack CVE-2019-9169 中危 2.28-127.el8 2.28-151.el8 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9169

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-26 02:29 修改: 2023-11-07 03:13

glibc-minimal-langpack CVE-2021-3326 中危 2.28-127.el8 2.28-151.el8 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3326

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-27 20:15 修改: 2023-11-07 03:37

glibc-minimal-langpack CVE-2021-35942 中危 2.28-127.el8 2.28-164.el8 glibc: Arbitrary read in wordexp()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35942

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-22 18:15 修改: 2023-11-07 03:36

glibc-minimal-langpack CVE-2021-3999 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Off-by-one buffer overflow/underflow in getcwd()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2023-02-12 23:43

glibc-minimal-langpack CVE-2022-23218 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:37

glibc-minimal-langpack CVE-2022-23219 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:32

glibc-minimal-langpack CVE-2023-4527 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: Stack read overflow in getaddrinfo in no-aaaa mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc-minimal-langpack CVE-2023-4806 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in getaddrinfo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc-minimal-langpack CVE-2023-4813 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in gaih_inet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15

glibc-minimal-langpack CVE-2024-33600 中危 2.28-127.el8 2.28-251.el8_10.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

gmp CVE-2021-43618 中危 1:6.1.2-10.el8 1:6.1.2-11.el8 gmp: Integer overflow and resultant buffer overflow via crafted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43618

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-15 04:15 修改: 2023-09-29 15:15

gnupg2 CVE-2022-34903 中危 2.2.20-2.el8 2.2.20-3.el8_6 gpg: Signature spoofing via status line injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48

curl CVE-2021-22876 中危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: Leak of authentication credentials in URL via automatic Referer

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47

gnutls CVE-2021-20231 中危 3.6.14-7.el8_3 3.6.16-4.el8 gnutls: Use after free in client key_share extension

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20231

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-03-12 19:15 修改: 2023-11-07 03:29

gnutls CVE-2021-20232 中危 3.6.14-7.el8_3 3.6.16-4.el8 gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20232

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-03-12 19:15 修改: 2023-11-07 03:29

gnutls CVE-2021-3580 中危 3.6.14-7.el8_3 3.6.16-4.el8 nettle: Remote crash in RSA decryption via manipulated ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3580

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-05 21:15 修改: 2024-01-16 15:15

gnutls CVE-2022-2509 中危 3.6.14-7.el8_3 3.6.16-5.el8_6 gnutls: Double free during gnutls_pkcs7_verify

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2509

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-08-01 14:15 修改: 2023-11-07 03:46

gnutls CVE-2023-0361 中危 3.6.14-7.el8_3 3.6.16-6.el8_7 gnutls: timing side-channel in the TLS RSA key exchange code

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0361

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-15 18:15 修改: 2023-11-07 04:00

gnutls CVE-2023-5981 中危 3.6.14-7.el8_3 3.6.16-8.el8_9 gnutls: timing side-channel in the RSA-PSK authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5981

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-11-28 12:15 修改: 2024-09-16 13:15

gnutls CVE-2024-0553 中危 3.6.14-7.el8_3 3.6.16-8.el8_9.1 gnutls: incomplete fix for CVE-2023-5981

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-01-16 12:15 修改: 2024-09-16 13:15

gnutls CVE-2024-28834 中危 3.6.14-7.el8_3 3.6.16-8.el8_9.3 gnutls: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-03-21 14:15 修改: 2024-09-12 20:15

curl CVE-2021-22922 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Content not matching hash in Metalink is not being discarded

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22922

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:12

json-c CVE-2020-12762 中危 0.13.1-0.2.el8 0.13.1-2.el8 libfastjson: integer overflow and out-of-bounds write via a large JSON file

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12762

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-05-09 18:15 修改: 2023-11-07 03:15

kpartx CVE-2022-41973 中危 0.8.4-5.el8 0.8.4-37.el8 device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41973

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-10-29 18:15 修改: 2023-11-25 09:15

curl CVE-2021-22923 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Metalink download sends credentials

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22923

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

curl CVE-2021-22924 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Bad connection reuse due to flawed path name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

krb5-libs CVE-2020-17049 中危 1.18.2-5.el8 Kerberos: delegation constrain bypass in S4U2Proxy

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-17049

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-11-11 07:15 修改: 2024-09-10 16:15

krb5-libs CVE-2020-28196 中危 1.18.2-5.el8 1.18.2-8.el8 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21

krb5-libs CVE-2021-36222 中危 1.18.2-5.el8 1.18.2-8.3.el8_4 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36222

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-22 18:15 修改: 2021-11-28 23:19

krb5-libs CVE-2021-37750 中危 1.18.2-5.el8 1.18.2-8.3.el8_4 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37

krb5-libs CVE-2023-5455 中危 1.18.2-5.el8 ipa: Invalid CSRF protection

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5455

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-01-10 13:15 修改: 2024-09-16 16:15

krb5-libs CVE-2024-37370 中危 1.18.2-5.el8 1.18.2-29.el8_10 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48

krb5-libs CVE-2024-37371 中危 1.18.2-5.el8 1.18.2-29.el8_10 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39

curl CVE-2021-22946 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.2 curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12

less CVE-2022-48624 中危 530-1.el8 530-3.el8_10 less: missing quoting of shell metacharacters in LESSCLOSE handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48624

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-19 01:15 修改: 2024-06-10 18:15

libarchive CVE-2017-14502 中危 3.3.2-9.el8 3.3.3-1.el8 libarchive: Off-by-one error in the read_header function

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14502

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-09-17 18:29 修改: 2019-10-03 00:03

libarchive CVE-2021-23177 中危 3.3.2-9.el8 3.3.3-3.el8_5 libarchive: extracting a symlink with ACLs modifies ACLs of target

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23177

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 16:15 修改: 2022-12-03 14:16

libarchive CVE-2021-31566 中危 3.3.2-9.el8 3.3.3-3.el8_5 libarchive: symbolic links incorrectly followed when changing modes, times, ACL and flags of a file while extracting an archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31566

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 16:15 修改: 2024-03-27 16:04

libcap CVE-2023-2603 中危 2.26-4.el8 2.48-5.el8_8 libcap: Integer Overflow in _libcap_strdup()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2603

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-06 20:15 修改: 2024-10-10 16:32

libcom_err CVE-2022-1304 中危 1.45.6-1.el8 1.45.6-5.el8 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41

libcurl-minimal CVE-2020-8284 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: FTP PASV command response can cause curl to connect to arbitrary host

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50

libcurl-minimal CVE-2020-8285 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

libcurl-minimal CVE-2020-8286 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Inferior OCSP verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

libcurl-minimal CVE-2021-22876 中危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: Leak of authentication credentials in URL via automatic Referer

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47

libcurl-minimal CVE-2021-22922 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Content not matching hash in Metalink is not being discarded

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22922

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:12

libcurl-minimal CVE-2021-22923 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Metalink download sends credentials

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22923

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

libcurl-minimal CVE-2021-22924 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Bad connection reuse due to flawed path name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

libcurl-minimal CVE-2021-22946 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.2 curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12

libcurl-minimal CVE-2021-22947 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.2 curl: Server responses received before STARTTLS processed after TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03

libcurl-minimal CVE-2022-22576 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: OAUTH2 bearer bypass in connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-05-26 17:15 修改: 2024-03-27 15:02

libcurl-minimal CVE-2022-27774 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: credential leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02

libcurl-minimal CVE-2022-27776 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: auth/cookie leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02

libcurl-minimal CVE-2022-27782 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: TLS and SSH connection too eager reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01

libcurl-minimal CVE-2022-32206 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.4 curl: HTTP compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00

libcurl-minimal CVE-2022-32208 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.4 curl: FTP-KRB bad message verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00

libcurl-minimal CVE-2023-23916 中危 7.61.1-14.el8_3.1 7.61.1-25.el8_7.3 curl: HTTP multi-header compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-23 20:15 修改: 2024-03-27 14:54

libcurl-minimal CVE-2023-27535 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.2 curl: FTP too eager connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:47

libcurl-minimal CVE-2023-27536 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.3 curl: GSS delegation too eager connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46

libcurl-minimal CVE-2023-28321 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.3 curl: IDN wildcard match may lead to Improper Cerificate Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-05-26 21:15 修改: 2023-11-07 04:10

libcurl-minimal CVE-2023-46218 中危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: information disclosure by exploiting a mixed case flaw

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15

libcurl-minimal CVE-2024-2398 中危 7.61.1-14.el8_3.1 7.61.1-34.el8_10.2 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15

libdnf CVE-2021-3445 中危 0.48.0-5.el8 0.63.0-3.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

libgcc CVE-2021-42574 中危 8.3.1-5.1.el8 8.5.0-4.el8_5 environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-01 04:15 修改: 2024-08-04 04:16

libgcrypt CVE-2019-12904 中危 1.8.5-4.el8 Libgcrypt: physical addresses being available to other processes leads to a flush-and-reload side-channel attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12904

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-06-20 00:15 修改: 2024-08-05 00:15

libgcrypt CVE-2021-33560 中危 1.8.5-4.el8 1.8.5-6.el8 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33560

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-06-08 11:15 修改: 2023-11-07 03:35

libgcrypt CVE-2021-40528 中危 1.8.5-4.el8 1.8.5-7.el8_6 libgcrypt: ElGamal implementation allows plaintext recovery

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40528

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-06 19:15 修改: 2023-11-07 03:38

libgcrypt CVE-2024-2236 中危 1.8.5-4.el8 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-06 22:15 修改: 2024-09-14 04:15

curl CVE-2021-22947 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.2 curl: Server responses received before STARTTLS processed after TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03

curl CVE-2022-22576 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: OAUTH2 bearer bypass in connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-05-26 17:15 修改: 2024-03-27 15:02

curl CVE-2022-27774 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: credential leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02

libnghttp2 CVE-2024-28182 中危 1.33.0-3.el8_2.1 1.33.0-6.el8_10.1 nghttp2: CONTINUATION frames DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-04-04 15:15 修改: 2024-05-01 18:15

libsepol CVE-2021-36084 中危 2.9-1.el8 2.9-3.el8 libsepol: use-after-free in __cil_verify_classperms()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36084

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

libsepol CVE-2021-36085 中危 2.9-1.el8 2.9-3.el8 libsepol: use-after-free in __cil_verify_classperms()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36085

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

libsepol CVE-2021-36086 中危 2.9-1.el8 2.9-3.el8 libsepol: use-after-free in cil_reset_classpermission()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36086

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

libsepol CVE-2021-36087 中危 2.9-1.el8 2.9-3.el8 libsepol: heap-based buffer overflow in ebitmap_match_any()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36087

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

libsolv CVE-2021-33928 中危 0.7.11-1.el8 0.7.16-3.el8_4 libsolv: heap-based buffer overflow in pool_installable() in src/repo.h

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33928

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-02 15:15 修改: 2021-09-07 21:14

libsolv CVE-2021-33929 中危 0.7.11-1.el8 0.7.16-3.el8_4 libsolv: heap-based buffer overflow in pool_disabled_solvable() in src/repo.h

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33929

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-02 15:15 修改: 2021-09-07 21:14

libsolv CVE-2021-33930 中危 0.7.11-1.el8 0.7.16-3.el8_4 libsolv: heap-based buffer overflow in pool_installable_whatprovides() in src/repo.h

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33930

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-02 15:15 修改: 2021-09-07 21:11

libsolv CVE-2021-33938 中危 0.7.11-1.el8 0.7.16-3.el8_4 libsolv: heap-based buffer overflow in prune_to_recommended() in src/policy.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33938

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-02 15:15 修改: 2021-09-07 21:11

libstdc++ CVE-2021-42574 中危 8.3.1-5.1.el8 8.5.0-4.el8_5 environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-01 04:15 修改: 2024-08-04 04:16

libtasn1 CVE-2021-46848 中危 4.13-3.el8 4.13-4.el8_7 libtasn1: Out-of-bound access in ETYPE_OK

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46848

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-24 14:15 修改: 2023-11-07 03:40

libtirpc CVE-2021-46828 中危 1.1.4-4.el8 1.1.4-6.el8 libtirpc: DoS vulnerability with lots of connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46828

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-20 06:15 修改: 2023-11-07 03:40

libxml2 CVE-2016-3709 中危 2.9.7-8.el8 2.9.7-15.el8 libxml2: Incorrect server side include parsing can lead to XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3709

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-28 17:15 修改: 2022-12-07 16:39

libxml2 CVE-2020-24977 中危 2.9.7-8.el8 2.9.7-9.el8 libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal() in entities.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24977

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-09-04 00:15 修改: 2023-11-07 03:20

libxml2 CVE-2021-3516 中危 2.9.7-8.el8 2.9.7-9.el8_4.2 libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3516

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-06-01 14:15 修改: 2023-11-07 03:38

libxml2 CVE-2021-3517 中危 2.9.7-8.el8 2.9.7-9.el8_4.2 libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3517

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

libxml2 CVE-2021-3518 中危 2.9.7-8.el8 2.9.7-9.el8_4.2 libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3518

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-18 12:15 修改: 2023-11-07 03:38

libxml2 CVE-2021-3537 中危 2.9.7-8.el8 2.9.7-9.el8_4.2 libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3537

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-14 20:15 修改: 2023-11-07 03:38

libxml2 CVE-2021-3541 中危 2.9.7-8.el8 2.9.7-9.el8_4.2 libxml2: Exponential entity expansion attack bypasses all existing protection mechanisms

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3541

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-09 17:15 修改: 2022-03-01 18:25

libxml2 CVE-2022-23308 中危 2.9.7-8.el8 2.9.7-12.el8_5 libxml2: Use-after-free of ID and IDREF attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23308

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-26 05:15 修改: 2023-11-07 03:44

libxml2 CVE-2022-29824 中危 2.9.7-8.el8 2.9.7-13.el8_6.1 libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29824

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-03 03:15 修改: 2023-11-07 03:46

libxml2 CVE-2022-40303 中危 2.9.7-8.el8 2.9.7-15.el8_7.1 libxml2: integer overflows with XML_PARSE_HUGE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40303

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-11-23 00:15 修改: 2023-11-07 03:52

libxml2 CVE-2022-40304 中危 2.9.7-8.el8 2.9.7-15.el8_7.1 libxml2: dict corruption caused by entity reference cycles

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40304

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-11-23 18:15 修改: 2023-11-07 03:52

libxml2 CVE-2023-28484 中危 2.9.7-8.el8 2.9.7-16.el8_8.1 libxml2: NULL dereference in xmlSchemaFixupComplexType

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28484

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-24 21:15 修改: 2024-02-01 17:15

libxml2 CVE-2023-29469 中危 2.9.7-8.el8 2.9.7-16.el8_8.1 libxml2: Hashing of empty dict strings isn't deterministic

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29469

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-24 21:15 修改: 2023-06-01 14:15

libxml2 CVE-2023-39615 中危 2.9.7-8.el8 2.9.7-18.el8_9 libxml2: crafted xml can cause global buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39615

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-29 17:15 修改: 2024-08-02 19:15

libxml2 CVE-2024-25062 中危 2.9.7-8.el8 2.9.7-18.el8_10.1 libxml2: use-after-free in XMLReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-04 16:15 修改: 2024-02-13 00:40

libyaml CVE-2024-35325 中危 0.1.7-5.el8 libyaml: double-free in yaml_event_delete in /src/libyaml/src/api.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35325

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-06-13 17:15 修改: 2024-08-28 16:15

lua-libs CVE-2020-15945 中危 5.3.4-11.el8 lua: segmentation fault in changedline in ldebug.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15945

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-07-24 21:15 修改: 2023-04-20 18:39

lz4-libs CVE-2019-17543 中危 1.8.3-2.el8 lz4: heap-based buffer overflow in LZ4_write32

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17543

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-14 02:15 修改: 2023-11-07 03:06

lz4-libs CVE-2021-3520 中危 1.8.3-2.el8 1.8.3-3.el8_4 lz4: memory corruption due to an integer overflow bug caused by memmove argument

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3520

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-06-02 13:15 修改: 2024-06-06 20:25

ncurses-base CVE-2019-17594 中危 6.1-7.20180224.el8 6.1-9.20180224.el8 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13

ncurses-base CVE-2019-17595 中危 6.1-7.20180224.el8 6.1-9.20180224.el8 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52

ncurses-base CVE-2023-29491 中危 6.1-7.20180224.el8 6.1-9.20180224.el8_8.1 ncurses: Local users can trigger security-relevant memory corruption via malformed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15

ncurses-libs CVE-2019-17594 中危 6.1-7.20180224.el8 6.1-9.20180224.el8 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13

ncurses-libs CVE-2019-17595 中危 6.1-7.20180224.el8 6.1-9.20180224.el8 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52

ncurses-libs CVE-2023-29491 中危 6.1-7.20180224.el8 6.1-9.20180224.el8_8.1 ncurses: Local users can trigger security-relevant memory corruption via malformed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15

curl CVE-2022-27776 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: auth/cookie leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02

nettle CVE-2021-20231 中危 3.4.1-2.el8 3.4.1-7.el8 gnutls: Use after free in client key_share extension

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20231

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-12 19:15 修改: 2023-11-07 03:29

nettle CVE-2021-20232 中危 3.4.1-2.el8 3.4.1-7.el8 gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20232

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-12 19:15 修改: 2023-11-07 03:29

nettle CVE-2021-3580 中危 3.4.1-2.el8 3.4.1-7.el8 nettle: Remote crash in RSA decryption via manipulated ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3580

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-08-05 21:15 修改: 2024-01-16 15:15

curl CVE-2022-27782 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: TLS and SSH connection too eager reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01

curl CVE-2022-32206 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.4 curl: HTTP compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00

curl CVE-2022-32208 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.4 curl: FTP-KRB bad message verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00

curl CVE-2023-23916 中危 7.61.1-14.el8_3.1 7.61.1-25.el8_7.3 curl: HTTP multi-header compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-23 20:15 修改: 2024-03-27 14:54

openssl CVE-2021-23840 中危 1:1.1.1g-12.el8_3 1:1.1.1k-4.el8 openssl: integer overflow in CipherUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

openssl CVE-2021-23841 中危 1:1.1.1g-12.el8_3 1:1.1.1k-4.el8 openssl: NULL pointer dereference in X509_issuer_and_serial_hash()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

openssl CVE-2021-3712 中危 1:1.1.1g-12.el8_3 1:1.1.1k-5.el8_5 openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

openssl CVE-2022-1292 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41

openssl CVE-2022-2068 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: the c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2068

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-06-21 15:15 修改: 2023-11-07 03:46

openssl CVE-2022-2097 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: AES OCB fails to encrypt some bytes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-07-05 11:15 修改: 2024-06-21 19:15

openssl CVE-2022-4304 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

openssl CVE-2022-4450 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

openssl CVE-2023-0215 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-08 20:15 修改: 2024-06-21 19:15

curl CVE-2023-27535 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.2 curl: FTP too eager connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:47

curl CVE-2023-27536 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.3 curl: GSS delegation too eager connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46

curl CVE-2023-28321 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.3 curl: IDN wildcard match may lead to Improper Cerificate Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-05-26 21:15 修改: 2023-11-07 04:10

curl CVE-2023-46218 中危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: information disclosure by exploiting a mixed case flaw

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15

openssl-libs CVE-2021-23840 中危 1:1.1.1g-12.el8_3 1:1.1.1k-4.el8 openssl: integer overflow in CipherUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

openssl-libs CVE-2021-23841 中危 1:1.1.1g-12.el8_3 1:1.1.1k-4.el8 openssl: NULL pointer dereference in X509_issuer_and_serial_hash()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

openssl-libs CVE-2021-3712 中危 1:1.1.1g-12.el8_3 1:1.1.1k-5.el8_5 openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

openssl-libs CVE-2022-1292 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41

openssl-libs CVE-2022-2068 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: the c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2068

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-06-21 15:15 修改: 2023-11-07 03:46

openssl-libs CVE-2022-2097 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: AES OCB fails to encrypt some bytes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-07-05 11:15 修改: 2024-06-21 19:15

openssl-libs CVE-2022-4304 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

openssl-libs CVE-2022-4450 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

openssl-libs CVE-2023-0215 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-08 20:15 修改: 2024-06-21 19:15

p11-kit CVE-2020-29361 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29361

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2023-11-07 03:21

p11-kit CVE-2020-29362 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29362

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2021-01-11 16:50

p11-kit CVE-2020-29363 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: out-of-bounds write in p11_rpc_buffer_get_byte_array_value function in rpc-message.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29363

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2022-05-12 14:47

p11-kit-trust CVE-2020-29361 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29361

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2023-11-07 03:21

p11-kit-trust CVE-2020-29362 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29362

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2021-01-11 16:50

p11-kit-trust CVE-2020-29363 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: out-of-bounds write in p11_rpc_buffer_get_byte_array_value function in rpc-message.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29363

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2022-05-12 14:47

pam CVE-2024-10041 中危 1.3.1-11.el8 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-10-23 14:15 修改: 2024-11-04 22:27

pam CVE-2024-22365 中危 1.3.1-11.el8 1.3.1-33.el8 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27

pcre2 CVE-2022-1586 中危 10.32-2.el8 10.32-3.el8_6 pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1586

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-16 21:15 修改: 2023-11-07 03:42

curl CVE-2024-2398 中危 7.61.1-14.el8_3.1 7.61.1-34.el8_10.2 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15

bind-export-libs CVE-2021-25214 中危 32:9.11.20-5.el8_3.1 32:9.11.26-6.el8 bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25214

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-04-29 01:15 修改: 2023-11-07 03:31

dbus CVE-2022-42010 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

platform-python CVE-2007-4559 中危 3.6.8-31.el8 3.6.8-56.el8_9 python: tarfile module directory traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2007-08-28 01:17 修改: 2024-03-23 03:15

platform-python CVE-2015-20107 中危 3.6.8-31.el8 3.6.8-47.el8_6 python: mailcap: findmatch() function does not sanitize the second argument

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25

platform-python CVE-2020-10735 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-09 14:15 修改: 2023-06-30 23:15

platform-python CVE-2020-26116 中危 3.6.8-31.el8 3.6.8-37.el8 python: CRLF injection via HTTP request method in httplib/http.client

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26116

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-09-27 04:15 修改: 2023-11-07 03:20

platform-python CVE-2020-27619 中危 3.6.8-31.el8 3.6.8-37.el8 python: Unsafe use of eval() on data retrieved via HTTP in the test suite

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27619

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-22 03:16 修改: 2024-02-03 07:15

platform-python CVE-2021-23336 中危 3.6.8-31.el8 3.6.8-37.el8 python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 13:15 修改: 2023-11-07 03:30

platform-python CVE-2021-28861 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: open redirection vulnerability in lib/http/server.py may lead to information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 01:15 修改: 2024-08-03 22:15

platform-python CVE-2021-3177 中危 3.6.8-31.el8 3.6.8-37.el8 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3177

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-19 06:15 修改: 2023-11-07 03:37

platform-python CVE-2021-3426 中危 3.6.8-31.el8 3.6.8-41.el8 python: Information disclosure via pydoc

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3426

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-20 13:15 修改: 2023-11-07 03:38

platform-python CVE-2021-3733 中危 3.6.8-31.el8 3.6.8-39.el8_4 python: urllib: Regular expression DoS in AbstractBasicAuthHandler

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3733

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-10 17:42 修改: 2023-06-30 23:15

platform-python CVE-2021-4189 中危 3.6.8-31.el8 3.6.8-45.el8 python: ftplib should not use the host from the PASV response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2023-06-30 23:15

platform-python CVE-2022-0391 中危 3.6.8-31.el8 3.6.8-47.el8_6 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-09 23:15 修改: 2023-11-07 03:41

platform-python CVE-2022-45061 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: CPU denial of service via inefficient IDNA decoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-11-09 07:15 修改: 2023-11-07 03:54

platform-python CVE-2022-48560 中危 3.6.8-31.el8 3.6.8-56.el8_9.2 python: use after free in heappushpop() of heapq module

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48560

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-08 03:15

platform-python CVE-2022-48564 中危 3.6.8-31.el8 3.6.8-56.el8_9.2 python: DoS when processing malformed Apple Property List files in binary format

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48564

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-15 15:56

platform-python CVE-2023-27043 中危 3.6.8-31.el8 3.6.8-56.el8_9.3 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27

platform-python CVE-2024-0450 中危 3.6.8-31.el8 3.6.8-62.el8_10 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15

platform-python CVE-2024-6232 中危 3.6.8-31.el8 3.6.8-67.el8_10 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15

platform-python CVE-2024-6923 中危 3.6.8-31.el8 3.6.8-67.el8_10 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-01 14:15 修改: 2024-09-04 21:15

platform-python CVE-2024-9287 中危 3.6.8-31.el8 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15

dbus CVE-2022-42011 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

platform-python-setuptools CVE-2022-40897 中危 39.2.0-6.el8 39.2.0-6.el8_7.1 pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-23 00:15 修改: 2024-10-29 15:35

python3-dnf CVE-2021-3445 中危 4.2.23-4.el8 4.7.0-4.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

python3-hawkey CVE-2021-3445 中危 0.48.0-5.el8 0.63.0-3.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

python3-libdnf CVE-2021-3445 中危 0.48.0-5.el8 0.63.0-3.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

dbus CVE-2022-42012 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus CVE-2023-34969 中危 1:1.12.8-11.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36

dbus-common CVE-2022-42010 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

python3-libs CVE-2007-4559 中危 3.6.8-31.el8 3.6.8-56.el8_9 python: tarfile module directory traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2007-08-28 01:17 修改: 2024-03-23 03:15

python3-libs CVE-2015-20107 中危 3.6.8-31.el8 3.6.8-47.el8_6 python: mailcap: findmatch() function does not sanitize the second argument

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25

python3-libs CVE-2020-10735 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-09 14:15 修改: 2023-06-30 23:15

python3-libs CVE-2020-26116 中危 3.6.8-31.el8 3.6.8-37.el8 python: CRLF injection via HTTP request method in httplib/http.client

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26116

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-09-27 04:15 修改: 2023-11-07 03:20

python3-libs CVE-2020-27619 中危 3.6.8-31.el8 3.6.8-37.el8 python: Unsafe use of eval() on data retrieved via HTTP in the test suite

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27619

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-22 03:16 修改: 2024-02-03 07:15

python3-libs CVE-2021-23336 中危 3.6.8-31.el8 3.6.8-37.el8 python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 13:15 修改: 2023-11-07 03:30

python3-libs CVE-2021-28861 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: open redirection vulnerability in lib/http/server.py may lead to information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 01:15 修改: 2024-08-03 22:15

python3-libs CVE-2021-3177 中危 3.6.8-31.el8 3.6.8-37.el8 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3177

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-19 06:15 修改: 2023-11-07 03:37

python3-libs CVE-2021-3426 中危 3.6.8-31.el8 3.6.8-41.el8 python: Information disclosure via pydoc

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3426

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-20 13:15 修改: 2023-11-07 03:38

python3-libs CVE-2021-3733 中危 3.6.8-31.el8 3.6.8-39.el8_4 python: urllib: Regular expression DoS in AbstractBasicAuthHandler

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3733

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-10 17:42 修改: 2023-06-30 23:15

python3-libs CVE-2021-4189 中危 3.6.8-31.el8 3.6.8-45.el8 python: ftplib should not use the host from the PASV response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2023-06-30 23:15

python3-libs CVE-2022-0391 中危 3.6.8-31.el8 3.6.8-47.el8_6 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-09 23:15 修改: 2023-11-07 03:41

python3-libs CVE-2022-45061 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: CPU denial of service via inefficient IDNA decoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-11-09 07:15 修改: 2023-11-07 03:54

python3-libs CVE-2022-48560 中危 3.6.8-31.el8 3.6.8-56.el8_9.2 python: use after free in heappushpop() of heapq module

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48560

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-08 03:15

python3-libs CVE-2022-48564 中危 3.6.8-31.el8 3.6.8-56.el8_9.2 python: DoS when processing malformed Apple Property List files in binary format

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48564

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-15 15:56

python3-libs CVE-2023-27043 中危 3.6.8-31.el8 3.6.8-56.el8_9.3 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27

python3-libs CVE-2024-0450 中危 3.6.8-31.el8 3.6.8-62.el8_10 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15

python3-libs CVE-2024-6232 中危 3.6.8-31.el8 3.6.8-67.el8_10 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15

python3-libs CVE-2024-6923 中危 3.6.8-31.el8 3.6.8-67.el8_10 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-01 14:15 修改: 2024-09-04 21:15

python3-libs CVE-2024-9287 中危 3.6.8-31.el8 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15

python3-pip-wheel CVE-2007-4559 中危 9.0.3-18.el8 9.0.3-23.el8 python: tarfile module directory traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2007-08-28 01:17 修改: 2024-03-23 03:15

python3-rpm CVE-2021-20271 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

python3-rpm CVE-2021-3421 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: unsigned signature header leads to string injection into an rpm database

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3421

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:37

python3-rpm CVE-2021-3521 中危 4.14.3-4.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41

python3-rpm CVE-2021-35937 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: TOCTOU race in checks for unsafe symlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2023-11-07 03:36

python3-rpm CVE-2021-35938 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: races with chown/chmod/capabilities calls during installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2022-11-29 18:06

python3-rpm CVE-2021-35939 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: checks for unsafe symlinks are not performed for intermediary directories

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-26 16:15 修改: 2023-02-04 01:16

dbus-common CVE-2022-42011 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

python3-setuptools-wheel CVE-2022-40897 中危 39.2.0-6.el8 39.2.0-6.el8_7.1 pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-23 00:15 修改: 2024-10-29 15:35

rpm CVE-2021-20271 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

rpm CVE-2021-3421 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: unsigned signature header leads to string injection into an rpm database

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3421

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:37

rpm CVE-2021-3521 中危 4.14.3-4.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41

rpm CVE-2021-35937 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: TOCTOU race in checks for unsafe symlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2023-11-07 03:36

rpm CVE-2021-35938 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: races with chown/chmod/capabilities calls during installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2022-11-29 18:06

rpm CVE-2021-35939 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: checks for unsafe symlinks are not performed for intermediary directories

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-26 16:15 修改: 2023-02-04 01:16

rpm-build-libs CVE-2021-20271 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

rpm-build-libs CVE-2021-3421 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: unsigned signature header leads to string injection into an rpm database

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3421

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:37

rpm-build-libs CVE-2021-3521 中危 4.14.3-4.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41

rpm-build-libs CVE-2021-35937 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: TOCTOU race in checks for unsafe symlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2023-11-07 03:36

rpm-build-libs CVE-2021-35938 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: races with chown/chmod/capabilities calls during installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2022-11-29 18:06

rpm-build-libs CVE-2021-35939 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: checks for unsafe symlinks are not performed for intermediary directories

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-26 16:15 修改: 2023-02-04 01:16

rpm-libs CVE-2021-20271 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

rpm-libs CVE-2021-3421 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: unsigned signature header leads to string injection into an rpm database

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3421

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:37

rpm-libs CVE-2021-3521 中危 4.14.3-4.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41

rpm-libs CVE-2021-35937 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: TOCTOU race in checks for unsafe symlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2023-11-07 03:36

rpm-libs CVE-2021-35938 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: races with chown/chmod/capabilities calls during installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2022-11-29 18:06

rpm-libs CVE-2021-35939 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: checks for unsafe symlinks are not performed for intermediary directories

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-26 16:15 修改: 2023-02-04 01:16

sqlite-libs CVE-2019-13750 中危 3.26.0-11.el8 3.26.0-15.el8 sqlite: dropping of shadow tables not restricted in defensive mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13750

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-12-10 22:15 修改: 2023-11-07 03:04

sqlite-libs CVE-2019-13751 中危 3.26.0-11.el8 3.26.0-15.el8 sqlite: fts3: improve detection of corrupted records

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13751

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-12-10 22:15 修改: 2023-11-07 03:04

sqlite-libs CVE-2019-19603 中危 3.26.0-11.el8 3.26.0-15.el8 sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19603

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-12-09 19:15 修改: 2023-11-07 03:07

sqlite-libs CVE-2019-5827 中危 3.26.0-11.el8 3.26.0-15.el8 sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5827

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-06-27 17:15 修改: 2023-11-07 03:12

sqlite-libs CVE-2020-13434 中危 3.26.0-11.el8 3.26.0-13.el8 sqlite: integer overflow in sqlite3_str_vappendf function in printf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13434

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-05-24 22:15 修改: 2023-11-07 03:16

sqlite-libs CVE-2020-13435 中危 3.26.0-11.el8 3.26.0-15.el8 sqlite: NULL pointer dereference in sqlite3ExprCodeTarget()

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13435

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-05-24 22:15 修改: 2023-11-07 03:16

sqlite-libs CVE-2020-15358 中危 3.26.0-11.el8 3.26.0-13.el8 sqlite: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization in select.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15358

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-06-27 12:15 修改: 2022-05-12 15:01

sqlite-libs CVE-2020-24736 中危 3.26.0-11.el8 3.26.0-18.el8_8 sqlite: Crash due to misuse of window functions.

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24736

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-11 18:15 修改: 2023-05-26 20:15

sqlite-libs CVE-2020-35527 中危 3.26.0-11.el8 3.26.0-16.el8_6 sqlite: Out of bounds access during table rename

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35527

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-01 18:15 修改: 2022-12-08 22:29

sqlite-libs CVE-2022-35737 中危 3.26.0-11.el8 3.26.0-17.el8_7 sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35737

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-03 06:15 修改: 2024-03-27 16:05

sqlite-libs CVE-2023-7104 中危 3.26.0-11.el8 3.26.0-19.el8_9 sqlite: heap-buffer-overflow at sessionfuzz

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-12-29 10:15 修改: 2024-05-17 02:34

squashfs-tools CVE-2021-40153 中危 4.3-19.el8 4.3-21.el8 squashfs-tools: unvalidated filepaths allow writing outside of destination

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40153

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-08-27 15:15 修改: 2023-11-07 03:38

squashfs-tools CVE-2021-41072 中危 4.3-19.el8 4.3-21.el8 squashfs-tools: possible Directory Traversal via symbolic link

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41072

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-14 01:15 修改: 2023-05-30 06:15

dbus-common CVE-2022-42012 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-common CVE-2023-34969 中危 1:1.12.8-11.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36

systemd CVE-2018-20839 中危 239-41.el8_3.1 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2019-05-17 04:29 修改: 2024-10-24 17:34

systemd CVE-2019-3842 中危 239-41.el8_3.1 239-45.el8 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3842

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2019-04-09 21:29 修改: 2023-11-07 03:10

systemd CVE-2020-13776 中危 239-41.el8_3.1 239-45.el8 systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13776

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-06-03 03:15 修改: 2023-11-07 03:16

systemd CVE-2022-3821 中危 239-41.el8_3.1 239-68.el8_7.1 systemd: buffer overrun in format_timespan() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51

systemd CVE-2022-4415 中危 239-41.el8_3.1 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19

systemd CVE-2023-26604 中危 239-41.el8_3.1 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09

systemd CVE-2023-7008 中危 239-41.el8_3.1 239-82.el8 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16

dbus-daemon CVE-2022-42010 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-daemon CVE-2022-42011 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

systemd-libs CVE-2018-20839 中危 239-41.el8_3.1 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2019-05-17 04:29 修改: 2024-10-24 17:34

systemd-libs CVE-2019-3842 中危 239-41.el8_3.1 239-45.el8 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3842

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2019-04-09 21:29 修改: 2023-11-07 03:10

systemd-libs CVE-2020-13776 中危 239-41.el8_3.1 239-45.el8 systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13776

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-06-03 03:15 修改: 2023-11-07 03:16

systemd-libs CVE-2022-3821 中危 239-41.el8_3.1 239-68.el8_7.1 systemd: buffer overrun in format_timespan() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51

systemd-libs CVE-2022-4415 中危 239-41.el8_3.1 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19

systemd-libs CVE-2023-26604 中危 239-41.el8_3.1 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09

systemd-libs CVE-2023-7008 中危 239-41.el8_3.1 239-82.el8 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16

dbus-daemon CVE-2022-42012 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-daemon CVE-2023-34969 中危 1:1.12.8-11.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36

systemd-pam CVE-2018-20839 中危 239-41.el8_3.1 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2019-05-17 04:29 修改: 2024-10-24 17:34

systemd-pam CVE-2019-3842 中危 239-41.el8_3.1 239-45.el8 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3842

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2019-04-09 21:29 修改: 2023-11-07 03:10

systemd-pam CVE-2020-13776 中危 239-41.el8_3.1 239-45.el8 systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13776

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-06-03 03:15 修改: 2023-11-07 03:16

systemd-pam CVE-2022-3821 中危 239-41.el8_3.1 239-68.el8_7.1 systemd: buffer overrun in format_timespan() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51

systemd-pam CVE-2022-4415 中危 239-41.el8_3.1 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19

systemd-pam CVE-2023-26604 中危 239-41.el8_3.1 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09

systemd-pam CVE-2023-7008 中危 239-41.el8_3.1 239-82.el8 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16

dbus-libs CVE-2022-42010 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-libs CVE-2022-42011 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

systemd-udev CVE-2018-20839 中危 239-41.el8_3.1 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2019-05-17 04:29 修改: 2024-10-24 17:34

systemd-udev CVE-2019-3842 中危 239-41.el8_3.1 239-45.el8 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3842

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2019-04-09 21:29 修改: 2023-11-07 03:10

systemd-udev CVE-2020-13776 中危 239-41.el8_3.1 239-45.el8 systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13776

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-06-03 03:15 修改: 2023-11-07 03:16

systemd-udev CVE-2022-3821 中危 239-41.el8_3.1 239-68.el8_7.1 systemd: buffer overrun in format_timespan() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51

systemd-udev CVE-2022-4415 中危 239-41.el8_3.1 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19

systemd-udev CVE-2023-26604 中危 239-41.el8_3.1 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09

systemd-udev CVE-2023-7008 中危 239-41.el8_3.1 239-82.el8 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16

tar CVE-2005-2541 中危 2:1.30-5.el8 tar: does not properly warn the user when extracting setuid or setgid files

漏洞详情: https://avd.aquasec.com/nvd/cve-2005-2541

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2005-08-10 04:00 修改: 2023-11-07 01:57

tar CVE-2022-48303 中危 2:1.30-5.el8 2:1.30-6.el8_7.1 tar: heap buffer overflow at from_header() in list.c via specially crafted checksum

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48303

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-30 04:15 修改: 2023-05-30 17:16

trousers CVE-2020-24331 中危 0.3.14-4.el8 0.3.15-1.el8 trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24331

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

trousers CVE-2020-24332 中危 0.3.14-4.el8 0.3.15-1.el8 trousers: tss user can be used to create or corrupt existing files, this could lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24332

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

trousers-lib CVE-2020-24331 中危 0.3.14-4.el8 0.3.15-1.el8 trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24331

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

trousers-lib CVE-2020-24332 中危 0.3.14-4.el8 0.3.15-1.el8 trousers: tss user can be used to create or corrupt existing files, this could lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24332

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

vim-minimal CVE-2021-3778 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8 vim: heap-based buffer overflow in utf_ptr2char() in mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3778

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-15 08:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-3796 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8 vim: use-after-free in nv_replace() in normal.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3796

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-15 13:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-3872 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.4 vim: heap-based buffer overflow in win_redr_status() in drawscreen.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3872

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-10-19 13:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-3984 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.4 vim: illegal memory access in find_start_brace() in cindent.c when C-indenting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3984

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-01 11:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-4019 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.4 vim: heap-based buffer overflow in find_help_tags() in help.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4019

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-01 10:15 修改: 2023-11-07 03:40

vim-minimal CVE-2021-4192 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.4 vim: use-after-free in win_linetabsize()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4192

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-31 15:15 修改: 2023-11-07 03:40

vim-minimal CVE-2021-4193 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.4 vim: out-of-bound read in getvcol()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4193

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-31 16:15 修改: 2023-11-07 03:40

vim-minimal CVE-2022-0261 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Heap-based buffer overflow in block_insert() in src/ops.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0261

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-18 16:15 修改: 2023-11-07 03:41

vim-minimal CVE-2022-0318 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Heap-based buffer overflow in utf_head_off() in mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0318

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-21 12:15 修改: 2022-11-29 22:12

vim-minimal CVE-2022-0359 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Heap-based buffer overflow in init_ccline() in ex_getln.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0359

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-26 12:15 修改: 2022-11-09 18:58

vim-minimal CVE-2022-0361 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0361

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-26 13:15 修改: 2022-11-09 18:57

vim-minimal CVE-2022-0392 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0392

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-28 22:15 修改: 2022-11-29 22:12

vim-minimal CVE-2022-0413 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Use after free in src/ex_cmds.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0413

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-30 15:15 修改: 2023-11-07 03:41

vim-minimal CVE-2022-1621 中危 2:8.0.1763-15.el8 2:8.0.1763-19.el8_6.2 vim: heap buffer overflow in vim_strncpy

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1621

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-10 14:15 修改: 2023-11-07 03:42

vim-minimal CVE-2022-1629 中危 2:8.0.1763-15.el8 2:8.0.1763-19.el8_6.2 vim: buffer over-read in function find_next_quote

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1629

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-10 14:15 修改: 2023-11-07 03:42

vim-minimal CVE-2022-1785 中危 2:8.0.1763-15.el8 2:8.0.1763-19.el8_6.4 vim: Out-of-bounds Write

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1785

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-19 13:15 修改: 2023-05-03 12:15

vim-minimal CVE-2022-1897 中危 2:8.0.1763-15.el8 2:8.0.1763-19.el8_6.4 vim: out-of-bounds write in vim_regsub_both() in regexp.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1897

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-27 15:15 修改: 2023-11-07 03:42

vim-minimal CVE-2022-1927 中危 2:8.0.1763-15.el8 2:8.0.1763-19.el8_6.4 vim: buffer over-read in utf_ptr2char() in mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1927

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-29 14:15 修改: 2023-11-07 03:42

vim-minimal CVE-2024-43790 中危 2:8.0.1763-15.el8 vim: Out of bounds read when performing a search command

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43790

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-22 22:15 修改: 2024-08-23 16:18

dbus-libs CVE-2022-42012 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-libs CVE-2023-34969 中危 1:1.12.8-11.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36

yum CVE-2021-3445 中危 4.2.23-4.el8 4.7.0-4.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

dbus-tools CVE-2022-42010 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

zlib CVE-2022-37434 中危 1.2.11-16.el8_2 1.2.11-19.el8_6 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-05 07:15 修改: 2023-07-19 00:56

binutils CVE-2023-25588 低危 2.30-79.el8 binutils: Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25588

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 21:15 修改: 2023-11-07 04:09

dbus-tools CVE-2020-35512 低危 1:1.12.8-11.el8 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-12-27 16:36

openssl-libs CVE-2023-0464 低危 1:1.1.1g-12.el8_3 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15

openssl-libs CVE-2023-0465 低危 1:1.1.1g-12.el8_3 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15

openssl-libs CVE-2023-0466 低危 1:1.1.1g-12.el8_3 openssl: Certificate policy check not enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15

openssl-libs CVE-2023-2650 低危 1:1.1.1g-12.el8_3 openssl: Possible DoS translating ASN.1 object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15

openssl-libs CVE-2023-3446 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 openssl: Excessive time spent checking DH keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15

openssl-libs CVE-2023-3817 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 OpenSSL: Excessive time spent checking DH q parameter value

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15

openssl-libs CVE-2023-5678 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15

openssl-libs CVE-2024-0727 低危 1:1.1.1g-12.el8_3 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15

openssl-libs CVE-2024-2511 低危 1:1.1.1g-12.el8_3 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15

openssl-libs CVE-2024-41996 低危 1:1.1.1g-12.el8_3 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35

openssl-libs CVE-2024-4741 低危 1:1.1.1g-12.el8_3 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

openssl-libs CVE-2024-5535 低危 1:1.1.1g-12.el8_3 1:1.1.1k-14.el8_6 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15

bzip2-libs CVE-2019-12900 低危 1.0.6-26.el8 bzip2: out-of-bounds write in function BZ2_decompress

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-06-19 23:15 修改: 2023-11-07 03:03

ca-certificates CVE-2023-37920 低危 2020.2.41-80.0.el8_2 2024.2.69_v8.0.303-80.0.el8_10 python-certifi: Removal of e-Tugra root certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37920

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-07-25 21:15 修改: 2023-08-12 06:16

libarchive CVE-2017-14166 低危 3.3.2-9.el8 3.3.3-1.el8 libarchive: Heap-based buffer over-read in the atol8 function

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14166

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-09-06 18:29 修改: 2019-08-15 18:15

libarchive CVE-2017-14501 低危 3.3.2-9.el8 3.3.3-1.el8 libarchive: Out-of-bounds read in parse_file_info

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14501

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-09-17 18:29 修改: 2018-12-28 16:29

libarchive CVE-2018-1000879 低危 3.3.2-9.el8 libarchive: NULL pointer dereference in ACL parser resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000879

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-20 17:29 修改: 2023-11-07 02:51

libarchive CVE-2018-1000880 低危 3.3.2-9.el8 libarchive: Improper input validation in WARC parser resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000880

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-20 17:29 修改: 2023-11-07 02:51

libarchive CVE-2020-21674 低危 3.3.2-9.el8 libarchive: heap-based buffer overflow in archive_string_append_from_wcs function in archive_string.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-21674

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-15 15:15 修改: 2020-10-26 15:53

libarchive CVE-2022-36227 低危 3.3.2-9.el8 3.3.3-5.el8 libarchive: NULL pointer dereference in archive_write.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36227

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-11-22 02:15 修改: 2024-03-27 16:04

pcre CVE-2019-20838 低危 8.42-4.el8 8.42-6.el8 pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20838

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:05

pcre CVE-2020-14155 低危 8.42-4.el8 8.42-6.el8 pcre: Integer overflow when parsing callout numeric arguments

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14155

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:04

bash CVE-2019-18276 低危 4.4.19-12.el8 4.4.19-14.el8 bash: when effective UID is not equal to its real UID the saved UID is not dropped

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-18276

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-11-28 01:15 修改: 2023-11-07 03:06

pcre2 CVE-2022-41409 低危 10.32-2.el8 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46

libcap CVE-2023-2602 低危 2.26-4.el8 2.48-5.el8_8 libcap: Memory Leak on pthread_create() Error

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2602

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-06 20:15 修改: 2023-11-30 05:15

glib2 CVE-2019-13012 低危 2.56.4-8.el8 2.56.4-9.el8 glib2: insecure permissions for files and directories

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-06-28 15:15 修改: 2023-11-07 03:03

glib2 CVE-2020-16125 低危 2.56.4-8.el8 2.56.4-9.el8 gdm: inability to timely contact accountservice via dbus leads gnome-initial-setup to creation of account with admin privileges

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16125

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-11-10 05:15 修改: 2020-11-24 18:12

glib2 CVE-2021-28153 低危 2.56.4-8.el8 2.56.4-156.el8 glib: g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION creates empty target for dangling symlink

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28153

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-11 22:15 修改: 2023-11-07 03:32

glib2 CVE-2023-29499 低危 2.56.4-8.el8 glib: GVariant offset table entry size is not checked in is_normal()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29499

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 20:15 修改: 2023-11-27 14:15

glib2 CVE-2023-32611 低危 2.56.4-8.el8 glib: g_variant_byteswap() can take a long time with some non-normal inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32611

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 20:15 修改: 2023-11-27 14:15

glib2 CVE-2023-32636 低危 2.56.4-8.el8 glib: Timeout in fuzz_variant_text

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32636

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 20:15 修改: 2024-01-12 22:09

glib2 CVE-2023-32665 低危 2.56.4-8.el8 glib: GVariant deserialisation does not match spec for non-normal data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32665

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 20:15 修改: 2024-04-26 09:15

binutils CVE-2018-12641 低危 2.30-79.el8 binutils: Stack Exhaustion in the demangling functions provided by libiberty

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12641

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-22 12:29 修改: 2019-10-03 00:03

binutils CVE-2018-12697 低危 2.30-79.el8 binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12697

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-23 23:29 修改: 2019-08-03 13:15

cpio CVE-2023-7216 低危 2.12-8.el8 CPIO: extraction allows symlinks which enables Remote Command Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7216

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-05 15:15 修改: 2024-09-19 06:15

binutils CVE-2018-12698 低危 2.30-79.el8 binutils: excessive memory consumption in demangle_template in cplus-dem.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12698

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-23 23:29 修改: 2019-10-03 00:03

binutils CVE-2018-12699 低危 2.30-79.el8 binutils: heap-based buffer overflow in finish_stab in stabs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12699

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-23 23:29 修改: 2019-08-03 13:15

binutils CVE-2018-12700 低危 2.30-79.el8 binutils: Stack Exhaustion in debug_write_type in debug.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12700

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-23 23:29 修改: 2023-11-07 02:52

binutils CVE-2018-12934 低危 2.30-79.el8 binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12934

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-28 14:29 修改: 2020-04-21 22:15

binutils CVE-2018-17360 低危 2.30-79.el8 binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-17360

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-09-23 18:29 修改: 2019-10-31 01:15

binutils CVE-2018-17794 低危 2.30-79.el8 binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-17794

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-09-30 20:29 修改: 2020-04-21 22:15

binutils CVE-2018-17985 低危 2.30-79.el8 binutils: Stack consumption problem caused by the cplus_demangle_type

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-17985

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-04 23:29 修改: 2019-10-31 01:15

binutils CVE-2018-18309 低危 2.30-79.el8 binutils: invalid memory address dereference in read_reloc in reloc.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18309

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-15 02:29 修改: 2023-11-07 02:55

elfutils-default-yama-scope CVE-2021-33294 低危 0.180-1.el8 elfutils: an infinite loop was found in the function handle_symtab in readelf.c which causes denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33294

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-07-18 14:15 修改: 2023-07-27 15:19

elfutils-default-yama-scope CVE-2024-25260 低危 0.180-1.el8 elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-20 18:15 修改: 2024-08-01 13:47

elfutils-libelf CVE-2021-33294 低危 0.180-1.el8 elfutils: an infinite loop was found in the function handle_symtab in readelf.c which causes denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33294

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-07-18 14:15 修改: 2023-07-27 15:19

glibc CVE-2016-10228 低危 2.28-127.el8 2.28-151.el8 glibc: iconv program can hang when invoked with the -c option

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10228

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-03-02 01:59 修改: 2023-11-07 02:29

platform-python CVE-2021-3737 低危 3.6.8-31.el8 3.6.8-45.el8 python: urllib: HTTP client possible infinite loop on a 100 Continue response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-04 19:15 修改: 2023-11-07 03:38

platform-python CVE-2024-4032 低危 3.6.8-31.el8 3.6.8-67.el8_10 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35

libcurl-minimal CVE-2020-8231 低危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04

libcurl-minimal CVE-2021-22898 低危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: TELNET stack contents disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47

procps-ng CVE-2018-1121 低危 3.3.15-3.el8 procps: process hiding through race condition enumerating /proc

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1121

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-13 20:29 修改: 2020-06-30 16:15

procps-ng CVE-2023-4016 低危 3.3.15-3.el8 3.3.15-14.el8 procps: ps buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-02 05:15 修改: 2023-12-15 18:19

libcurl-minimal CVE-2021-22925 低危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22925

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

libcurl-minimal CVE-2022-35252 低危 7.61.1-14.el8_3.1 7.61.1-30.el8 curl: Incorrect handling of control code characters in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-09-23 14:15 修改: 2024-03-27 15:00

libcurl-minimal CVE-2022-43552 低危 7.61.1-14.el8_3.1 7.61.1-30.el8 curl: Use-after-free triggered by an HTTP proxy deny response

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-09 20:15 修改: 2024-10-27 15:35

libcurl-minimal CVE-2023-27534 低危 7.61.1-14.el8_3.1 curl: SFTP path ~ resolving discrepancy

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:54

libcurl-minimal CVE-2023-28322 低危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: more POST-after-PUT confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15

libcurl-minimal CVE-2023-38546 低危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: cookie injection with none file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15

libdb CVE-2019-2708 低危 5.3.28-39.el8 5.3.28-40.el8 libdb: Denial of service in the Data Store component

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-2708

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-04-23 19:32 修改: 2023-11-07 03:09

libdb-utils CVE-2019-2708 低危 5.3.28-39.el8 5.3.28-40.el8 libdb: Denial of service in the Data Store component

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-2708

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-04-23 19:32 修改: 2023-11-07 03:09

glibc CVE-2020-27618 低危 2.28-127.el8 2.28-151.el8 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27618

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-26 23:15 修改: 2022-10-28 20:06

glibc CVE-2021-27645 低危 2.28-127.el8 2.28-164.el8 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27645

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-24 15:15 修改: 2023-11-07 03:31

libgcc CVE-2018-20657 低危 8.3.1-5.1.el8 libiberty: Memory leak in demangle_template function resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20657

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-02 14:29 修改: 2019-11-06 01:15

libgcc CVE-2018-20673 低危 8.3.1-5.1.el8 8.5.0-3.el8 libiberty: Integer overflow in demangle_template() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20673

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-04 18:29 修改: 2020-08-24 17:37

libgcc CVE-2019-14250 低危 8.3.1-5.1.el8 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14250

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-07-24 04:15 修改: 2023-03-01 18:01

libgcc CVE-2022-27943 低危 8.3.1-5.1.el8 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45

glibc CVE-2021-33574 低危 2.28-127.el8 2.28-164.el8 glibc: mq_notify does not handle separately allocated thread attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-25 22:15 修改: 2023-11-07 03:35

glibc CVE-2024-33601 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

glibc CVE-2024-33602 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

elfutils-libelf CVE-2024-25260 低危 0.180-1.el8 elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-20 18:15 修改: 2024-08-01 13:47

elfutils-libs CVE-2021-33294 低危 0.180-1.el8 elfutils: an infinite loop was found in the function handle_symtab in readelf.c which causes denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33294

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-07-18 14:15 修改: 2023-07-27 15:19

elfutils-libs CVE-2024-25260 低危 0.180-1.el8 elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-20 18:15 修改: 2024-08-01 13:47

binutils CVE-2018-18483 低危 2.30-79.el8 binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18483

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-18 21:29 修改: 2019-10-31 01:15

binutils CVE-2018-18484 低危 2.30-79.el8 binutils: Stack exhaustion in cp-demangle.c allows for denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18484

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-18 21:29 修改: 2020-08-24 17:37

binutils CVE-2018-18605 低危 2.30-79.el8 binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18605

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-23 17:29 修改: 2023-11-07 02:55

binutils CVE-2018-18606 低危 2.30-79.el8 binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18606

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-23 17:29 修改: 2023-11-07 02:55

binutils CVE-2018-18607 低危 2.30-79.el8 binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18607

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-23 17:29 修改: 2023-11-07 02:55

binutils CVE-2018-18700 低危 2.30-79.el8 binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18700

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-29 12:29 修改: 2020-04-21 22:15

python3-libs CVE-2021-3737 低危 3.6.8-31.el8 3.6.8-45.el8 python: urllib: HTTP client possible infinite loop on a 100 Continue response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-04 19:15 修改: 2023-11-07 03:38

python3-libs CVE-2024-4032 低危 3.6.8-31.el8 3.6.8-67.el8_10 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35

binutils CVE-2018-18701 低危 2.30-79.el8 binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18701

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-29 12:29 修改: 2020-04-21 22:15

python3-pip-wheel CVE-2018-20225 低危 9.0.3-18.el8 python-pip: when --extra-index-url option is used and package does not already exist in the public index, the installation of malicious package with arbitrary version number is possible.

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20225

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-05-08 18:15 修改: 2024-08-05 12:15

python3-pip-wheel CVE-2021-3572 低危 9.0.3-18.el8 9.0.3-20.el8 python-pip: Incorrect handling of unicode separators in git references

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3572

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-10 18:15 修改: 2024-06-21 19:15

binutils CVE-2018-19932 低危 2.30-79.el8 binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19932

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-07 07:29 修改: 2023-11-07 02:55

binutils CVE-2018-20002 低危 2.30-79.el8 binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20002

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-10 02:29 修改: 2023-11-07 02:56

binutils CVE-2018-20651 低危 2.30-79.el8 binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20651

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-01 16:29 修改: 2023-11-07 02:56

libsolv CVE-2021-3200 低危 0.7.11-1.el8 0.7.19-1.el8 libsolv: heap-based buffer overflow in testcase_read() in src/testcase.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3200

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-18 17:15 修改: 2022-07-30 03:45

binutils CVE-2018-20657 低危 2.30-79.el8 libiberty: Memory leak in demangle_template function resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20657

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-02 14:29 修改: 2019-11-06 01:15

libstdc++ CVE-2018-20657 低危 8.3.1-5.1.el8 libiberty: Memory leak in demangle_template function resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20657

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-02 14:29 修改: 2019-11-06 01:15

python3-rpm CVE-2021-20266 低危 4.14.3-4.el8 4.14.3-19.el8 rpm: missing length checks in hdrblobInit()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20266

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-30 12:15 修改: 2023-11-07 03:29

libstdc++ CVE-2018-20673 低危 8.3.1-5.1.el8 8.5.0-3.el8 libiberty: Integer overflow in demangle_template() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20673

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-04 18:29 修改: 2020-08-24 17:37

libstdc++ CVE-2019-14250 低危 8.3.1-5.1.el8 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14250

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-07-24 04:15 修改: 2023-03-01 18:01

libstdc++ CVE-2022-27943 低危 8.3.1-5.1.el8 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45

glibc-common CVE-2016-10228 低危 2.28-127.el8 2.28-151.el8 glibc: iconv program can hang when invoked with the -c option

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10228

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-03-02 01:59 修改: 2023-11-07 02:29

libtasn1 CVE-2018-1000654 低危 4.13-3.el8 libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000654

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-08-20 19:31 修改: 2023-11-07 02:51

glibc-common CVE-2020-27618 低危 2.28-127.el8 2.28-151.el8 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27618

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-26 23:15 修改: 2022-10-28 20:06

glibc-common CVE-2021-27645 低危 2.28-127.el8 2.28-164.el8 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27645

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-24 15:15 修改: 2023-11-07 03:31

glibc-common CVE-2021-33574 低危 2.28-127.el8 2.28-164.el8 glibc: mq_notify does not handle separately allocated thread attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-25 22:15 修改: 2023-11-07 03:35

rpm CVE-2021-20266 低危 4.14.3-4.el8 4.14.3-19.el8 rpm: missing length checks in hdrblobInit()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20266

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-30 12:15 修改: 2023-11-07 03:29

glibc-common CVE-2024-33601 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

glibc-common CVE-2024-33602 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

binutils CVE-2018-20673 低危 2.30-79.el8 libiberty: Integer overflow in demangle_template() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20673

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-04 18:29 修改: 2020-08-24 17:37

binutils CVE-2018-6872 低危 2.30-79.el8 binutils: out of bounds read in elf_parse_notes function in elf.c file in libbfd library

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6872

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-02-09 06:29 修改: 2023-11-07 03:00

binutils CVE-2019-12972 低危 2.30-79.el8 binutils: out-of-bounds read in setup_group in bfd/elf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12972

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-06-26 14:15 修改: 2023-11-07 03:03

curl CVE-2020-8231 低危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04

rpm-build-libs CVE-2021-20266 低危 4.14.3-4.el8 4.14.3-19.el8 rpm: missing length checks in hdrblobInit()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20266

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-30 12:15 修改: 2023-11-07 03:29

curl CVE-2021-22898 低危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: TELNET stack contents disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47

curl CVE-2021-22925 低危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22925

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

curl CVE-2022-35252 低危 7.61.1-14.el8_3.1 7.61.1-30.el8 curl: Incorrect handling of control code characters in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-09-23 14:15 修改: 2024-03-27 15:00

curl CVE-2022-43552 低危 7.61.1-14.el8_3.1 7.61.1-30.el8 curl: Use-after-free triggered by an HTTP proxy deny response

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-02-09 20:15 修改: 2024-10-27 15:35

curl CVE-2023-27534 低危 7.61.1-14.el8_3.1 curl: SFTP path ~ resolving discrepancy

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:54

curl CVE-2023-28322 低危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: more POST-after-PUT confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15

rpm-libs CVE-2021-20266 低危 4.14.3-4.el8 4.14.3-19.el8 rpm: missing length checks in hdrblobInit()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20266

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-30 12:15 修改: 2023-11-07 03:29

shadow-utils CVE-2023-4641 低危 2:4.6-11.el8 2:4.6-19.el8 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-12-27 16:15 修改: 2024-05-03 16:15

curl CVE-2023-38546 低危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: cookie injection with none file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15

libxml2 CVE-2023-45322 低危 2.9.7-8.el8 libxml2: use-after-free in xmlUnlinkNode() in tree.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45322

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-06 22:15 修改: 2024-08-02 21:15

libxml2 CVE-2024-34459 低危 2.9.7-8.el8 libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-14 15:39 修改: 2024-08-22 18:35

binutils CVE-2019-14250 低危 2.30-79.el8 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14250

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-07-24 04:15 修改: 2023-03-01 18:01

libzstd CVE-2021-24032 低危 1.4.4-1.el8 zstd: Race condition allows attacker to access world-readable destination file

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-24032

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-04 21:15 修改: 2021-04-28 20:04

libzstd CVE-2022-4899 低危 1.4.4-1.el8 zstd: mysql: buffer overrun in util.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-03-31 20:15 修改: 2023-11-07 03:59

file-libs CVE-2019-8905 低危 5.33-16.el8 file: stack-based buffer over-read in do_core_note in readelf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8905

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-18 17:29 修改: 2021-12-09 19:38

lua-libs CVE-2020-24370 低危 5.3.4-11.el8 5.3.4-12.el8 lua: segmentation fault in getlocal and setlocal functions in ldebug.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24370

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-08-17 17:15 修改: 2024-09-09 13:54

file-libs CVE-2019-8906 低危 5.33-16.el8 file: out-of-bounds read in do_core_note in readelf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8906

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-18 17:29 修改: 2021-12-09 19:44

glibc-minimal-langpack CVE-2016-10228 低危 2.28-127.el8 2.28-151.el8 glibc: iconv program can hang when invoked with the -c option

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10228

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-03-02 01:59 修改: 2023-11-07 02:29

glibc-minimal-langpack CVE-2020-27618 低危 2.28-127.el8 2.28-151.el8 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27618

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-26 23:15 修改: 2022-10-28 20:06

sqlite-libs CVE-2019-19244 低危 3.26.0-11.el8 sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain ORDER BY usage

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19244

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-11-25 20:15 修改: 2022-04-15 16:12

sqlite-libs CVE-2019-9936 低危 3.26.0-11.el8 sqlite: heap-based buffer over-read in function fts5HashEntrySort in sqlite3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9936

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-03-22 08:29 修改: 2023-11-07 03:13

sqlite-libs CVE-2019-9937 低危 3.26.0-11.el8 sqlite: null-pointer dereference in function fts5ChunkIterate in sqlite3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9937

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-03-22 08:29 修改: 2023-11-07 03:13

sqlite-libs CVE-2020-35525 低危 3.26.0-11.el8 3.26.0-16.el8_6 sqlite: Null pointer derreference in src/select.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35525

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-01 18:15 修改: 2023-07-06 19:15

sqlite-libs CVE-2023-36191 低危 3.26.0-11.el8 sqlite: CLI fault on missing -nonce

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36191

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-23 02:15 修改: 2023-11-07 04:16

sqlite-libs CVE-2024-0232 低危 3.26.0-11.el8 sqlite: use-after-free bug in jsonParseAddNodeArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0232

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-01-16 14:15 修改: 2024-09-28 04:15

glibc-minimal-langpack CVE-2021-27645 低危 2.28-127.el8 2.28-164.el8 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27645

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-24 15:15 修改: 2023-11-07 03:31

glibc-minimal-langpack CVE-2021-33574 低危 2.28-127.el8 2.28-164.el8 glibc: mq_notify does not handle separately allocated thread attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-25 22:15 修改: 2023-11-07 03:35

ncurses-base CVE-2018-19211 低危 6.1-7.20180224.el8 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15

ncurses-base CVE-2018-19217 低危 6.1-7.20180224.el8 ncurses: Null pointer dereference at function _nc_name_match

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-11-12 19:29 修改: 2024-08-05 12:15

ncurses-base CVE-2020-19185 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in one_one_mapping function in progs/dump_entry.c:1373

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19185

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

ncurses-base CVE-2020-19186 低危 6.1-7.20180224.el8 ncurses: Buffer overflow in _nc_find_entry function in tinfo/comp_hash.c:66

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19186

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

ncurses-base CVE-2020-19187 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in fmt_entry function in progs/dump_entry.c:1100

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19187

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

ncurses-base CVE-2020-19188 低危 6.1-7.20180224.el8 ncurses: Stack buffer overflow in fmt_entry function in progs/dump_entry.c:1116

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19188

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-base CVE-2020-19189 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19189

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-base CVE-2020-19190 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in _nc_find_entry in tinfo/comp_hash.c:70

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19190

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-base CVE-2021-39537 低危 6.1-7.20180224.el8 ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15

systemd CVE-2021-3997 低危 239-41.el8_3.1 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15

ncurses-base CVE-2023-45918 低危 6.1-7.20180224.el8 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35

ncurses-base CVE-2023-50495 低危 6.1-7.20180224.el8 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

glibc-minimal-langpack CVE-2024-33601 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

glibc-minimal-langpack CVE-2024-33602 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

gawk CVE-2023-4156 低危 4.2.1-1.el8 gawk: heap out of bound read in builtin.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4156

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-25 18:15 修改: 2023-11-07 04:22

ncurses-libs CVE-2018-19211 低危 6.1-7.20180224.el8 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15

ncurses-libs CVE-2018-19217 低危 6.1-7.20180224.el8 ncurses: Null pointer dereference at function _nc_name_match

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-11-12 19:29 修改: 2024-08-05 12:15

ncurses-libs CVE-2020-19185 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in one_one_mapping function in progs/dump_entry.c:1373

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19185

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

ncurses-libs CVE-2020-19186 低危 6.1-7.20180224.el8 ncurses: Buffer overflow in _nc_find_entry function in tinfo/comp_hash.c:66

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19186

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

systemd-libs CVE-2021-3997 低危 239-41.el8_3.1 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15

ncurses-libs CVE-2020-19187 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in fmt_entry function in progs/dump_entry.c:1100

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19187

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

ncurses-libs CVE-2020-19188 低危 6.1-7.20180224.el8 ncurses: Stack buffer overflow in fmt_entry function in progs/dump_entry.c:1116

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19188

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-libs CVE-2020-19189 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19189

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-libs CVE-2020-19190 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in _nc_find_entry in tinfo/comp_hash.c:70

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19190

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-libs CVE-2021-39537 低危 6.1-7.20180224.el8 ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15

ncurses-libs CVE-2023-45918 低危 6.1-7.20180224.el8 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35

ncurses-libs CVE-2023-50495 低危 6.1-7.20180224.el8 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

binutils CVE-2019-9071 低危 2.30-79.el8 binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9071

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-24 00:29 修改: 2021-12-10 19:32

gnupg2 CVE-2022-3219 低危 2.2.20-2.el8 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

systemd-pam CVE-2021-3997 低危 239-41.el8_3.1 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15

binutils CVE-2020-16598 低危 2.30-79.el8 binutils: Null Pointer Dereference in debug_get_real_type could result in DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16598

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-09 21:15 修改: 2023-11-07 03:18

binutils CVE-2020-35448 低危 2.30-79.el8 2.30-108.el8 binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section() in elf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35448

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-27 04:15 修改: 2023-11-07 03:21

openldap CVE-2023-2953 低危 2.4.46-15.el8 2.4.46-19.el8_10 openldap: null pointer dereference in ber_memalloc_x function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-05-30 22:15 修改: 2023-08-02 16:46

binutils CVE-2020-35493 低危 2.30-79.el8 binutils: heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF file

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35493

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 15:15 修改: 2023-11-07 03:21

dbus CVE-2020-35512 低危 1:1.12.8-11.el8 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-12-27 16:36

binutils CVE-2020-35494 低危 2.30-79.el8 binutils: usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35494

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 15:15 修改: 2023-11-07 03:21

binutils CVE-2020-35495 低危 2.30-79.el8 binutils: NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35495

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 15:15 修改: 2023-11-07 03:21

binutils CVE-2020-35496 低危 2.30-79.el8 binutils: NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35496

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 15:15 修改: 2023-11-07 03:21

binutils CVE-2020-35507 低危 2.30-79.el8 binutils: NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35507

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 15:15 修改: 2023-01-24 16:10

systemd-udev CVE-2021-3997 低危 239-41.el8_3.1 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15

dbus-common CVE-2020-35512 低危 1:1.12.8-11.el8 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-12-27 16:36

gnutls CVE-2021-4209 低危 3.6.14-7.el8_3 GnuTLS: Null pointer dereference in MD_UPDATE

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4209

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-08-24 16:15 修改: 2022-10-27 16:57

tar CVE-2019-9923 低危 2:1.30-5.el8 tar: null-pointer dereference in pax_decode_header in sparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9923

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-03-22 08:29 修改: 2023-11-07 03:13

tar CVE-2021-20193 低危 2:1.30-5.el8 tar: Memory leak in read_header() in list.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20193

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2024-10-24 18:15

tar CVE-2023-39804 低危 2:1.30-5.el8 tar: Incorrectly handled extension attributes in PAX archives can lead to a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39804

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-27 04:15 修改: 2024-03-27 12:29

binutils CVE-2021-20284 低危 2.30-79.el8 2.30-108.el8 binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20284

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

binutils CVE-2021-3826 低危 2.30-79.el8 libiberty: Heap/stack buffer overflow in the dlang_lname function in d-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3826

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-01 21:15 修改: 2024-01-22 15:01

trousers CVE-2020-24330 低危 0.3.14-4.el8 0.3.15-1.el8 trousers: fails to drop the root gid privilege when no longer needed

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24330

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

kexec-tools CVE-2021-20269 低危 2.0.20-34.el8_3.1 2.0.20-57.el8 kexec-tools: incorrect permissions on kdump dmesg file

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20269

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-03-10 17:41 修改: 2023-02-12 22:15

binutils CVE-2022-38533 低危 2.30-79.el8 binutils: heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a crafted file

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38533

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-26 00:15 修改: 2023-11-07 03:50

trousers-lib CVE-2020-24330 低危 0.3.14-4.el8 0.3.15-1.el8 trousers: fails to drop the root gid privilege when no longer needed

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24330

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

unzip CVE-2021-4217 低危 6.0-43.el8 unzip: Null pointer dereference in Unicode strings code

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4217

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-08-24 16:15 修改: 2022-11-29 15:45

unzip CVE-2022-0529 低危 6.0-43.el8 unzip: Heap out-of-bound writes and reads during conversion of wide string to local string

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0529

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-02-09 23:15 修改: 2023-11-09 20:55

unzip CVE-2022-0530 低危 6.0-43.el8 unzip: SIGSEGV during the conversion of an utf-8 string to a local string

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0530

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2022-02-09 23:15 修改: 2023-11-09 20:55

binutils CVE-2022-44840 低危 2.30-79.el8 binutils: heap-based buffer overflow in find_section_in_set() in readelf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44840

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:14

openssl CVE-2023-0464 低危 1:1.1.1g-12.el8_3 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15

openssl CVE-2023-0465 低危 1:1.1.1g-12.el8_3 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15

openssl CVE-2023-0466 低危 1:1.1.1g-12.el8_3 openssl: Certificate policy check not enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15

openssl CVE-2023-2650 低危 1:1.1.1g-12.el8_3 openssl: Possible DoS translating ASN.1 object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15

openssl CVE-2023-3446 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 openssl: Excessive time spent checking DH keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15

openssl CVE-2023-3817 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 OpenSSL: Excessive time spent checking DH q parameter value

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15

openssl CVE-2023-5678 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15

openssl CVE-2024-0727 低危 1:1.1.1g-12.el8_3 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15

openssl CVE-2024-2511 低危 1:1.1.1g-12.el8_3 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15

openssl CVE-2024-41996 低危 1:1.1.1g-12.el8_3 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35

openssl CVE-2024-4741 低危 1:1.1.1g-12.el8_3 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

openssl CVE-2024-5535 低危 1:1.1.1g-12.el8_3 1:1.1.1k-14.el8_6 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:91d0cd2c961d0395e870d29aeea7a14e09cc6c825346dbd42ef6edde095f7d36

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15

dbus-daemon CVE-2020-35512 低危 1:1.12.8-11.el8 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-12-27 16:36

binutils CVE-2022-47007 低危 2.30-79.el8 binutils: memory leak in stab_demangle_v3_arg() in stabs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47007

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:14

binutils CVE-2022-47008 低危 2.30-79.el8 binutils: memory leak in make_tempdir() and make_tempname() in bucomm.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47008

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:14

binutils CVE-2022-47010 低危 2.30-79.el8 binutils: memory leak in pr_function_type() in prdbg.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:14

binutils CVE-2022-47011 低危 2.30-79.el8 binutils: memory leak in parse_stab_struct_fields() in stabs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:14

dbus-libs CVE-2020-35512 低危 1:1.12.8-11.el8 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-12-27 16:36

vim-minimal CVE-2018-20786 低危 2:8.0.1763-15.el8 libvterm: NULL pointer dereference in vterm_screen_set_callbacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20786

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-24 14:29 修改: 2020-03-30 20:15

vim-minimal CVE-2020-20703 低危 2:8.0.1763-15.el8 vim: buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-20703

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-20 15:15 修改: 2023-06-27 20:54

vim-minimal CVE-2021-3236 低危 2:8.0.1763-15.el8 vim: NULL pointer dereference in ex_buffer_all method

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3236

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-11 14:15 修改: 2023-09-15 14:15

vim-minimal CVE-2021-3927 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in gchar_cursor() in misc1.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3927

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-05 15:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-3974 低危 2:8.0.1763-15.el8 vim: Use after free in regexp_nfa.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3974

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-19 11:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-4166 低危 2:8.0.1763-15.el8 vim: out-of-bounds read in do_arg_all() in src/arglist.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4166

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-25 19:15 修改: 2023-11-07 03:40

vim-minimal CVE-2022-0351 低危 2:8.0.1763-15.el8 vim: access of memory location before start of buffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0351

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-25 18:15 修改: 2022-11-09 19:20

vim-minimal CVE-2022-1154 低危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.13 vim: use after free in utf_ptr2char

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1154

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-30 12:15 修改: 2023-11-07 03:41

vim-minimal CVE-2022-1619 低危 2:8.0.1763-15.el8 vim: heap-buffer-overflow in cmdline_erase_chars of ex_getln.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1619

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-08 10:15 修改: 2023-11-07 03:42

vim-minimal CVE-2022-1720 低危 2:8.0.1763-15.el8 vim: buffer over-read in grab_file_name() in findfile.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1720

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-20 15:15 修改: 2023-11-07 03:42

vim-minimal CVE-2022-2124 低危 2:8.0.1763-15.el8 vim: out of bounds read in current_quote()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2124

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-19 10:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2125 低危 2:8.0.1763-15.el8 vim: Heap-based Buffer Overflow in get_lisp_indent()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2125

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-19 12:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2126 低危 2:8.0.1763-15.el8 vim: out of bounds read in suggest_trie_walk()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2126

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-19 13:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2129 低危 2:8.0.1763-15.el8 vim: out of bounds write in vim_regsub_both()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2129

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-19 19:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2175 低危 2:8.0.1763-15.el8 vim: buffer over-read in put_on_cmdline() at ex_getln.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2175

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-23 13:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2182 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow through parse_cmd_address() in function utf_ptr2char

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2182

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-23 18:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2183 低危 2:8.0.1763-15.el8 vim: out-of-bounds read through get_lisp_indent() in function get_lisp_indent

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2183

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-23 19:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2206 低危 2:8.0.1763-15.el8 vim: out-of-bound read in function msg_outtrans_attr

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2206

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-26 19:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2207 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in function ins_bs

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2207

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-27 12:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2208 低危 2:8.0.1763-15.el8 vim: null pointer dereference in function diff_check

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2208

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-27 13:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2210 低危 2:8.0.1763-15.el8 vim: out-of-bound write in function ml_append_int

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2210

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-27 16:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2284 低危 2:8.0.1763-15.el8 vim: out of bounds read in utfc_ptr2len() at mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2284

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-02 15:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2285 低危 2:8.0.1763-15.el8 vim: integer overflow in del_typebuf() at getchar.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2285

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-02 16:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2286 低危 2:8.0.1763-15.el8 vim: out of bounds read in ins_bytes() at change.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2286

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-02 19:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2287 低危 2:8.0.1763-15.el8 vim: out of bounds read in suggest_trie_walk() at spellsuggest.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2287

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-02 22:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2343 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in ins_compl_add() in insexpand.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2343

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-08 18:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2344 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in ins_compl_add() in insexpand.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2344

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-08 19:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2345 低危 2:8.0.1763-15.el8 vim: use-after-free in skipwhite() in charset.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2345

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-08 22:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2522 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in ins_compl_infercase_gettext() at src/insexpand.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2522

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-25 14:15 修改: 2023-05-03 12:16

vim-minimal CVE-2022-2819 低危 2:8.0.1763-15.el8 vim: heap buffer overflow in compile_lock_unlock() at src/vim9cmds.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2819

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-15 11:21 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2845 低危 2:8.0.1763-15.el8 vim: Buffer Under-read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2845

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-17 15:15 修改: 2023-07-10 16:15

vim-minimal CVE-2022-2849 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in latin_ptr2len() at src/mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2849

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-17 18:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2923 低危 2:8.0.1763-15.el8 vim: null pointer dereference in function sug_filltree

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2923

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-22 21:15 修改: 2023-11-07 03:47

vim-minimal CVE-2022-2946 低危 2:8.0.1763-15.el8 vim: use after free in function vim_vsnprintf_typval

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2946

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 17:15 修改: 2023-11-07 03:47

vim-minimal CVE-2022-2980 低危 2:8.0.1763-15.el8 vim: null pointer dereference in do_mouse() at src/mouse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2980

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2023-11-07 03:47

vim-minimal CVE-2022-3037 低危 2:8.0.1763-15.el8 vim: use after free in function qf_buf_add_line( )

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3037

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-30 21:15 修改: 2023-11-07 03:50

vim-minimal CVE-2022-3153 低危 2:8.0.1763-15.el8 vim: null pointer dereference in vim_regcomp()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3153

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-08 15:15 修改: 2023-05-03 12:16

vim-minimal CVE-2022-3234 低危 2:8.0.1763-15.el8 vim: Heap-based Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3234

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-17 22:15 修改: 2023-11-07 03:50

vim-minimal CVE-2022-3235 低危 2:8.0.1763-15.el8 vim: Use After Free

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3235

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-18 20:15 修改: 2023-11-07 03:50

vim-minimal CVE-2022-3256 低危 2:8.0.1763-15.el8 vim: use-after-free in movemark() at mark.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3256

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-22 13:15 修改: 2023-11-07 03:51

vim-minimal CVE-2022-3296 低危 2:8.0.1763-15.el8 vim: stack buffer overflow in ex_finally() in ex_eval.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3296

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-25 17:15 修改: 2023-11-07 03:51

vim-minimal CVE-2022-3352 低危 2:8.0.1763-15.el8 vim: use after free

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3352

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-29 12:15 修改: 2023-11-07 03:51

vim-minimal CVE-2022-3705 低危 2:8.0.1763-15.el8 vim: a use after free in the function qf_update_buffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3705

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-26 20:15 修改: 2023-11-07 03:51

vim-minimal CVE-2022-4292 低危 2:8.0.1763-15.el8 vim: use-after-free in did_set_spelllang() in src/spell.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4292

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-05 19:15 修改: 2023-11-07 03:57

vim-minimal CVE-2022-4293 低危 2:8.0.1763-15.el8 vim: floating point exception in num_divide() in src/eval.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4293

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-05 19:15 修改: 2023-05-03 12:16

vim-minimal CVE-2023-0049 低危 2:8.0.1763-15.el8 vim: out-of-bounds read in function build_stl_str_hl

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0049

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-04 16:15 修改: 2023-11-07 03:59

vim-minimal CVE-2023-0054 低危 2:8.0.1763-15.el8 vim: out-of-bounds write in do_string_sub() in eval.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0054

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-04 19:15 修改: 2023-06-12 20:15

vim-minimal CVE-2023-0288 低危 2:8.0.1763-15.el8 vim: a heap-based buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0288

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-13 16:15 修改: 2023-11-07 04:00

vim-minimal CVE-2023-0433 低危 2:8.0.1763-15.el8 vim: reading past the end of a line when formatting text

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0433

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-21 15:15 修改: 2023-11-07 04:00

vim-minimal CVE-2023-0512 低危 2:8.0.1763-15.el8 vim: divide by zero in adjust_skipcol() at move.ca

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-30 16:15 修改: 2023-11-07 04:00

vim-minimal CVE-2023-1127 低危 2:8.0.1763-15.el8 vim: Divide By Zero in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1127

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-03-01 19:15 修改: 2023-11-07 04:02

vim-minimal CVE-2023-1170 低危 2:8.0.1763-15.el8 vim: Heap-based Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1170

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-03-03 23:15 修改: 2023-11-07 04:02

vim-minimal CVE-2023-1175 低危 2:8.0.1763-15.el8 vim: Incorrect Calculation of Buffer Size

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1175

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-03-04 16:15 修改: 2023-11-07 04:02

vim-minimal CVE-2023-1264 低危 2:8.0.1763-15.el8 vim: NULL pointer dereference issue in utfc_ptr2len

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1264

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-03-07 22:15 修改: 2023-11-07 04:02

vim-minimal CVE-2023-2609 低危 2:8.0.1763-15.el8 vim: NULL Pointer Dereference in get_register() at register.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2609

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-05-09 18:15 修改: 2023-12-23 07:15

vim-minimal CVE-2023-2610 低危 2:8.0.1763-15.el8 vim: integer overflow vulnerability in vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2610

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-05-09 22:15 修改: 2023-12-23 07:15

vim-minimal CVE-2023-46246 低危 2:8.0.1763-15.el8 vim: Integer Overflow in :history command

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46246

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-27 19:15 修改: 2023-12-17 03:15

vim-minimal CVE-2023-4733 低危 2:8.0.1763-15.el8 vim: use-after-free in function buflist_altfpos

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4733

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-04 14:15 修改: 2024-02-01 17:56

vim-minimal CVE-2023-4734 低危 2:8.0.1763-15.el8 vim: segmentation fault in function f_fullcommand in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4734

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-02 18:15 修改: 2023-12-21 02:52

vim-minimal CVE-2023-4735 低危 2:8.0.1763-15.el8 vim: OOB Write ops.c in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4735

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-02 18:15 修改: 2023-12-22 17:54

vim-minimal CVE-2023-4738 低危 2:8.0.1763-15.el8 vim: heap-buffer-overflow in vim_regsub_both in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4738

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-02 20:15 修改: 2024-02-01 16:16

vim-minimal CVE-2023-4750 低危 2:8.0.1763-15.el8 vim: use-after-free in function bt_quickfix

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4750

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-04 14:15 修改: 2024-02-01 18:01

vim-minimal CVE-2023-4751 低危 2:8.0.1763-15.el8 vim: heap-buffer-overflow in function utfc_ptr2len in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4751

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-03 19:15 修改: 2023-12-22 18:09

vim-minimal CVE-2023-4752 低危 2:8.0.1763-15.el8 vim: use-after-free in function ins_compl_get_exp in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4752

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-04 14:15 修改: 2024-02-01 17:59

vim-minimal CVE-2023-4781 低危 2:8.0.1763-15.el8 vim: heap-buffer-overflow in function vim_regsub_both in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4781

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-05 19:15 修改: 2024-02-01 17:57

vim-minimal CVE-2023-48231 低危 2:8.0.1763-15.el8 vim: use after free in win_close()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48231

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2023-12-28 17:39

vim-minimal CVE-2023-48232 低危 2:8.0.1763-15.el8 vim: floating point exception in adjust_plines_for_skipcol()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48232

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:37

vim-minimal CVE-2023-48233 低危 2:8.0.1763-15.el8 vim: overflow with count for :s command

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48233

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:38

vim-minimal CVE-2023-48234 低危 2:8.0.1763-15.el8 vim: overflow in nv_z_get_count

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48234

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:33

vim-minimal CVE-2023-48235 低危 2:8.0.1763-15.el8 vim: overflow in ex address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48235

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:33

vim-minimal CVE-2023-48236 低危 2:8.0.1763-15.el8 vim: overflow in get_number

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48236

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:38

vim-minimal CVE-2023-48237 低危 2:8.0.1763-15.el8 vim: buffer overflow in shift_line

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48237

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:33

vim-minimal CVE-2023-48706 低危 2:8.0.1763-15.el8 vim: use-after-free in ex_substitute in Vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48706

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-22 22:15 修改: 2024-01-05 18:15

vim-minimal CVE-2023-5344 低危 2:8.0.1763-15.el8 vim: Heap-based Buffer Overflow in trunc_string()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5344

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-02 20:15 修改: 2023-12-13 01:15

vim-minimal CVE-2023-5441 低危 2:8.0.1763-15.el8 vim: NULL pointer dereference in screen_line() in src/screen.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5441

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-05 21:15 修改: 2023-11-15 02:33

vim-minimal CVE-2023-5535 低危 2:8.0.1763-15.el8 vim: use after free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5535

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-11 20:15 修改: 2023-11-15 02:31

vim-minimal CVE-2024-22667 低危 2:8.0.1763-15.el8 vim: Stack buffer over flow in did_set_langmap function in map.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22667

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-05 08:15 修改: 2024-02-23 16:15

vim-minimal CVE-2024-41965 低危 2:8.0.1763-15.el8 vim: Double-Free Vulnerability in Vim Could Cause Application Crashes

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41965

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-01 22:15 修改: 2024-08-09 14:09

vim-minimal CVE-2024-43374 低危 2:8.0.1763-15.el8 vim: use-after-free in alist_add() in src/arglist.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43374

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-16 02:15 修改: 2024-08-19 13:00

vim-minimal CVE-2024-43802 低危 2:8.0.1763-15.el8 vim: Heap Buffer Overflow in Vim's Typeahead Buffer Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43802

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-26 19:15 修改: 2024-08-27 13:02

vim-minimal CVE-2024-45306 低危 2:8.0.1763-15.el8 vim: heap-buffer-overflow in Vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45306

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-09-02 18:15 修改: 2024-10-01 15:20

vim-minimal CVE-2024-47814 低危 2:8.0.1763-15.el8 vim: use-after-free when closing buffers in Vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47814

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-10-07 22:15 修改: 2024-10-10 12:57

binutils CVE-2023-1972 低危 2.30-79.el8 binutils: Illegal memory access when accessing a zer0-lengthverdef table

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1972

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-05-17 22:15 修改: 2023-09-30 10:15

binutils CVE-2023-25584 低危 2.30-79.el8 binutils: Out of bounds read in parse_module function in bfd/vms-alpha.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25584

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 21:15 修改: 2024-02-23 18:51

krb5-libs CVE-2024-26458 低危 1.18.2-5.el8 1.18.2-27.el8_10 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

krb5-libs CVE-2024-26461 低危 1.18.2-5.el8 1.18.2-27.el8_10 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

binutils CVE-2023-25585 低危 2.30-79.el8 binutils: Field `file_table` of `struct module *module` is uninitialized

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25585

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 21:15 修改: 2023-11-07 04:09

binutils CVE-2021-3487 未知 2.30-79.el8 2.30-108.el8 binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3487

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-15 14:15 修改: 2023-11-20 05:15

Java (jar)
低危漏洞:5 中危漏洞:55 高危漏洞:22 严重漏洞:5
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer CVE-2021-42575 严重 20191001.1 20211018.1 owasp-java-html-sanitizer: improper policies enforcement may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42575

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-10-18 15:15 修改: 2023-02-24 17:34

org.apache.logging.log4j:log4j-core CVE-2021-44228 严重 2.11.1 2.15.0, 2.3.1, 2.12.2 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44228

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-12-10 10:15 修改: 2024-07-24 17:08

org.apache.logging.log4j:log4j-core CVE-2021-44228 严重 2.11.1 2.15.0, 2.3.1, 2.12.2 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44228

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-12-10 10:15 修改: 2024-07-24 17:08

org.apache.logging.log4j:log4j-core CVE-2021-45046 严重 2.11.1 2.16.0, 2.12.2 log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45046

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-12-14 19:15 修改: 2024-10-31 12:17

org.apache.logging.log4j:log4j-core CVE-2021-45046 严重 2.11.1 2.16.0, 2.12.2 log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45046

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-12-14 19:15 修改: 2024-10-31 12:17

com.fasterxml.jackson.dataformat:jackson-dataformat-cbor CVE-2020-28491 高危 2.10.4 2.11.4, 2.12.1 jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28491

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-02-18 16:15 修改: 2022-12-06 21:44

com.fasterxml.jackson.dataformat:jackson-dataformat-cbor CVE-2020-28491 高危 2.10.4 2.11.4, 2.12.1 jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28491

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-02-18 16:15 修改: 2022-12-06 21:44

com.fasterxml.jackson.core:jackson-databind CVE-2020-25649 高危 2.10.4 2.6.7.4, 2.9.10.7, 2.10.5.1 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25649

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:20

com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.6 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35

io.netty:netty-codec CVE-2021-37136 高危 4.1.49.Final 4.1.68.Final netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37136

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-10-19 15:15 修改: 2023-11-07 03:36

io.netty:netty-codec CVE-2021-37136 高危 4.1.49.Final 4.1.68.Final netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37136

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-10-19 15:15 修改: 2023-11-07 03:36

io.netty:netty-codec CVE-2021-37137 高危 4.1.49.Final 4.1.68.Final netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37137

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-10-19 15:15 修改: 2023-11-07 03:36

io.netty:netty-codec CVE-2021-37137 高危 4.1.49.Final 4.1.68.Final netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37137

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-10-19 15:15 修改: 2023-11-07 03:36

net.minidev:json-smart CVE-2023-1370 高危 2.3 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15

com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.10.4 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12

com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.10.4 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21

com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.10.4 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15

com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.10.4 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10

org.apache.logging.log4j:log4j-core CVE-2021-45105 高危 2.11.1 2.12.3, 2.17.0, 2.3.1 log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45105

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-12-18 12:15 修改: 2022-10-06 17:31

org.apache.logging.log4j:log4j-core CVE-2021-45105 高危 2.11.1 2.12.3, 2.17.0, 2.3.1 log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45105

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-12-18 12:15 修改: 2022-10-06 17:31

org.apache.santuario:xmlsec CVE-2021-40690 高危 2.1.4 2.2.3, 2.1.7 xml-security: XPath Transform abuse allows for information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40690

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-09-19 18:15 修改: 2023-11-07 03:38

org.apache.santuario:xmlsec CVE-2021-40690 高危 2.1.4 2.2.3, 2.1.7 xml-security: XPath Transform abuse allows for information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40690

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-09-19 18:15 修改: 2023-11-07 03:38

org.elasticsearch:elasticsearch CVE-2023-31418 高危 7.11.2 7.17.13, 8.9.0 elasticsearch: uncontrolled resource consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31418

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-10-26 18:15 修改: 2023-11-30 22:15

org.yaml:snakeyaml CVE-2022-1471 高危 1.26 2.0 SnakeYaml: Constructor Deserialization Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-12-01 11:15 修改: 2024-06-21 19:15

org.yaml:snakeyaml CVE-2022-1471 高危 1.26 2.0 SnakeYaml: Constructor Deserialization Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-12-01 11:15 修改: 2024-06-21 19:15

org.yaml:snakeyaml CVE-2022-25857 高危 1.26 1.31 snakeyaml: Denial of Service due to missing nested depth limitation for collections

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-08-30 05:15 修改: 2024-03-15 11:15

org.yaml:snakeyaml CVE-2022-25857 高危 1.26 1.31 snakeyaml: Denial of Service due to missing nested depth limitation for collections

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-08-30 05:15 修改: 2024-03-15 11:15

io.netty:netty-handler CVE-2023-34462 中危 4.1.49.Final 4.1.94.Final netty: SniHandler 16MB allocation leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-06-22 23:15 修改: 2024-06-21 19:15

com.google.guava:guava CVE-2018-10237 中危 19.0 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51

net.minidev:json-smart CVE-2021-27568 中危 2.3 1.3.2, 2.4.1, 2.3.1 json-smart: uncaught exception may lead to crash or information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27568

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-02-23 02:15 修改: 2023-11-07 03:31

org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.10 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17

org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.10 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17

org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.10 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17

org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.10 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17

com.google.guava:guava CVE-2023-2976 中危 19.0 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15

com.google.guava:guava CVE-2023-2976 中危 19.0 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15

com.google.guava:guava CVE-2023-2976 中危 27.1-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15

com.google.guava:guava CVE-2018-10237 中危 19.0 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51

io.netty:netty-codec-http CVE-2021-21290 中危 4.1.49.Final 4.1.59.Final netty: Information disclosure via the local system temporary directory

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21290

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-02-08 20:15 修改: 2023-11-07 03:29

io.netty:netty-codec-http CVE-2021-21290 中危 4.1.49.Final 4.1.59.Final netty: Information disclosure via the local system temporary directory

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21290

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-02-08 20:15 修改: 2023-11-07 03:29

org.apache.logging.log4j:log4j-core CVE-2021-44832 中危 2.11.1 2.3.2, 2.12.4, 2.17.1 log4j-core: remote code execution via JDBC Appender

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44832

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-12-28 20:15 修改: 2023-11-07 03:39

org.apache.logging.log4j:log4j-core CVE-2021-44832 中危 2.11.1 2.3.2, 2.12.4, 2.17.1 log4j-core: remote code execution via JDBC Appender

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44832

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-12-28 20:15 修改: 2023-11-07 03:39

io.netty:netty-codec-http CVE-2021-43797 中危 4.1.49.Final 4.1.71.Final netty: control chars in header names may lead to HTTP request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43797

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-12-09 19:15 修改: 2023-02-24 15:47

io.netty:netty-codec-http CVE-2021-43797 中危 4.1.49.Final 4.1.71.Final netty: control chars in header names may lead to HTTP request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43797

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-12-09 19:15 修改: 2023-02-24 15:47

org.apache.santuario:xmlsec CVE-2023-44483 中危 2.1.4 2.3.4, 2.2.6, 3.0.3 santuario: Private Key disclosure in debug-log output

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44483

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-10-20 10:15 修改: 2023-10-27 18:49

org.apache.santuario:xmlsec CVE-2023-44483 中危 2.1.4 2.3.4, 2.2.6, 3.0.3 santuario: Private Key disclosure in debug-log output

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44483

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-10-20 10:15 修改: 2023-10-27 18:49

org.bouncycastle:bc-fips CVE-2020-15522 中危 1.0.2 1.0.2.1 bouncycastle: Timing issue within the EC math library

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15522

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-05-20 12:15 修改: 2021-06-22 09:15

org.bouncycastle:bc-fips CVE-2022-45146 中危 1.0.2 1.0.2.4 bouncy-castle: Improper Authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45146

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-11-21 10:15 修改: 2024-02-13 19:15

org.bouncycastle:bc-fips CVE-2024-29857 中危 1.0.2 1.0.2.5 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2024-05-14 15:17 修改: 2024-08-15 19:35

org.bouncycastle:bcprov-jdk15on CVE-2020-15522 中危 1.64 1.66 bouncycastle: Timing issue within the EC math library

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15522

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-05-20 12:15 修改: 2021-06-22 09:15

org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.64 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15

org.bouncycastle:bcprov-jdk15on CVE-2023-33202 中危 1.64 1.70 bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33202

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-11-23 16:15 修改: 2024-09-09 13:53

org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.64 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2024-05-14 15:17 修改: 2024-08-15 19:35

org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.64 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35

org.bouncycastle:bcprov-jdk15on CVE-2024-30172 中危 1.64 1.78 org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30172

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2024-05-14 15:21 修改: 2024-06-14 13:15

org.elasticsearch.client:elasticsearch-rest-client CVE-2021-22145 中危 7.11.2 7.13.4 elasticsearch: memory disclosure in error reporting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22145

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-07-21 15:15 修改: 2022-05-10 15:25

org.elasticsearch.client:elasticsearch-rest-client CVE-2021-22145 中危 7.11.2 7.13.4 elasticsearch: memory disclosure in error reporting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22145

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-07-21 15:15 修改: 2022-05-10 15:25

org.elasticsearch.client:elasticsearch-rest-client CVE-2021-22145 中危 7.11.2 7.13.4 elasticsearch: memory disclosure in error reporting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22145

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-07-21 15:15 修改: 2022-05-10 15:25

org.elasticsearch.client:elasticsearch-rest-client CVE-2021-22145 中危 7.11.2 7.13.4 elasticsearch: memory disclosure in error reporting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22145

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-07-21 15:15 修改: 2022-05-10 15:25

io.netty:netty-codec-http CVE-2022-24823 中危 4.1.49.Final 4.1.77.Final netty: world readable temporary file containing sensitive data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24823

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-05-06 12:15 修改: 2022-12-03 14:25

org.elasticsearch:elasticsearch CVE-2021-22144 中危 7.11.2 6.8.17, 7.13.3 elasticsearch: uncontrolled recursion in Grok parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22144

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-07-26 12:15 修改: 2022-05-10 18:02

org.elasticsearch:elasticsearch CVE-2021-22147 中危 7.11.2 7.14.0 elasticsearch: document and field level security was not applied to searchable snapshots

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22147

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2021-09-15 12:15 修改: 2022-11-04 18:27

org.elasticsearch:elasticsearch CVE-2023-31417 中危 7.11.2 7.17.13, 8.9.2 elasticsearch: Sensitive information in audit logs

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31417

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-10-26 18:15 修改: 2024-01-03 19:02

org.elasticsearch:elasticsearch CVE-2023-31419 中危 7.11.2 7.17.13, 8.9.1 elasticsearch: StackOverflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31419

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-10-26 18:15 修改: 2024-02-01 02:16

org.elasticsearch:elasticsearch CVE-2023-46673 中危 7.11.2 7.17.14, 8.10.3 elasticsearch: Improper Handling of Exceptional Conditions

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46673

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-11-22 10:15 修改: 2023-11-30 20:22

org.elasticsearch:elasticsearch CVE-2023-49921 中危 7.11.2 7.17.16, 8.11.2 elasticsearch: Insertion of Sensitive Information into Log File

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49921

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2024-07-26 05:15 修改: 2024-09-11 14:09

org.elasticsearch:elasticsearch CVE-2024-23444 中危 7.11.2 8.13.0, 7.17.23 Elasticsearch stores private key on disk unencrypted

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23444

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2024-07-31 18:15 修改: 2024-08-01 12:42

org.elasticsearch:elasticsearch CVE-2024-23450 中危 7.11.2 7.17.19, 8.13.0 elasticsearch: Possible denial of service when processing documents in a deeply nested pipeline

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23450

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2024-03-27 17:15 修改: 2024-06-10 17:16

io.netty:netty-codec-http CVE-2022-24823 中危 4.1.49.Final 4.1.77.Final netty: world readable temporary file containing sensitive data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24823

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-05-06 12:15 修改: 2022-12-03 14:25

io.netty:netty-codec-http CVE-2024-29025 中危 4.1.49.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15

io.netty:netty-codec-http CVE-2024-29025 中危 4.1.49.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15

io.netty:netty-handler CVE-2023-34462 中危 4.1.49.Final 4.1.94.Final netty: SniHandler 16MB allocation leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2023-06-22 23:15 修改: 2024-06-21 19:15

org.yaml:snakeyaml CVE-2022-38749 中危 1.26 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15

org.yaml:snakeyaml CVE-2022-38749 中危 1.26 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15

org.yaml:snakeyaml CVE-2022-38750 中危 1.26 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15

org.yaml:snakeyaml CVE-2022-38750 中危 1.26 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15

org.yaml:snakeyaml CVE-2022-38751 中危 1.26 1.31 snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15

org.yaml:snakeyaml CVE-2022-38751 中危 1.26 1.31 snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15

org.yaml:snakeyaml CVE-2022-38752 中危 1.26 1.32 snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15

org.yaml:snakeyaml CVE-2022-38752 中危 1.26 1.32 snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15

org.yaml:snakeyaml CVE-2022-41854 中危 1.26 1.32 dev-java/snakeyaml: DoS via stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-11-11 13:15 修改: 2024-06-21 19:15

org.yaml:snakeyaml CVE-2022-41854 中危 1.26 1.32 dev-java/snakeyaml: DoS via stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2022-11-11 13:15 修改: 2024-06-21 19:15

com.google.guava:guava CVE-2020-8908 低危 19.0 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30

com.google.guava:guava CVE-2020-8908 低危 19.0 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30

com.google.guava:guava CVE-2020-8908 低危 27.1-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30

org.apache.logging.log4j:log4j-core CVE-2020-9488 低危 2.11.1 2.13.2, 2.12.3, 2.3.2 log4j: improper validation of certificate with host mismatch in SMTP appender

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9488

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2020-04-27 16:15 修改: 2023-11-07 03:26

org.apache.logging.log4j:log4j-core CVE-2020-9488 低危 2.11.1 2.13.2, 2.12.3, 2.3.2 log4j: improper validation of certificate with host mismatch in SMTP appender

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9488

镜像层: sha256:5ae441f83f41da649a8cacfb29b3f3f48e06596ff1b179ba85b59aa0990823e7

发布日期: 2020-04-27 16:15 修改: 2023-11-07 03:26