docker.elastic.co/kibana/kibana:7.10.2 linux/amd64

docker.elastic.co/kibana/kibana:7.10.2 - Trivy安全扫描结果 扫描时间: 2024-10-30 11:23
全部漏洞信息
低危漏洞:341 中危漏洞:556 高危漏洞:149 严重漏洞:18

系统OS: centos 8.3.2011 扫描引擎: Trivy 扫描时间: 2024-10-30 11:23

docker.elastic.co/kibana/kibana:7.10.2 (centos 8.3.2011) (centos)
低危漏洞:326 中危漏洞:509 高危漏洞:78 严重漏洞:5
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
nss CVE-2021-43527 严重 3.53.1-11.el8_2 3.67.0-7.el8_5 nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43527

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-12-08 22:15 修改: 2023-02-23 01:40

nss-softokn CVE-2021-43527 严重 3.53.1-11.el8_2 3.67.0-7.el8_5 nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43527

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-12-08 22:15 修改: 2023-02-23 01:40

nss-softokn-freebl CVE-2021-43527 严重 3.53.1-11.el8_2 3.67.0-7.el8_5 nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43527

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-12-08 22:15 修改: 2023-02-23 01:40

nss-sysinit CVE-2021-43527 严重 3.53.1-11.el8_2 3.67.0-7.el8_5 nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43527

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-12-08 22:15 修改: 2023-02-23 01:40

nss-util CVE-2021-43527 严重 3.53.1-11.el8_2 3.67.0-7.el8_5 nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43527

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-12-08 22:15 修改: 2023-02-23 01:40

bind-export-libs CVE-2023-3341 高危 32:9.11.20-5.el8 32:9.11.36-8.el8_8.2 bind: stack exhaustion in control channel code may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3341

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-20 13:15 修改: 2024-02-16 18:39

bind-export-libs CVE-2023-4408 高危 32:9.11.20-5.el8 32:9.11.36-14.el8_10 bind9: Parsing large DNS messages may cause excessive CPU load

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4408

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-13 14:15 修改: 2024-10-21 21:02

bind-export-libs CVE-2023-50387 高危 32:9.11.20-5.el8 32:9.11.36-14.el8_10 bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16

bind-export-libs CVE-2023-50868 高危 32:9.11.20-5.el8 32:9.11.36-14.el8_10 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16

bind-export-libs CVE-2024-1737 高危 32:9.11.20-5.el8 32:9.11.36-16.el8_10.2 bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1737

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-07-23 15:15 修改: 2024-08-01 13:46

bind-export-libs CVE-2024-1975 高危 32:9.11.20-5.el8 32:9.11.36-16.el8_10.2 bind9: bind: SIG(0) can be used to exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1975

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-07-23 15:15 修改: 2024-08-01 13:46

cyrus-sasl-lib CVE-2022-24407 高危 2.1.27-5.el8 2.1.27-6.el8_5 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44

dhcp-client CVE-2021-25217 高危 12:4.3.6-41.el8 12:4.3.6-44.el8_4.1 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-26 22:15 修改: 2023-11-07 03:31

dhcp-client CVE-2024-3661 高危 12:4.3.6-41.el8 DHCP: DHCP routing options can manipulate interface-based VPN traffic

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3661

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 19:15 修改: 2024-07-01 15:15

dhcp-common CVE-2021-25217 高危 12:4.3.6-41.el8 12:4.3.6-44.el8_4.1 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-26 22:15 修改: 2023-11-07 03:31

dhcp-common CVE-2024-3661 高危 12:4.3.6-41.el8 DHCP: DHCP routing options can manipulate interface-based VPN traffic

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3661

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 19:15 修改: 2024-07-01 15:15

dhcp-libs CVE-2021-25217 高危 12:4.3.6-41.el8 12:4.3.6-44.el8_4.1 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-26 22:15 修改: 2023-11-07 03:31

dhcp-libs CVE-2024-3661 高危 12:4.3.6-41.el8 DHCP: DHCP routing options can manipulate interface-based VPN traffic

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3661

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 19:15 修改: 2024-07-01 15:15

expat CVE-2022-25235 高危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25235

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44

expat CVE-2022-25236 高危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25236

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44

expat CVE-2022-25315 高危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in storeRawNames()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25315

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44

expat CVE-2022-40674 高危 2.2.5-4.el8 2.2.5-8.el8_6.3 expat: a use-after-free in the doContent function in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40674

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-14 11:15 修改: 2023-11-07 03:52

glib2 CVE-2021-27219 高危 2.56.4-8.el8 2.56.4-10.el8_4 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-11-07 03:31

glibc CVE-2023-4911 高危 2.28-127.el8 2.28-225.el8_8.6 glibc: buffer overflow in ld.so leading to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-03 18:15 修改: 2024-09-17 19:46

glibc CVE-2024-2961 高危 2.28-127.el8 2.28-251.el8_10.1 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15

glibc CVE-2024-33599 高危 2.28-127.el8 2.28-251.el8_10.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

glibc-common CVE-2023-4911 高危 2.28-127.el8 2.28-225.el8_8.6 glibc: buffer overflow in ld.so leading to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-03 18:15 修改: 2024-09-17 19:46

glibc-common CVE-2024-2961 高危 2.28-127.el8 2.28-251.el8_10.1 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15

glibc-common CVE-2024-33599 高危 2.28-127.el8 2.28-251.el8_10.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

glibc-langpack-en CVE-2023-4911 高危 2.28-127.el8 2.28-225.el8_8.6 glibc: buffer overflow in ld.so leading to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-10-03 18:15 修改: 2024-09-17 19:46

glibc-langpack-en CVE-2024-2961 高危 2.28-127.el8 2.28-251.el8_10.1 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15

glibc-langpack-en CVE-2024-33599 高危 2.28-127.el8 2.28-251.el8_10.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

glibc-minimal-langpack CVE-2023-4911 高危 2.28-127.el8 2.28-225.el8_8.6 glibc: buffer overflow in ld.so leading to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-03 18:15 修改: 2024-09-17 19:46

glibc-minimal-langpack CVE-2024-2961 高危 2.28-127.el8 2.28-251.el8_10.1 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15

glibc-minimal-langpack CVE-2024-33599 高危 2.28-127.el8 2.28-251.el8_10.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

gnutls CVE-2021-20305 高危 3.6.14-7.el8_3 3.6.14-8.el8_3 nettle: Out of bounds memory access in signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20305

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-04-05 22:15 修改: 2023-11-07 03:29

grub2-common CVE-2022-28733 高危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Integer underflow in grub_net_recv_ip4_packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28733

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-08-25 23:15

grub2-tools CVE-2022-28733 高危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Integer underflow in grub_net_recv_ip4_packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28733

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-08-25 23:15

grub2-tools-minimal CVE-2022-28733 高危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Integer underflow in grub_net_recv_ip4_packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28733

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-08-25 23:15

gzip CVE-2022-1271 高危 1.9-9.el8 1.9-13.el8_5 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47

krb5-libs CVE-2022-42898 高危 1.18.2-5.el8 1.18.2-25.el8_8 krb5: integer overflow vulnerabilities in PAC parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15

less CVE-2024-32487 高危 530-1.el8 530-3.el8_10 less: OS command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32487

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-04-13 15:15 修改: 2024-07-08 14:18

libksba CVE-2022-3515 高危 1.3.5-7.el8 1.3.5-8.el8_6 libksba: integer overflow may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3515

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-12 15:15 修改: 2023-07-06 19:15

libksba CVE-2022-47629 高危 1.3.5-7.el8 1.3.5-9.el8_7 libksba: integer overflow to code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47629

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-20 23:15 修改: 2023-11-07 03:56

libnghttp2 CVE-2023-44487 高危 1.33.0-3.el8_2.1 1.33.0-5.el8_8 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-10 14:15 修改: 2024-08-14 19:57

nettle CVE-2021-20305 高危 3.4.1-2.el8 3.4.1-4.el8_3 nettle: Out of bounds memory access in signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20305

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-05 22:15 修改: 2023-11-07 03:29

bind-export-libs CVE-2020-8625 高危 32:9.11.20-5.el8 32:9.11.20-5.el8_3.1 bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8625

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-17 23:15 修改: 2023-11-07 03:26

nss CVE-2023-0767 高危 3.53.1-11.el8_2 3.79.0-11.el8_7 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-06-02 17:15 修改: 2023-08-02 16:45

bind-export-libs CVE-2021-25215 高危 32:9.11.20-5.el8 32:9.11.26-4.el8_4 bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25215

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-29 01:15 修改: 2023-11-07 03:31

nss-softokn CVE-2023-0767 高危 3.53.1-11.el8_2 3.79.0-11.el8_7 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-06-02 17:15 修改: 2023-08-02 16:45

bind-export-libs CVE-2022-38177 高危 32:9.11.20-5.el8 32:9.11.36-3.el8_6.1 bind: memory leak in ECDSA DNSSEC verification code

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38177

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:50

nss-softokn-freebl CVE-2023-0767 高危 3.53.1-11.el8_2 3.79.0-11.el8_7 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-06-02 17:15 修改: 2023-08-02 16:45

bind-export-libs CVE-2022-38178 高危 32:9.11.20-5.el8 32:9.11.36-3.el8_6.1 bind: memory leaks in EdDSA DNSSEC verification code

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38178

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:50

nss-sysinit CVE-2023-0767 高危 3.53.1-11.el8_2 3.79.0-11.el8_7 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-06-02 17:15 修改: 2023-08-02 16:45

bind-export-libs CVE-2023-2828 高危 32:9.11.20-5.el8 32:9.11.36-8.el8_8.1 bind: named's configured cache size limit can be significantly exceeded

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2828

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-21 17:15 修改: 2023-07-21 19:19

nss-util CVE-2023-0767 高危 3.53.1-11.el8_2 3.79.0-11.el8_7 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-06-02 17:15 修改: 2023-08-02 16:45

openssl CVE-2021-3449 高危 1:1.1.1g-12.el8_3 1:1.1.1g-15.el8_3 openssl: NULL pointer dereference in signature_algorithms processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3449

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-25 15:15 修改: 2024-06-21 19:15

openssl CVE-2021-3450 高危 1:1.1.1g-12.el8_3 1:1.1.1g-15.el8_3 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3450

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-25 15:15 修改: 2023-11-07 03:38

openssl CVE-2022-0778 高危 1:1.1.1g-12.el8_3 1:1.1.1k-6.el8_5 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15

openssl CVE-2023-0286 高危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

openssl-libs CVE-2021-3449 高危 1:1.1.1g-12.el8_3 1:1.1.1g-15.el8_3 openssl: NULL pointer dereference in signature_algorithms processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3449

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-25 15:15 修改: 2024-06-21 19:15

openssl-libs CVE-2021-3450 高危 1:1.1.1g-12.el8_3 1:1.1.1g-15.el8_3 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3450

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-25 15:15 修改: 2023-11-07 03:38

openssl-libs CVE-2022-0778 高危 1:1.1.1g-12.el8_3 1:1.1.1k-6.el8_5 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15

openssl-libs CVE-2023-0286 高危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

platform-python CVE-2023-24329 高危 3.6.8-31.el8 3.6.8-51.el8_8.1 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08

platform-python CVE-2023-40217 高危 3.6.8-31.el8 3.6.8-51.el8_8.2 python: TLS handshake bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-25 01:15 修改: 2023-11-07 04:20

platform-python CVE-2023-6597 高危 3.6.8-31.el8 3.6.8-62.el8_10 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15

platform-python-setuptools CVE-2024-6345 高危 39.2.0-6.el8 39.2.0-8.el8_10 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00

python3-libs CVE-2023-24329 高危 3.6.8-31.el8 3.6.8-51.el8_8.1 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08

python3-libs CVE-2023-40217 高危 3.6.8-31.el8 3.6.8-51.el8_8.2 python: TLS handshake bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-25 01:15 修改: 2023-11-07 04:20

python3-libs CVE-2023-6597 高危 3.6.8-31.el8 3.6.8-62.el8_10 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15

python3-setuptools-wheel CVE-2024-6345 高危 39.2.0-6.el8 39.2.0-8.el8_10 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00

systemd CVE-2021-33910 高危 239-41.el8_3.1 239-45.el8_4.2 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35

systemd CVE-2022-2526 高危 239-41.el8_3.1 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17

systemd-libs CVE-2021-33910 高危 239-41.el8_3.1 239-45.el8_4.2 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35

systemd-libs CVE-2022-2526 高危 239-41.el8_3.1 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17

systemd-pam CVE-2021-33910 高危 239-41.el8_3.1 239-45.el8_4.2 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35

systemd-pam CVE-2022-2526 高危 239-41.el8_3.1 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17

systemd-udev CVE-2021-33910 高危 239-41.el8_3.1 239-45.el8_4.2 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35

systemd-udev CVE-2022-2526 高危 239-41.el8_3.1 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17

xz CVE-2022-1271 高危 5.2.4-3.el8 5.2.4-4.el8_6 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47

xz-libs CVE-2022-1271 高危 5.2.4-3.el8 5.2.4-4.el8_6 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47

zlib CVE-2018-25032 高危 1.2.11-16.el8_2 1.2.11-18.el8_5 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56

dnf CVE-2021-3445 中危 4.2.23-4.el8 4.7.0-4.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

dnf-data CVE-2021-3445 中危 4.2.23-4.el8 4.7.0-4.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

binutils CVE-2018-20671 中危 2.30-79.el8 binutils: Integer overflow in load_specific_debug_section function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20671

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-04 16:29 修改: 2023-11-07 02:56

binutils CVE-2019-9075 中危 2.30-79.el8 binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9075

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-24 00:29 修改: 2021-12-10 20:19

binutils CVE-2019-9077 中危 2.30-79.el8 binutils: heap-based buffer overflow in function process_mips_specific in readelf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9077

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-24 00:29 修改: 2023-08-16 14:17

binutils CVE-2021-20197 中危 2.30-79.el8 2.30-108.el8 binutils: Race window allows users to own arbitrary files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20197

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

expat CVE-2021-45960 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Large number of prefixed XML attributes on a single tag can crash libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45960

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-01 19:15 修改: 2022-10-06 19:08

expat CVE-2021-46143 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in doProlog in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46143

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-06 04:15 修改: 2022-10-06 19:11

expat CVE-2022-22822 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in addBinding in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22822

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 15:29

expat CVE-2022-22823 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in build_model in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22823

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47

expat CVE-2022-22824 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in defineAttribute in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22824

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47

expat CVE-2022-22825 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in lookup in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22825

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47

expat CVE-2022-22826 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in nextScaffoldPart in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22826

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:44

expat CVE-2022-22827 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in storeAtts in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22827

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:52

expat CVE-2022-23852 中危 2.2.5-4.el8 2.2.5-4.el8_5.3 expat: Integer overflow in function XML_GetBuffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23852

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-24 02:15 修改: 2022-10-29 02:44

expat CVE-2022-23990 中危 2.2.5-4.el8 expat: integer overflow in the doProlog function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23990

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-26 19:15 修改: 2023-11-07 03:44

expat CVE-2022-25313 中危 2.2.5-4.el8 2.2.5-8.el8_6.2 expat: Stack exhaustion in doctype parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25313

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44

expat CVE-2022-25314 中危 2.2.5-4.el8 2.2.5-8.el8_6.2 expat: Integer overflow in copyString()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25314

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44

expat CVE-2022-43680 中危 2.2.5-4.el8 2.2.5-10.el8_7.1 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43680

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-24 14:15 修改: 2024-01-21 02:08

expat CVE-2023-52425 中危 2.2.5-4.el8 2.2.5-11.el8_9.1 expat: parsing large tokens can trigger a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35

expat CVE-2024-45490 中危 2.2.5-4.el8 2.2.5-15.el8_10 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24

expat CVE-2024-45491 中危 2.2.5-4.el8 2.2.5-15.el8_10 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28

expat CVE-2024-45492 中危 2.2.5-4.el8 2.2.5-15.el8_10 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28

file CVE-2019-18218 中危 5.33-16.el8 5.33-20.el8 file: heap-based buffer overflow in cdf_read_property_info in cdf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-18218

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-10-21 05:15 修改: 2023-11-07 03:06

file-libs CVE-2019-18218 中危 5.33-16.el8 5.33-20.el8 file: heap-based buffer overflow in cdf_read_property_info in cdf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-18218

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-21 05:15 修改: 2023-11-07 03:06

freetype CVE-2022-27404 中危 2.9.1-4.el8_3.1 2.9.1-9.el8 FreeType: Buffer overflow in sfnt_init_face

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27404

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-04-22 14:15 修改: 2024-02-29 01:34

freetype CVE-2022-27405 中危 2.9.1-4.el8_3.1 2.9.1-9.el8 FreeType: Segmentation violation via FNT_Size_Request

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27405

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-04-22 14:15 修改: 2024-02-29 01:34

freetype CVE-2022-27406 中危 2.9.1-4.el8_3.1 2.9.1-9.el8 Freetype: Segmentation violation via FT_Request_Size

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27406

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-04-22 14:15 修改: 2024-02-29 01:34

binutils CVE-2021-42574 中危 2.30-79.el8 2.30-108.el8_5.1 environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-01 04:15 修改: 2024-08-04 04:16

glib2 CVE-2020-13543 中危 2.56.4-8.el8 2.56.4-9.el8 webkitgtk: use-after-free may lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13543

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-03 17:15 修改: 2022-05-10 15:46

glib2 CVE-2020-13584 中危 2.56.4-8.el8 2.56.4-9.el8 webkitgtk: use-after-free may lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13584

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:16

glib2 CVE-2020-9948 中危 2.56.4-8.el8 2.56.4-9.el8 webkitgtk: type confusion may lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9948

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-16 17:15 修改: 2022-07-23 10:06

glib2 CVE-2020-9951 中危 2.56.4-8.el8 2.56.4-9.el8 webkitgtk: use-after-free may lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9951

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-16 17:15 修改: 2022-07-23 10:14

glib2 CVE-2020-9983 中危 2.56.4-8.el8 2.56.4-9.el8 webkitgtk: out-of-bounds write may lead to code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9983

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-16 17:15 修改: 2023-11-07 03:27

glib2 CVE-2021-1817 中危 2.56.4-8.el8 2.56.4-9.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2021-1820 中危 2.56.4-8.el8 2.56.4-9.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2021-1825 中危 2.56.4-8.el8 2.56.4-9.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2021-1826 中危 2.56.4-8.el8 2.56.4-9.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2021-27218 中危 2.56.4-8.el8 2.56.4-10.el8_4.1 glib: integer overflow in g_byte_array_new_take function when called with a buffer of 4GB or more on a 64-bit platform

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27218

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-11-07 03:31

glib2 CVE-2021-30661 中危 2.56.4-8.el8 2.56.4-9.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2021-3800 中危 2.56.4-8.el8 2.56.4-156.el8 glib2: Possible privilege escalation thourgh pkexec and aliases

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3800

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 16:15 修改: 2023-04-25 15:42

glib2 CVE-2022-22624 中危 2.56.4-8.el8 2.56.4-159.el8 webkitgtk: Use-after-free leading to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22624

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-23 19:15 修改: 2022-09-28 12:03

glib2 CVE-2022-22628 中危 2.56.4-8.el8 2.56.4-159.el8 webkitgtk: Use-after-free leading to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22628

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-23 19:15 修改: 2022-09-28 12:06

glib2 CVE-2022-22629 中危 2.56.4-8.el8 2.56.4-159.el8 webkitgtk: Buffer overflow leading to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22629

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-23 20:15 修改: 2022-09-27 04:48

glib2 CVE-2022-22662 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26700 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26709 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26710 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26716 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26717 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-26719 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-30293 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-32792 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-32816 中危 2.56.4-8.el8 2.56.4-159.el8

漏洞详情:

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

glib2 CVE-2022-32891 中危 2.56.4-8.el8 2.56.4-159.el8 webkitgtk: UI spoofing while Visiting a website that frames malicious content

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32891

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-02-27 20:15 修改: 2023-05-30 06:15

glib2 CVE-2024-34397 中危 2.56.4-8.el8 glib2: Signal subscription vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-07 18:15 修改: 2024-06-10 18:15

binutils CVE-2021-45078 中危 2.30-79.el8 binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45078

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-15 20:15 修改: 2023-11-07 03:39

binutils CVE-2022-4285 中危 2.30-79.el8 2.30-119.el8_8.2 binutils: NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4285

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-27 18:15 修改: 2023-11-07 03:57

cpio CVE-2019-14866 中危 2.12-8.el8 2.12-10.el8 cpio: improper input validation when writing tar header fields leads to unexpected tar generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14866

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-01-07 17:15 修改: 2023-06-04 22:15

glibc CVE-2019-25013 中危 2.28-127.el8 2.28-151.el8 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44

glibc CVE-2019-9169 中危 2.28-127.el8 2.28-151.el8 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9169

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-26 02:29 修改: 2023-11-07 03:13

glibc CVE-2021-3326 中危 2.28-127.el8 2.28-151.el8 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3326

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-27 20:15 修改: 2023-11-07 03:37

glibc CVE-2021-35942 中危 2.28-127.el8 2.28-164.el8 glibc: Arbitrary read in wordexp()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35942

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-22 18:15 修改: 2023-11-07 03:36

glibc CVE-2021-3999 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Off-by-one buffer overflow/underflow in getcwd()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2023-02-12 23:43

glibc CVE-2022-23218 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:37

glibc CVE-2022-23219 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:32

glibc CVE-2023-4527 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: Stack read overflow in getaddrinfo in no-aaaa mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc CVE-2023-4806 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in getaddrinfo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc CVE-2023-4813 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in gaih_inet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15

glibc CVE-2024-33600 中危 2.28-127.el8 2.28-251.el8_10.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

cpio CVE-2021-38185 中危 2.12-8.el8 2.12-11.el8 cpio: integer overflow in ds_fgetstr() in dstring.c can lead to an out-of-bounds write via a crafted pattern file

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38185

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-08-08 00:15 修改: 2023-06-04 22:15

cpio CVE-2023-7207 中危 2.12-8.el8 cpio: path traversal vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7207

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-29 01:42 修改: 2024-02-29 13:49

cryptsetup-libs CVE-2021-4122 中危 2.3.3-2.el8 2.3.3-4.el8_5.1 cryptsetup: disable encryption via header rewrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4122

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2022-08-29 14:28

glibc-common CVE-2019-25013 中危 2.28-127.el8 2.28-151.el8 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44

glibc-common CVE-2019-9169 中危 2.28-127.el8 2.28-151.el8 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9169

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-26 02:29 修改: 2023-11-07 03:13

glibc-common CVE-2021-3326 中危 2.28-127.el8 2.28-151.el8 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3326

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-27 20:15 修改: 2023-11-07 03:37

glibc-common CVE-2021-35942 中危 2.28-127.el8 2.28-164.el8 glibc: Arbitrary read in wordexp()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35942

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-22 18:15 修改: 2023-11-07 03:36

glibc-common CVE-2021-3999 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Off-by-one buffer overflow/underflow in getcwd()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2023-02-12 23:43

glibc-common CVE-2022-23218 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:37

glibc-common CVE-2022-23219 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:32

glibc-common CVE-2023-4527 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: Stack read overflow in getaddrinfo in no-aaaa mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc-common CVE-2023-4806 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in getaddrinfo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc-common CVE-2023-4813 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in gaih_inet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15

glibc-common CVE-2024-33600 中危 2.28-127.el8 2.28-251.el8_10.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

curl CVE-2020-8284 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: FTP PASV command response can cause curl to connect to arbitrary host

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50

curl CVE-2020-8285 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

curl CVE-2020-8286 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Inferior OCSP verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

glibc-langpack-en CVE-2019-25013 中危 2.28-127.el8 2.28-151.el8 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44

glibc-langpack-en CVE-2019-9169 中危 2.28-127.el8 2.28-151.el8 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9169

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-02-26 02:29 修改: 2023-11-07 03:13

glibc-langpack-en CVE-2021-3326 中危 2.28-127.el8 2.28-151.el8 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3326

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-01-27 20:15 修改: 2023-11-07 03:37

glibc-langpack-en CVE-2021-35942 中危 2.28-127.el8 2.28-164.el8 glibc: Arbitrary read in wordexp()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35942

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-07-22 18:15 修改: 2023-11-07 03:36

glibc-langpack-en CVE-2021-3999 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Off-by-one buffer overflow/underflow in getcwd()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-08-24 16:15 修改: 2023-02-12 23:43

glibc-langpack-en CVE-2022-23218 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:37

glibc-langpack-en CVE-2022-23219 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:32

glibc-langpack-en CVE-2023-4527 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: Stack read overflow in getaddrinfo in no-aaaa mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc-langpack-en CVE-2023-4806 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in getaddrinfo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc-langpack-en CVE-2023-4813 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in gaih_inet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15

glibc-langpack-en CVE-2024-33600 中危 2.28-127.el8 2.28-251.el8_10.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

curl CVE-2021-22876 中危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: Leak of authentication credentials in URL via automatic Referer

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47

curl CVE-2021-22922 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Content not matching hash in Metalink is not being discarded

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22922

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:12

curl CVE-2021-22923 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Metalink download sends credentials

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22923

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

glibc-minimal-langpack CVE-2019-25013 中危 2.28-127.el8 2.28-151.el8 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44

glibc-minimal-langpack CVE-2019-9169 中危 2.28-127.el8 2.28-151.el8 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9169

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-26 02:29 修改: 2023-11-07 03:13

glibc-minimal-langpack CVE-2021-3326 中危 2.28-127.el8 2.28-151.el8 glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3326

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-27 20:15 修改: 2023-11-07 03:37

glibc-minimal-langpack CVE-2021-35942 中危 2.28-127.el8 2.28-164.el8 glibc: Arbitrary read in wordexp()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35942

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-22 18:15 修改: 2023-11-07 03:36

glibc-minimal-langpack CVE-2021-3999 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Off-by-one buffer overflow/underflow in getcwd()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2023-02-12 23:43

glibc-minimal-langpack CVE-2022-23218 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in svcunix_create via long pathnames

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:37

glibc-minimal-langpack CVE-2022-23219 中危 2.28-127.el8 2.28-164.el8_5.3 glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:32

glibc-minimal-langpack CVE-2023-4527 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: Stack read overflow in getaddrinfo in no-aaaa mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc-minimal-langpack CVE-2023-4806 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in getaddrinfo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15

glibc-minimal-langpack CVE-2023-4813 中危 2.28-127.el8 2.28-225.el8_8.6 glibc: potential use-after-free in gaih_inet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15

glibc-minimal-langpack CVE-2024-33600 中危 2.28-127.el8 2.28-251.el8_10.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

gmp CVE-2021-43618 中危 1:6.1.2-10.el8 1:6.1.2-11.el8 gmp: Integer overflow and resultant buffer overflow via crafted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43618

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-15 04:15 修改: 2023-09-29 15:15

gnupg2 CVE-2022-34903 中危 2.2.20-2.el8 2.2.20-3.el8_6 gpg: Signature spoofing via status line injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48

curl CVE-2021-22924 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Bad connection reuse due to flawed path name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

gnutls CVE-2021-20231 中危 3.6.14-7.el8_3 3.6.16-4.el8 gnutls: Use after free in client key_share extension

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20231

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-12 19:15 修改: 2023-11-07 03:29

gnutls CVE-2021-20232 中危 3.6.14-7.el8_3 3.6.16-4.el8 gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20232

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-12 19:15 修改: 2023-11-07 03:29

gnutls CVE-2021-3580 中危 3.6.14-7.el8_3 3.6.16-4.el8 nettle: Remote crash in RSA decryption via manipulated ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3580

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-05 21:15 修改: 2024-01-16 15:15

gnutls CVE-2022-2509 中危 3.6.14-7.el8_3 3.6.16-5.el8_6 gnutls: Double free during gnutls_pkcs7_verify

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2509

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-08-01 14:15 修改: 2023-11-07 03:46

gnutls CVE-2023-0361 中危 3.6.14-7.el8_3 3.6.16-6.el8_7 gnutls: timing side-channel in the TLS RSA key exchange code

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0361

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-15 18:15 修改: 2023-11-07 04:00

gnutls CVE-2023-5981 中危 3.6.14-7.el8_3 3.6.16-8.el8_9 gnutls: timing side-channel in the RSA-PSK authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5981

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-11-28 12:15 修改: 2024-09-16 13:15

gnutls CVE-2024-0553 中危 3.6.14-7.el8_3 3.6.16-8.el8_9.1 gnutls: incomplete fix for CVE-2023-5981

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-01-16 12:15 修改: 2024-09-16 13:15

gnutls CVE-2024-28834 中危 3.6.14-7.el8_3 3.6.16-8.el8_9.3 gnutls: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-03-21 14:15 修改: 2024-09-12 20:15

curl CVE-2021-22946 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.2 curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12

grub2-common CVE-2020-14372 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14372

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:17

grub2-common CVE-2020-25632 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Use-after-free in rmmod command

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25632

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:20

grub2-common CVE-2020-25647 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Out-of-bounds write in grub_usb_device_initialize()

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25647

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:20

grub2-common CVE-2020-27749 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Stack buffer overflow in grub_parser_split_cmdline()

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27749

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:20

grub2-common CVE-2020-27779 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27779

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:21

grub2-common CVE-2021-20225 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Heap out-of-bounds write in short form option parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20225

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:29

grub2-common CVE-2021-20233 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Heap out-of-bounds write due to miscalculation of space required for quoting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20233

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:29

grub2-common CVE-2021-3695 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3695

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-06 16:15 修改: 2023-09-13 16:15

grub2-common CVE-2021-3696 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3696

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-06 16:15 修改: 2023-09-13 16:15

grub2-common CVE-2021-3697 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Crafted JPEG image can lead to buffer underflow write in the heap

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3697

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-06 16:15 修改: 2023-09-13 16:15

grub2-common CVE-2022-2601 中危 1:2.02-90.el8 1:2.02-142.el8_7.1 grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2601

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-12-14 21:15 修改: 2023-11-25 12:15

grub2-common CVE-2022-28734 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Out-of-bound write when handling split HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28734

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2024-01-16 19:43

grub2-common CVE-2022-28735 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: shim_lock verifier allows non-kernel files to be loaded

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28735

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-08-25 23:15

grub2-common CVE-2022-28736 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: use-after-free in grub_cmd_chainloader()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28736

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-08-25 23:15

grub2-common CVE-2022-28737 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 shim: Buffer overflow when loading crafted EFI images

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28737

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-07-28 15:33

grub2-common CVE-2022-3775 中危 1:2.02-90.el8 1:2.02-142.el8_7.1 grub2: Heap based out-of-bounds write when redering certain unicode sequences

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3775

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-12-19 20:15 修改: 2023-11-25 12:15

grub2-common CVE-2024-1048 中危 1:2.02-90.el8 1:2.02-156.el8 grub2: grub2-set-bootflag can be abused by local (pseudo-)users

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1048

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-02-06 18:15 修改: 2024-09-16 16:15

curl CVE-2021-22947 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.2 curl: Server responses received before STARTTLS processed after TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03

grub2-tools CVE-2020-14372 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14372

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:17

grub2-tools CVE-2020-25632 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Use-after-free in rmmod command

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25632

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:20

grub2-tools CVE-2020-25647 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Out-of-bounds write in grub_usb_device_initialize()

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25647

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:20

grub2-tools CVE-2020-27749 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Stack buffer overflow in grub_parser_split_cmdline()

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27749

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:20

grub2-tools CVE-2020-27779 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27779

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:21

grub2-tools CVE-2021-20225 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Heap out-of-bounds write in short form option parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20225

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:29

grub2-tools CVE-2021-20233 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Heap out-of-bounds write due to miscalculation of space required for quoting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20233

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:29

grub2-tools CVE-2021-3695 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3695

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-06 16:15 修改: 2023-09-13 16:15

grub2-tools CVE-2021-3696 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3696

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-06 16:15 修改: 2023-09-13 16:15

grub2-tools CVE-2021-3697 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Crafted JPEG image can lead to buffer underflow write in the heap

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3697

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-06 16:15 修改: 2023-09-13 16:15

grub2-tools CVE-2022-2601 中危 1:2.02-90.el8 1:2.02-142.el8_7.1 grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2601

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-12-14 21:15 修改: 2023-11-25 12:15

grub2-tools CVE-2022-28734 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Out-of-bound write when handling split HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28734

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2024-01-16 19:43

grub2-tools CVE-2022-28735 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: shim_lock verifier allows non-kernel files to be loaded

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28735

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-08-25 23:15

grub2-tools CVE-2022-28736 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: use-after-free in grub_cmd_chainloader()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28736

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-08-25 23:15

grub2-tools CVE-2022-28737 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 shim: Buffer overflow when loading crafted EFI images

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28737

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-07-28 15:33

grub2-tools CVE-2022-3775 中危 1:2.02-90.el8 1:2.02-142.el8_7.1 grub2: Heap based out-of-bounds write when redering certain unicode sequences

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3775

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-12-19 20:15 修改: 2023-11-25 12:15

grub2-tools CVE-2024-1048 中危 1:2.02-90.el8 1:2.02-156.el8 grub2: grub2-set-bootflag can be abused by local (pseudo-)users

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1048

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-02-06 18:15 修改: 2024-09-16 16:15

curl CVE-2022-22576 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: OAUTH2 bearer bypass in connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-05-26 17:15 修改: 2024-03-27 15:02

grub2-tools-minimal CVE-2020-14372 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14372

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:17

grub2-tools-minimal CVE-2020-25632 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Use-after-free in rmmod command

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25632

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:20

grub2-tools-minimal CVE-2020-25647 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Out-of-bounds write in grub_usb_device_initialize()

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25647

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:20

grub2-tools-minimal CVE-2020-27749 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Stack buffer overflow in grub_parser_split_cmdline()

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27749

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:20

grub2-tools-minimal CVE-2020-27779 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27779

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:21

grub2-tools-minimal CVE-2021-20225 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Heap out-of-bounds write in short form option parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20225

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:29

grub2-tools-minimal CVE-2021-20233 中危 1:2.02-90.el8 1:2.02-90.el8_3.1 grub2: Heap out-of-bounds write due to miscalculation of space required for quoting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20233

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-03-03 17:15 修改: 2023-11-07 03:29

grub2-tools-minimal CVE-2021-3695 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3695

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-06 16:15 修改: 2023-09-13 16:15

grub2-tools-minimal CVE-2021-3696 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3696

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-06 16:15 修改: 2023-09-13 16:15

grub2-tools-minimal CVE-2021-3697 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Crafted JPEG image can lead to buffer underflow write in the heap

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3697

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-06 16:15 修改: 2023-09-13 16:15

grub2-tools-minimal CVE-2022-2601 中危 1:2.02-90.el8 1:2.02-142.el8_7.1 grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2601

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-12-14 21:15 修改: 2023-11-25 12:15

grub2-tools-minimal CVE-2022-28734 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: Out-of-bound write when handling split HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28734

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2024-01-16 19:43

grub2-tools-minimal CVE-2022-28735 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: shim_lock verifier allows non-kernel files to be loaded

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28735

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-08-25 23:15

grub2-tools-minimal CVE-2022-28736 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 grub2: use-after-free in grub_cmd_chainloader()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28736

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-08-25 23:15

grub2-tools-minimal CVE-2022-28737 中危 1:2.02-90.el8 1:2.02-123.el8_6.8 shim: Buffer overflow when loading crafted EFI images

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28737

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-20 01:15 修改: 2023-07-28 15:33

grub2-tools-minimal CVE-2022-3775 中危 1:2.02-90.el8 1:2.02-142.el8_7.1 grub2: Heap based out-of-bounds write when redering certain unicode sequences

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3775

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-12-19 20:15 修改: 2023-11-25 12:15

grub2-tools-minimal CVE-2024-1048 中危 1:2.02-90.el8 1:2.02-156.el8 grub2: grub2-set-bootflag can be abused by local (pseudo-)users

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1048

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-02-06 18:15 修改: 2024-09-16 16:15

curl CVE-2022-27774 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: credential leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02

json-c CVE-2020-12762 中危 0.13.1-0.2.el8 0.13.1-2.el8 libfastjson: integer overflow and out-of-bounds write via a large JSON file

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12762

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-05-09 18:15 修改: 2023-11-07 03:15

curl CVE-2022-27776 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: auth/cookie leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02

krb5-libs CVE-2020-17049 中危 1.18.2-5.el8 Kerberos: delegation constrain bypass in S4U2Proxy

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-17049

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-11-11 07:15 修改: 2024-09-10 16:15

krb5-libs CVE-2020-28196 中危 1.18.2-5.el8 1.18.2-8.el8 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21

krb5-libs CVE-2021-36222 中危 1.18.2-5.el8 1.18.2-8.3.el8_4 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36222

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-22 18:15 修改: 2021-11-28 23:19

krb5-libs CVE-2021-37750 中危 1.18.2-5.el8 1.18.2-8.3.el8_4 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37

krb5-libs CVE-2023-5455 中危 1.18.2-5.el8 ipa: Invalid CSRF protection

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5455

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-01-10 13:15 修改: 2024-09-16 16:15

krb5-libs CVE-2024-37370 中危 1.18.2-5.el8 1.18.2-29.el8_10 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48

krb5-libs CVE-2024-37371 中危 1.18.2-5.el8 1.18.2-29.el8_10 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39

curl CVE-2022-27782 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: TLS and SSH connection too eager reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01

less CVE-2022-48624 中危 530-1.el8 530-3.el8_10 less: missing quoting of shell metacharacters in LESSCLOSE handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48624

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-19 01:15 修改: 2024-06-10 18:15

libarchive CVE-2017-14502 中危 3.3.2-9.el8 3.3.3-1.el8 libarchive: Off-by-one error in the read_header function

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14502

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-09-17 18:29 修改: 2019-10-03 00:03

libarchive CVE-2021-23177 中危 3.3.2-9.el8 3.3.3-3.el8_5 libarchive: extracting a symlink with ACLs modifies ACLs of target

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23177

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 16:15 修改: 2022-12-03 14:16

libarchive CVE-2021-31566 中危 3.3.2-9.el8 3.3.3-3.el8_5 libarchive: symbolic links incorrectly followed when changing modes, times, ACL and flags of a file while extracting an archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31566

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 16:15 修改: 2024-03-27 16:04

libcap CVE-2023-2603 中危 2.26-4.el8 2.48-5.el8_8 libcap: Integer Overflow in _libcap_strdup()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2603

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-06 20:15 修改: 2024-10-10 16:32

libcom_err CVE-2022-1304 中危 1.45.6-1.el8 1.45.6-5.el8 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41

libcurl-minimal CVE-2020-8284 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: FTP PASV command response can cause curl to connect to arbitrary host

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50

libcurl-minimal CVE-2020-8285 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

libcurl-minimal CVE-2020-8286 中危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Inferior OCSP verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47

libcurl-minimal CVE-2021-22876 中危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: Leak of authentication credentials in URL via automatic Referer

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47

libcurl-minimal CVE-2021-22922 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Content not matching hash in Metalink is not being discarded

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22922

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:12

libcurl-minimal CVE-2021-22923 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Metalink download sends credentials

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22923

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

libcurl-minimal CVE-2021-22924 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.1 curl: Bad connection reuse due to flawed path name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

libcurl-minimal CVE-2021-22946 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.2 curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12

libcurl-minimal CVE-2021-22947 中危 7.61.1-14.el8_3.1 7.61.1-18.el8_4.2 curl: Server responses received before STARTTLS processed after TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03

libcurl-minimal CVE-2022-22576 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: OAUTH2 bearer bypass in connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-05-26 17:15 修改: 2024-03-27 15:02

libcurl-minimal CVE-2022-27774 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: credential leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02

libcurl-minimal CVE-2022-27776 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: auth/cookie leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02

libcurl-minimal CVE-2022-27782 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.3 curl: TLS and SSH connection too eager reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01

libcurl-minimal CVE-2022-32206 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.4 curl: HTTP compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00

libcurl-minimal CVE-2022-32208 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.4 curl: FTP-KRB bad message verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00

libcurl-minimal CVE-2023-23916 中危 7.61.1-14.el8_3.1 7.61.1-25.el8_7.3 curl: HTTP multi-header compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-23 20:15 修改: 2024-03-27 14:54

libcurl-minimal CVE-2023-27535 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.2 curl: FTP too eager connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:47

libcurl-minimal CVE-2023-27536 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.3 curl: GSS delegation too eager connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46

libcurl-minimal CVE-2023-28321 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.3 curl: IDN wildcard match may lead to Improper Cerificate Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-05-26 21:15 修改: 2023-11-07 04:10

libcurl-minimal CVE-2023-46218 中危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: information disclosure by exploiting a mixed case flaw

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15

libcurl-minimal CVE-2024-2398 中危 7.61.1-14.el8_3.1 7.61.1-34.el8_10.2 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15

libdnf CVE-2021-3445 中危 0.48.0-5.el8 0.63.0-3.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

libgcc CVE-2021-42574 中危 8.3.1-5.1.el8 8.5.0-4.el8_5 environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-01 04:15 修改: 2024-08-04 04:16

libgcrypt CVE-2019-12904 中危 1.8.5-4.el8 Libgcrypt: physical addresses being available to other processes leads to a flush-and-reload side-channel attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12904

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-06-20 00:15 修改: 2024-08-05 00:15

libgcrypt CVE-2021-33560 中危 1.8.5-4.el8 1.8.5-6.el8 libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33560

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-06-08 11:15 修改: 2023-11-07 03:35

libgcrypt CVE-2021-40528 中危 1.8.5-4.el8 1.8.5-7.el8_6 libgcrypt: ElGamal implementation allows plaintext recovery

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40528

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-06 19:15 修改: 2023-11-07 03:38

libgcrypt CVE-2024-2236 中危 1.8.5-4.el8 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-06 22:15 修改: 2024-09-14 04:15

libgomp CVE-2021-42574 中危 8.3.1-5.1.el8 8.5.0-4.el8_5 environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42574

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-11-01 04:15 修改: 2024-08-04 04:16

curl CVE-2022-32206 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.4 curl: HTTP compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00

curl CVE-2022-32208 中危 7.61.1-14.el8_3.1 7.61.1-22.el8_6.4 curl: FTP-KRB bad message verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00

curl CVE-2023-23916 中危 7.61.1-14.el8_3.1 7.61.1-25.el8_7.3 curl: HTTP multi-header compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-23 20:15 修改: 2024-03-27 14:54

libnghttp2 CVE-2024-28182 中危 1.33.0-3.el8_2.1 1.33.0-6.el8_10.1 nghttp2: CONTINUATION frames DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-04-04 15:15 修改: 2024-05-01 18:15

libsepol CVE-2021-36084 中危 2.9-1.el8 2.9-3.el8 libsepol: use-after-free in __cil_verify_classperms()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36084

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

libsepol CVE-2021-36085 中危 2.9-1.el8 2.9-3.el8 libsepol: use-after-free in __cil_verify_classperms()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36085

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

libsepol CVE-2021-36086 中危 2.9-1.el8 2.9-3.el8 libsepol: use-after-free in cil_reset_classpermission()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36086

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

libsepol CVE-2021-36087 中危 2.9-1.el8 2.9-3.el8 libsepol: heap-based buffer overflow in ebitmap_match_any()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36087

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36

libsolv CVE-2021-33928 中危 0.7.11-1.el8 0.7.16-3.el8_4 libsolv: heap-based buffer overflow in pool_installable() in src/repo.h

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33928

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-02 15:15 修改: 2021-09-07 21:14

libsolv CVE-2021-33929 中危 0.7.11-1.el8 0.7.16-3.el8_4 libsolv: heap-based buffer overflow in pool_disabled_solvable() in src/repo.h

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33929

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-02 15:15 修改: 2021-09-07 21:14

libsolv CVE-2021-33930 中危 0.7.11-1.el8 0.7.16-3.el8_4 libsolv: heap-based buffer overflow in pool_installable_whatprovides() in src/repo.h

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33930

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-02 15:15 修改: 2021-09-07 21:11

libsolv CVE-2021-33938 中危 0.7.11-1.el8 0.7.16-3.el8_4 libsolv: heap-based buffer overflow in prune_to_recommended() in src/policy.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33938

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-02 15:15 修改: 2021-09-07 21:11

libstdc++ CVE-2021-42574 中危 8.3.1-5.1.el8 8.5.0-4.el8_5 environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-01 04:15 修改: 2024-08-04 04:16

libtasn1 CVE-2021-46848 中危 4.13-3.el8 4.13-4.el8_7 libtasn1: Out-of-bound access in ETYPE_OK

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46848

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-24 14:15 修改: 2023-11-07 03:40

libtirpc CVE-2021-46828 中危 1.1.4-4.el8 1.1.4-6.el8 libtirpc: DoS vulnerability with lots of connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46828

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-20 06:15 修改: 2023-11-07 03:40

libxml2 CVE-2016-3709 中危 2.9.7-8.el8 2.9.7-15.el8 libxml2: Incorrect server side include parsing can lead to XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3709

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-28 17:15 修改: 2022-12-07 16:39

libxml2 CVE-2020-24977 中危 2.9.7-8.el8 2.9.7-9.el8 libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal() in entities.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24977

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-09-04 00:15 修改: 2023-11-07 03:20

libxml2 CVE-2021-3516 中危 2.9.7-8.el8 2.9.7-9.el8_4.2 libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3516

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-06-01 14:15 修改: 2023-11-07 03:38

libxml2 CVE-2021-3517 中危 2.9.7-8.el8 2.9.7-9.el8_4.2 libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3517

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

libxml2 CVE-2021-3518 中危 2.9.7-8.el8 2.9.7-9.el8_4.2 libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3518

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-18 12:15 修改: 2023-11-07 03:38

libxml2 CVE-2021-3537 中危 2.9.7-8.el8 2.9.7-9.el8_4.2 libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3537

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-14 20:15 修改: 2023-11-07 03:38

libxml2 CVE-2021-3541 中危 2.9.7-8.el8 2.9.7-9.el8_4.2 libxml2: Exponential entity expansion attack bypasses all existing protection mechanisms

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3541

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-07-09 17:15 修改: 2022-03-01 18:25

libxml2 CVE-2022-23308 中危 2.9.7-8.el8 2.9.7-12.el8_5 libxml2: Use-after-free of ID and IDREF attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23308

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-26 05:15 修改: 2023-11-07 03:44

libxml2 CVE-2022-29824 中危 2.9.7-8.el8 2.9.7-13.el8_6.1 libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29824

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-03 03:15 修改: 2023-11-07 03:46

libxml2 CVE-2022-40303 中危 2.9.7-8.el8 2.9.7-15.el8_7.1 libxml2: integer overflows with XML_PARSE_HUGE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40303

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-11-23 00:15 修改: 2023-11-07 03:52

libxml2 CVE-2022-40304 中危 2.9.7-8.el8 2.9.7-15.el8_7.1 libxml2: dict corruption caused by entity reference cycles

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40304

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-11-23 18:15 修改: 2023-11-07 03:52

libxml2 CVE-2023-28484 中危 2.9.7-8.el8 2.9.7-16.el8_8.1 libxml2: NULL dereference in xmlSchemaFixupComplexType

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28484

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-24 21:15 修改: 2024-02-01 17:15

libxml2 CVE-2023-29469 中危 2.9.7-8.el8 2.9.7-16.el8_8.1 libxml2: Hashing of empty dict strings isn't deterministic

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29469

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-24 21:15 修改: 2023-06-01 14:15

libxml2 CVE-2023-39615 中危 2.9.7-8.el8 2.9.7-18.el8_9 libxml2: crafted xml can cause global buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39615

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-29 17:15 修改: 2024-08-02 19:15

libxml2 CVE-2024-25062 中危 2.9.7-8.el8 2.9.7-18.el8_10.1 libxml2: use-after-free in XMLReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-04 16:15 修改: 2024-02-13 00:40

libyaml CVE-2024-35325 中危 0.1.7-5.el8 libyaml: double-free in yaml_event_delete in /src/libyaml/src/api.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35325

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-06-13 17:15 修改: 2024-08-28 16:15

lua-libs CVE-2020-15945 中危 5.3.4-11.el8 lua: segmentation fault in changedline in ldebug.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15945

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-07-24 21:15 修改: 2023-04-20 18:39

lz4-libs CVE-2019-17543 中危 1.8.3-2.el8 lz4: heap-based buffer overflow in LZ4_write32

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17543

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-14 02:15 修改: 2023-11-07 03:06

lz4-libs CVE-2021-3520 中危 1.8.3-2.el8 1.8.3-3.el8_4 lz4: memory corruption due to an integer overflow bug caused by memmove argument

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3520

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-06-02 13:15 修改: 2024-06-06 20:25

ncurses-base CVE-2019-17594 中危 6.1-7.20180224.el8 6.1-9.20180224.el8 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13

ncurses-base CVE-2019-17595 中危 6.1-7.20180224.el8 6.1-9.20180224.el8 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52

ncurses-base CVE-2023-29491 中危 6.1-7.20180224.el8 6.1-9.20180224.el8_8.1 ncurses: Local users can trigger security-relevant memory corruption via malformed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15

ncurses-libs CVE-2019-17594 中危 6.1-7.20180224.el8 6.1-9.20180224.el8 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13

ncurses-libs CVE-2019-17595 中危 6.1-7.20180224.el8 6.1-9.20180224.el8 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52

ncurses-libs CVE-2023-29491 中危 6.1-7.20180224.el8 6.1-9.20180224.el8_8.1 ncurses: Local users can trigger security-relevant memory corruption via malformed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15

curl CVE-2023-27535 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.2 curl: FTP too eager connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:47

nettle CVE-2021-20231 中危 3.4.1-2.el8 3.4.1-7.el8 gnutls: Use after free in client key_share extension

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20231

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-12 19:15 修改: 2023-11-07 03:29

nettle CVE-2021-20232 中危 3.4.1-2.el8 3.4.1-7.el8 gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20232

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-12 19:15 修改: 2023-11-07 03:29

nettle CVE-2021-3580 中危 3.4.1-2.el8 3.4.1-7.el8 nettle: Remote crash in RSA decryption via manipulated ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3580

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-08-05 21:15 修改: 2024-01-16 15:15

nspr CVE-2020-25648 中危 4.25.0-2.el8_2 4.32.0-1.el8_4 nss: TLS 1.3 CCS flood remote DoS Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25648

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-20 22:15 修改: 2023-11-07 03:20

curl CVE-2023-27536 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.3 curl: GSS delegation too eager connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46

curl CVE-2023-28321 中危 7.61.1-14.el8_3.1 7.61.1-30.el8_8.3 curl: IDN wildcard match may lead to Improper Cerificate Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-05-26 21:15 修改: 2023-11-07 04:10

nss CVE-2020-12400 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15

nss CVE-2020-12401 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15

nss CVE-2020-12403 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15

nss CVE-2020-25648 中危 3.53.1-11.el8_2 3.67.0-6.el8_4 nss: TLS 1.3 CCS flood remote DoS Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25648

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-20 22:15 修改: 2023-11-07 03:20

nss CVE-2020-6829 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15

nss CVE-2023-5388 中危 3.53.1-11.el8_2 3.90.0-4.el8_9 nss: timing attack against RSA decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5388

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-03-19 12:15 修改: 2024-03-25 17:15

nss CVE-2023-6135 中危 3.53.1-11.el8_2 3.90.0-6.el8_9 nss: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6135

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-19 14:15 修改: 2024-01-07 11:15

nss CVE-2024-6602 中危 3.53.1-11.el8_2 Mozilla: Memory corruption in NSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6602

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-07-09 15:15 修改: 2024-07-16 18:15

curl CVE-2023-46218 中危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: information disclosure by exploiting a mixed case flaw

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15

curl CVE-2024-2398 中危 7.61.1-14.el8_3.1 7.61.1-34.el8_10.2 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15

nss-softokn CVE-2020-12400 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15

nss-softokn CVE-2020-12401 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15

nss-softokn CVE-2020-12403 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15

nss-softokn CVE-2020-25648 中危 3.53.1-11.el8_2 3.67.0-6.el8_4 nss: TLS 1.3 CCS flood remote DoS Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25648

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-20 22:15 修改: 2023-11-07 03:20

nss-softokn CVE-2020-6829 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15

nss-softokn CVE-2023-5388 中危 3.53.1-11.el8_2 3.90.0-4.el8_9 nss: timing attack against RSA decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5388

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-03-19 12:15 修改: 2024-03-25 17:15

nss-softokn CVE-2023-6135 中危 3.53.1-11.el8_2 3.90.0-6.el8_9 nss: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6135

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-19 14:15 修改: 2024-01-07 11:15

nss-softokn CVE-2024-6602 中危 3.53.1-11.el8_2 Mozilla: Memory corruption in NSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6602

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-07-09 15:15 修改: 2024-07-16 18:15

bind-export-libs CVE-2021-25214 中危 32:9.11.20-5.el8 32:9.11.26-6.el8 bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25214

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-29 01:15 修改: 2023-11-07 03:31

dbus CVE-2022-42010 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

nss-softokn-freebl CVE-2020-12400 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15

nss-softokn-freebl CVE-2020-12401 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15

nss-softokn-freebl CVE-2020-12403 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15

nss-softokn-freebl CVE-2020-25648 中危 3.53.1-11.el8_2 3.67.0-6.el8_4 nss: TLS 1.3 CCS flood remote DoS Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25648

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-20 22:15 修改: 2023-11-07 03:20

nss-softokn-freebl CVE-2020-6829 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15

nss-softokn-freebl CVE-2023-5388 中危 3.53.1-11.el8_2 3.90.0-4.el8_9 nss: timing attack against RSA decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5388

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-03-19 12:15 修改: 2024-03-25 17:15

nss-softokn-freebl CVE-2023-6135 中危 3.53.1-11.el8_2 3.90.0-6.el8_9 nss: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6135

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-19 14:15 修改: 2024-01-07 11:15

nss-softokn-freebl CVE-2024-6602 中危 3.53.1-11.el8_2 Mozilla: Memory corruption in NSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6602

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-07-09 15:15 修改: 2024-07-16 18:15

dbus CVE-2022-42011 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus CVE-2022-42012 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

nss-sysinit CVE-2020-12400 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15

nss-sysinit CVE-2020-12401 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15

nss-sysinit CVE-2020-12403 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15

nss-sysinit CVE-2020-25648 中危 3.53.1-11.el8_2 3.67.0-6.el8_4 nss: TLS 1.3 CCS flood remote DoS Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25648

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-20 22:15 修改: 2023-11-07 03:20

nss-sysinit CVE-2020-6829 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15

nss-sysinit CVE-2023-5388 中危 3.53.1-11.el8_2 3.90.0-4.el8_9 nss: timing attack against RSA decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5388

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-03-19 12:15 修改: 2024-03-25 17:15

nss-sysinit CVE-2023-6135 中危 3.53.1-11.el8_2 3.90.0-6.el8_9 nss: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6135

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-19 14:15 修改: 2024-01-07 11:15

nss-sysinit CVE-2024-6602 中危 3.53.1-11.el8_2 Mozilla: Memory corruption in NSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6602

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-07-09 15:15 修改: 2024-07-16 18:15

dbus CVE-2023-34969 中危 1:1.12.8-11.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36

dbus-common CVE-2022-42010 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

nss-util CVE-2020-12400 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15

nss-util CVE-2020-12401 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15

nss-util CVE-2020-12403 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15

nss-util CVE-2020-25648 中危 3.53.1-11.el8_2 3.67.0-6.el8_4 nss: TLS 1.3 CCS flood remote DoS Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25648

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-20 22:15 修改: 2023-11-07 03:20

nss-util CVE-2020-6829 中危 3.53.1-11.el8_2 3.53.1-17.el8_3 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15

nss-util CVE-2023-5388 中危 3.53.1-11.el8_2 3.90.0-4.el8_9 nss: timing attack against RSA decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5388

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-03-19 12:15 修改: 2024-03-25 17:15

nss-util CVE-2023-6135 中危 3.53.1-11.el8_2 3.90.0-6.el8_9 nss: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6135

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-19 14:15 修改: 2024-01-07 11:15

nss-util CVE-2024-6602 中危 3.53.1-11.el8_2 Mozilla: Memory corruption in NSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6602

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-07-09 15:15 修改: 2024-07-16 18:15

dbus-common CVE-2022-42011 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-common CVE-2022-42012 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-common CVE-2023-34969 中危 1:1.12.8-11.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36

dbus-daemon CVE-2022-42010 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

openssl CVE-2021-23840 中危 1:1.1.1g-12.el8_3 1:1.1.1k-4.el8 openssl: integer overflow in CipherUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

openssl CVE-2021-23841 中危 1:1.1.1g-12.el8_3 1:1.1.1k-4.el8 openssl: NULL pointer dereference in X509_issuer_and_serial_hash()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

openssl CVE-2021-3712 中危 1:1.1.1g-12.el8_3 1:1.1.1k-5.el8_5 openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

openssl CVE-2022-1292 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41

openssl CVE-2022-2068 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: the c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2068

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-06-21 15:15 修改: 2023-11-07 03:46

openssl CVE-2022-2097 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: AES OCB fails to encrypt some bytes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-05 11:15 修改: 2024-06-21 19:15

openssl CVE-2022-4304 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

openssl CVE-2022-4450 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

openssl CVE-2023-0215 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-08 20:15 修改: 2024-06-21 19:15

dbus-daemon CVE-2022-42011 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-daemon CVE-2022-42012 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-daemon CVE-2023-34969 中危 1:1.12.8-11.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36

dbus-libs CVE-2022-42010 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

openssl-libs CVE-2021-23840 中危 1:1.1.1g-12.el8_3 1:1.1.1k-4.el8 openssl: integer overflow in CipherUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

openssl-libs CVE-2021-23841 中危 1:1.1.1g-12.el8_3 1:1.1.1k-4.el8 openssl: NULL pointer dereference in X509_issuer_and_serial_hash()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15

openssl-libs CVE-2021-3712 中危 1:1.1.1g-12.el8_3 1:1.1.1k-5.el8_5 openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15

openssl-libs CVE-2022-1292 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41

openssl-libs CVE-2022-2068 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: the c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2068

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-06-21 15:15 修改: 2023-11-07 03:46

openssl-libs CVE-2022-2097 中危 1:1.1.1g-12.el8_3 1:1.1.1k-7.el8_6 openssl: AES OCB fails to encrypt some bytes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-07-05 11:15 修改: 2024-06-21 19:15

openssl-libs CVE-2022-4304 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

openssl-libs CVE-2022-4450 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15

openssl-libs CVE-2023-0215 中危 1:1.1.1g-12.el8_3 1:1.1.1k-9.el8_7 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-08 20:15 修改: 2024-06-21 19:15

p11-kit CVE-2020-29361 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29361

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2023-11-07 03:21

p11-kit CVE-2020-29362 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29362

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2021-01-11 16:50

p11-kit CVE-2020-29363 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: out-of-bounds write in p11_rpc_buffer_get_byte_array_value function in rpc-message.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29363

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2022-05-12 14:47

p11-kit-trust CVE-2020-29361 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29361

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2023-11-07 03:21

p11-kit-trust CVE-2020-29362 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29362

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2021-01-11 16:50

p11-kit-trust CVE-2020-29363 中危 0.23.14-5.el8_0 0.23.22-1.el8 p11-kit: out-of-bounds write in p11_rpc_buffer_get_byte_array_value function in rpc-message.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29363

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-16 14:15 修改: 2022-05-12 14:47

pam CVE-2024-10041 中危 1.3.1-11.el8 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-10-23 14:15 修改: 2024-10-23 15:12

pam CVE-2024-22365 中危 1.3.1-11.el8 1.3.1-33.el8 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27

pcre2 CVE-2022-1586 中危 10.32-2.el8 10.32-3.el8_6 pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1586

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-16 21:15 修改: 2023-11-07 03:42

dbus-libs CVE-2022-42011 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-libs CVE-2022-42012 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-libs CVE-2023-34969 中危 1:1.12.8-11.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36

platform-python CVE-2007-4559 中危 3.6.8-31.el8 3.6.8-56.el8_9 python: tarfile module directory traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2007-08-28 01:17 修改: 2024-03-23 03:15

platform-python CVE-2015-20107 中危 3.6.8-31.el8 3.6.8-47.el8_6 python: mailcap: findmatch() function does not sanitize the second argument

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25

platform-python CVE-2020-10735 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-09 14:15 修改: 2023-06-30 23:15

platform-python CVE-2020-26116 中危 3.6.8-31.el8 3.6.8-37.el8 python: CRLF injection via HTTP request method in httplib/http.client

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26116

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-09-27 04:15 修改: 2023-11-07 03:20

platform-python CVE-2020-27619 中危 3.6.8-31.el8 3.6.8-37.el8 python: Unsafe use of eval() on data retrieved via HTTP in the test suite

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27619

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-22 03:16 修改: 2024-02-03 07:15

platform-python CVE-2021-23336 中危 3.6.8-31.el8 3.6.8-37.el8 python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 13:15 修改: 2023-11-07 03:30

platform-python CVE-2021-28861 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: open redirection vulnerability in lib/http/server.py may lead to information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 01:15 修改: 2024-08-03 22:15

platform-python CVE-2021-3177 中危 3.6.8-31.el8 3.6.8-37.el8 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3177

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-19 06:15 修改: 2023-11-07 03:37

platform-python CVE-2021-3426 中危 3.6.8-31.el8 3.6.8-41.el8 python: Information disclosure via pydoc

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3426

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-20 13:15 修改: 2023-11-07 03:38

platform-python CVE-2021-3733 中危 3.6.8-31.el8 3.6.8-39.el8_4 python: urllib: Regular expression DoS in AbstractBasicAuthHandler

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3733

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-10 17:42 修改: 2023-06-30 23:15

platform-python CVE-2021-4189 中危 3.6.8-31.el8 3.6.8-45.el8 python: ftplib should not use the host from the PASV response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2023-06-30 23:15

platform-python CVE-2022-0391 中危 3.6.8-31.el8 3.6.8-47.el8_6 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-09 23:15 修改: 2023-11-07 03:41

platform-python CVE-2022-45061 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: CPU denial of service via inefficient IDNA decoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-11-09 07:15 修改: 2023-11-07 03:54

platform-python CVE-2022-48560 中危 3.6.8-31.el8 3.6.8-56.el8_9.2 python: use after free in heappushpop() of heapq module

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48560

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-08 03:15

platform-python CVE-2022-48564 中危 3.6.8-31.el8 3.6.8-56.el8_9.2 python: DoS when processing malformed Apple Property List files in binary format

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48564

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-15 15:56

platform-python CVE-2023-27043 中危 3.6.8-31.el8 3.6.8-56.el8_9.3 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27

platform-python CVE-2024-0450 中危 3.6.8-31.el8 3.6.8-62.el8_10 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15

platform-python CVE-2024-6232 中危 3.6.8-31.el8 3.6.8-67.el8_10 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15

platform-python CVE-2024-6923 中危 3.6.8-31.el8 3.6.8-67.el8_10 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-01 14:15 修改: 2024-09-04 21:15

platform-python CVE-2024-9287 中危 3.6.8-31.el8 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-10-22 17:15 修改: 2024-10-23 15:12

dbus-tools CVE-2022-42010 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

platform-python-setuptools CVE-2022-40897 中危 39.2.0-6.el8 39.2.0-6.el8_7.1 pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-23 00:15 修改: 2024-06-21 19:15

python3-dnf CVE-2021-3445 中危 4.2.23-4.el8 4.7.0-4.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

python3-hawkey CVE-2021-3445 中危 0.48.0-5.el8 0.63.0-3.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

python3-libdnf CVE-2021-3445 中危 0.48.0-5.el8 0.63.0-3.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

dbus-tools CVE-2022-42011 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-tools CVE-2022-42012 中危 1:1.12.8-11.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49

dbus-tools CVE-2023-34969 中危 1:1.12.8-11.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36

python3-libs CVE-2007-4559 中危 3.6.8-31.el8 3.6.8-56.el8_9 python: tarfile module directory traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2007-08-28 01:17 修改: 2024-03-23 03:15

python3-libs CVE-2015-20107 中危 3.6.8-31.el8 3.6.8-47.el8_6 python: mailcap: findmatch() function does not sanitize the second argument

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25

python3-libs CVE-2020-10735 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-09 14:15 修改: 2023-06-30 23:15

python3-libs CVE-2020-26116 中危 3.6.8-31.el8 3.6.8-37.el8 python: CRLF injection via HTTP request method in httplib/http.client

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26116

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-09-27 04:15 修改: 2023-11-07 03:20

python3-libs CVE-2020-27619 中危 3.6.8-31.el8 3.6.8-37.el8 python: Unsafe use of eval() on data retrieved via HTTP in the test suite

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27619

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-22 03:16 修改: 2024-02-03 07:15

python3-libs CVE-2021-23336 中危 3.6.8-31.el8 3.6.8-37.el8 python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 13:15 修改: 2023-11-07 03:30

python3-libs CVE-2021-28861 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: open redirection vulnerability in lib/http/server.py may lead to information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 01:15 修改: 2024-08-03 22:15

python3-libs CVE-2021-3177 中危 3.6.8-31.el8 3.6.8-37.el8 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3177

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-19 06:15 修改: 2023-11-07 03:37

python3-libs CVE-2021-3426 中危 3.6.8-31.el8 3.6.8-41.el8 python: Information disclosure via pydoc

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3426

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-20 13:15 修改: 2023-11-07 03:38

python3-libs CVE-2021-3733 中危 3.6.8-31.el8 3.6.8-39.el8_4 python: urllib: Regular expression DoS in AbstractBasicAuthHandler

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3733

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-10 17:42 修改: 2023-06-30 23:15

python3-libs CVE-2021-4189 中危 3.6.8-31.el8 3.6.8-45.el8 python: ftplib should not use the host from the PASV response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-24 16:15 修改: 2023-06-30 23:15

python3-libs CVE-2022-0391 中危 3.6.8-31.el8 3.6.8-47.el8_6 python: urllib.parse does not sanitize URLs containing ASCII newline and tabs

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-02-09 23:15 修改: 2023-11-07 03:41

python3-libs CVE-2022-45061 中危 3.6.8-31.el8 3.6.8-48.el8_7.1 python: CPU denial of service via inefficient IDNA decoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-11-09 07:15 修改: 2023-11-07 03:54

python3-libs CVE-2022-48560 中危 3.6.8-31.el8 3.6.8-56.el8_9.2 python: use after free in heappushpop() of heapq module

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48560

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-08 03:15

python3-libs CVE-2022-48564 中危 3.6.8-31.el8 3.6.8-56.el8_9.2 python: DoS when processing malformed Apple Property List files in binary format

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48564

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-15 15:56

python3-libs CVE-2023-27043 中危 3.6.8-31.el8 3.6.8-56.el8_9.3 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27

python3-libs CVE-2024-0450 中危 3.6.8-31.el8 3.6.8-62.el8_10 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15

python3-libs CVE-2024-6232 中危 3.6.8-31.el8 3.6.8-67.el8_10 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15

python3-libs CVE-2024-6923 中危 3.6.8-31.el8 3.6.8-67.el8_10 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-01 14:15 修改: 2024-09-04 21:15

python3-libs CVE-2024-9287 中危 3.6.8-31.el8 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-10-22 17:15 修改: 2024-10-23 15:12

python3-pip-wheel CVE-2007-4559 中危 9.0.3-18.el8 9.0.3-23.el8 python: tarfile module directory traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2007-08-28 01:17 修改: 2024-03-23 03:15

python3-rpm CVE-2021-20271 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

python3-rpm CVE-2021-3421 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: unsigned signature header leads to string injection into an rpm database

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3421

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:37

python3-rpm CVE-2021-3521 中危 4.14.3-4.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41

python3-rpm CVE-2021-35937 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: TOCTOU race in checks for unsafe symlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2023-11-07 03:36

python3-rpm CVE-2021-35938 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: races with chown/chmod/capabilities calls during installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2022-11-29 18:06

python3-rpm CVE-2021-35939 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: checks for unsafe symlinks are not performed for intermediary directories

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-26 16:15 修改: 2023-02-04 01:16

bind-export-libs CVE-2021-25219 中危 32:9.11.20-5.el8 32:9.11.36-3.el8 bind: Lame cache can be abused to severely degrade resolver performance

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-10-27 21:15 修改: 2023-11-07 03:31

python3-setuptools-wheel CVE-2022-40897 中危 39.2.0-6.el8 39.2.0-6.el8_7.1 pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-23 00:15 修改: 2024-06-21 19:15

rpm CVE-2021-20271 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

rpm CVE-2021-3421 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: unsigned signature header leads to string injection into an rpm database

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3421

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:37

rpm CVE-2021-3521 中危 4.14.3-4.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41

rpm CVE-2021-35937 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: TOCTOU race in checks for unsafe symlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2023-11-07 03:36

rpm CVE-2021-35938 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: races with chown/chmod/capabilities calls during installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2022-11-29 18:06

rpm CVE-2021-35939 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: checks for unsafe symlinks are not performed for intermediary directories

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-26 16:15 修改: 2023-02-04 01:16

rpm-build-libs CVE-2021-20271 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

rpm-build-libs CVE-2021-3421 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: unsigned signature header leads to string injection into an rpm database

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3421

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:37

rpm-build-libs CVE-2021-3521 中危 4.14.3-4.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41

rpm-build-libs CVE-2021-35937 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: TOCTOU race in checks for unsafe symlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2023-11-07 03:36

rpm-build-libs CVE-2021-35938 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: races with chown/chmod/capabilities calls during installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2022-11-29 18:06

rpm-build-libs CVE-2021-35939 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: checks for unsafe symlinks are not performed for intermediary directories

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-26 16:15 修改: 2023-02-04 01:16

rpm-libs CVE-2021-20271 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

rpm-libs CVE-2021-3421 中危 4.14.3-4.el8 4.14.3-14.el8_4 rpm: unsigned signature header leads to string injection into an rpm database

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3421

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:37

rpm-libs CVE-2021-3521 中危 4.14.3-4.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41

rpm-libs CVE-2021-35937 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: TOCTOU race in checks for unsafe symlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2023-11-07 03:36

rpm-libs CVE-2021-35938 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: races with chown/chmod/capabilities calls during installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2022-11-29 18:06

rpm-libs CVE-2021-35939 中危 4.14.3-4.el8 4.14.3-28.el8_9 rpm: checks for unsafe symlinks are not performed for intermediary directories

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-26 16:15 修改: 2023-02-04 01:16

sqlite-libs CVE-2019-13750 中危 3.26.0-11.el8 3.26.0-15.el8 sqlite: dropping of shadow tables not restricted in defensive mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13750

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-12-10 22:15 修改: 2023-11-07 03:04

sqlite-libs CVE-2019-13751 中危 3.26.0-11.el8 3.26.0-15.el8 sqlite: fts3: improve detection of corrupted records

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13751

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-12-10 22:15 修改: 2023-11-07 03:04

sqlite-libs CVE-2019-19603 中危 3.26.0-11.el8 3.26.0-15.el8 sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19603

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-12-09 19:15 修改: 2023-11-07 03:07

sqlite-libs CVE-2019-5827 中危 3.26.0-11.el8 3.26.0-15.el8 sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5827

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-06-27 17:15 修改: 2023-11-07 03:12

sqlite-libs CVE-2020-13434 中危 3.26.0-11.el8 3.26.0-13.el8 sqlite: integer overflow in sqlite3_str_vappendf function in printf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13434

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-05-24 22:15 修改: 2023-11-07 03:16

sqlite-libs CVE-2020-13435 中危 3.26.0-11.el8 3.26.0-15.el8 sqlite: NULL pointer dereference in sqlite3ExprCodeTarget()

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13435

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-05-24 22:15 修改: 2023-11-07 03:16

sqlite-libs CVE-2020-15358 中危 3.26.0-11.el8 3.26.0-13.el8 sqlite: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization in select.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15358

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-06-27 12:15 修改: 2022-05-12 15:01

sqlite-libs CVE-2020-24736 中危 3.26.0-11.el8 3.26.0-18.el8_8 sqlite: Crash due to misuse of window functions.

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24736

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-04-11 18:15 修改: 2023-05-26 20:15

sqlite-libs CVE-2020-35527 中危 3.26.0-11.el8 3.26.0-16.el8_6 sqlite: Out of bounds access during table rename

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35527

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-01 18:15 修改: 2022-12-08 22:29

sqlite-libs CVE-2022-35737 中危 3.26.0-11.el8 3.26.0-17.el8_7 sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35737

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-03 06:15 修改: 2024-03-27 16:05

sqlite-libs CVE-2023-7104 中危 3.26.0-11.el8 3.26.0-19.el8_9 sqlite: heap-buffer-overflow at sessionfuzz

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-12-29 10:15 修改: 2024-05-17 02:34

squashfs-tools CVE-2021-40153 中危 4.3-19.el8 4.3-21.el8 squashfs-tools: unvalidated filepaths allow writing outside of destination

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40153

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-08-27 15:15 修改: 2023-11-07 03:38

squashfs-tools CVE-2021-41072 中危 4.3-19.el8 4.3-21.el8 squashfs-tools: possible Directory Traversal via symbolic link

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41072

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-14 01:15 修改: 2023-05-30 06:15

bind-export-libs CVE-2021-25220 中危 32:9.11.20-5.el8 32:9.11.36-5.el8 bind: DNS forwarders - cache poisoning vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25220

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-23 13:15 修改: 2023-11-09 14:44

dhcp-client CVE-2022-2928 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2928

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

systemd CVE-2018-20839 中危 239-41.el8_3.1 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-05-17 04:29 修改: 2024-10-24 17:34

systemd CVE-2019-3842 中危 239-41.el8_3.1 239-45.el8 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3842

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-04-09 21:29 修改: 2023-11-07 03:10

systemd CVE-2020-13776 中危 239-41.el8_3.1 239-45.el8 systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13776

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-06-03 03:15 修改: 2023-11-07 03:16

systemd CVE-2022-3821 中危 239-41.el8_3.1 239-68.el8_7.1 systemd: buffer overrun in format_timespan() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51

systemd CVE-2022-4415 中危 239-41.el8_3.1 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19

systemd CVE-2023-26604 中危 239-41.el8_3.1 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09

systemd CVE-2023-7008 中危 239-41.el8_3.1 239-82.el8 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16

dhcp-client CVE-2022-2929 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: DHCP memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2929

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

bind-export-libs CVE-2022-2795 中危 32:9.11.20-5.el8 32:9.11.36-8.el8 bind: processing large delegations may severely degrade resolver performance

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2795

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:46

systemd-libs CVE-2018-20839 中危 239-41.el8_3.1 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-05-17 04:29 修改: 2024-10-24 17:34

systemd-libs CVE-2019-3842 中危 239-41.el8_3.1 239-45.el8 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3842

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-04-09 21:29 修改: 2023-11-07 03:10

systemd-libs CVE-2020-13776 中危 239-41.el8_3.1 239-45.el8 systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13776

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-06-03 03:15 修改: 2023-11-07 03:16

systemd-libs CVE-2022-3821 中危 239-41.el8_3.1 239-68.el8_7.1 systemd: buffer overrun in format_timespan() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51

systemd-libs CVE-2022-4415 中危 239-41.el8_3.1 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19

systemd-libs CVE-2023-26604 中危 239-41.el8_3.1 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09

systemd-libs CVE-2023-7008 中危 239-41.el8_3.1 239-82.el8 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16

bind-export-libs CVE-2022-3094 中危 32:9.11.20-5.el8 32:9.11.36-11.el8_9 bind: flooding with UPDATE requests may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3094

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-26 21:15 修改: 2023-11-07 03:50

dhcp-common CVE-2022-2928 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2928

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

systemd-pam CVE-2018-20839 中危 239-41.el8_3.1 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-05-17 04:29 修改: 2024-10-24 17:34

systemd-pam CVE-2019-3842 中危 239-41.el8_3.1 239-45.el8 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3842

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-04-09 21:29 修改: 2023-11-07 03:10

systemd-pam CVE-2020-13776 中危 239-41.el8_3.1 239-45.el8 systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13776

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-06-03 03:15 修改: 2023-11-07 03:16

systemd-pam CVE-2022-3821 中危 239-41.el8_3.1 239-68.el8_7.1 systemd: buffer overrun in format_timespan() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51

systemd-pam CVE-2022-4415 中危 239-41.el8_3.1 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19

systemd-pam CVE-2023-26604 中危 239-41.el8_3.1 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09

systemd-pam CVE-2023-7008 中危 239-41.el8_3.1 239-82.el8 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16

dhcp-common CVE-2022-2929 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: DHCP memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2929

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

binutils CVE-2018-1000876 中危 2.30-79.el8 binutils: integer overflow leads to heap-based buffer overflow in objdump

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000876

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-20 17:29 修改: 2023-11-07 02:51

systemd-udev CVE-2018-20839 中危 239-41.el8_3.1 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-05-17 04:29 修改: 2024-10-24 17:34

systemd-udev CVE-2019-3842 中危 239-41.el8_3.1 239-45.el8 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3842

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-04-09 21:29 修改: 2023-11-07 03:10

systemd-udev CVE-2020-13776 中危 239-41.el8_3.1 239-45.el8 systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13776

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-06-03 03:15 修改: 2023-11-07 03:16

systemd-udev CVE-2022-3821 中危 239-41.el8_3.1 239-68.el8_7.1 systemd: buffer overrun in format_timespan() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51

systemd-udev CVE-2022-4415 中危 239-41.el8_3.1 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19

systemd-udev CVE-2023-26604 中危 239-41.el8_3.1 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09

systemd-udev CVE-2023-7008 中危 239-41.el8_3.1 239-82.el8 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16

tar CVE-2005-2541 中危 2:1.30-5.el8 tar: does not properly warn the user when extracting setuid or setgid files

漏洞详情: https://avd.aquasec.com/nvd/cve-2005-2541

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2005-08-10 04:00 修改: 2023-11-07 01:57

tar CVE-2022-48303 中危 2:1.30-5.el8 2:1.30-6.el8_7.1 tar: heap buffer overflow at from_header() in list.c via specially crafted checksum

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48303

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-30 04:15 修改: 2023-05-30 17:16

trousers CVE-2020-24331 中危 0.3.14-4.el8 0.3.15-1.el8 trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24331

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

trousers CVE-2020-24332 中危 0.3.14-4.el8 0.3.15-1.el8 trousers: tss user can be used to create or corrupt existing files, this could lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24332

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

trousers-lib CVE-2020-24331 中危 0.3.14-4.el8 0.3.15-1.el8 trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24331

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

trousers-lib CVE-2020-24332 中危 0.3.14-4.el8 0.3.15-1.el8 trousers: tss user can be used to create or corrupt existing files, this could lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24332

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

vim-minimal CVE-2021-3778 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8 vim: heap-based buffer overflow in utf_ptr2char() in mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3778

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-15 08:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-3796 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8 vim: use-after-free in nv_replace() in normal.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3796

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-15 13:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-3872 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.4 vim: heap-based buffer overflow in win_redr_status() in drawscreen.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3872

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-10-19 13:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-3984 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.4 vim: illegal memory access in find_start_brace() in cindent.c when C-indenting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3984

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-01 11:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-4019 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.4 vim: heap-based buffer overflow in find_help_tags() in help.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4019

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-01 10:15 修改: 2023-11-07 03:40

vim-minimal CVE-2021-4192 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.4 vim: use-after-free in win_linetabsize()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4192

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-31 15:15 修改: 2023-11-07 03:40

vim-minimal CVE-2021-4193 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.4 vim: out-of-bound read in getvcol()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4193

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-31 16:15 修改: 2023-11-07 03:40

vim-minimal CVE-2022-0261 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Heap-based buffer overflow in block_insert() in src/ops.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0261

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-18 16:15 修改: 2023-11-07 03:41

vim-minimal CVE-2022-0318 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Heap-based buffer overflow in utf_head_off() in mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0318

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-21 12:15 修改: 2022-11-29 22:12

vim-minimal CVE-2022-0359 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Heap-based buffer overflow in init_ccline() in ex_getln.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0359

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-26 12:15 修改: 2022-11-09 18:58

vim-minimal CVE-2022-0361 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0361

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-26 13:15 修改: 2022-11-09 18:57

vim-minimal CVE-2022-0392 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0392

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-28 22:15 修改: 2022-11-29 22:12

vim-minimal CVE-2022-0413 中危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.12 vim: Use after free in src/ex_cmds.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0413

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-30 15:15 修改: 2023-11-07 03:41

vim-minimal CVE-2022-1621 中危 2:8.0.1763-15.el8 2:8.0.1763-19.el8_6.2 vim: heap buffer overflow in vim_strncpy

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1621

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-10 14:15 修改: 2023-11-07 03:42

vim-minimal CVE-2022-1629 中危 2:8.0.1763-15.el8 2:8.0.1763-19.el8_6.2 vim: buffer over-read in function find_next_quote

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1629

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-10 14:15 修改: 2023-11-07 03:42

vim-minimal CVE-2022-1785 中危 2:8.0.1763-15.el8 2:8.0.1763-19.el8_6.4 vim: Out-of-bounds Write

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1785

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-19 13:15 修改: 2023-05-03 12:15

vim-minimal CVE-2022-1897 中危 2:8.0.1763-15.el8 2:8.0.1763-19.el8_6.4 vim: out-of-bounds write in vim_regsub_both() in regexp.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1897

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-27 15:15 修改: 2023-11-07 03:42

vim-minimal CVE-2022-1927 中危 2:8.0.1763-15.el8 2:8.0.1763-19.el8_6.4 vim: buffer over-read in utf_ptr2char() in mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1927

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-29 14:15 修改: 2023-11-07 03:42

vim-minimal CVE-2024-43790 中危 2:8.0.1763-15.el8 vim: Out of bounds read when performing a search command

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43790

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-22 22:15 修改: 2024-08-23 16:18

binutils CVE-2018-20623 中危 2.30-79.el8 binutils: Use-after-free in the error function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20623

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-31 19:29 修改: 2019-10-31 01:15

dhcp-libs CVE-2022-2928 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2928

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

yum CVE-2021-3445 中危 4.2.23-4.el8 4.7.0-4.el8 libdnf: Signature verification bypass via signature placed in the main RPM header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3445

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-19 14:15 修改: 2023-11-07 03:38

dhcp-libs CVE-2022-2929 中危 12:4.3.6-41.el8 12:4.3.6-49.el8 dhcp: DHCP memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2929

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-07 05:15 修改: 2023-11-07 03:47

zlib CVE-2022-37434 中危 1.2.11-16.el8_2 1.2.11-19.el8_6 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-05 07:15 修改: 2023-07-19 00:56

glibc-langpack-en CVE-2024-33602 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

binutils CVE-2020-16598 低危 2.30-79.el8 binutils: Null Pointer Dereference in debug_get_real_type could result in DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16598

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-09 21:15 修改: 2023-11-07 03:18

binutils CVE-2020-35448 低危 2.30-79.el8 2.30-108.el8 binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section() in elf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35448

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-12-27 04:15 修改: 2023-11-07 03:21

gawk CVE-2023-4156 低危 4.2.1-1.el8 gawk: heap out of bound read in builtin.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4156

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-25 18:15 修改: 2023-11-07 04:22

binutils CVE-2020-35493 低危 2.30-79.el8 binutils: heap-based buffer overflow in bfd_pef_parse_function_stubs function in bfd/pef.c via crafted PEF file

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35493

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 15:15 修改: 2023-11-07 03:21

dbus CVE-2020-35512 低危 1:1.12.8-11.el8 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-12-27 16:36

binutils CVE-2020-35494 低危 2.30-79.el8 binutils: usage of unitialized heap in tic4x_print_cond function in opcodes/tic4x-dis.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35494

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 15:15 修改: 2023-11-07 03:21

binutils CVE-2020-35495 低危 2.30-79.el8 binutils: NULL pointer dereference in bfd_pef_parse_symbols function in bfd/pef.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35495

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 15:15 修改: 2023-11-07 03:21

binutils CVE-2020-35496 低危 2.30-79.el8 binutils: NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35496

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 15:15 修改: 2023-11-07 03:21

binutils CVE-2020-35507 低危 2.30-79.el8 binutils: NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35507

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-01-04 15:15 修改: 2023-01-24 16:10

openssl CVE-2023-0464 低危 1:1.1.1g-12.el8_3 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15

openssl CVE-2023-0465 低危 1:1.1.1g-12.el8_3 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15

openssl CVE-2023-0466 低危 1:1.1.1g-12.el8_3 openssl: Certificate policy check not enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15

openssl CVE-2023-2650 低危 1:1.1.1g-12.el8_3 openssl: Possible DoS translating ASN.1 object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15

openssl CVE-2023-3446 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 openssl: Excessive time spent checking DH keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15

openssl CVE-2023-3817 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 OpenSSL: Excessive time spent checking DH q parameter value

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15

openssl CVE-2023-5678 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15

openssl CVE-2024-0727 低危 1:1.1.1g-12.el8_3 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15

openssl CVE-2024-2511 低危 1:1.1.1g-12.el8_3 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15

openssl CVE-2024-41996 低危 1:1.1.1g-12.el8_3 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35

openssl CVE-2024-4741 低危 1:1.1.1g-12.el8_3 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

openssl CVE-2024-5535 低危 1:1.1.1g-12.el8_3 1:1.1.1k-14.el8_6 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15

dbus-common CVE-2020-35512 低危 1:1.12.8-11.el8 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-12-27 16:36

binutils CVE-2021-20284 低危 2.30-79.el8 2.30-108.el8 binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20284

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15

binutils CVE-2021-3826 低危 2.30-79.el8 libiberty: Heap/stack buffer overflow in the dlang_lname function in d-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3826

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-01 21:15 修改: 2024-01-22 15:01

binutils CVE-2022-38533 低危 2.30-79.el8 binutils: heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a crafted file

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38533

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-26 00:15 修改: 2023-11-07 03:50

binutils CVE-2022-44840 低危 2.30-79.el8 binutils: heap-based buffer overflow in find_section_in_set() in readelf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44840

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:14

glibc-minimal-langpack CVE-2016-10228 低危 2.28-127.el8 2.28-151.el8 glibc: iconv program can hang when invoked with the -c option

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10228

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-03-02 01:59 修改: 2023-11-07 02:29

glibc-minimal-langpack CVE-2020-27618 低危 2.28-127.el8 2.28-151.el8 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27618

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-26 23:15 修改: 2022-10-28 20:06

glibc-minimal-langpack CVE-2021-27645 低危 2.28-127.el8 2.28-164.el8 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27645

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-24 15:15 修改: 2023-11-07 03:31

glibc-minimal-langpack CVE-2021-33574 低危 2.28-127.el8 2.28-164.el8 glibc: mq_notify does not handle separately allocated thread attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-25 22:15 修改: 2023-11-07 03:35

glibc-minimal-langpack CVE-2024-33601 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

libcurl-minimal CVE-2020-8231 低危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04

libcurl-minimal CVE-2021-22898 低危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: TELNET stack contents disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47

libcurl-minimal CVE-2021-22925 低危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22925

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

openssl-libs CVE-2023-0464 低危 1:1.1.1g-12.el8_3 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15

openssl-libs CVE-2023-0465 低危 1:1.1.1g-12.el8_3 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15

openssl-libs CVE-2023-0466 低危 1:1.1.1g-12.el8_3 openssl: Certificate policy check not enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15

openssl-libs CVE-2023-2650 低危 1:1.1.1g-12.el8_3 openssl: Possible DoS translating ASN.1 object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15

openssl-libs CVE-2023-3446 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 openssl: Excessive time spent checking DH keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15

openssl-libs CVE-2023-3817 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 OpenSSL: Excessive time spent checking DH q parameter value

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15

openssl-libs CVE-2023-5678 低危 1:1.1.1g-12.el8_3 1:1.1.1k-12.el8_9 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15

openssl-libs CVE-2024-0727 低危 1:1.1.1g-12.el8_3 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15

openssl-libs CVE-2024-2511 低危 1:1.1.1g-12.el8_3 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15

openssl-libs CVE-2024-41996 低危 1:1.1.1g-12.el8_3 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35

openssl-libs CVE-2024-4741 低危 1:1.1.1g-12.el8_3 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

openssl-libs CVE-2024-5535 低危 1:1.1.1g-12.el8_3 1:1.1.1k-14.el8_6 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15

libcurl-minimal CVE-2022-35252 低危 7.61.1-14.el8_3.1 7.61.1-30.el8 curl: Incorrect handling of control code characters in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-09-23 14:15 修改: 2024-03-27 15:00

libcurl-minimal CVE-2022-43552 低危 7.61.1-14.el8_3.1 7.61.1-30.el8 curl: Use-after-free triggered by an HTTP proxy deny response

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-09 20:15 修改: 2024-03-27 14:55

libcurl-minimal CVE-2023-27534 低危 7.61.1-14.el8_3.1 curl: SFTP path ~ resolving discrepancy

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:54

libcurl-minimal CVE-2023-28322 低危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: more POST-after-PUT confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15

libcurl-minimal CVE-2023-38546 低危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: cookie injection with none file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15

libdb CVE-2019-2708 低危 5.3.28-39.el8 5.3.28-40.el8 libdb: Denial of service in the Data Store component

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-2708

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-04-23 19:32 修改: 2023-11-07 03:09

libdb-utils CVE-2019-2708 低危 5.3.28-39.el8 5.3.28-40.el8 libdb: Denial of service in the Data Store component

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-2708

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-04-23 19:32 修改: 2023-11-07 03:09

glibc-minimal-langpack CVE-2024-33602 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

pcre CVE-2019-20838 低危 8.42-4.el8 8.42-6.el8 pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20838

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:05

pcre CVE-2020-14155 低危 8.42-4.el8 8.42-6.el8 pcre: Integer overflow when parsing callout numeric arguments

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14155

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:04

dbus-daemon CVE-2020-35512 低危 1:1.12.8-11.el8 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-12-27 16:36

pcre2 CVE-2022-41409 低危 10.32-2.el8 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46

libgcc CVE-2018-20657 低危 8.3.1-5.1.el8 libiberty: Memory leak in demangle_template function resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20657

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-02 14:29 修改: 2019-11-06 01:15

libgcc CVE-2018-20673 低危 8.3.1-5.1.el8 8.5.0-3.el8 libiberty: Integer overflow in demangle_template() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20673

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-04 18:29 修改: 2020-08-24 17:37

libgcc CVE-2019-14250 低危 8.3.1-5.1.el8 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14250

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-07-24 04:15 修改: 2023-03-01 18:01

libgcc CVE-2022-27943 低危 8.3.1-5.1.el8 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45

binutils CVE-2022-47007 低危 2.30-79.el8 binutils: memory leak in stab_demangle_v3_arg() in stabs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47007

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:14

gnupg2 CVE-2022-3219 低危 2.2.20-2.el8 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

binutils CVE-2022-47008 低危 2.30-79.el8 binutils: memory leak in make_tempdir() and make_tempname() in bucomm.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47008

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:14

binutils CVE-2022-47010 低危 2.30-79.el8 binutils: memory leak in pr_function_type() in prdbg.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47010

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:14

binutils CVE-2022-47011 低危 2.30-79.el8 binutils: memory leak in parse_stab_struct_fields() in stabs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47011

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:14

libgomp CVE-2018-20657 低危 8.3.1-5.1.el8 libiberty: Memory leak in demangle_template function resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20657

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-01-02 14:29 修改: 2019-11-06 01:15

libgomp CVE-2018-20673 低危 8.3.1-5.1.el8 8.5.0-3.el8 libiberty: Integer overflow in demangle_template() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20673

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-01-04 18:29 修改: 2020-08-24 17:37

libgomp CVE-2019-14250 低危 8.3.1-5.1.el8 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14250

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-07-24 04:15 修改: 2023-03-01 18:01

libgomp CVE-2022-27943 低危 8.3.1-5.1.el8 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45

dbus-libs CVE-2020-35512 低危 1:1.12.8-11.el8 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-12-27 16:36

binutils CVE-2023-1972 低危 2.30-79.el8 binutils: Illegal memory access when accessing a zer0-lengthverdef table

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1972

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-05-17 22:15 修改: 2023-09-30 10:15

binutils CVE-2023-25584 低危 2.30-79.el8 binutils: Out of bounds read in parse_module function in bfd/vms-alpha.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25584

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 21:15 修改: 2024-02-23 18:51

binutils CVE-2023-25585 低危 2.30-79.el8 binutils: Field `file_table` of `struct module *module` is uninitialized

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25585

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 21:15 修改: 2023-11-07 04:09

libpng CVE-2019-7317 低危 2:1.6.34-5.el8 libpng: use-after-free in png_image_free in png.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7317

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-02-04 08:29 修改: 2024-10-21 13:55

libpng CVE-2022-3857 低危 2:1.6.34-5.el8 libpng: Null pointer dereference leads to segmentation fault

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3857

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-06 23:15 修改: 2024-10-09 04:15

binutils CVE-2023-25588 低危 2.30-79.el8 binutils: Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25588

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 21:15 修改: 2023-11-07 04:09

dbus-tools CVE-2020-35512 低危 1:1.12.8-11.el8 dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-15 17:15 修改: 2023-12-27 16:36

gnutls CVE-2021-4209 低危 3.6.14-7.el8_3 GnuTLS: Null pointer dereference in MD_UPDATE

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4209

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-08-24 16:15 修改: 2022-10-27 16:57

bzip2-libs CVE-2019-12900 低危 1.0.6-26.el8 bzip2: out-of-bounds write in function BZ2_decompress

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-06-19 23:15 修改: 2023-11-07 03:03

platform-python CVE-2021-3737 低危 3.6.8-31.el8 3.6.8-45.el8 python: urllib: HTTP client possible infinite loop on a 100 Continue response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-04 19:15 修改: 2023-11-07 03:38

platform-python CVE-2024-4032 低危 3.6.8-31.el8 3.6.8-67.el8_10 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35

ca-certificates CVE-2023-37920 低危 2020.2.41-80.0.el8_2 2024.2.69_v8.0.303-80.0.el8_10 python-certifi: Removal of e-Tugra root certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37920

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-07-25 21:15 修改: 2023-08-12 06:16

bash CVE-2019-18276 低危 4.4.19-12.el8 4.4.19-14.el8 bash: when effective UID is not equal to its real UID the saved UID is not dropped

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-18276

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-11-28 01:15 修改: 2023-11-07 03:06

procps-ng CVE-2018-1121 低危 3.3.15-3.el8 procps: process hiding through race condition enumerating /proc

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1121

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-13 20:29 修改: 2020-06-30 16:15

procps-ng CVE-2023-4016 低危 3.3.15-3.el8 3.3.15-14.el8 procps: ps buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-02 05:15 修改: 2023-12-15 18:19

binutils CVE-2018-12641 低危 2.30-79.el8 binutils: Stack Exhaustion in the demangling functions provided by libiberty

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12641

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-22 12:29 修改: 2019-10-03 00:03

binutils CVE-2018-12697 低危 2.30-79.el8 binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12697

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-23 23:29 修改: 2019-08-03 13:15

libsolv CVE-2021-3200 低危 0.7.11-1.el8 0.7.19-1.el8 libsolv: heap-based buffer overflow in testcase_read() in src/testcase.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3200

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-18 17:15 修改: 2022-07-30 03:45

cpio CVE-2023-7216 低危 2.12-8.el8 CPIO: extraction allows symlinks which enables Remote Command Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7216

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-05 15:15 修改: 2024-09-19 06:15

libstdc++ CVE-2018-20657 低危 8.3.1-5.1.el8 libiberty: Memory leak in demangle_template function resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20657

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-02 14:29 修改: 2019-11-06 01:15

libstdc++ CVE-2018-20673 低危 8.3.1-5.1.el8 8.5.0-3.el8 libiberty: Integer overflow in demangle_template() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20673

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-04 18:29 修改: 2020-08-24 17:37

libstdc++ CVE-2019-14250 低危 8.3.1-5.1.el8 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14250

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-07-24 04:15 修改: 2023-03-01 18:01

libstdc++ CVE-2022-27943 低危 8.3.1-5.1.el8 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45

glib2 CVE-2019-13012 低危 2.56.4-8.el8 2.56.4-9.el8 glib2: insecure permissions for files and directories

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13012

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-06-28 15:15 修改: 2023-11-07 03:03

libtasn1 CVE-2018-1000654 低危 4.13-3.el8 libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000654

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-08-20 19:31 修改: 2023-11-07 02:51

glib2 CVE-2020-16125 低危 2.56.4-8.el8 2.56.4-9.el8 gdm: inability to timely contact accountservice via dbus leads gnome-initial-setup to creation of account with admin privileges

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16125

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-11-10 05:15 修改: 2020-11-24 18:12

glib2 CVE-2021-28153 低危 2.56.4-8.el8 2.56.4-156.el8 glib: g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION creates empty target for dangling symlink

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28153

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-11 22:15 修改: 2023-11-07 03:32

glib2 CVE-2023-29499 低危 2.56.4-8.el8 glib: GVariant offset table entry size is not checked in is_normal()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29499

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 20:15 修改: 2023-11-27 14:15

glib2 CVE-2023-32611 低危 2.56.4-8.el8 glib: g_variant_byteswap() can take a long time with some non-normal inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32611

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 20:15 修改: 2023-11-27 14:15

glib2 CVE-2023-32636 低危 2.56.4-8.el8 glib: Timeout in fuzz_variant_text

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32636

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 20:15 修改: 2024-01-12 22:09

glib2 CVE-2023-32665 低危 2.56.4-8.el8 glib: GVariant deserialisation does not match spec for non-normal data

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32665

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-14 20:15 修改: 2024-04-26 09:15

binutils CVE-2018-12698 低危 2.30-79.el8 binutils: excessive memory consumption in demangle_template in cplus-dem.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12698

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-23 23:29 修改: 2019-10-03 00:03

binutils CVE-2018-12699 低危 2.30-79.el8 binutils: heap-based buffer overflow in finish_stab in stabs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12699

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-23 23:29 修改: 2019-08-03 13:15

binutils CVE-2018-12700 低危 2.30-79.el8 binutils: Stack Exhaustion in debug_write_type in debug.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12700

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-23 23:29 修改: 2023-11-07 02:52

binutils CVE-2018-12934 低危 2.30-79.el8 binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12934

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-06-28 14:29 修改: 2020-04-21 22:15

binutils CVE-2018-17360 低危 2.30-79.el8 binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-17360

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-09-23 18:29 修改: 2019-10-31 01:15

grub2-common CVE-2021-3981 低危 1:2.02-90.el8 1:2.02-123.el8 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3981

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-03-10 17:43 修改: 2024-01-16 01:15

grub2-common CVE-2023-4692 低危 1:2.02-90.el8 1:2.02-156.el8 grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4692

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-10-25 18:17 修改: 2024-09-16 16:15

grub2-common CVE-2023-4693 低危 1:2.02-90.el8 1:2.02-156.el8 grub2: out-of-bounds read at fs/ntfs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4693

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-10-25 18:17 修改: 2024-09-16 16:15

binutils CVE-2018-17794 低危 2.30-79.el8 binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-17794

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-09-30 20:29 修改: 2020-04-21 22:15

binutils CVE-2018-17985 低危 2.30-79.el8 binutils: Stack consumption problem caused by the cplus_demangle_type

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-17985

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-04 23:29 修改: 2019-10-31 01:15

python3-libs CVE-2021-3737 低危 3.6.8-31.el8 3.6.8-45.el8 python: urllib: HTTP client possible infinite loop on a 100 Continue response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-04 19:15 修改: 2023-11-07 03:38

python3-libs CVE-2024-4032 低危 3.6.8-31.el8 3.6.8-67.el8_10 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35

libxml2 CVE-2023-45322 低危 2.9.7-8.el8 libxml2: use-after-free in xmlUnlinkNode() in tree.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45322

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-06 22:15 修改: 2024-08-02 21:15

python3-pip-wheel CVE-2018-20225 低危 9.0.3-18.el8 python-pip: when --extra-index-url option is used and package does not already exist in the public index, the installation of malicious package with arbitrary version number is possible.

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20225

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-05-08 18:15 修改: 2024-08-05 12:15

python3-pip-wheel CVE-2021-3572 低危 9.0.3-18.el8 9.0.3-20.el8 python-pip: Incorrect handling of unicode separators in git references

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3572

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-10 18:15 修改: 2024-06-21 19:15

libxml2 CVE-2024-34459 低危 2.9.7-8.el8 libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-14 15:39 修改: 2024-08-22 18:35

binutils CVE-2018-18309 低危 2.30-79.el8 binutils: invalid memory address dereference in read_reloc in reloc.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18309

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-15 02:29 修改: 2023-11-07 02:55

libzstd CVE-2021-24032 低危 1.4.4-1.el8 zstd: Race condition allows attacker to access world-readable destination file

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-24032

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-04 21:15 修改: 2021-04-28 20:04

libzstd CVE-2022-4899 低危 1.4.4-1.el8 zstd: mysql: buffer overrun in util.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-03-31 20:15 修改: 2023-11-07 03:59

elfutils-default-yama-scope CVE-2021-33294 低危 0.180-1.el8 elfutils: an infinite loop was found in the function handle_symtab in readelf.c which causes denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33294

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-07-18 14:15 修改: 2023-07-27 15:19

lua-libs CVE-2020-24370 低危 5.3.4-11.el8 5.3.4-12.el8 lua: segmentation fault in getlocal and setlocal functions in ldebug.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24370

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-08-17 17:15 修改: 2024-09-09 13:54

python3-rpm CVE-2021-20266 低危 4.14.3-4.el8 4.14.3-19.el8 rpm: missing length checks in hdrblobInit()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20266

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-30 12:15 修改: 2023-11-07 03:29

elfutils-default-yama-scope CVE-2024-25260 低危 0.180-1.el8 elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-20 18:15 修改: 2024-08-01 13:47

elfutils-libelf CVE-2021-33294 低危 0.180-1.el8 elfutils: an infinite loop was found in the function handle_symtab in readelf.c which causes denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33294

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-07-18 14:15 修改: 2023-07-27 15:19

elfutils-libelf CVE-2024-25260 低危 0.180-1.el8 elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-20 18:15 修改: 2024-08-01 13:47

elfutils-libs CVE-2021-33294 低危 0.180-1.el8 elfutils: an infinite loop was found in the function handle_symtab in readelf.c which causes denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33294

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-07-18 14:15 修改: 2023-07-27 15:19

elfutils-libs CVE-2024-25260 低危 0.180-1.el8 elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-20 18:15 修改: 2024-08-01 13:47

ncurses-base CVE-2018-19211 低危 6.1-7.20180224.el8 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15

ncurses-base CVE-2018-19217 低危 6.1-7.20180224.el8 ncurses: Null pointer dereference at function _nc_name_match

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-11-12 19:29 修改: 2024-08-05 12:15

ncurses-base CVE-2020-19185 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in one_one_mapping function in progs/dump_entry.c:1373

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19185

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

rpm CVE-2021-20266 低危 4.14.3-4.el8 4.14.3-19.el8 rpm: missing length checks in hdrblobInit()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20266

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-30 12:15 修改: 2023-11-07 03:29

ncurses-base CVE-2020-19186 低危 6.1-7.20180224.el8 ncurses: Buffer overflow in _nc_find_entry function in tinfo/comp_hash.c:66

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19186

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

ncurses-base CVE-2020-19187 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in fmt_entry function in progs/dump_entry.c:1100

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19187

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

ncurses-base CVE-2020-19188 低危 6.1-7.20180224.el8 ncurses: Stack buffer overflow in fmt_entry function in progs/dump_entry.c:1116

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19188

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-base CVE-2020-19189 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19189

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-base CVE-2020-19190 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in _nc_find_entry in tinfo/comp_hash.c:70

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19190

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-base CVE-2021-39537 低危 6.1-7.20180224.el8 ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15

rpm-build-libs CVE-2021-20266 低危 4.14.3-4.el8 4.14.3-19.el8 rpm: missing length checks in hdrblobInit()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20266

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-30 12:15 修改: 2023-11-07 03:29

ncurses-base CVE-2023-45918 低危 6.1-7.20180224.el8 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-16 22:15 修改: 2024-03-15 11:15

ncurses-base CVE-2023-50495 低危 6.1-7.20180224.el8 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

glibc CVE-2016-10228 低危 2.28-127.el8 2.28-151.el8 glibc: iconv program can hang when invoked with the -c option

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10228

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-03-02 01:59 修改: 2023-11-07 02:29

glibc CVE-2020-27618 低危 2.28-127.el8 2.28-151.el8 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27618

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-26 23:15 修改: 2022-10-28 20:06

glibc CVE-2021-27645 低危 2.28-127.el8 2.28-164.el8 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27645

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-24 15:15 修改: 2023-11-07 03:31

ncurses-libs CVE-2018-19211 低危 6.1-7.20180224.el8 ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15

rpm-libs CVE-2021-20266 低危 4.14.3-4.el8 4.14.3-19.el8 rpm: missing length checks in hdrblobInit()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20266

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-30 12:15 修改: 2023-11-07 03:29

shadow-utils CVE-2023-4641 低危 2:4.6-11.el8 2:4.6-19.el8 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-12-27 16:15 修改: 2024-05-03 16:15

ncurses-libs CVE-2018-19217 低危 6.1-7.20180224.el8 ncurses: Null pointer dereference at function _nc_name_match

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19217

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-11-12 19:29 修改: 2024-08-05 12:15

ncurses-libs CVE-2020-19185 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in one_one_mapping function in progs/dump_entry.c:1373

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19185

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

ncurses-libs CVE-2020-19186 低危 6.1-7.20180224.el8 ncurses: Buffer overflow in _nc_find_entry function in tinfo/comp_hash.c:66

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19186

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

ncurses-libs CVE-2020-19187 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in fmt_entry function in progs/dump_entry.c:1100

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19187

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:15 修改: 2023-12-13 01:15

ncurses-libs CVE-2020-19188 低危 6.1-7.20180224.el8 ncurses: Stack buffer overflow in fmt_entry function in progs/dump_entry.c:1116

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19188

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-libs CVE-2020-19189 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19189

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-libs CVE-2020-19190 低危 6.1-7.20180224.el8 ncurses: Heap buffer overflow in _nc_find_entry in tinfo/comp_hash.c:70

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19190

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-22 19:16 修改: 2023-12-13 01:15

ncurses-libs CVE-2021-39537 低危 6.1-7.20180224.el8 ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15

ncurses-libs CVE-2023-45918 低危 6.1-7.20180224.el8 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-16 22:15 修改: 2024-03-15 11:15

ncurses-libs CVE-2023-50495 低危 6.1-7.20180224.el8 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

glibc CVE-2021-33574 低危 2.28-127.el8 2.28-164.el8 glibc: mq_notify does not handle separately allocated thread attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-25 22:15 修改: 2023-11-07 03:35

sqlite-libs CVE-2019-19244 低危 3.26.0-11.el8 sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain ORDER BY usage

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19244

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-11-25 20:15 修改: 2022-04-15 16:12

sqlite-libs CVE-2019-9936 低危 3.26.0-11.el8 sqlite: heap-based buffer over-read in function fts5HashEntrySort in sqlite3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9936

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-03-22 08:29 修改: 2023-11-07 03:13

sqlite-libs CVE-2019-9937 低危 3.26.0-11.el8 sqlite: null-pointer dereference in function fts5ChunkIterate in sqlite3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9937

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-03-22 08:29 修改: 2023-11-07 03:13

sqlite-libs CVE-2020-35525 低危 3.26.0-11.el8 3.26.0-16.el8_6 sqlite: Null pointer derreference in src/select.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35525

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-01 18:15 修改: 2023-07-06 19:15

sqlite-libs CVE-2023-36191 低危 3.26.0-11.el8 sqlite: CLI fault on missing -nonce

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36191

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-23 02:15 修改: 2023-11-07 04:16

sqlite-libs CVE-2024-0232 低危 3.26.0-11.el8 sqlite: use-after-free bug in jsonParseAddNodeArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0232

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-01-16 14:15 修改: 2024-09-28 04:15

glibc CVE-2024-33601 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

glibc CVE-2024-33602 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

binutils CVE-2018-18483 低危 2.30-79.el8 binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18483

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-18 21:29 修改: 2019-10-31 01:15

binutils CVE-2018-18484 低危 2.30-79.el8 binutils: Stack exhaustion in cp-demangle.c allows for denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18484

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-18 21:29 修改: 2020-08-24 17:37

binutils CVE-2018-18605 低危 2.30-79.el8 binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18605

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-23 17:29 修改: 2023-11-07 02:55

grub2-tools CVE-2021-3981 低危 1:2.02-90.el8 1:2.02-123.el8 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3981

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-03-10 17:43 修改: 2024-01-16 01:15

grub2-tools CVE-2023-4692 低危 1:2.02-90.el8 1:2.02-156.el8 grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4692

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-10-25 18:17 修改: 2024-09-16 16:15

grub2-tools CVE-2023-4693 低危 1:2.02-90.el8 1:2.02-156.el8 grub2: out-of-bounds read at fs/ntfs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4693

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-10-25 18:17 修改: 2024-09-16 16:15

binutils CVE-2018-18606 低危 2.30-79.el8 binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18606

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-23 17:29 修改: 2023-11-07 02:55

binutils CVE-2018-18607 低危 2.30-79.el8 binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18607

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-23 17:29 修改: 2023-11-07 02:55

binutils CVE-2018-18700 低危 2.30-79.el8 binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18700

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-29 12:29 修改: 2020-04-21 22:15

systemd CVE-2021-3997 低危 239-41.el8_3.1 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15

binutils CVE-2018-18701 低危 2.30-79.el8 binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18701

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-10-29 12:29 修改: 2020-04-21 22:15

binutils CVE-2018-19932 低危 2.30-79.el8 binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19932

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-07 07:29 修改: 2023-11-07 02:55

binutils CVE-2018-20002 低危 2.30-79.el8 binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20002

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-10 02:29 修改: 2023-11-07 02:56

nss CVE-2020-12413 低危 3.53.1-11.el8_2 nss: Information exposure when DH secret are reused across multiple TLS connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12413

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-16 22:15 修改: 2023-02-28 19:49

nss CVE-2024-7531 低危 3.53.1-11.el8_2 mozilla: nss: PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7531

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-08-06 13:15 修改: 2024-08-12 16:10

binutils CVE-2018-20651 低危 2.30-79.el8 binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20651

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-01 16:29 修改: 2023-11-07 02:56

binutils CVE-2018-20657 低危 2.30-79.el8 libiberty: Memory leak in demangle_template function resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20657

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-02 14:29 修改: 2019-11-06 01:15

binutils CVE-2018-20673 低危 2.30-79.el8 libiberty: Integer overflow in demangle_template() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20673

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-01-04 18:29 修改: 2020-08-24 17:37

binutils CVE-2018-6872 低危 2.30-79.el8 binutils: out of bounds read in elf_parse_notes function in elf.c file in libbfd library

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6872

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-02-09 06:29 修改: 2023-11-07 03:00

systemd-libs CVE-2021-3997 低危 239-41.el8_3.1 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15

binutils CVE-2019-12972 低危 2.30-79.el8 binutils: out-of-bounds read in setup_group in bfd/elf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12972

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-06-26 14:15 修改: 2023-11-07 03:03

glibc-common CVE-2016-10228 低危 2.28-127.el8 2.28-151.el8 glibc: iconv program can hang when invoked with the -c option

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10228

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-03-02 01:59 修改: 2023-11-07 02:29

glibc-common CVE-2020-27618 低危 2.28-127.el8 2.28-151.el8 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27618

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-26 23:15 修改: 2022-10-28 20:06

glibc-common CVE-2021-27645 低危 2.28-127.el8 2.28-164.el8 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27645

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-02-24 15:15 修改: 2023-11-07 03:31

glibc-common CVE-2021-33574 低危 2.28-127.el8 2.28-164.el8 glibc: mq_notify does not handle separately allocated thread attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33574

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-05-25 22:15 修改: 2023-11-07 03:35

glibc-common CVE-2024-33601 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

nss-softokn CVE-2020-12413 低危 3.53.1-11.el8_2 nss: Information exposure when DH secret are reused across multiple TLS connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12413

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-16 22:15 修改: 2023-02-28 19:49

nss-softokn CVE-2024-7531 低危 3.53.1-11.el8_2 mozilla: nss: PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7531

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-08-06 13:15 修改: 2024-08-12 16:10

glibc-common CVE-2024-33602 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

systemd-pam CVE-2021-3997 低危 239-41.el8_3.1 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15

curl CVE-2020-8231 低危 7.61.1-14.el8_3.1 7.61.1-18.el8 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04

grub2-tools-minimal CVE-2021-3981 低危 1:2.02-90.el8 1:2.02-123.el8 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3981

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-03-10 17:43 修改: 2024-01-16 01:15

grub2-tools-minimal CVE-2023-4692 低危 1:2.02-90.el8 1:2.02-156.el8 grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4692

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-10-25 18:17 修改: 2024-09-16 16:15

grub2-tools-minimal CVE-2023-4693 低危 1:2.02-90.el8 1:2.02-156.el8 grub2: out-of-bounds read at fs/ntfs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4693

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-10-25 18:17 修改: 2024-09-16 16:15

curl CVE-2021-22898 低危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: TELNET stack contents disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47

curl CVE-2021-22925 低危 7.61.1-14.el8_3.1 7.61.1-22.el8 curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22925

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11

kexec-tools CVE-2021-20269 低危 2.0.20-34.el8_3.1 2.0.20-57.el8 kexec-tools: incorrect permissions on kdump dmesg file

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20269

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-03-10 17:41 修改: 2023-02-12 22:15

curl CVE-2022-35252 低危 7.61.1-14.el8_3.1 7.61.1-30.el8 curl: Incorrect handling of control code characters in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-09-23 14:15 修改: 2024-03-27 15:00

curl CVE-2022-43552 低危 7.61.1-14.el8_3.1 7.61.1-30.el8 curl: Use-after-free triggered by an HTTP proxy deny response

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-09 20:15 修改: 2024-03-27 14:55

systemd-udev CVE-2021-3997 低危 239-41.el8_3.1 systemd: Uncontrolled recursion in systemd-tmpfiles when removing files

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15

nss-softokn-freebl CVE-2020-12413 低危 3.53.1-11.el8_2 nss: Information exposure when DH secret are reused across multiple TLS connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12413

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-16 22:15 修改: 2023-02-28 19:49

nss-softokn-freebl CVE-2024-7531 低危 3.53.1-11.el8_2 mozilla: nss: PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7531

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-08-06 13:15 修改: 2024-08-12 16:10

tar CVE-2019-9923 低危 2:1.30-5.el8 tar: null-pointer dereference in pax_decode_header in sparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9923

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-03-22 08:29 修改: 2023-11-07 03:13

tar CVE-2021-20193 低危 2:1.30-5.el8 tar: Memory leak in read_header() in list.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20193

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-03-26 17:15 修改: 2024-10-24 18:15

tar CVE-2023-39804 低危 2:1.30-5.el8 tar: Incorrectly handled extension attributes in PAX archives can lead to a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39804

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-03-27 04:15 修改: 2024-03-27 12:29

curl CVE-2023-27534 低危 7.61.1-14.el8_3.1 curl: SFTP path ~ resolving discrepancy

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:54

curl CVE-2023-28322 低危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: more POST-after-PUT confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15

trousers CVE-2020-24330 低危 0.3.14-4.el8 0.3.15-1.el8 trousers: fails to drop the root gid privilege when no longer needed

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24330

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

curl CVE-2023-38546 低危 7.61.1-14.el8_3.1 7.61.1-33.el8_9.5 curl: cookie injection with none file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15

file CVE-2019-8905 低危 5.33-16.el8 file: stack-based buffer over-read in do_core_note in readelf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8905

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-02-18 17:29 修改: 2021-12-09 19:38

trousers-lib CVE-2020-24330 低危 0.3.14-4.el8 0.3.15-1.el8 trousers: fails to drop the root gid privilege when no longer needed

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24330

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2020-08-13 17:15 修改: 2023-11-07 03:19

file CVE-2019-8906 低危 5.33-16.el8 file: out-of-bounds read in do_core_note in readelf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8906

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2019-02-18 17:29 修改: 2021-12-09 19:44

binutils CVE-2019-14250 低危 2.30-79.el8 binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14250

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-07-24 04:15 修改: 2023-03-01 18:01

krb5-libs CVE-2024-26458 低危 1.18.2-5.el8 1.18.2-27.el8_10 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

krb5-libs CVE-2024-26461 低危 1.18.2-5.el8 1.18.2-27.el8_10 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

file-libs CVE-2019-8905 低危 5.33-16.el8 file: stack-based buffer over-read in do_core_note in readelf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8905

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-18 17:29 修改: 2021-12-09 19:38

file-libs CVE-2019-8906 低危 5.33-16.el8 file: out-of-bounds read in do_core_note in readelf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8906

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-18 17:29 修改: 2021-12-09 19:44

nss-sysinit CVE-2020-12413 低危 3.53.1-11.el8_2 nss: Information exposure when DH secret are reused across multiple TLS connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12413

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-16 22:15 修改: 2023-02-28 19:49

nss-sysinit CVE-2024-7531 低危 3.53.1-11.el8_2 mozilla: nss: PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7531

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-08-06 13:15 修改: 2024-08-12 16:10

binutils CVE-2019-9071 低危 2.30-79.el8 binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9071

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-24 00:29 修改: 2021-12-10 19:32

glibc-langpack-en CVE-2016-10228 低危 2.28-127.el8 2.28-151.el8 glibc: iconv program can hang when invoked with the -c option

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10228

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2017-03-02 01:59 修改: 2023-11-07 02:29

glibc-langpack-en CVE-2020-27618 低危 2.28-127.el8 2.28-151.el8 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27618

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-02-26 23:15 修改: 2022-10-28 20:06

libarchive CVE-2017-14166 低危 3.3.2-9.el8 3.3.3-1.el8 libarchive: Heap-based buffer over-read in the atol8 function

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14166

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-09-06 18:29 修改: 2019-08-15 18:15

libarchive CVE-2017-14501 低危 3.3.2-9.el8 3.3.3-1.el8 libarchive: Out-of-bounds read in parse_file_info

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14501

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2017-09-17 18:29 修改: 2018-12-28 16:29

libarchive CVE-2018-1000879 低危 3.3.2-9.el8 libarchive: NULL pointer dereference in ACL parser resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000879

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-20 17:29 修改: 2023-11-07 02:51

libarchive CVE-2018-1000880 低危 3.3.2-9.el8 libarchive: Improper input validation in WARC parser resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000880

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2018-12-20 17:29 修改: 2023-11-07 02:51

libarchive CVE-2020-21674 低危 3.3.2-9.el8 libarchive: heap-based buffer overflow in archive_string_append_from_wcs function in archive_string.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-21674

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2020-10-15 15:15 修改: 2020-10-26 15:53

libarchive CVE-2022-36227 低危 3.3.2-9.el8 3.3.3-5.el8 libarchive: NULL pointer dereference in archive_write.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36227

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-11-22 02:15 修改: 2024-03-27 16:04

glibc-langpack-en CVE-2021-27645 低危 2.28-127.el8 2.28-164.el8 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27645

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-02-24 15:15 修改: 2023-11-07 03:31

nss-util CVE-2020-12413 低危 3.53.1-11.el8_2 nss: Information exposure when DH secret are reused across multiple TLS connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12413

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2023-02-16 22:15 修改: 2023-02-28 19:49

vim-minimal CVE-2018-20786 低危 2:8.0.1763-15.el8 libvterm: NULL pointer dereference in vterm_screen_set_callbacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20786

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2019-02-24 14:29 修改: 2020-03-30 20:15

vim-minimal CVE-2020-20703 低危 2:8.0.1763-15.el8 vim: buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-20703

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-20 15:15 修改: 2023-06-27 20:54

vim-minimal CVE-2021-3236 低危 2:8.0.1763-15.el8 vim: NULL pointer dereference in ex_buffer_all method

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3236

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-08-11 14:15 修改: 2023-09-15 14:15

vim-minimal CVE-2021-3927 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in gchar_cursor() in misc1.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3927

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-05 15:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-3974 低危 2:8.0.1763-15.el8 vim: Use after free in regexp_nfa.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3974

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-11-19 11:15 修改: 2023-11-07 03:38

vim-minimal CVE-2021-4166 低危 2:8.0.1763-15.el8 vim: out-of-bounds read in do_arg_all() in src/arglist.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4166

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-12-25 19:15 修改: 2023-11-07 03:40

vim-minimal CVE-2022-0351 低危 2:8.0.1763-15.el8 vim: access of memory location before start of buffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0351

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-01-25 18:15 修改: 2022-11-09 19:20

vim-minimal CVE-2022-1154 低危 2:8.0.1763-15.el8 2:8.0.1763-16.el8_5.13 vim: use after free in utf_ptr2char

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1154

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-03-30 12:15 修改: 2023-11-07 03:41

vim-minimal CVE-2022-1619 低危 2:8.0.1763-15.el8 vim: heap-buffer-overflow in cmdline_erase_chars of ex_getln.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1619

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-05-08 10:15 修改: 2023-11-07 03:42

vim-minimal CVE-2022-1720 低危 2:8.0.1763-15.el8 vim: buffer over-read in grab_file_name() in findfile.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1720

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-20 15:15 修改: 2023-11-07 03:42

vim-minimal CVE-2022-2124 低危 2:8.0.1763-15.el8 vim: out of bounds read in current_quote()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2124

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-19 10:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2125 低危 2:8.0.1763-15.el8 vim: Heap-based Buffer Overflow in get_lisp_indent()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2125

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-19 12:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2126 低危 2:8.0.1763-15.el8 vim: out of bounds read in suggest_trie_walk()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2126

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-19 13:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2129 低危 2:8.0.1763-15.el8 vim: out of bounds write in vim_regsub_both()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2129

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-19 19:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2175 低危 2:8.0.1763-15.el8 vim: buffer over-read in put_on_cmdline() at ex_getln.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2175

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-23 13:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2182 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow through parse_cmd_address() in function utf_ptr2char

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2182

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-23 18:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2183 低危 2:8.0.1763-15.el8 vim: out-of-bounds read through get_lisp_indent() in function get_lisp_indent

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2183

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-23 19:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2206 低危 2:8.0.1763-15.el8 vim: out-of-bound read in function msg_outtrans_attr

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2206

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-26 19:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2207 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in function ins_bs

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2207

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-27 12:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2208 低危 2:8.0.1763-15.el8 vim: null pointer dereference in function diff_check

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2208

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-27 13:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2210 低危 2:8.0.1763-15.el8 vim: out-of-bound write in function ml_append_int

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2210

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-06-27 16:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2284 低危 2:8.0.1763-15.el8 vim: out of bounds read in utfc_ptr2len() at mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2284

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-02 15:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2285 低危 2:8.0.1763-15.el8 vim: integer overflow in del_typebuf() at getchar.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2285

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-02 16:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2286 低危 2:8.0.1763-15.el8 vim: out of bounds read in ins_bytes() at change.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2286

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-02 19:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2287 低危 2:8.0.1763-15.el8 vim: out of bounds read in suggest_trie_walk() at spellsuggest.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2287

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-02 22:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2343 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in ins_compl_add() in insexpand.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2343

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-08 18:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2344 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in ins_compl_add() in insexpand.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2344

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-08 19:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2345 低危 2:8.0.1763-15.el8 vim: use-after-free in skipwhite() in charset.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2345

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-08 22:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2522 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in ins_compl_infercase_gettext() at src/insexpand.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2522

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-07-25 14:15 修改: 2023-05-03 12:16

vim-minimal CVE-2022-2819 低危 2:8.0.1763-15.el8 vim: heap buffer overflow in compile_lock_unlock() at src/vim9cmds.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2819

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-15 11:21 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2845 低危 2:8.0.1763-15.el8 vim: Buffer Under-read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2845

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-17 15:15 修改: 2023-07-10 16:15

vim-minimal CVE-2022-2849 低危 2:8.0.1763-15.el8 vim: heap-based buffer overflow in latin_ptr2len() at src/mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2849

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-17 18:15 修改: 2023-11-07 03:46

vim-minimal CVE-2022-2923 低危 2:8.0.1763-15.el8 vim: null pointer dereference in function sug_filltree

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2923

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-22 21:15 修改: 2023-11-07 03:47

vim-minimal CVE-2022-2946 低危 2:8.0.1763-15.el8 vim: use after free in function vim_vsnprintf_typval

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2946

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-23 17:15 修改: 2023-11-07 03:47

vim-minimal CVE-2022-2980 低危 2:8.0.1763-15.el8 vim: null pointer dereference in do_mouse() at src/mouse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2980

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-25 20:15 修改: 2023-11-07 03:47

vim-minimal CVE-2022-3037 低危 2:8.0.1763-15.el8 vim: use after free in function qf_buf_add_line( )

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3037

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-08-30 21:15 修改: 2023-11-07 03:50

vim-minimal CVE-2022-3153 低危 2:8.0.1763-15.el8 vim: null pointer dereference in vim_regcomp()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3153

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-08 15:15 修改: 2023-05-03 12:16

vim-minimal CVE-2022-3234 低危 2:8.0.1763-15.el8 vim: Heap-based Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3234

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-17 22:15 修改: 2023-11-07 03:50

vim-minimal CVE-2022-3235 低危 2:8.0.1763-15.el8 vim: Use After Free

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3235

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-18 20:15 修改: 2023-11-07 03:50

vim-minimal CVE-2022-3256 低危 2:8.0.1763-15.el8 vim: use-after-free in movemark() at mark.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3256

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-22 13:15 修改: 2023-11-07 03:51

vim-minimal CVE-2022-3296 低危 2:8.0.1763-15.el8 vim: stack buffer overflow in ex_finally() in ex_eval.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3296

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-25 17:15 修改: 2023-11-07 03:51

vim-minimal CVE-2022-3352 低危 2:8.0.1763-15.el8 vim: use after free

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3352

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-09-29 12:15 修改: 2023-11-07 03:51

vim-minimal CVE-2022-3705 低危 2:8.0.1763-15.el8 vim: a use after free in the function qf_update_buffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3705

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-10-26 20:15 修改: 2023-11-07 03:51

vim-minimal CVE-2022-4292 低危 2:8.0.1763-15.el8 vim: use-after-free in did_set_spelllang() in src/spell.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4292

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-05 19:15 修改: 2023-11-07 03:57

vim-minimal CVE-2022-4293 低危 2:8.0.1763-15.el8 vim: floating point exception in num_divide() in src/eval.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4293

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2022-12-05 19:15 修改: 2023-05-03 12:16

vim-minimal CVE-2023-0049 低危 2:8.0.1763-15.el8 vim: out-of-bounds read in function build_stl_str_hl

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0049

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-04 16:15 修改: 2023-11-07 03:59

vim-minimal CVE-2023-0054 低危 2:8.0.1763-15.el8 vim: out-of-bounds write in do_string_sub() in eval.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0054

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-04 19:15 修改: 2023-06-12 20:15

vim-minimal CVE-2023-0288 低危 2:8.0.1763-15.el8 vim: a heap-based buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0288

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-13 16:15 修改: 2023-11-07 04:00

vim-minimal CVE-2023-0433 低危 2:8.0.1763-15.el8 vim: reading past the end of a line when formatting text

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0433

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-21 15:15 修改: 2023-11-07 04:00

vim-minimal CVE-2023-0512 低危 2:8.0.1763-15.el8 vim: divide by zero in adjust_skipcol() at move.ca

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0512

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-01-30 16:15 修改: 2023-11-07 04:00

vim-minimal CVE-2023-1127 低危 2:8.0.1763-15.el8 vim: Divide By Zero in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1127

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-03-01 19:15 修改: 2023-11-07 04:02

vim-minimal CVE-2023-1170 低危 2:8.0.1763-15.el8 vim: Heap-based Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1170

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-03-03 23:15 修改: 2023-11-07 04:02

vim-minimal CVE-2023-1175 低危 2:8.0.1763-15.el8 vim: Incorrect Calculation of Buffer Size

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1175

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-03-04 16:15 修改: 2023-11-07 04:02

vim-minimal CVE-2023-1264 低危 2:8.0.1763-15.el8 vim: NULL pointer dereference issue in utfc_ptr2len

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1264

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-03-07 22:15 修改: 2023-11-07 04:02

vim-minimal CVE-2023-2609 低危 2:8.0.1763-15.el8 vim: NULL Pointer Dereference in get_register() at register.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2609

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-05-09 18:15 修改: 2023-12-23 07:15

vim-minimal CVE-2023-2610 低危 2:8.0.1763-15.el8 vim: integer overflow vulnerability in vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2610

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-05-09 22:15 修改: 2023-12-23 07:15

vim-minimal CVE-2023-46246 低危 2:8.0.1763-15.el8 vim: Integer Overflow in :history command

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46246

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-27 19:15 修改: 2023-12-17 03:15

vim-minimal CVE-2023-4733 低危 2:8.0.1763-15.el8 vim: use-after-free in function buflist_altfpos

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4733

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-04 14:15 修改: 2024-02-01 17:56

vim-minimal CVE-2023-4734 低危 2:8.0.1763-15.el8 vim: segmentation fault in function f_fullcommand in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4734

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-02 18:15 修改: 2023-12-21 02:52

vim-minimal CVE-2023-4735 低危 2:8.0.1763-15.el8 vim: OOB Write ops.c in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4735

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-02 18:15 修改: 2023-12-22 17:54

vim-minimal CVE-2023-4738 低危 2:8.0.1763-15.el8 vim: heap-buffer-overflow in vim_regsub_both in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4738

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-02 20:15 修改: 2024-02-01 16:16

vim-minimal CVE-2023-4750 低危 2:8.0.1763-15.el8 vim: use-after-free in function bt_quickfix

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4750

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-04 14:15 修改: 2024-02-01 18:01

vim-minimal CVE-2023-4751 低危 2:8.0.1763-15.el8 vim: heap-buffer-overflow in function utfc_ptr2len in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4751

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-03 19:15 修改: 2023-12-22 18:09

vim-minimal CVE-2023-4752 低危 2:8.0.1763-15.el8 vim: use-after-free in function ins_compl_get_exp in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4752

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-04 14:15 修改: 2024-02-01 17:59

vim-minimal CVE-2023-4781 低危 2:8.0.1763-15.el8 vim: heap-buffer-overflow in function vim_regsub_both in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4781

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-09-05 19:15 修改: 2024-02-01 17:57

vim-minimal CVE-2023-48231 低危 2:8.0.1763-15.el8 vim: use after free in win_close()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48231

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2023-12-28 17:39

vim-minimal CVE-2023-48232 低危 2:8.0.1763-15.el8 vim: floating point exception in adjust_plines_for_skipcol()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48232

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:37

vim-minimal CVE-2023-48233 低危 2:8.0.1763-15.el8 vim: overflow with count for :s command

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48233

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:38

vim-minimal CVE-2023-48234 低危 2:8.0.1763-15.el8 vim: overflow in nv_z_get_count

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48234

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:33

vim-minimal CVE-2023-48235 低危 2:8.0.1763-15.el8 vim: overflow in ex address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48235

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:33

vim-minimal CVE-2023-48236 低危 2:8.0.1763-15.el8 vim: overflow in get_number

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48236

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:38

vim-minimal CVE-2023-48237 低危 2:8.0.1763-15.el8 vim: buffer overflow in shift_line

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48237

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-16 23:15 修改: 2024-01-25 21:33

vim-minimal CVE-2023-48706 低危 2:8.0.1763-15.el8 vim: use-after-free in ex_substitute in Vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48706

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-11-22 22:15 修改: 2024-01-05 18:15

vim-minimal CVE-2023-5344 低危 2:8.0.1763-15.el8 vim: Heap-based Buffer Overflow in trunc_string()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5344

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-02 20:15 修改: 2023-12-13 01:15

vim-minimal CVE-2023-5441 低危 2:8.0.1763-15.el8 vim: NULL pointer dereference in screen_line() in src/screen.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5441

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-05 21:15 修改: 2023-11-15 02:33

vim-minimal CVE-2023-5535 低危 2:8.0.1763-15.el8 vim: use after free

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5535

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-10-11 20:15 修改: 2023-11-15 02:31

vim-minimal CVE-2024-22667 低危 2:8.0.1763-15.el8 vim: Stack buffer over flow in did_set_langmap function in map.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22667

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-02-05 08:15 修改: 2024-02-23 16:15

vim-minimal CVE-2024-41965 低危 2:8.0.1763-15.el8 vim: Double-Free Vulnerability in Vim Could Cause Application Crashes

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41965

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-01 22:15 修改: 2024-08-09 14:09

vim-minimal CVE-2024-43374 低危 2:8.0.1763-15.el8 vim: use-after-free in alist_add() in src/arglist.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43374

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-16 02:15 修改: 2024-08-19 13:00

vim-minimal CVE-2024-43802 低危 2:8.0.1763-15.el8 vim: Heap Buffer Overflow in Vim's Typeahead Buffer Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43802

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-08-26 19:15 修改: 2024-08-27 13:02

vim-minimal CVE-2024-45306 低危 2:8.0.1763-15.el8 vim: heap-buffer-overflow in Vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45306

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-09-02 18:15 修改: 2024-10-01 15:20

vim-minimal CVE-2024-47814 低危 2:8.0.1763-15.el8 vim: use-after-free when closing buffers in Vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47814

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2024-10-07 22:15 修改: 2024-10-10 12:57

nss-util CVE-2024-7531 低危 3.53.1-11.el8_2 mozilla: nss: PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7531

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-08-06 13:15 修改: 2024-08-12 16:10

openldap CVE-2023-2953 低危 2.4.46-15.el8 2.4.46-19.el8_10 openldap: null pointer dereference in ber_memalloc_x function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-05-30 22:15 修改: 2023-08-02 16:46

libcap CVE-2023-2602 低危 2.26-4.el8 2.48-5.el8_8 libcap: Memory Leak on pthread_create() Error

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2602

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2023-06-06 20:15 修改: 2023-11-30 05:15

glibc-langpack-en CVE-2021-33574 低危 2.28-127.el8 2.28-164.el8 glibc: mq_notify does not handle separately allocated thread attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33574

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2021-05-25 22:15 修改: 2023-11-07 03:35

glibc-langpack-en CVE-2024-33601 低危 2.28-127.el8 2.28-251.el8_10.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:bf5676fb418b4155beccea7f86055b1b16f55b19bf43071b3173fdeceebbaeb4

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15

binutils CVE-2021-3487 未知 2.30-79.el8 2.30-108.el8 binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3487

镜像层: sha256:2653d992f4ef2bfd27f94db643815aa567240c37732cae1405ad1c1309ee9859

发布日期: 2021-04-15 14:15 修改: 2023-11-20 05:15

Node.js (node-pkg)
低危漏洞:15 中危漏洞:47 高危漏洞:71 严重漏洞:13
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
@babel/traverse CVE-2023-45133 严重 7.11.5 7.23.2, 8.0.0-alpha.4 babel: arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45133

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-10-12 17:15 修改: 2023-10-24 16:52

crypto-js CVE-2023-46233 严重 3.3.0 4.2.0 crypto-js: PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46233

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-10-25 21:15 修改: 2023-11-27 20:15

handlebars CVE-2021-23369 严重 4.7.6 4.7.7 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23369

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-04-12 14:15 修改: 2021-06-08 13:54

handlebars CVE-2021-23383 严重 4.7.6 4.7.7 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23383

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-05-04 09:15 修改: 2021-12-03 19:59

json-schema CVE-2021-3918 严重 0.2.3 0.4.0 nodejs-json-schema: Prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3918

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-11-13 09:15 修改: 2023-02-03 19:15

loader-utils CVE-2022-37601 严重 1.2.3 2.0.3, 1.4.1 loader-utils: prototype pollution in function parseQuery in parseQuery.js

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37601

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-10-12 20:15 修改: 2023-02-28 15:02

minimist CVE-2021-44906 严重 1.2.5 1.2.6, 0.2.4 minimist: prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44906

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-03-17 16:15 修改: 2024-06-21 19:15

nodemailer CVE-2020-7769 严重 4.7.0 6.4.16 This affects the package nodemailer before 6.4.16. Use of crafted reci ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7769

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2020-11-12 09:15 修改: 2021-07-21 11:39

parse-url CVE-2022-2216 严重 5.0.1 6.0.1 Server-Side Request Forgery in parse-url

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2216

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-06-27 12:15 修改: 2022-07-06 18:25

parse-url CVE-2022-2900 严重 5.0.1 8.1.0 Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2900

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-09-14 11:15 修改: 2022-09-16 02:58

set-getter CVE-2021-25949 严重 0.1.0 0.1.1 set-getter: prototype pollution in ‘set-getter may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25949

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-06-10 12:15 修改: 2022-06-28 14:11

squel GHSA-4qhx-g9wp-g9m6 严重 5.13.0 Failure to sanitize quotes which can lead to sql injection in squel

漏洞详情: https://github.com/advisories/GHSA-4qhx-g9wp-g9m6

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

url-parse CVE-2022-0686 严重 1.4.7 1.5.8 npm-url-parse: Authorization bypass through user-controlled key

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0686

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-02-20 13:15 修改: 2023-02-23 03:15

braces CVE-2024-4068 高危 3.0.2 3.0.3 braces: fails to limit the number of characters it can handle

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07

browserify-sign CVE-2023-46234 高危 4.0.4 4.2.2 browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46234

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-10-26 15:15 修改: 2024-02-28 03:15

ammo GHSA-mg85-8mv5-ffjr 高危 3.0.1 Denial of Service in ammo

漏洞详情: https://github.com/advisories/GHSA-mg85-8mv5-ffjr

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

d3-color GHSA-36jr-mh4h-2g58 高危 1.4.1 3.1.0 d3-color vulnerable to ReDoS

漏洞详情: https://github.com/advisories/GHSA-36jr-mh4h-2g58

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

decode-uri-component CVE-2022-38900 高危 0.2.0 0.2.1 decode-uri-component: improper input validation resulting in DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38900

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-11-28 13:15 修改: 2023-11-07 03:50

follow-redirects CVE-2022-0155 高危 1.5.10 1.14.7 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0155

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-01-10 20:15 修改: 2022-10-28 17:54

glob-parent CVE-2020-28469 高危 5.1.1 5.1.2 nodejs-glob-parent: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28469

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-06-03 16:15 修改: 2022-03-29 16:39

glob-parent CVE-2020-28469 高危 5.1.1 5.1.2 nodejs-glob-parent: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28469

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-06-03 16:15 修改: 2022-03-29 16:39

angular CVE-2024-21490 高危 1.8.0 angular: Inefficient Regular Expression Complexity

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21490

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-02-10 05:15 修改: 2024-10-10 13:51

ansi-regex CVE-2021-3807 高危 3.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01

hapi GHSA-7hx8-2rxv-66xv 高危 17.6.0 Denial of Service in hapi

漏洞详情: https://github.com/advisories/GHSA-7hx8-2rxv-66xv

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

hoek CVE-2020-36604 高危 5.0.4 hapi/hoek: Prototype Pollution in @hapi/hoek

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36604

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-09-23 06:15 修改: 2023-11-07 03:22

hoek CVE-2020-36604 高危 6.0.3 hapi/hoek: Prototype Pollution in @hapi/hoek

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36604

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-09-23 06:15 修改: 2023-11-07 03:22

ansi-regex CVE-2021-3807 高危 5.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01

json5 CVE-2022-46175 高危 1.0.1 2.2.2, 1.0.2 json5: Prototype Pollution in JSON5 via Parse Method

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46175

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-12-24 04:15 修改: 2023-11-26 01:15

json5 CVE-2022-46175 高危 2.1.3 2.2.2, 1.0.2 json5: Prototype Pollution in JSON5 via Parse Method

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46175

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-12-24 04:15 修改: 2023-11-26 01:15

jsonwebtoken CVE-2022-23539 高危 8.5.1 9.0.0 jsonwebtoken: Unrestricted key type could lead to legacy keys usagen

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23539

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-12-23 00:15 修改: 2024-06-21 19:15

ansi-regex CVE-2021-3807 高危 5.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01

loader-utils CVE-2022-37599 高危 1.2.3 1.4.2, 2.0.4, 3.2.1 loader-utils: regular expression denial of service in interpolateName.js

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37599

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-10-11 19:15 修改: 2024-02-28 03:15

loader-utils CVE-2022-37603 高危 1.2.3 1.4.2, 2.0.4, 3.2.1 loader-utils: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37603

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-10-14 16:15 修改: 2023-11-07 03:49

lodash CVE-2021-23337 高危 4.17.20 4.17.21 nodejs-lodash: command injection via template

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23337

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-02-15 13:15 修改: 2022-09-13 21:25

lodash.pick CVE-2020-8203 高危 4.4.0 nodejs-lodash: prototype pollution in zipObjectDeep function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8203

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2020-07-15 17:15 修改: 2024-01-21 02:37

minimatch CVE-2022-3517 高危 3.0.4 3.0.5 nodejs-minimatch: ReDoS via the braceExpand function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3517

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-10-17 20:15 修改: 2023-11-07 03:51

ansi-regex CVE-2021-3807 高危 5.0.0 6.0.1, 5.0.1, 4.1.1, 3.0.1 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3807

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-09-17 07:15 修改: 2023-07-10 19:01

moment CVE-2022-24785 高危 2.28.0 2.29.2 Moment.js: Path traversal in moment.locale

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24785

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-04-04 17:15 修改: 2023-11-07 03:44

moment CVE-2022-31129 高危 2.28.0 2.29.4 moment: inefficient parsing algorithm resulting in DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31129

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-07-06 18:15 修改: 2023-11-07 03:47

node-fetch CVE-2022-0235 高危 2.6.1 3.1.1, 2.6.7 node-fetch: exposure of sensitive information to an unauthorized actor

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0235

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-01-16 17:15 修改: 2023-02-03 19:16

node-forge CVE-2022-24771 高危 0.10.0 1.3.0 node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24771

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-03-18 14:15 修改: 2022-03-28 13:53

node-forge CVE-2022-24772 高危 0.10.0 1.3.0 node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24772

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-03-18 14:15 修改: 2022-03-28 14:10

node-jose CVE-2023-25653 高危 1.1.0 2.2.0 Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25653

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-02-16 19:15 修改: 2023-11-07 04:09

async CVE-2021-43138 高危 2.6.3 3.2.2, 2.6.4 async: Prototype Pollution in async

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43138

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-04-06 17:15 修改: 2024-06-21 19:15

parse-path CVE-2022-0624 高危 4.0.1 5.0.0 Authorization Bypass in parse-path

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0624

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-06-28 09:15 修改: 2022-07-07 16:10

async CVE-2021-43138 高危 3.2.0 3.2.2, 2.6.4 async: Prototype Pollution in async

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43138

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-04-06 17:15 修改: 2024-06-21 19:15

axios CVE-2021-3749 高危 0.18.1 0.21.2 nodejs-axios: Regular expression denial of service in trim function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3749

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 11:15 修改: 2023-11-07 03:38

parse-url CVE-2022-0722 高危 5.0.1 6.0.1 parse-url: Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0722

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-06-27 11:15 修改: 2022-07-06 17:58

path-to-regexp CVE-2024-45296 高危 1.7.0 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09

qs CVE-2022-24999 高危 6.5.2 6.10.3, 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, 6.2.4 express: "qs" prototype poisoning causes the hang of the node process

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24999

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-11-26 22:15 修改: 2023-09-08 17:15

semver CVE-2022-25883 高危 5.7.1 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44

semver CVE-2022-25883 高危 6.3.0 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44

semver CVE-2022-25883 高危 6.3.0 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44

semver CVE-2022-25883 高危 7.3.2 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44

semver CVE-2022-25883 高危 7.3.2 7.5.2, 6.3.1, 5.7.2 nodejs-semver: Regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25883

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-06-21 05:15 修改: 2023-11-07 03:44

axios CVE-2021-3749 高危 0.19.2 0.21.2 nodejs-axios: Regular expression denial of service in trim function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3749

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 11:15 修改: 2023-11-07 03:38

set-value CVE-2021-23440 高危 3.0.2 4.0.1, 2.0.1, 3.0.3 nodejs-set-value: type confusion allows bypass of CVE-2019-10747

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23440

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-09-12 13:15 修改: 2022-03-29 16:39

braces CVE-2024-4068 高危 2.3.2 3.0.3 braces: fails to limit the number of characters it can handle

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07

ssri CVE-2021-27290 高危 6.0.1 6.0.2, 7.1.1, 8.0.1 nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27290

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-03-12 22:15 修改: 2022-05-13 20:51

ssri CVE-2021-27290 高危 8.0.0 6.0.2, 7.1.1, 8.0.1 nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27290

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-03-12 22:15 修改: 2022-05-13 20:51

subtext GHSA-2mvq-xp48-4c77 高危 6.0.7 Denial of Service in subtext

漏洞详情: https://github.com/advisories/GHSA-2mvq-xp48-4c77

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

subtext GHSA-5854-jvxx-2cg9 高危 6.0.7 Denial of Service in subtext

漏洞详情: https://github.com/advisories/GHSA-5854-jvxx-2cg9

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

subtext GHSA-g64q-3vg8-8f93 高危 6.0.7 Prototype Pollution in subtext

漏洞详情: https://github.com/advisories/GHSA-g64q-3vg8-8f93

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tar CVE-2021-32803 高危 4.4.13 3.2.3, 4.4.15, 5.0.7, 6.1.2 nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32803

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-03 19:15 修改: 2022-07-02 18:28

tar CVE-2021-32804 高危 4.4.13 3.2.2, 4.4.14, 5.0.6, 6.1.1 nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32804

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-03 19:15 修改: 2022-04-25 19:12

tar CVE-2021-37701 高危 4.4.13 4.4.16, 5.0.8, 6.1.7 nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37701

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 17:15 修改: 2023-01-19 20:11

tar CVE-2021-37712 高危 4.4.13 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37712

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 17:15 修改: 2023-02-23 02:28

tar CVE-2021-37713 高危 4.4.13 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37713

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 17:15 修改: 2022-04-25 18:40

tar CVE-2021-32803 高危 6.0.2 3.2.3, 4.4.15, 5.0.7, 6.1.2 nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32803

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-03 19:15 修改: 2022-07-02 18:28

tar CVE-2021-32803 高危 6.0.2 3.2.3, 4.4.15, 5.0.7, 6.1.2 nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32803

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-03 19:15 修改: 2022-07-02 18:28

tar CVE-2021-32804 高危 6.0.2 3.2.2, 4.4.14, 5.0.6, 6.1.1 nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32804

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-03 19:15 修改: 2022-04-25 19:12

tar CVE-2021-32804 高危 6.0.2 3.2.2, 4.4.14, 5.0.6, 6.1.1 nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32804

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-03 19:15 修改: 2022-04-25 19:12

tar CVE-2021-37701 高危 6.0.2 4.4.16, 5.0.8, 6.1.7 nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37701

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 17:15 修改: 2023-01-19 20:11

tar CVE-2021-37701 高危 6.0.2 4.4.16, 5.0.8, 6.1.7 nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37701

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 17:15 修改: 2023-01-19 20:11

tar CVE-2021-37712 高危 6.0.2 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37712

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 17:15 修改: 2023-02-23 02:28

tar CVE-2021-37712 高危 6.0.2 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37712

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 17:15 修改: 2023-02-23 02:28

tar CVE-2021-37713 高危 6.0.2 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37713

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 17:15 修改: 2022-04-25 18:40

tar CVE-2021-37713 高危 6.0.2 4.4.18, 5.0.10, 6.1.9 nodejs-tar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37713

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-08-31 17:15 修改: 2022-04-25 18:40

terser CVE-2022-25858 高危 4.8.0 4.8.1, 5.14.2 terser: insecure use of regular expressions leads to ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25858

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-07-15 20:15 修改: 2023-08-08 14:22

ua-parser-js CVE-2020-7793 高危 0.7.22 0.7.23 nodejs-ua-parser-js: ReDoS in multiple regexes

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7793

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2020-12-11 14:15 修改: 2022-09-13 21:23

ua-parser-js CVE-2021-27292 高危 0.7.22 0.7.24 nodejs-ua-parser-js: ReDoS via malicious User-Agent header

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27292

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-03-17 13:15 修改: 2021-03-23 20:21

ua-parser-js CVE-2022-25927 高危 0.7.22 0.7.33, 1.0.33 ua-parser-js: ReDoS vulnerability via the trim() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25927

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-01-26 21:15 修改: 2023-11-07 03:44

braces CVE-2024-4068 高危 3.0.2 3.0.3 braces: fails to limit the number of characters it can handle

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07

ws CVE-2024-37890 高危 6.2.1 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44

request CVE-2023-28155 中危 2.88.2 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15

kibana CVE-2021-37939 中危 7.10.2 7.15.2 kibana: HTTP server information disclosure via JIRA and IBM Resilient connectors

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37939

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-11-18 16:15 修改: 2021-11-23 17:21

elliptic CVE-2020-28498 中危 6.5.3 6.5.4 The package elliptic before 6.5.4 are vulnerable to Cryptographic Issu ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28498

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-02-02 19:15 修改: 2024-10-16 13:45

axios CVE-2023-45857 中危 0.18.1 1.6.0, 0.28.0 axios: exposure of confidential data stored in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45857

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-11-08 21:15 修改: 2024-06-21 19:15

follow-redirects CVE-2022-0536 中危 1.5.10 1.14.8 follow-redirects: Exposure of Sensitive Information via Authorization Header leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0536

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-02-09 11:15 修改: 2023-08-02 09:15

follow-redirects CVE-2023-26159 中危 1.5.10 1.15.4 follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26159

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-01-02 05:15 修改: 2024-01-23 03:15

lodash CVE-2020-28500 中危 4.17.20 4.17.21 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28500

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-02-15 11:15 修改: 2022-09-13 21:18

follow-redirects CVE-2024-28849 中危 1.5.10 1.15.6 follow-redirects: Possible credential leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28849

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-03-14 17:15 修改: 2024-03-23 03:15

markdown-it CVE-2022-21670 中危 10.0.0 12.3.2 markdown-it is a Markdown parser. Prior to version 1.3.2, special patt ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21670

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-01-10 21:15 修改: 2023-07-24 13:54

micromatch CVE-2024-4067 中危 3.1.10 4.0.8 micromatch: vulnerable to Regular Expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15

micromatch CVE-2024-4067 中危 4.0.2 4.0.8 micromatch: vulnerable to Regular Expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15

angular CVE-2023-26116 中危 1.8.0 angularjs: Regular Expression Denial of Service via angular.copy()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26116

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-03-30 05:15 修改: 2023-11-07 04:09

axios CVE-2020-28168 中危 0.19.2 0.21.1 nodejs-axios: allows an attacker to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28168

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2020-11-06 20:15 修改: 2023-11-07 03:21

axios CVE-2023-45857 中危 0.19.2 1.6.0, 0.28.0 axios: exposure of confidential data stored in cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45857

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-11-08 21:15 修改: 2024-06-21 19:15

angular CVE-2023-26117 中危 1.8.0 angularjs: Regular expression denial of service via the $resource service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26117

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-03-30 05:15 修改: 2023-11-07 04:09

moment-timezone GHSA-v78c-4p63-2j6c 中危 0.5.27 0.5.35 Cleartext Transmission of Sensitive Information in moment-timezone

漏洞详情: https://github.com/advisories/GHSA-v78c-4p63-2j6c

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

apollo-server-core GHSA-w42g-7vfc-xf37 中危 1.3.6 2.14.2 Introspection in schema validation in Apollo Server

漏洞详情: https://github.com/advisories/GHSA-w42g-7vfc-xf37

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

highlight.js GHSA-7wwv-vh3v-89cq 中危 9.18.5 10.4.1 ReDOS vulnerabities: multiple grammars

漏洞详情: https://github.com/advisories/GHSA-7wwv-vh3v-89cq

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

apollo-server-hapi GHSA-w42g-7vfc-xf37 中危 1.3.6 2.14.2 Introspection in schema validation in Apollo Server

漏洞详情: https://github.com/advisories/GHSA-w42g-7vfc-xf37

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tar CVE-2024-28863 中危 4.4.13 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16

node-forge CVE-2022-0122 中危 0.10.0 1.0.0 Open Redirect in node-forge

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0122

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-01-06 05:15 修改: 2022-01-12 20:14

node-forge CVE-2022-24773 中危 0.10.0 1.3.0 node-forge: Signature verification leniency in checking `DigestInfo` structure

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24773

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-03-18 14:15 修改: 2022-03-28 14:20

angular CVE-2023-26118 中危 1.8.0 angularjs: Regular Expression Denial of Service via the <input type="url"> element

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26118

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-03-30 05:15 修改: 2023-11-07 04:09

hosted-git-info CVE-2021-23362 中危 2.5.0 2.8.9, 3.0.8 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23362

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-03-23 17:15 修改: 2023-08-08 14:22

nodemailer CVE-2021-23400 中危 4.7.0 6.6.1 The package nodemailer before 6.6.1 are vulnerable to HTTP Header Inje ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23400

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-06-29 12:15 修改: 2021-07-06 18:48

nodemailer GHSA-9h6g-pr28-7cqp 中危 4.7.0 6.9.9 nodemailer ReDoS when trying to send a specially crafted email

漏洞详情: https://github.com/advisories/GHSA-9h6g-pr28-7cqp

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

color-string CVE-2021-29060 中危 1.5.3 1.5.5 nodejs-color-string: Regular expression denial of service when the application is provided and checks a crafted invalid HWB string

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29060

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-06-21 16:15 修改: 2021-07-01 14:57

angular CVE-2022-25844 中危 1.8.0 angular: Regular Expression Denial of Service (ReDoS) in angular

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25844

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-05-01 16:15 修改: 2023-11-07 03:44

angular CVE-2022-25869 中危 1.8.0 All versions of package angular are vulnerable to Cross-site Scripting ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25869

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-07-15 20:15 修改: 2022-07-21 14:32

axios CVE-2020-28168 中危 0.18.1 0.21.1 nodejs-axios: allows an attacker to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28168

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2020-11-06 20:15 修改: 2023-11-07 03:21

tar CVE-2024-28863 中危 6.0.2 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16

tar CVE-2024-28863 中危 6.0.2 6.2.1 node-tar: denial of service while parsing a tar file due to lack of folders depth validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28863

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-03-21 23:15 修改: 2024-06-10 17:16

parse-url CVE-2022-2217 中危 5.0.1 6.0.1 npm: XSS in parse-url

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2217

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-06-27 11:15 修改: 2022-07-06 18:01

tough-cookie CVE-2023-26136 中危 2.5.0 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15

parse-url CVE-2022-2218 中危 5.0.1 6.0.1 Cross site scripting in parse-url

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2218

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-06-27 13:15 修改: 2022-07-06 19:41

parse-url CVE-2022-3224 中危 5.0.1 8.1.0 parse-url parses http URLs incorrectly, making it vulnerable to host name spoofing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3224

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-09-15 12:15 修改: 2022-09-17 02:34

path-parse CVE-2021-23343 中危 1.0.6 1.0.7 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23343

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-05-04 09:15 修改: 2023-11-07 03:30

jsonwebtoken CVE-2022-23540 中危 8.5.1 9.0.0 jsonwebtoken: Insecure default algorithm in jwt.verify() could lead to signature validation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23540

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-12-22 19:15 修改: 2024-06-21 19:15

url-parse CVE-2021-27515 中危 1.4.7 1.5.0 nodejs-url-parse: mishandling certain uses of backslash may lead to confidentiality compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27515

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-02-22 00:15 修改: 2023-02-23 03:15

url-parse CVE-2021-3664 中危 1.4.7 1.5.2 nodejs-url-parse: URL Redirection to Untrusted Site

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3664

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-07-26 12:15 修改: 2023-02-23 03:15

url-parse CVE-2022-0512 中危 1.4.7 1.5.6 nodejs-url-parse: authorization bypass through user-controlled key

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0512

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-02-14 16:15 修改: 2023-02-23 03:15

url-parse CVE-2022-0639 中危 1.4.7 1.5.7 npm-url-parse: Authorization Bypass Through User-Controlled Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0639

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-02-17 18:15 修改: 2023-02-23 03:15

url-parse CVE-2022-0691 中危 1.4.7 1.5.9 npm-url-parse: authorization bypass through user-controlled key

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0691

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-02-21 09:15 修改: 2023-02-23 03:15

word-wrap CVE-2023-26115 中危 1.2.3 1.2.4 word-wrap: ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26115

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-06-22 05:15 修改: 2024-06-21 19:15

jsonwebtoken CVE-2022-23541 中危 8.5.1 9.0.0 jsonwebtoken: Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23541

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2022-12-22 18:15 修改: 2024-06-21 19:15

ws CVE-2021-32640 中危 6.2.1 7.4.6, 6.2.2, 5.2.3 nodejs-ws: Specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32640

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2021-05-25 19:15 修改: 2023-11-07 03:35

xml2js CVE-2023-0842 中危 0.4.22 0.5.0 node-xml2js: xml2js is vulnerable to prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0842

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2023-04-05 20:15 修改: 2024-03-14 21:15

angular CVE-2024-8372 低危 1.8.0 Improper sanitization of the value of the '[srcset]' attribute in Angu ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8372

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-09-09 15:15 修改: 2024-09-17 17:24

cookie CVE-2024-47764 低危 0.4.0 0.7.0 cookie: cookie accepts cookie name, path, and domain with out of bounds characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47764

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-10-04 20:15 修改: 2024-10-07 17:48

elliptic CVE-2024-42459 低危 6.5.3 6.5.7 elliptic: nodejs/elliptic: EDDSA signature malleability due to missing signature length check

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42459

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-08-02 07:16 修改: 2024-08-02 15:35

elliptic CVE-2024-42460 低危 6.5.3 6.5.7 elliptic: nodejs/elliptic: ECDSA signature malleability due to missing checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42460

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-08-02 07:16 修改: 2024-08-02 16:35

elliptic CVE-2024-42461 低危 6.5.3 6.5.7 elliptic: nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-42461

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-08-02 07:16 修改: 2024-08-16 16:51

elliptic CVE-2024-48948 低危 6.5.3 elliptic: ECDSA signature verification error may reject legitimate transactions

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-48948

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-10-15 14:15 修改: 2024-10-16 16:38

moment-timezone GHSA-56x4-j7p9-fcf9 低危 0.5.27 0.5.35 Command Injection in moment-timezone

漏洞详情: https://github.com/advisories/GHSA-56x4-j7p9-fcf9

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

elliptic CVE-2024-48949 低危 6.5.3 6.5.6 elliptic: Missing Validation in Elliptic's EDDSA Signature Verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-48949

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-10-10 01:15 修改: 2024-10-15 14:07

es5-ext CVE-2024-27088 低危 0.10.46 0.10.63 es5-ext contains ECMAScript 5 extensions. Passing functions with very ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27088

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-02-26 17:15 修改: 2024-02-26 22:10

apollo-server-core GHSA-j5g3-5c8r-7qfx 低危 1.3.6 3.12.1, 2.26.1 Prevent logging invalid header values

漏洞详情: https://github.com/advisories/GHSA-j5g3-5c8r-7qfx

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

angular CVE-2024-8373 低危 1.8.0 Improper sanitization of the value of the [srcset] attribute in <sourc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8373

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2024-09-09 15:15 修改: 2024-09-17 17:32

debug CVE-2017-16137 低危 3.2.6 2.6.9, 3.1.0, 3.2.7, 4.3.1 nodejs-debug: Regular expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16137

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2018-06-07 02:29 修改: 2023-11-07 02:40

node-forge GHSA-5rrq-pxf6-6jx5 低危 0.10.0 1.0.0 Prototype Pollution in node-forge debug API.

漏洞详情: https://github.com/advisories/GHSA-5rrq-pxf6-6jx5

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

node-forge GHSA-gf8q-jrpm-jvxq 低危 0.10.0 1.0.0 URL parsing in node-forge could lead to undesired behavior.

漏洞详情: https://github.com/advisories/GHSA-gf8q-jrpm-jvxq

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

debug CVE-2017-16137 低危 4.1.1 2.6.9, 3.1.0, 3.2.7, 4.3.1 nodejs-debug: Regular expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16137

镜像层: sha256:7df61f0d4dd1992529f498ad243900364e3832805674554804a7aa81c6bc8dab

发布日期: 2018-06-07 02:29 修改: 2023-11-07 02:40