| freetype |
CVE-2025-23022 |
高危 |
2.8-14.amzn2.1.2 |
2.8-14.amzn2.1.4 |
freetype: signed integer overflow in cf2_doFlex
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23022
镜像层: sha256:931727b5589acb5f9a358bf025969d45071e5745b0dd82e55c844fd63f866c0b
发布日期: 2025-01-10 15:15 修改: 2025-01-16 21:12
|
| freetype |
CVE-2025-27363 |
高危 |
2.8-14.amzn2.1.2 |
2.8-14.amzn2.1.4 |
freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27363
镜像层: sha256:931727b5589acb5f9a358bf025969d45071e5745b0dd82e55c844fd63f866c0b
发布日期: 2025-03-11 14:15 修改: 2026-04-20 13:15
|
| glib2 |
CVE-2023-29499 |
高危 |
2.56.1-9.amzn2.0.8 |
2.56.1-9.amzn2.0.9 |
glib: GVariant offset table entry size is not checked in is_normal()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29499
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2023-09-14 20:15 修改: 2024-11-21 07:57
|
| glib2 |
CVE-2023-32611 |
高危 |
2.56.1-9.amzn2.0.8 |
2.56.1-9.amzn2.0.9 |
glib: g_variant_byteswap() can take a long time with some non-normal inputs
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32611
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2023-09-14 20:15 修改: 2024-11-21 08:03
|
| glib2 |
CVE-2023-32636 |
高危 |
2.56.1-9.amzn2.0.8 |
2.56.1-9.amzn2.0.9 |
glib: Timeout in fuzz_variant_text
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32636
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2023-09-14 20:15 修改: 2024-11-21 08:03
|
| glib2 |
CVE-2023-32643 |
高危 |
2.56.1-9.amzn2.0.8 |
2.56.1-9.amzn2.0.9 |
glib: Heap-buffer-overflow in g_variant_serialised_get_child
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32643
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2023-09-14 20:15 修改: 2024-11-21 08:03
|
| glib2 |
CVE-2023-32665 |
高危 |
2.56.1-9.amzn2.0.8 |
2.56.1-9.amzn2.0.9 |
glib: GVariant deserialisation does not match spec for non-normal data
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32665
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2023-09-14 20:15 修改: 2024-11-21 08:03
|
| glib2 |
CVE-2025-13601 |
高危 |
2.56.1-9.amzn2.0.8 |
2.56.1-9.amzn2.0.12 |
glib: Integer overflow in in g_escape_uri_string()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13601
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-11-26 15:15 修改: 2026-06-02 14:16
|
| glib2 |
CVE-2025-14087 |
高危 |
2.56.1-9.amzn2.0.8 |
2.56.1-9.amzn2.0.13 |
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14087
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-12-10 09:15 修改: 2026-06-10 18:16
|
| glibc |
CVE-2026-4046 |
高危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.6 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| glibc-common |
CVE-2026-4046 |
高危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.6 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| glibc-langpack-en |
CVE-2026-4046 |
高危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.6 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| glibc-minimal-langpack |
CVE-2026-4046 |
高危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.6 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| gnupg2 |
CVE-2025-68973 |
高危 |
2.0.22-5.amzn2.0.5 |
2.0.22-5.amzn2.0.6 |
GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
|
| libcap |
CVE-2025-1390 |
高危 |
2.54-1.amzn2.0.2 |
2.54-1.amzn2.0.3 |
libcap: pam_cap: Fix potential configuration parsing error
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1390
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-02-18 03:15 修改: 2026-04-15 00:35
|
| libcrypt |
CVE-2026-4046 |
高危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.6 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| libnghttp2 |
CVE-2026-27135 |
高危 |
1.41.0-1.amzn2.0.5 |
1.41.0-1.amzn2.0.6 |
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-18 18:16 修改: 2026-05-13 22:16
|
| libpng |
CVE-2026-33416 |
高危 |
2:1.5.13-8.amzn2.0.5 |
2:1.5.13-8.amzn2.0.8 |
libpng: libpng: Arbitrary code execution due to use-after-free vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33416
镜像层: sha256:931727b5589acb5f9a358bf025969d45071e5745b0dd82e55c844fd63f866c0b
发布日期: 2026-03-26 17:16 修改: 2026-04-02 20:28
|
| libtasn1 |
CVE-2025-13151 |
高危 |
4.10-1.amzn2.0.6 |
4.10-1.amzn2.0.8 |
libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-07 22:15 修改: 2026-02-02 19:27
|
| libxml2 |
CVE-2022-49043 |
高危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.15 |
libxml: use-after-free in xmlXIncludeAddNode
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-49043
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-26 06:15 修改: 2025-11-03 21:15
|
| libxml2 |
CVE-2024-56171 |
高危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.16 |
libxml2: Use-After-Free in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56171
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-02-18 22:15 修改: 2025-11-03 21:17
|
| libxml2 |
CVE-2025-24928 |
高危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.16 |
libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24928
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-02-18 23:15 修改: 2025-11-03 22:18
|
| libxml2 |
CVE-2025-27113 |
高危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.16 |
libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27113
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-02-18 23:15 修改: 2025-11-03 22:18
|
| libxml2 |
CVE-2025-49794 |
高危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.19 |
libxml: Heap use after free (UAF) leads to Denial of service (DoS)
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49794
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-06-16 16:15 修改: 2026-06-02 14:16
|
| libxml2 |
CVE-2025-49796 |
高危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.19 |
libxml: Type confusion leads to Denial of service (DoS)
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49796
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-06-16 16:15 修改: 2026-06-02 14:16
|
| libxml2 |
CVE-2025-6021 |
高危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.18 |
libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6021
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-06-12 13:15 修改: 2026-05-12 13:17
|
| libxml2 |
CVE-2025-7425 |
高危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.20 |
libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-07-10 14:15 修改: 2026-05-12 13:17
|
| openssl-libs |
CVE-2025-68160 |
高危 |
1:1.0.2k-24.amzn2.0.14 |
1:1.0.2k-24.amzn2.0.17 |
openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
|
| openssl-libs |
CVE-2025-69420 |
高危 |
1:1.0.2k-24.amzn2.0.14 |
1:1.0.2k-24.amzn2.0.17 |
openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
|
| openssl-libs |
CVE-2025-69421 |
高危 |
1:1.0.2k-24.amzn2.0.14 |
1:1.0.2k-24.amzn2.0.17 |
openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
|
| openssl-libs |
CVE-2026-22796 |
高危 |
1:1.0.2k-24.amzn2.0.14 |
1:1.0.2k-24.amzn2.0.17 |
openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
|
| openssl-libs |
CVE-2026-28388 |
高危 |
1:1.0.2k-24.amzn2.0.14 |
1:1.0.2k-24.amzn2.0.20 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
|
| openssl-libs |
CVE-2026-28389 |
高危 |
1:1.0.2k-24.amzn2.0.14 |
1:1.0.2k-24.amzn2.0.20 |
openssl: OpenSSL: Denial of Service vulnerability in CMS processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
|
| openssl-libs |
CVE-2026-28390 |
高危 |
1:1.0.2k-24.amzn2.0.14 |
1:1.0.2k-24.amzn2.0.20 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
|
| python |
CVE-2025-13462 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.18 |
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
|
| python |
CVE-2025-8194 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.14 |
cpython: Cpython infinite loop when parsing a tarfile
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-07-28 19:15 修改: 2026-04-15 00:35
|
| python |
CVE-2026-3479 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.18 |
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-18 19:16 修改: 2026-04-07 18:16
|
| python |
CVE-2026-4519 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.18 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-20 15:16 修改: 2026-04-16 14:53
|
| python |
CVE-2026-4786 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.19 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-13 22:16 修改: 2026-04-29 16:16
|
| python |
CVE-2026-6100 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.19 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-13 18:16 修改: 2026-04-17 15:18
|
| python-libs |
CVE-2025-13462 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.18 |
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
|
| python-libs |
CVE-2025-8194 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.14 |
cpython: Cpython infinite loop when parsing a tarfile
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-07-28 19:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2026-3479 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.18 |
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-18 19:16 修改: 2026-04-07 18:16
|
| python-libs |
CVE-2026-4519 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.18 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-20 15:16 修改: 2026-04-16 14:53
|
| python-libs |
CVE-2026-4786 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.19 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-13 22:16 修改: 2026-04-29 16:16
|
| python-libs |
CVE-2026-6100 |
高危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.19 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-13 18:16 修改: 2026-04-17 15:18
|
| vim-data |
CVE-2026-34982 |
高危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.5 |
vim: arbitrary command execution via modeline sandbox bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34982
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:10
|
| vim-data |
CVE-2026-41411 |
高危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.6 |
vim: Vim: Command injection allows arbitrary code execution via malicious tag files
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41411
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-24 17:16 修改: 2026-04-27 13:39
|
| vim-minimal |
CVE-2026-34982 |
高危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.5 |
vim: arbitrary command execution via modeline sandbox bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34982
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:10
|
| vim-minimal |
CVE-2026-41411 |
高危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.6 |
vim: Vim: Command injection allows arbitrary code execution via malicious tag files
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41411
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-24 17:16 修改: 2026-04-27 13:39
|
| libssh2 |
CVE-2026-7598 |
中危 |
1.4.3-12.amzn2.2.6 |
1.4.3-12.amzn2.2.7 |
libssh2: integer overflow via large username or password arguments
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7598
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-05-01 22:16 修改: 2026-05-07 01:47
|
| curl |
CVE-2025-10966 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: Curl missing SFTP host verification with wolfSSH backend
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10966
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-11-07 08:15 修改: 2026-06-02 14:16
|
| libtasn1 |
CVE-2024-12133 |
中危 |
4.10-1.amzn2.0.6 |
4.10-1.amzn2.0.7 |
libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-02-10 16:15 修改: 2026-05-12 12:16
|
| glibc |
CVE-2025-0395 |
中危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.4 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
|
| glibc |
CVE-2025-8058 |
中危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.5 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
|
| curl |
CVE-2025-11563 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.11 |
wcurl: wcurl: Arbitrary file placement via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11563
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-02-25 08:16 修改: 2026-02-26 20:06
|
| glibc-common |
CVE-2025-0395 |
中危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.4 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
|
| glibc-common |
CVE-2025-8058 |
中危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.5 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
|
| curl |
CVE-2025-14017 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
|
| glibc-langpack-en |
CVE-2025-0395 |
中危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.4 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
|
| glibc-langpack-en |
CVE-2025-8058 |
中危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.5 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
|
| libxml2 |
CVE-2025-32414 |
中危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.17 |
libxml2: Out-of-Bounds Read in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-04-08 03:15 修改: 2025-11-03 20:18
|
| libxml2 |
CVE-2025-32415 |
中危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.17 |
libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-04-17 17:15 修改: 2025-11-03 20:18
|
| libxml2 |
CVE-2026-0990 |
中危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.22 |
libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0990
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-15 15:15 修改: 2026-04-22 10:16
|
| libxml2 |
CVE-2026-0992 |
中危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.22 |
libxml2: libxml2: Denial of Service via crafted XML catalogs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0992
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-15 15:15 修改: 2026-04-22 10:16
|
| nss |
CVE-2026-6766 |
中危 |
3.90.0-2.amzn2.0.2 |
3.90.0-2.amzn2.0.3 |
firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6766
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-21 13:16 修改: 2026-04-22 14:57
|
| nss |
CVE-2026-6767 |
中危 |
3.90.0-2.amzn2.0.2 |
3.90.0-2.amzn2.0.3 |
firefox: thunderbird: Other issue in the Libraries component in NSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6767
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-21 13:16 修改: 2026-04-22 17:37
|
| nss |
CVE-2026-6772 |
中危 |
3.90.0-2.amzn2.0.2 |
3.90.0-2.amzn2.0.3 |
firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6772
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-21 13:16 修改: 2026-04-22 16:04
|
| nss-sysinit |
CVE-2026-6766 |
中危 |
3.90.0-2.amzn2.0.2 |
3.90.0-2.amzn2.0.3 |
firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6766
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-21 13:16 修改: 2026-04-22 14:57
|
| nss-sysinit |
CVE-2026-6767 |
中危 |
3.90.0-2.amzn2.0.2 |
3.90.0-2.amzn2.0.3 |
firefox: thunderbird: Other issue in the Libraries component in NSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6767
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-21 13:16 修改: 2026-04-22 17:37
|
| nss-sysinit |
CVE-2026-6772 |
中危 |
3.90.0-2.amzn2.0.2 |
3.90.0-2.amzn2.0.3 |
firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6772
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-21 13:16 修改: 2026-04-22 16:04
|
| nss-tools |
CVE-2026-6766 |
中危 |
3.90.0-2.amzn2.0.2 |
3.90.0-2.amzn2.0.3 |
firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6766
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-21 13:16 修改: 2026-04-22 14:57
|
| nss-tools |
CVE-2026-6767 |
中危 |
3.90.0-2.amzn2.0.2 |
3.90.0-2.amzn2.0.3 |
firefox: thunderbird: Other issue in the Libraries component in NSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6767
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-21 13:16 修改: 2026-04-22 17:37
|
| nss-tools |
CVE-2026-6772 |
中危 |
3.90.0-2.amzn2.0.2 |
3.90.0-2.amzn2.0.3 |
firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6772
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-04-21 13:16 修改: 2026-04-22 16:04
|
| curl |
CVE-2025-14524 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
|
| glibc-minimal-langpack |
CVE-2025-0395 |
中危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.4 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
|
| glibc-minimal-langpack |
CVE-2025-8058 |
中危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.5 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
|
| curl |
CVE-2025-14819 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: libcurl: Improper certificate validation due to cached TLS settings reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:51
|
| krb5-libs |
CVE-2025-24528 |
中危 |
1.15.1-55.amzn2.2.8 |
1.15.1-55.amzn2.2.9 |
krb5: overflow when calculating ulog block size
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
|
| krb5-libs |
CVE-2025-3576 |
中危 |
1.15.1-55.amzn2.2.8 |
1.15.1-55.amzn2.2.9 |
krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
|
| curl |
CVE-2025-15079 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: Host verification bypass during SSH transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:50
|
| openssl-libs |
CVE-2024-13176 |
中危 |
1:1.0.2k-24.amzn2.0.14 |
1:1.0.2k-24.amzn2.0.15 |
openssl: Timing side-channel in ECDSA signature computation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
|
| openssl-libs |
CVE-2025-9230 |
中危 |
1:1.0.2k-24.amzn2.0.14 |
1:1.0.2k-24.amzn2.0.16 |
openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
|
| curl |
CVE-2025-15224 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: libssh key passphrase bypass without agent set
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:47
|
| libcrypt |
CVE-2025-0395 |
中危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.4 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
|
| libcrypt |
CVE-2025-8058 |
中危 |
2.26-64.amzn2.0.3 |
2.26-64.amzn2.0.5 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
|
| libcurl |
CVE-2025-10966 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: Curl missing SFTP host verification with wolfSSH backend
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10966
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-11-07 08:15 修改: 2026-06-02 14:16
|
| libcurl |
CVE-2025-11563 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.11 |
wcurl: wcurl: Arbitrary file placement via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11563
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-02-25 08:16 修改: 2026-02-26 20:06
|
| libcurl |
CVE-2025-14017 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
|
| python |
CVE-2007-4559 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.12 |
python: tarfile module directory traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2007-08-28 01:17 修改: 2026-04-23 00:35
|
| python |
CVE-2023-40217 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.12 |
python: TLS handshake bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2023-08-25 01:15 修改: 2025-11-03 22:16
|
| python |
CVE-2024-0450 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.11 |
python: The zipfile module is vulnerable to zip-bombs leading to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
|
| python |
CVE-2024-11168 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.11 |
python: Improper validation of IPv6 and IPvFuture addresses
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-11-12 22:15 修改: 2026-04-15 00:35
|
| python |
CVE-2024-5642 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.10 |
python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-06-27 21:15 修改: 2026-04-15 00:35
|
| python |
CVE-2024-6923 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.11 |
cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-08-01 14:15 修改: 2026-04-15 00:35
|
| python |
CVE-2024-7592 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.11 |
cpython: python: Uncontrolled CPU resource consumption when in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-08-19 19:15 修改: 2025-11-03 23:17
|
| python |
CVE-2025-0938 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.11 |
python: cpython: URL parser allowed square brackets in domain names
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-31 18:15 修改: 2026-04-15 00:35
|
| python |
CVE-2025-11468 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.16 |
cpython: Missing character filtering in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
|
| python |
CVE-2025-12084 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.15 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
|
| python |
CVE-2025-15282 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.16 |
cpython: Header injection via newlines in data URL mediatype in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
|
| python |
CVE-2025-6069 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.13 |
cpython: Python HTMLParser quadratic complexity
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-06-17 14:15 修改: 2026-04-15 00:35
|
| python |
CVE-2025-6075 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.16 |
python: Quadratic complexity in os.path.expandvars() with user-controlled template
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-10-31 17:15 修改: 2026-02-04 19:05
|
| python |
CVE-2026-0672 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.16 |
cpython: Header injection in http.cookies.Morsel in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
|
| python |
CVE-2026-0865 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.16 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
|
| python |
CVE-2026-3644 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.17 |
cpython: Incomplete control character validation in http.cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:30
|
| python |
CVE-2026-4224 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.17 |
cpython: Stack overflow parsing XML with deeply nested DTD content models
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:33
|
| libcurl |
CVE-2025-14524 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
|
| libcurl |
CVE-2025-14819 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: libcurl: Improper certificate validation due to cached TLS settings reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:51
|
| libcurl |
CVE-2025-15079 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: Host verification bypass during SSH transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:50
|
| libcurl |
CVE-2025-15224 |
中危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.12 |
curl: libssh key passphrase bypass without agent set
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:47
|
| expat |
CVE-2024-50602 |
中危 |
2.1.0-15.amzn2.0.4 |
2.1.0-15.amzn2.0.5 |
libexpat: expat: DoS via XML_ResumeParser
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-10-27 05:15 修改: 2025-10-15 17:54
|
| expat |
CVE-2026-25210 |
中危 |
2.1.0-15.amzn2.0.4 |
2.1.0-15.amzn2.0.6 |
libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-30 07:16 修改: 2026-06-02 14:16
|
| python-libs |
CVE-2007-4559 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.12 |
python: tarfile module directory traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2007-08-28 01:17 修改: 2026-04-23 00:35
|
| python-libs |
CVE-2023-40217 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.12 |
python: TLS handshake bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2023-08-25 01:15 修改: 2025-11-03 22:16
|
| python-libs |
CVE-2024-0450 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.11 |
python: The zipfile module is vulnerable to zip-bombs leading to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2024-11168 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.11 |
python: Improper validation of IPv6 and IPvFuture addresses
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-11-12 22:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2024-5642 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.10 |
python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-06-27 21:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2024-6923 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.11 |
cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-08-01 14:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2024-7592 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.11 |
cpython: python: Uncontrolled CPU resource consumption when in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2024-08-19 19:15 修改: 2025-11-03 23:17
|
| python-libs |
CVE-2025-0938 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.11 |
python: cpython: URL parser allowed square brackets in domain names
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-31 18:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2025-11468 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.16 |
cpython: Missing character filtering in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2025-12084 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.15 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
|
| python-libs |
CVE-2025-15282 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.16 |
cpython: Header injection via newlines in data URL mediatype in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2025-6069 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.13 |
cpython: Python HTMLParser quadratic complexity
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-06-17 14:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2025-6075 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.16 |
python: Quadratic complexity in os.path.expandvars() with user-controlled template
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-10-31 17:15 修改: 2026-02-04 19:05
|
| python-libs |
CVE-2026-0672 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.16 |
cpython: Header injection in http.cookies.Morsel in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2026-0865 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.16 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
|
| python-libs |
CVE-2026-3644 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.17 |
cpython: Incomplete control character validation in http.cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:30
|
| python-libs |
CVE-2026-4224 |
中危 |
2.7.18-1.amzn2.0.9 |
2.7.18-1.amzn2.0.17 |
cpython: Stack overflow parsing XML with deeply nested DTD content models
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:33
|
| sqlite |
CVE-2025-6965 |
中危 |
3.7.17-8.amzn2.1.2 |
3.7.17-8.amzn2.1.3 |
sqlite: Integer Truncation in SQLite
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6965
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-07-15 14:15 修改: 2026-04-14 10:16
|
| libpng |
CVE-2025-64505 |
中危 |
2:1.5.13-8.amzn2.0.5 |
2:1.5.13-8.amzn2.0.6 |
libpng: LIBPNG heap buffer overflow via malformed palette index
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64505
镜像层: sha256:931727b5589acb5f9a358bf025969d45071e5745b0dd82e55c844fd63f866c0b
发布日期: 2025-11-25 00:15 修改: 2025-11-26 18:28
|
| libpng |
CVE-2025-64720 |
中危 |
2:1.5.13-8.amzn2.0.5 |
2:1.5.13-8.amzn2.0.6 |
libpng: LIBPNG buffer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64720
镜像层: sha256:931727b5589acb5f9a358bf025969d45071e5745b0dd82e55c844fd63f866c0b
发布日期: 2025-11-25 00:15 修改: 2025-11-26 18:35
|
| vim-data |
CVE-2025-1215 |
中危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.4 |
vim: vim main.c memory corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1215
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-02-12 19:15 修改: 2025-08-13 17:28
|
| vim-data |
CVE-2025-24014 |
中危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.3 |
vim: segmentation fault in win_line() in Vim < 9.1.1043
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24014
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-20 23:15 修改: 2025-08-14 01:40
|
| vim-data |
CVE-2025-26603 |
中危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.4 |
vim: heap-use-after-free in function str_to_reg in vim/vim
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26603
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-02-18 19:15 修改: 2025-08-18 18:23
|
| vim-data |
CVE-2025-29768 |
中危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.4 |
vim: Vim vulnerable to potential data loss with zip.vim and special crafted zip files
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29768
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-03-13 17:15 修改: 2025-08-18 14:14
|
| libpng |
CVE-2026-25646 |
中危 |
2:1.5.13-8.amzn2.0.5 |
2:1.5.13-8.amzn2.0.7 |
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25646
镜像层: sha256:931727b5589acb5f9a358bf025969d45071e5745b0dd82e55c844fd63f866c0b
发布日期: 2026-02-10 18:16 修改: 2026-02-13 20:43
|
| libpng |
CVE-2026-34757 |
中危 |
2:1.5.13-8.amzn2.0.5 |
2:1.5.13-8.amzn2.0.9 |
libpng: libpng: Information disclosure and data corruption via use-after-free vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34757
镜像层: sha256:931727b5589acb5f9a358bf025969d45071e5745b0dd82e55c844fd63f866c0b
发布日期: 2026-04-09 15:16 修改: 2026-05-13 23:07
|
| vim-minimal |
CVE-2025-1215 |
中危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.4 |
vim: vim main.c memory corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1215
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-02-12 19:15 修改: 2025-08-13 17:28
|
| vim-minimal |
CVE-2025-24014 |
中危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.3 |
vim: segmentation fault in win_line() in Vim < 9.1.1043
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24014
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-01-20 23:15 修改: 2025-08-14 01:40
|
| vim-minimal |
CVE-2025-26603 |
中危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.4 |
vim: heap-use-after-free in function str_to_reg in vim/vim
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26603
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-02-18 19:15 修改: 2025-08-18 18:23
|
| vim-minimal |
CVE-2025-29768 |
中危 |
2:9.0.2153-1.amzn2.0.2 |
2:9.0.2153-1.amzn2.0.4 |
vim: Vim vulnerable to potential data loss with zip.vim and special crafted zip files
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29768
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-03-13 17:15 修改: 2025-08-18 14:14
|
| libxml2 |
CVE-2025-8732 |
低危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.21 |
libxml2: libxml2: Uncontrolled Recursion Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8732
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-08-08 17:15 修改: 2026-06-02 14:16
|
| libxml2 |
CVE-2026-0989 |
低危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.23 |
libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0989
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-01-15 15:15 修改: 2026-04-22 10:16
|
| libxml2 |
CVE-2026-1757 |
低危 |
2.9.1-6.amzn2.5.14 |
2.9.1-6.amzn2.5.24 |
libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1757
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2026-02-02 13:15 修改: 2026-04-22 10:16
|
| libcurl |
CVE-2025-9086 |
低危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.10 |
curl: libcurl: Curl out of bounds read for cookie path
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-09-12 06:15 修改: 2026-06-02 14:16
|
| curl |
CVE-2025-9086 |
低危 |
8.3.0-1.amzn2.0.8 |
8.3.0-1.amzn2.0.10 |
curl: libcurl: Curl out of bounds read for cookie path
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086
镜像层: sha256:49a8cc890acb970aca5e243f6fd21be9ceb61b70b00420be3e909066fb5aeaba
发布日期: 2025-09-12 06:15 修改: 2026-06-02 14:16
|