docker.io/calico/node:v3.32.0 linux/amd64

docker.io/calico/node:v3.32.0 - Trivy安全扫描结果 扫描时间: 2026-07-12 07:39
全部漏洞信息
低危漏洞:32 中危漏洞:57 高危漏洞:32 严重漏洞:0

系统OS: redhat 9.7 扫描引擎: Trivy 扫描时间: 2026-07-12 07:39

docker.io/calico/node:v3.32.0 (redhat 9.7) (redhat)
低危漏洞:32 中危漏洞:40 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libacl CVE-2026-54369 高危 2.3.1-4.el9 acl: Symlink traversal privilege escalation via libacl functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54369

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-29 14:16 修改: 2026-07-02 12:17

libcap CVE-2026-4878 高危 2.48-10.el9 2.48-10.el9_8.1 libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-09 16:16 修改: 2026-07-10 12:17

openssl-libs CVE-2026-45447 高危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-07-08 13:16

glibc CVE-2026-4437 中危 2.34-231.el9_7.10 2.34-270.el9_8 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

glibc CVE-2026-5435 中危 2.34-231.el9_7.10 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

glibc CVE-2026-5450 中危 2.34-231.el9_7.10 2.34-272.el9_8 glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59

glibc CVE-2026-5928 中危 2.34-231.el9_7.10 glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59

glibc CVE-2026-6238 中危 2.34-231.el9_7.10 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

glibc-common CVE-2026-4046 中危 2.34-231.el9_7.10 2.34-270.el9_8 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

glibc-common CVE-2026-4437 中危 2.34-231.el9_7.10 2.34-270.el9_8 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

glibc-common CVE-2026-5435 中危 2.34-231.el9_7.10 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

glibc-common CVE-2026-5450 中危 2.34-231.el9_7.10 2.34-272.el9_8 glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59

glibc-common CVE-2026-5928 中危 2.34-231.el9_7.10 glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59

glibc-common CVE-2026-6238 中危 2.34-231.el9_7.10 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

glibc-minimal-langpack CVE-2026-4046 中危 2.34-231.el9_7.10 2.34-270.el9_8 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

glibc-minimal-langpack CVE-2026-4437 中危 2.34-231.el9_7.10 2.34-270.el9_8 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

glibc-minimal-langpack CVE-2026-5435 中危 2.34-231.el9_7.10 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

glibc-minimal-langpack CVE-2026-5450 中危 2.34-231.el9_7.10 2.34-272.el9_8 glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59

glibc-minimal-langpack CVE-2026-5928 中危 2.34-231.el9_7.10 glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59

glibc-minimal-langpack CVE-2026-6238 中危 2.34-231.el9_7.10 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

gzip CVE-2026-41991 中危 1.12-1.el9 gzip: gzip: Arbitrary file overwrite via insecure temporary file handling in gzexe utility

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41991

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-29 12:16 修改: 2026-07-01 14:02

bzip2-libs CVE-2026-42250 中危 1.0.8-10.el9_5 bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42250

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-28 14:16 修改: 2026-06-17 10:47

libacl CVE-2026-54370 中危 2.3.1-4.el9 acl: TOCTOU Symlink Traversal via getfacl/setfacl

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54370

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-29 14:16 修改: 2026-06-29 19:22

libattr CVE-2026-54371 中危 2.5.1-3.el9 attr: Symlink Traversal Privilege Escalation via getfattr and setfattr

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54371

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-29 14:16 修改: 2026-07-03 13:17

coreutils-single CVE-2025-5278 中危 8.32-39.el9 8.32-41.el9_8 coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2025-05-27 21:15 修改: 2026-07-01 11:16

glibc CVE-2026-4046 中危 2.34-231.el9_7.10 2.34-270.el9_8 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

openssl-libs CVE-2026-2673 中危 1:3.5.1-7.el9_7 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31

openssl-libs CVE-2026-28390 中危 1:3.5.1-7.el9_7 1:3.5.5-3.el9_8 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl-libs CVE-2026-31790 中危 1:3.5.1-7.el9_7 1:3.5.5-2.el9_8 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

openssl-libs CVE-2026-34182 中危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl-libs CVE-2026-34183 中危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl-libs CVE-2026-42764 中危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-45445 中危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

p11-kit-trust CVE-2026-13757 中危 0.25.3-3.el9_5 p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13757

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-29 19:16 修改: 2026-07-10 01:16

p11-kit-trust CVE-2026-2100 中危 0.25.3-3.el9_5 0.26.2-1.el9 p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2100

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-26 21:17 修改: 2026-07-07 15:16

sed CVE-2026-5958 中危 4.8-9.el9 sed: GNU sed TOCTOU race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-20 12:16 修改: 2026-06-17 10:59

systemd-libs CVE-2026-29111 中危 252-55.el9_7.8 252-67.el9_8.2 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29

systemd-libs CVE-2026-4105 中危 252-55.el9_7.8 systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-13 19:55 修改: 2026-06-17 10:55

util-linux CVE-2026-13595 中危 2.37.4-21.el9_7 util-linux: util-linux: heap use-after-free in libblkid nested partition probing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13595

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-29 09:16 修改: 2026-07-08 03:37

util-linux CVE-2026-27456 中危 2.37.4-21.el9_7 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

util-linux-core CVE-2026-13595 中危 2.37.4-21.el9_7 util-linux: util-linux: heap use-after-free in libblkid nested partition probing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13595

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-29 09:16 修改: 2026-07-08 03:37

util-linux-core CVE-2026-27456 中危 2.37.4-21.el9_7 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

xz-libs CVE-2026-34743 中危 5.2.5-8.el9_0 xz: XZ Utils: Denial of Service via buffer overflow in index decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39

elfutils-libelf CVE-2025-1376 低危 0.193-1.el9 elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1376

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2025-02-17 05:15 修改: 2026-06-17 08:39

libgcc CVE-2021-46195 低危 11.5.0-11.el9 gcc: uncontrolled recursion in libiberty/rust-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46195

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2022-01-14 20:15 修改: 2026-06-17 04:14

openssl-libs CVE-2024-13176 低危 1:3.5.1-7.el9_7 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01

openssl-libs CVE-2024-41996 低危 1:3.5.1-7.el9_7 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2024-08-26 06:15 修改: 2026-06-17 07:48

openssl-libs CVE-2025-9232 低危 1:3.5.1-7.el9_7 openssl: Out-of-bounds read in HTTP client no_proxy handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

openssl-libs CVE-2026-28387 低危 1:3.5.1-7.el9_7 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl-libs CVE-2026-28388 低危 1:3.5.1-7.el9_7 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl-libs CVE-2026-28389 低危 1:3.5.1-7.el9_7 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl-libs CVE-2026-31789 低危 1:3.5.1-7.el9_7 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

openssl-libs CVE-2026-34180 低危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl-libs CVE-2026-34181 低危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl-libs CVE-2026-42766 低危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-42767 低危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-42768 低危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-42769 低危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-42770 低危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-45446 低危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

openssl-libs CVE-2026-7383 低危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02

openssl-libs CVE-2026-9076 低危 1:3.5.1-7.el9_7 1:3.5.5-4.el9_8 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04

libgcc CVE-2022-27943 低危 11.5.0-11.el9 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37

libpcap CVE-2025-11961 低危 14:1.10.0-4.el9 libpcap: libpcap: Memory corruption via malformed MAC-48 address input

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11961

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2025-12-31 01:15 修改: 2026-06-17 08:31

pcre2 CVE-2022-41409 低危 10.40-6.el9 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2023-07-18 14:15 修改: 2026-06-17 05:03

pcre2-syntax CVE-2022-41409 低危 10.40-6.el9 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2023-07-18 14:15 修改: 2026-06-17 05:03

ncurses-base CVE-2023-50495 低危 6.2-12.20210508.el9 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39

ncurses-libs CVE-2023-50495 低危 6.2-12.20210508.el9 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39

glibc-common CVE-2026-4438 低危 2.34-231.el9_7.10 2.34-270.el9_8 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

glibc-minimal-langpack CVE-2026-4438 低危 2.34-231.el9_7.10 2.34-270.el9_8 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

elfutils-libelf CVE-2025-1377 低危 0.193-1.el9 elfutils: GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1377

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2025-02-17 05:15 修改: 2026-06-17 08:39

elfutils-libelf CVE-2024-25260 低危 0.193-1.el9 elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2024-02-20 18:15 修改: 2026-06-17 07:15

elfutils-libelf CVE-2025-1371 低危 0.193-1.el9 elfutils: GNU elfutils eu-read readelf.c handle_dynamic_symtab null pointer dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1371

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2025-02-17 03:15 修改: 2026-06-17 08:39

glibc CVE-2026-4438 低危 2.34-231.el9_7.10 2.34-270.el9_8 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

zlib CVE-2026-27171 低危 1.2.11-40.el9 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26

usr/bin/calico-node (gobinary)
低危漏洞:0 中危漏洞:12 高危漏洞:21 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/crypto CVE-2026-39828 高危 v0.47.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39828

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-07-10 12:16

golang.org/x/crypto CVE-2026-39829 高危 v0.47.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39829

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-07-10 12:16

golang.org/x/crypto CVE-2026-39830 高危 v0.47.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39830

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-07-10 12:16

golang.org/x/crypto CVE-2026-39831 高危 v0.47.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Security key bypass due to missing user presence check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39831

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-39832 高危 v0.47.0 0.52.0 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39832

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-07-10 12:16

golang.org/x/crypto CVE-2026-39835 高危 v0.47.0 0.52.0 golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39835

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-07-10 12:16

golang.org/x/crypto CVE-2026-42508 高危 v0.47.0 0.52.0 golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42508

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-07-10 12:16

golang.org/x/crypto CVE-2026-46595 高危 v0.47.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46595

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-07-10 12:17

golang.org/x/crypto CVE-2026-46597 高危 v0.47.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted AES-GCM packet decoder inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46597

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53

golang.org/x/net CVE-2026-25681 高危 v0.49.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-27136 高危 v0.49.0 0.55.0 golang.org/x/net/html: golang: golang.org/x/net/html: Cross-Site Scripting via HTML parsing bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26

golang.org/x/net CVE-2026-33814 高危 v0.49.0 0.53.0 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16

golang.org/x/net CVE-2026-39821 高危 v0.49.0 0.55.0 golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 16:16 修改: 2026-07-10 12:16

stdlib CVE-2026-27145 高危 v1.25.9 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-02 23:16 修改: 2026-07-09 13:16

stdlib CVE-2026-33811 高危 v1.25.9 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16

stdlib CVE-2026-33814 高危 v1.25.9 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16

stdlib CVE-2026-39820 高危 v1.25.9 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16

stdlib CVE-2026-39822 高危 v1.25.9 1.25.12, 1.26.5, 1.27.0-rc.2 os: golang: Go os.Root: Symlink following vulnerability allows directory traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39822

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-07-08 17:17 修改: 2026-07-10 18:57

stdlib CVE-2026-39836 高危 v1.25.9 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.25.9 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16

stdlib CVE-2026-42504 高危 v1.25.9 1.25.11, 1.26.4 mime: golang: Golang MIME: Denial of Service via maliciously-crafted MIME header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

golang.org/x/crypto CVE-2026-39833 中危 v0.47.0 0.52.0 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39833

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-39834 中危 v0.47.0 0.52.0 golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service due to integer overflow in SSH channel write

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39834

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-46598 中危 v0.47.0 0.52.0 golang.org/x/crypto/ssh/agent: golang: golang.org/x/crypto/ssh/agent: Denial of Service via malformed input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46598

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53

golang.org/x/net CVE-2026-25680 中危 v0.49.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Denial of Service due to excessive HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-42502 中危 v0.49.0 0.55.0 golang.org/x/net/html: golang: golang.org/x/net/html: Cross-Site Scripting via unexpected HTML tree rendering

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

golang.org/x/net CVE-2026-42506 中危 v0.49.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

golang.org/x/crypto CVE-2026-39827 中危 v0.47.0 0.52.0 golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via repeated rejected channel openings

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39827

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39823 中危 v1.25.9 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.25.9 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.25.9 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42505 中危 v1.25.9 1.25.12, 1.26.5, 1.27.0-rc.2 crypto/tls: golang: Go crypto/tls: Information disclosure in Encrypted Client Hello

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42505

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-07-08 17:17 修改: 2026-07-10 18:57

stdlib CVE-2026-42507 中危 v1.25.9 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

golang.org/x/sys CVE-2026-39824 未知 v0.42.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

golang.org/x/crypto GO-2026-5932 未知 v0.47.0 The golang.org/x/crypto/openpgp package is unmaintained, unsafe by design, and has known security issues

漏洞详情:

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

usr/bin/mountns (gobinary)
低危漏洞:0 中危漏洞:5 高危漏洞:8 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2026-27145 高危 v1.25.9 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-02 23:16 修改: 2026-07-09 13:16

stdlib CVE-2026-33811 高危 v1.25.9 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16

stdlib CVE-2026-33814 高危 v1.25.9 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16

stdlib CVE-2026-39820 高危 v1.25.9 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16

stdlib CVE-2026-39822 高危 v1.25.9 1.25.12, 1.26.5, 1.27.0-rc.2 os: golang: Go os.Root: Symlink following vulnerability allows directory traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39822

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-07-08 17:17 修改: 2026-07-10 18:57

stdlib CVE-2026-39836 高危 v1.25.9 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.25.9 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16

stdlib CVE-2026-42504 高危 v1.25.9 1.25.11, 1.26.4 mime: golang: Golang MIME: Denial of Service via maliciously-crafted MIME header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

stdlib CVE-2026-39823 中危 v1.25.9 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.25.9 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.25.9 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42505 中危 v1.25.9 1.25.12, 1.26.5, 1.27.0-rc.2 crypto/tls: golang: Go crypto/tls: Information disclosure in Encrypted Client Hello

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42505

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-07-08 17:17 修改: 2026-07-10 18:57

stdlib CVE-2026-42507 中危 v1.25.9 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:e55b5e1a3be21b4c8155e9c6234970b986991908b1e3824faba40eafd47abd88

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×