docker.io/cassandra:4.1.11 linux/amd64

docker.io/cassandra:4.1.11 - Trivy安全扫描结果扫描时间: 2026-06-29 20:32

全部漏洞信息

低危漏洞:131

中危漏洞:136

高危漏洞:51

严重漏洞:5

系统OS: debian 12.14 扫描引擎: Trivy 扫描时间: 2026-06-29 20:32

docker.io/cassandra:4.1.11 (debian 12.14) (debian)

低危漏洞:126

中危漏洞:105

高危漏洞:32

严重漏洞:4

软件包	漏洞	安全状态	安装版本	漏洞信息
libsqlite3-0	CVE-2025-7458	严重	3.40.1-2+deb12u2	sqlite: SQLite integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7458 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-07-29 13:15 修改: 2026-06-17 10:04
perl-base	CVE-2026-42496	严重	5.36.0-7+deb12u3	perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-05-26 02:16 修改: 2026-06-17 10:47
perl-base	CVE-2026-8376	严重	5.36.0-7+deb12u3	Perl versions through 5.43.10 have a heap buffer overflow when compili ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-05-26 00:16 修改: 2026-06-17 11:03
zlib1g	CVE-2023-45853	严重	1:1.2.13.dfsg-1	zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45853 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-10-14 02:15 修改: 2026-06-17 06:29
libpython3.11-minimal	CVE-2025-69534	高危	3.11.2-6+deb12u7	python-markdown: denial of service via malformed HTML-like sequences 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-05 15:16 修改: 2026-06-17 10:00
libpython3.11-minimal	CVE-2026-3644	高危	3.11.2-6+deb12u7	cpython: Incomplete control character validation in http.cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:43
libpython3.11-minimal	CVE-2026-4224	高危	3.11.2-6+deb12u7	cpython: Stack overflow parsing XML with deeply nested DTD content models 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
libpython3.11-minimal	CVE-2026-6100	高危	3.11.2-6+deb12u7	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-13 18:16 修改: 2026-06-17 11:00
libpython3.11-minimal	CVE-2026-7210	高危	3.11.2-6+deb12u7	python: expat: Python/Expat: Denial of Service via crafted XML document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
libpython3.11-stdlib	CVE-2025-69534	高危	3.11.2-6+deb12u7	python-markdown: denial of service via malformed HTML-like sequences 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-05 15:16 修改: 2026-06-17 10:00
libpython3.11-stdlib	CVE-2026-3644	高危	3.11.2-6+deb12u7	cpython: Incomplete control character validation in http.cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:43
libpython3.11-stdlib	CVE-2026-4224	高危	3.11.2-6+deb12u7	cpython: Stack overflow parsing XML with deeply nested DTD content models 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
libpython3.11-stdlib	CVE-2026-6100	高危	3.11.2-6+deb12u7	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-13 18:16 修改: 2026-06-17 11:00
libpython3.11-stdlib	CVE-2026-7210	高危	3.11.2-6+deb12u7	python: expat: Python/Expat: Denial of Service via crafted XML document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
libexpat1	CVE-2025-59375	高危	2.5.0-1+deb12u2	firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-09-15 03:15 修改: 2026-06-17 09:46
libsqlite3-0	CVE-2026-11822	高危	3.40.1-2+deb12u2	SQLite before 3.53.2 contains memory corruption vulnerabilities in the ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11822 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-09 20:16 修改: 2026-06-17 10:14
libsqlite3-0	CVE-2026-11824	高危	3.40.1-2+deb12u2	SQLite before 3.53.2 contains a heap-based buffer overflow vulnerabili ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11824 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-09 20:16 修改: 2026-06-17 10:14
libtinfo6	CVE-2025-69720	高危	6.4-4	ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
ncurses-base	CVE-2025-69720	高危	6.4-4	ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
ncurses-bin	CVE-2025-69720	高危	6.4-4	ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
libexpat1	CVE-2026-25210	高危	2.5.0-1+deb12u2	libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-30 07:16 修改: 2026-06-17 10:24
libexpat1	CVE-2026-45186	高危	2.5.0-1+deb12u2	libexpat: denial of service via crafted XML input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-05-10 07:16 修改: 2026-06-17 10:51
perl-base	CVE-2026-42497	高危	5.36.0-7+deb12u3	perl-Archive-Tar: perl-Archive-Tar: Arbitrary file modification via crafted hardlinks during archive extraction 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42497 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-05-26 02:16 修改: 2026-06-17 10:47
perl-base	CVE-2026-48962	高危	5.36.0-7+deb12u3	perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48962 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-05-27 04:16 修改: 2026-06-17 10:55
perl-base	CVE-2026-9538	高危	5.36.0-7+deb12u3	Archive::Tar versions before 3.10 for Perl allow memory exhaustion via ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9538 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-05-26 02:16 修改: 2026-06-17 11:05
python3.11	CVE-2025-69534	高危	3.11.2-6+deb12u7	python-markdown: denial of service via malformed HTML-like sequences 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-05 15:16 修改: 2026-06-17 10:00
python3.11	CVE-2026-3644	高危	3.11.2-6+deb12u7	cpython: Incomplete control character validation in http.cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:43
python3.11	CVE-2026-4224	高危	3.11.2-6+deb12u7	cpython: Stack overflow parsing XML with deeply nested DTD content models 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
python3.11	CVE-2026-6100	高危	3.11.2-6+deb12u7	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-13 18:16 修改: 2026-06-17 11:00
python3.11	CVE-2026-7210	高危	3.11.2-6+deb12u7	python: expat: Python/Expat: Denial of Service via crafted XML document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
python3.11-minimal	CVE-2025-69534	高危	3.11.2-6+deb12u7	python-markdown: denial of service via malformed HTML-like sequences 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-05 15:16 修改: 2026-06-17 10:00
python3.11-minimal	CVE-2026-3644	高危	3.11.2-6+deb12u7	cpython: Incomplete control character validation in http.cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:43
python3.11-minimal	CVE-2026-4224	高危	3.11.2-6+deb12u7	cpython: Stack overflow parsing XML with deeply nested DTD content models 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
python3.11-minimal	CVE-2026-6100	高危	3.11.2-6+deb12u7	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-13 18:16 修改: 2026-06-17 11:00
python3.11-minimal	CVE-2026-7210	高危	3.11.2-6+deb12u7	python: expat: Python/Expat: Denial of Service via crafted XML document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
libncursesw6	CVE-2025-69720	高危	6.4-4	ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
libpam-modules	CVE-2024-10041	中危	1.5.2-6+deb12u2	pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2024-10-23 14:15 修改: 2026-06-25 05:16
libpam-modules	CVE-2026-54411	中危	1.5.2-6+deb12u2	linux-pam: Plaintext password recovery via timing discrepancy in pam_userdb module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54411 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-06-14 18:17 修改: 2026-06-17 10:58
libpam-modules-bin	CVE-2024-10041	中危	1.5.2-6+deb12u2	pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2024-10-23 14:15 修改: 2026-06-25 05:16
libpam-modules-bin	CVE-2026-54411	中危	1.5.2-6+deb12u2	linux-pam: Plaintext password recovery via timing discrepancy in pam_userdb module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54411 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-06-14 18:17 修改: 2026-06-17 10:58
libpam-runtime	CVE-2024-10041	中危	1.5.2-6+deb12u2	pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2024-10-23 14:15 修改: 2026-06-25 05:16
libpam-runtime	CVE-2026-54411	中危	1.5.2-6+deb12u2	linux-pam: Plaintext password recovery via timing discrepancy in pam_userdb module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54411 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-06-14 18:17 修改: 2026-06-17 10:58
libpam0g	CVE-2024-10041	中危	1.5.2-6+deb12u2	pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2024-10-23 14:15 修改: 2026-06-25 05:16
libpam0g	CVE-2026-54411	中危	1.5.2-6+deb12u2	linux-pam: Plaintext password recovery via timing discrepancy in pam_userdb module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54411 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-06-14 18:17 修改: 2026-06-17 10:58
libblkid1	CVE-2026-27456	中危	2.38.1-5+deb12u3	util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libblkid1	CVE-2026-3184	中危	2.38.1-5+deb12u3	util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
libbz2-1.0	CVE-2026-42250	中危	1.0.8-5+b1	bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42250 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-05-28 14:16 修改: 2026-06-17 10:47
libc-bin	CVE-2026-5435	中危	2.36-9+deb12u14	glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
libc-bin	CVE-2026-5450	中危	2.36-9+deb12u14	glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
libpython3.11-minimal	CVE-2025-12781	中危	3.11.2-6+deb12u7	cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
libpython3.11-minimal	CVE-2025-15366	中危	3.11.2-6+deb12u7	cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
libpython3.11-minimal	CVE-2025-15367	中危	3.11.2-6+deb12u7	cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
libpython3.11-minimal	CVE-2026-0864	中危	3.11.2-6+deb12u7	python: cpython: Python configparser: Configuration injection via crafted multi-line input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0864 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-23 18:17 修改: 2026-06-25 19:51
libpython3.11-minimal	CVE-2026-1502	中危	3.11.2-6+deb12u7	python: Python: HTTP header injection via CR/LF in proxy tunnel headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-10 18:16 修改: 2026-06-17 10:15
libpython3.11-minimal	CVE-2026-3276	中危	3.11.2-6+deb12u7	python: Python unicodedata: Denial of Service due to excessive CPU consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
libpython3.11-minimal	CVE-2026-3446	中危	3.11.2-6+deb12u7	python: Python base64: Incomplete data decoding due to premature stop at padding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-10 19:16 修改: 2026-06-17 10:43
libpython3.11-minimal	CVE-2026-6019	中危	3.11.2-6+deb12u7	python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
libpython3.11-minimal	CVE-2026-7774	中危	3.11.2-6+deb12u7	python: CPython: Python tarfile: Arbitrary file write via crafted link entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-04 16:16 修改: 2026-06-17 11:02
libpython3.11-minimal	CVE-2026-8328	中危	3.11.2-6+deb12u7	The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-05-13 21:16 修改: 2026-06-17 11:03
libpython3.11-minimal	CVE-2026-9669	中危	3.11.2-6+deb12u7	python: Python: Denial of Service via out-of-bounds write in BZ2 decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-08 23:17 修改: 2026-06-23 18:18
libc-bin	CVE-2026-5928	中危	2.36-9+deb12u14	glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
libc-bin	CVE-2026-6238	中危	2.36-9+deb12u14	glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
libc6	CVE-2026-5435	中危	2.36-9+deb12u14	glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
libc6	CVE-2026-5450	中危	2.36-9+deb12u14	glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
libc6	CVE-2026-5928	中危	2.36-9+deb12u14	glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
libpython3.11-stdlib	CVE-2025-12781	中危	3.11.2-6+deb12u7	cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
libpython3.11-stdlib	CVE-2025-15366	中危	3.11.2-6+deb12u7	cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
libpython3.11-stdlib	CVE-2025-15367	中危	3.11.2-6+deb12u7	cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
libpython3.11-stdlib	CVE-2026-0864	中危	3.11.2-6+deb12u7	python: cpython: Python configparser: Configuration injection via crafted multi-line input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0864 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-23 18:17 修改: 2026-06-25 19:51
libpython3.11-stdlib	CVE-2026-1502	中危	3.11.2-6+deb12u7	python: Python: HTTP header injection via CR/LF in proxy tunnel headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-10 18:16 修改: 2026-06-17 10:15
libpython3.11-stdlib	CVE-2026-3276	中危	3.11.2-6+deb12u7	python: Python unicodedata: Denial of Service due to excessive CPU consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
libpython3.11-stdlib	CVE-2026-3446	中危	3.11.2-6+deb12u7	python: Python base64: Incomplete data decoding due to premature stop at padding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-10 19:16 修改: 2026-06-17 10:43
libpython3.11-stdlib	CVE-2026-6019	中危	3.11.2-6+deb12u7	python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
libpython3.11-stdlib	CVE-2026-7774	中危	3.11.2-6+deb12u7	python: CPython: Python tarfile: Arbitrary file write via crafted link entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-04 16:16 修改: 2026-06-17 11:02
libpython3.11-stdlib	CVE-2026-8328	中危	3.11.2-6+deb12u7	The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-05-13 21:16 修改: 2026-06-17 11:03
libpython3.11-stdlib	CVE-2026-9669	中危	3.11.2-6+deb12u7	python: Python: Denial of Service via out-of-bounds write in BZ2 decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-08 23:17 修改: 2026-06-23 18:18
libsmartcols1	CVE-2026-27456	中危	2.38.1-5+deb12u3	util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libsmartcols1	CVE-2026-3184	中危	2.38.1-5+deb12u3	util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
libc6	CVE-2026-6238	中危	2.36-9+deb12u14	glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
bsdutils	CVE-2026-27456	中危	1:2.38.1-5+deb12u3	util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
bsdutils	CVE-2026-3184	中危	1:2.38.1-5+deb12u3	util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
libsqlite3-0	CVE-2025-7709	中危	3.40.1-2+deb12u2	An integer overflow exists in the FTS5 https://sqlite.org/fts5.html e ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7709 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-09-08 15:15 修改: 2026-06-17 10:05
gpgv	CVE-2025-30258	中危	2.2.40-1.1+deb12u2	gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
libtinfo6	CVE-2023-50495	中危	6.4-4	ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
libuuid1	CVE-2026-27456	中危	2.38.1-5+deb12u3	util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libuuid1	CVE-2026-3184	中危	2.38.1-5+deb12u3	util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
mount	CVE-2026-27456	中危	2.38.1-5+deb12u3	util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
mount	CVE-2026-3184	中危	2.38.1-5+deb12u3	util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
libexpat1	CVE-2025-66382	中危	2.5.0-1+deb12u2	libexpat: libexpat: Denial of service via crafted file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-11-28 07:15 修改: 2026-06-17 09:56
ncurses-base	CVE-2023-50495	中危	6.4-4	ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
libexpat1	CVE-2026-32776	中危	2.5.0-1+deb12u2	libexpat: libexpat: Denial of Service due to NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32776 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
ncurses-bin	CVE-2023-50495	中危	6.4-4	ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
libexpat1	CVE-2026-32777	中危	2.5.0-1+deb12u2	libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32777 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
libexpat1	CVE-2026-32778	中危	2.5.0-1+deb12u2	libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32778 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
libexpat1	CVE-2026-50219	中危	2.5.0-1+deb12u2	expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50219 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-04 06:16 修改: 2026-06-17 10:57
libexpat1	CVE-2026-56132	中危	2.5.0-1+deb12u2	expat: libexpat: Arbitrary Code Execution via Heap-based Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56132 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15
libexpat1	CVE-2026-56403	中危	2.5.0-1+deb12u2	libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56403 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15
perl-base	CVE-2025-15649	中危	5.36.0-7+deb12u3	perl-IO-Compress: perl-IO-Compress: Denial of Service via malformed DOS date in zip header 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15649 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-05-27 04:16 修改: 2026-06-17 08:38
perl-base	CVE-2026-12087	中危	5.36.0-7+deb12u3	perl-Socket: perl-Socket: Information Disclosure due to Out-of-Bounds Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12087 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-06-15 22:16 修改: 2026-06-17 10:14
perl-base	CVE-2026-48959	中危	5.36.0-7+deb12u3	perl-IO-Compress: perl-IO-Compress: CPU exhaustion via per-byte read loop in fastForward 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48959 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-05-27 04:16 修改: 2026-06-17 10:55
perl-base	CVE-2026-48961	中危	5.36.0-7+deb12u3	perl-IO-Compress: IO::Compress: Denial of Service in zipdetails CLI tool via malformed Info-ZIP Unix Extra Field 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48961 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-05-27 04:16 修改: 2026-06-17 10:55
perl-base	CVE-2026-7010	中危	5.36.0-7+deb12u3	HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7010 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-05-11 22:22 修改: 2026-06-17 11:01
libexpat1	CVE-2026-56404	中危	2.5.0-1+deb12u2	libexpat before 2.8.2 has an integer overflow in addBinding. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56404 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15
libexpat1	CVE-2026-56405	中危	2.5.0-1+deb12u2	libexpat: libexpat: Information disclosure and arbitrary code execution via integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56405 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:14
libexpat1	CVE-2026-56406	中危	2.5.0-1+deb12u2	libexpat: libexpat: Arbitrary code execution via integer overflow in XML_ParseBuffer 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56406 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:29
libexpat1	CVE-2026-56410	中危	2.5.0-1+deb12u2	libexpat: libexpat: Integer overflow in xmlwf can lead to information disclosure and arbitrary code execution. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56410 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:18
libexpat1	CVE-2026-56411	中危	2.5.0-1+deb12u2	expat: libexpat: Integer Overflow Vulnerability Leading to Information Disclosure or Code Execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56411 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-21 17:16 修改: 2026-06-23 16:16
python3.11	CVE-2025-12781	中危	3.11.2-6+deb12u7	cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
python3.11	CVE-2025-15366	中危	3.11.2-6+deb12u7	cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
python3.11	CVE-2025-15367	中危	3.11.2-6+deb12u7	cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
python3.11	CVE-2026-0864	中危	3.11.2-6+deb12u7	python: cpython: Python configparser: Configuration injection via crafted multi-line input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0864 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-23 18:17 修改: 2026-06-25 19:51
python3.11	CVE-2026-1502	中危	3.11.2-6+deb12u7	python: Python: HTTP header injection via CR/LF in proxy tunnel headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-10 18:16 修改: 2026-06-17 10:15
python3.11	CVE-2026-3276	中危	3.11.2-6+deb12u7	python: Python unicodedata: Denial of Service due to excessive CPU consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
python3.11	CVE-2026-3446	中危	3.11.2-6+deb12u7	python: Python base64: Incomplete data decoding due to premature stop at padding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-10 19:16 修改: 2026-06-17 10:43
python3.11	CVE-2026-6019	中危	3.11.2-6+deb12u7	python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
python3.11	CVE-2026-7774	中危	3.11.2-6+deb12u7	python: CPython: Python tarfile: Arbitrary file write via crafted link entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-04 16:16 修改: 2026-06-17 11:02
python3.11	CVE-2026-8328	中危	3.11.2-6+deb12u7	The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-05-13 21:16 修改: 2026-06-17 11:03
python3.11	CVE-2026-9669	中危	3.11.2-6+deb12u7	python: Python: Denial of Service via out-of-bounds write in BZ2 decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-08 23:17 修改: 2026-06-23 18:18
libexpat1	CVE-2026-56412	中危	2.5.0-1+deb12u2	libexpat: libexpat: Use-after-free vulnerability due to improper handling of XML CDATA sections 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56412 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-21 17:16 修改: 2026-06-23 15:31
liblzma5	CVE-2026-34743	中危	5.4.1-1	xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39
libmount1	CVE-2026-27456	中危	2.38.1-5+deb12u3	util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libmount1	CVE-2026-3184	中危	2.38.1-5+deb12u3	util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
gpgv	CVE-2025-68972	中危	2.2.40-1.1+deb12u2	gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-12-27 23:15 修改: 2026-06-17 09:59
python3.11-minimal	CVE-2025-12781	中危	3.11.2-6+deb12u7	cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
python3.11-minimal	CVE-2025-15366	中危	3.11.2-6+deb12u7	cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
python3.11-minimal	CVE-2025-15367	中危	3.11.2-6+deb12u7	cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
python3.11-minimal	CVE-2026-0864	中危	3.11.2-6+deb12u7	python: cpython: Python configparser: Configuration injection via crafted multi-line input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0864 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-23 18:17 修改: 2026-06-25 19:51
python3.11-minimal	CVE-2026-1502	中危	3.11.2-6+deb12u7	python: Python: HTTP header injection via CR/LF in proxy tunnel headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-10 18:16 修改: 2026-06-17 10:15
python3.11-minimal	CVE-2026-3276	中危	3.11.2-6+deb12u7	python: Python unicodedata: Denial of Service due to excessive CPU consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
python3.11-minimal	CVE-2026-3446	中危	3.11.2-6+deb12u7	python: Python base64: Incomplete data decoding due to premature stop at padding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-10 19:16 修改: 2026-06-17 10:43
python3.11-minimal	CVE-2026-6019	中危	3.11.2-6+deb12u7	python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
python3.11-minimal	CVE-2026-7774	中危	3.11.2-6+deb12u7	python: CPython: Python tarfile: Arbitrary file write via crafted link entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-04 16:16 修改: 2026-06-17 11:02
python3.11-minimal	CVE-2026-8328	中危	3.11.2-6+deb12u7	The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-05-13 21:16 修改: 2026-06-17 11:03
python3.11-minimal	CVE-2026-9669	中危	3.11.2-6+deb12u7	python: Python: Denial of Service via out-of-bounds write in BZ2 decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-08 23:17 修改: 2026-06-23 18:18
tar	CVE-2026-5704	中危	1.34+dfsg-1.2+deb12u1	tar: tar: Hidden file injection via crafted archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:59
util-linux	CVE-2026-27456	中危	2.38.1-5+deb12u3	util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
util-linux	CVE-2026-3184	中危	2.38.1-5+deb12u3	util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
util-linux-extra	CVE-2026-27456	中危	2.38.1-5+deb12u3	util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
util-linux-extra	CVE-2026-3184	中危	2.38.1-5+deb12u3	util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
libncursesw6	CVE-2023-50495	中危	6.4-4	ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
zlib1g	CVE-2026-27171	中危	1:1.2.13.dfsg-1	zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26
libgnutls30	CVE-2011-3389	低危	3.7.9-2+deb12u7	HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-3389 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2011-09-06 19:55 修改: 2026-04-29 01:13
libgssapi-krb5-2	CVE-2018-5709	低危	1.20.1-2+deb12u5	krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2018-01-16 09:29 修改: 2026-06-17 02:00
libgssapi-krb5-2	CVE-2024-26458	低危	1.20.1-2+deb12u5	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libpython3.11-stdlib	CVE-2025-13462	低危	3.11.2-6+deb12u7	cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
libpython3.11-stdlib	CVE-2026-12003	低危	3.11.2-6+deb12u7	To allow builds of Python to be run from an in-tree layout (rather tha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-16 17:16 修改: 2026-06-23 18:17
libpython3.11-stdlib	CVE-2026-2297	低危	3.11.2-6+deb12u7	cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
libpython3.11-stdlib	CVE-2026-3479	低危	3.11.2-6+deb12u7	python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
libpython3.11-stdlib	CVE-2026-4519	低危	3.11.2-6+deb12u7	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-20 15:16 修改: 2026-06-17 10:56
libgssapi-krb5-2	CVE-2024-26461	低危	1.20.1-2+deb12u5	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libgssapi-krb5-2	CVE-2026-11850	低危	1.20.1-2+deb12u5	krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
libsmartcols1	CVE-2022-0563	低危	2.38.1-5+deb12u3	util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-02-21 19:15 修改: 2026-06-17 04:20
libsmartcols1	CVE-2025-14104	低危	2.38.1-5+deb12u3	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libk5crypto3	CVE-2018-5709	低危	1.20.1-2+deb12u5	krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2018-01-16 09:29 修改: 2026-06-17 02:00
libk5crypto3	CVE-2024-26458	低危	1.20.1-2+deb12u5	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libk5crypto3	CVE-2024-26461	低危	1.20.1-2+deb12u5	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libk5crypto3	CVE-2026-11850	低危	1.20.1-2+deb12u5	krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
libsqlite3-0	CVE-2021-45346	低危	3.40.1-2+deb12u2	sqlite: crafted SQL query allows a malicious user to obtain sensitive information 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45346 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2022-02-14 19:15 修改: 2026-06-17 04:13
libsqlite3-0	CVE-2025-29088	低危	3.40.1-2+deb12u2	sqlite: Denial of Service in SQLite 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29088 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-04-10 14:15 修改: 2026-06-17 09:05
libsqlite3-0	CVE-2025-70873	低危	3.40.1-2+deb12u2	sqlite: SQLite: Information Disclosure via Crafted ZIP File 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-70873 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-12 19:16 修改: 2026-06-17 10:03
libssl3	CVE-2025-27587	低危	3.0.20-1~deb12u2	OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27587 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-06-16 22:15 修改: 2026-06-17 09:03
libssl3	CVE-2026-42767	低危	3.0.20-1~deb12u2	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libstdc++6	CVE-2022-27943	低危	12.2.0-14+deb12u1	binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37
libsystemd0	CVE-2013-4392	低危	252.39-1~deb12u2	systemd: TOCTOU race condition when updating file permissions and SELinux security contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4392 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2013-10-28 22:55 修改: 2026-04-29 01:13
libsystemd0	CVE-2023-31437	低危	252.39-1~deb12u2	An issue was discovered in systemd 253. An attacker can modify a seale ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31437 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-06-13 17:15 修改: 2026-06-17 05:56
libsystemd0	CVE-2023-31438	低危	252.39-1~deb12u2	An issue was discovered in systemd 253. An attacker can truncate a sea ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31438 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-06-13 17:15 修改: 2026-06-17 05:56
libsystemd0	CVE-2023-31439	低危	252.39-1~deb12u2	An issue was discovered in systemd 253. An attacker can modify the con ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31439 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-06-13 17:15 修改: 2026-06-17 05:56
libsystemd0	CVE-2026-40228	低危	252.39-1~deb12u2	systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
libtasn1-6	CVE-2025-13151	低危	4.19.0-2+deb12u1	libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-01-07 22:15 修改: 2026-06-17 08:33
libkrb5-3	CVE-2018-5709	低危	1.20.1-2+deb12u5	krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2018-01-16 09:29 修改: 2026-06-17 02:00
libkrb5-3	CVE-2024-26458	低危	1.20.1-2+deb12u5	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libtinfo6	CVE-2025-6141	低危	6.4-4	gnu-ncurses: ncurses Stack Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-06-16 22:16 修改: 2026-06-17 10:01
libudev1	CVE-2013-4392	低危	252.39-1~deb12u2	systemd: TOCTOU race condition when updating file permissions and SELinux security contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4392 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2013-10-28 22:55 修改: 2026-04-29 01:13
libudev1	CVE-2023-31437	低危	252.39-1~deb12u2	An issue was discovered in systemd 253. An attacker can modify a seale ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31437 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-06-13 17:15 修改: 2026-06-17 05:56
libudev1	CVE-2023-31438	低危	252.39-1~deb12u2	An issue was discovered in systemd 253. An attacker can truncate a sea ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31438 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-06-13 17:15 修改: 2026-06-17 05:56
libudev1	CVE-2023-31439	低危	252.39-1~deb12u2	An issue was discovered in systemd 253. An attacker can modify the con ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31439 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-06-13 17:15 修改: 2026-06-17 05:56
libudev1	CVE-2026-40228	低危	252.39-1~deb12u2	systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
libkrb5-3	CVE-2024-26461	低危	1.20.1-2+deb12u5	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libkrb5-3	CVE-2026-11850	低危	1.20.1-2+deb12u5	krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
libuuid1	CVE-2022-0563	低危	2.38.1-5+deb12u3	util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-02-21 19:15 修改: 2026-06-17 04:20
libuuid1	CVE-2025-14104	低危	2.38.1-5+deb12u3	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libxtables12	CVE-2012-2663	低危	1.8.9-2	iptables: --syn flag bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2012-2663 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2014-02-15 14:57 修改: 2026-04-29 01:13
login	CVE-2007-5686	低危	1:4.13+dfsg1-1+deb12u2	initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2007-5686 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2007-10-28 17:08 修改: 2026-04-23 00:35
login	CVE-2024-56433	低危	1:4.13+dfsg1-1+deb12u2	shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
login	TEMP-0628843-DBAD28	低危	1:4.13+dfsg1-1+deb12u2	[more related to CVE-2005-4890] 漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0628843-DBAD28 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libkrb5support0	CVE-2018-5709	低危	1.20.1-2+deb12u5	krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2018-01-16 09:29 修改: 2026-06-17 02:00
libkrb5support0	CVE-2024-26458	低危	1.20.1-2+deb12u5	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
mount	CVE-2022-0563	低危	2.38.1-5+deb12u3	util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-02-21 19:15 修改: 2026-06-17 04:20
mount	CVE-2025-14104	低危	2.38.1-5+deb12u3	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libkrb5support0	CVE-2024-26461	低危	1.20.1-2+deb12u5	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libkrb5support0	CVE-2026-11850	低危	1.20.1-2+deb12u5	krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
ncurses-base	CVE-2025-6141	低危	6.4-4	gnu-ncurses: ncurses Stack Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-06-16 22:16 修改: 2026-06-17 10:01
libc-bin	CVE-2019-9192	低危	2.36-9+deb12u14	glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9192 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-02-26 18:29 修改: 2026-06-17 02:43
bash	TEMP-0841856-B18BAF	低危	5.2.15-2+b13	[Privilege escalation possible to other user than root] 漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0841856-B18BAF 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
ncurses-bin	CVE-2025-6141	低危	6.4-4	gnu-ncurses: ncurses Stack Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-06-16 22:16 修改: 2026-06-17 10:01
passwd	CVE-2007-5686	低危	1:4.13+dfsg1-1+deb12u2	initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2007-5686 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2007-10-28 17:08 修改: 2026-04-23 00:35
passwd	CVE-2024-56433	低危	1:4.13+dfsg1-1+deb12u2	shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
passwd	TEMP-0628843-DBAD28	低危	1:4.13+dfsg1-1+deb12u2	[more related to CVE-2005-4890] 漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0628843-DBAD28 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gpgv	CVE-2022-3219	低危	2.2.40-1.1+deb12u2	gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-02-23 20:15 修改: 2026-06-17 04:59
libmount1	CVE-2022-0563	低危	2.38.1-5+deb12u3	util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-02-21 19:15 修改: 2026-06-17 04:20
libmount1	CVE-2025-14104	低危	2.38.1-5+deb12u3	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
gpgv	CVE-2026-57062	低危	2.2.40-1.1+deb12u2	GnuPG: Incorrect cryptographic message parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57062 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2026-06-23 18:18 修改: 2026-06-25 20:16
libapt-pkg6.0	CVE-2011-3374	低危	2.6.1	It was found that apt-key in apt, all versions, do not correctly valid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-3374 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-11-26 00:15 修改: 2024-11-21 01:30
libncursesw6	CVE-2025-6141	低危	6.4-4	gnu-ncurses: ncurses Stack Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-06-16 22:16 修改: 2026-06-17 10:01
libc6	CVE-2010-4756	低危	2.36-9+deb12u14	glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions 漏洞详情: https://avd.aquasec.com/nvd/cve-2010-4756 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2011-03-02 20:00 修改: 2026-04-29 01:13
libc6	CVE-2018-20796	低危	2.36-9+deb12u14	glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20796 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-02-26 02:29 修改: 2026-06-17 01:53
libc6	CVE-2019-1010022	低危	2.36-9+deb12u14	glibc: stack guard protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010022 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
libc6	CVE-2019-1010023	低危	2.36-9+deb12u14	glibc: running ldd on malicious ELF leads to code execution because of wrong size computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010023 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
perl-base	CVE-2011-4116	低危	5.36.0-7+deb12u3	perl: File:: Temp insecure temporary file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-4116 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2020-01-31 18:15 修改: 2025-08-04 19:04
perl-base	CVE-2023-31486	低危	5.36.0-7+deb12u3	http-tiny: perl: insecure TLS cert default 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31486 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2023-04-29 00:15 修改: 2026-06-17 05:57
procps	CVE-2023-4016	低危	2:4.0.2-3	procps: ps buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2023-08-02 05:15 修改: 2026-06-17 06:36
libc6	CVE-2019-1010024	低危	2.36-9+deb12u14	glibc: ASLR bypass using cache of thread stack and heap 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010024 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
libc6	CVE-2019-1010025	低危	2.36-9+deb12u14	glibc: information disclosure of heap addresses of pthread_created thread 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010025 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
libc6	CVE-2019-9192	低危	2.36-9+deb12u14	glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9192 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-02-26 18:29 修改: 2026-06-17 02:43
libelf1	CVE-2024-25260	低危	0.188-2.1	elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-02-20 18:15 修改: 2026-06-17 07:15
libproc2-0	CVE-2023-4016	低危	2:4.0.2-3	procps: ps buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2023-08-02 05:15 修改: 2026-06-17 06:36
libelf1	CVE-2025-1352	低危	0.188-2.1	elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-02-16 15:15 修改: 2026-06-17 08:38
libelf1	CVE-2025-1365	低危	0.188-2.1	elfutils: GNU elfutils eu-readelf readelf.c process_symtab buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1365 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-02-17 00:15 修改: 2026-06-17 08:38
libelf1	CVE-2025-1371	低危	0.188-2.1	elfutils: GNU elfutils eu-read readelf.c handle_dynamic_symtab null pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1371 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-02-17 03:15 修改: 2026-06-17 08:39
libelf1	CVE-2025-1372	低危	0.188-2.1	elfutils: GNU elfutils eu-readelf readelf.c print_string_section buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1372 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-02-17 03:15 修改: 2026-06-17 08:39
libelf1	CVE-2025-1376	低危	0.188-2.1	elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1376 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-02-17 05:15 修改: 2026-06-17 08:39
libelf1	CVE-2025-1377	低危	0.188-2.1	elfutils: GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1377 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-02-17 05:15 修改: 2026-06-17 08:39
bsdutils	CVE-2022-0563	低危	1:2.38.1-5+deb12u3	util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-02-21 19:15 修改: 2026-06-17 04:20
bsdutils	CVE-2025-14104	低危	1:2.38.1-5+deb12u3	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libblkid1	CVE-2022-0563	低危	2.38.1-5+deb12u3	util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-02-21 19:15 修改: 2026-06-17 04:20
libblkid1	CVE-2025-14104	低危	2.38.1-5+deb12u3	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libbpf1	CVE-2025-29481	低危	1:1.1.2-0+deb12u1	libbpf: Heap Buffer Overflow in libbpf 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29481 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2025-04-07 20:15 修改: 2026-06-17 09:05
python3.11	CVE-2025-13462	低危	3.11.2-6+deb12u7	cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
python3.11	CVE-2026-12003	低危	3.11.2-6+deb12u7	To allow builds of Python to be run from an in-tree layout (rather tha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-16 17:16 修改: 2026-06-23 18:17
python3.11	CVE-2026-2297	低危	3.11.2-6+deb12u7	cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
python3.11	CVE-2026-3479	低危	3.11.2-6+deb12u7	python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
python3.11	CVE-2026-4519	低危	3.11.2-6+deb12u7	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-20 15:16 修改: 2026-06-17 10:56
coreutils	CVE-2016-2781	低危	9.1-1	coreutils: Non-privileged session can escape to the parent session in chroot 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2017-02-07 15:59 修改: 2026-06-17 00:44
coreutils	CVE-2017-18018	低危	9.1-1	coreutils: race condition vulnerability in chown and chgrp 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18018 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2018-01-04 04:29 修改: 2026-06-17 01:12
coreutils	CVE-2025-5278	低危	9.1-1	coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-05-27 21:15 修改: 2026-06-25 05:16
gcc-12-base	CVE-2022-27943	低危	12.2.0-14+deb12u1	binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37
apt	CVE-2011-3374	低危	2.6.1	It was found that apt-key in apt, all versions, do not correctly valid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-3374 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-11-26 00:15 修改: 2024-11-21 01:30
libpython3.11-minimal	CVE-2025-13462	低危	3.11.2-6+deb12u7	cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
libpython3.11-minimal	CVE-2026-12003	低危	3.11.2-6+deb12u7	To allow builds of Python to be run from an in-tree layout (rather tha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-16 17:16 修改: 2026-06-23 18:17
libpython3.11-minimal	CVE-2026-2297	低危	3.11.2-6+deb12u7	cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
libpython3.11-minimal	CVE-2026-3479	低危	3.11.2-6+deb12u7	python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
libpython3.11-minimal	CVE-2026-4519	低危	3.11.2-6+deb12u7	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-20 15:16 修改: 2026-06-17 10:56
libc-bin	CVE-2010-4756	低危	2.36-9+deb12u14	glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions 漏洞详情: https://avd.aquasec.com/nvd/cve-2010-4756 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2011-03-02 20:00 修改: 2026-04-29 01:13
libc-bin	CVE-2018-20796	低危	2.36-9+deb12u14	glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20796 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-02-26 02:29 修改: 2026-06-17 01:53
libc-bin	CVE-2019-1010022	低危	2.36-9+deb12u14	glibc: stack guard protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010022 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
libc-bin	CVE-2019-1010023	低危	2.36-9+deb12u14	glibc: running ldd on malicious ELF leads to code execution because of wrong size computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010023 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
libc-bin	CVE-2019-1010024	低危	2.36-9+deb12u14	glibc: ASLR bypass using cache of thread stack and heap 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010024 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
libc-bin	CVE-2019-1010025	低危	2.36-9+deb12u14	glibc: information disclosure of heap addresses of pthread_created thread 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010025 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
python3.11-minimal	CVE-2025-13462	低危	3.11.2-6+deb12u7	cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
python3.11-minimal	CVE-2026-12003	低危	3.11.2-6+deb12u7	To allow builds of Python to be run from an in-tree layout (rather tha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-16 17:16 修改: 2026-06-23 18:17
python3.11-minimal	CVE-2026-2297	低危	3.11.2-6+deb12u7	cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
python3.11-minimal	CVE-2026-3479	低危	3.11.2-6+deb12u7	python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
python3.11-minimal	CVE-2026-4519	低危	3.11.2-6+deb12u7	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-03-20 15:16 修改: 2026-06-17 10:56
sysvinit-utils	TEMP-0517018-A83CE6	低危	3.06-4	[sysvinit: no-root option in expert installer exposes locally exploitable security flaw] 漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0517018-A83CE6 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2023-52426	低危	2.5.0-1+deb12u2	expat: recursive XML entity expansion vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52426 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-02-04 20:15 修改: 2026-06-17 06:42
tar	CVE-2005-2541	低危	1.34+dfsg-1.2+deb12u1	tar: does not properly warn the user when extracting setuid or setgid files 漏洞详情: https://avd.aquasec.com/nvd/cve-2005-2541 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2005-08-10 04:00 修改: 2026-04-16 00:27
tar	TEMP-0290435-0B57B5	低危	1.34+dfsg-1.2+deb12u1	[tar's rmt command may have undesired side effects] 漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0290435-0B57B5 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2024-28757	低危	2.5.0-1+deb12u2	expat: XML Entity Expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2024-03-10 05:15 修改: 2026-06-17 07:21
libexpat1	CVE-2026-24515	低危	2.5.0-1+deb12u2	libexpat: libexpat null pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-01-23 08:16 修改: 2026-06-17 10:23
util-linux	CVE-2022-0563	低危	2.38.1-5+deb12u3	util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-02-21 19:15 修改: 2026-06-17 04:20
util-linux	CVE-2025-14104	低危	2.38.1-5+deb12u3	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libexpat1	CVE-2026-41080	低危	2.5.0-1+deb12u2	libexpat: expat: libexpat: Denial of Service via hash flooding with crafted XML 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41080 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-04-16 17:16 修改: 2026-06-17 10:46
libgcc-s1	CVE-2022-27943	低危	12.2.0-14+deb12u1	binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37
util-linux-extra	CVE-2022-0563	低危	2.38.1-5+deb12u3	util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2022-02-21 19:15 修改: 2026-06-17 04:20
util-linux-extra	CVE-2025-14104	低危	2.38.1-5+deb12u3	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libgcrypt20	CVE-2018-6829	低危	1.10.1-3+deb12u1	libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6829 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2018-02-07 23:29 修改: 2026-06-17 02:02
libgcrypt20	CVE-2024-2236	低危	1.10.1-3+deb12u1	libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24
libsmartcols1	CVE-2026-53615	未知	2.38.1-5+deb12u3	[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libuuid1	CVE-2026-53613	未知	2.38.1-5+deb12u3	[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
python3.11	CVE-2026-11940	未知	3.11.2-6+deb12u7	tarfile.extractall() with the 'data' or 'tar' filter could be bypasse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11940 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-23 17:16 修改: 2026-06-23 19:36
libuuid1	CVE-2026-53615	未知	2.38.1-5+deb12u3	[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56409	未知	2.5.0-1+deb12u2	xmlwf in libexpat before 2.8.2 has an integer overflow for the output ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56409 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:21
python3.11-minimal	CVE-2026-11940	未知	3.11.2-6+deb12u7	tarfile.extractall() with the 'data' or 'tar' filter could be bypasse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11940 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-23 17:16 修改: 2026-06-23 19:36
libblkid1	CVE-2026-53615	未知	2.38.1-5+deb12u3	[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libmount1	CVE-2026-53613	未知	2.38.1-5+deb12u3	[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libmount1	CVE-2026-53615	未知	2.38.1-5+deb12u3	[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
bsdutils	CVE-2026-53615	未知	1:2.38.1-5+deb12u3	[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
bsdutils	CVE-2026-53613	未知	1:2.38.1-5+deb12u3	[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libblkid1	CVE-2026-53613	未知	2.38.1-5+deb12u3	[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libpython3.11-stdlib	CVE-2026-11940	未知	3.11.2-6+deb12u7	tarfile.extractall() with the 'data' or 'tar' filter could be bypasse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11940 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-23 17:16 修改: 2026-06-23 19:36
mount	CVE-2026-53613	未知	2.38.1-5+deb12u3	[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
util-linux	CVE-2026-53613	未知	2.38.1-5+deb12u3	[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
util-linux	CVE-2026-53615	未知	2.38.1-5+deb12u3	[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
mount	CVE-2026-53615	未知	2.38.1-5+deb12u3	[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libpython3.11-minimal	CVE-2026-11940	未知	3.11.2-6+deb12u7	tarfile.extractall() with the 'data' or 'tar' filter could be bypasse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11940 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-23 17:16 修改: 2026-06-23 19:36
libexpat1	CVE-2026-56131	未知	2.5.0-1+deb12u2	libexpat before 2.8.2 lacks handler call depth tracking for calls to X ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56131 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15
libexpat1	CVE-2026-56407	未知	2.5.0-1+deb12u2	libexpat before 2.8.2 has an integer overflow in doProlog that is rela ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56407 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:28
util-linux-extra	CVE-2026-53613	未知	2.38.1-5+deb12u3	[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
util-linux-extra	CVE-2026-53615	未知	2.38.1-5+deb12u3	[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56408	未知	2.5.0-1+deb12u2	libexpat before 2.8.2 has an integer overflow in copyString. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56408 镜像层: sha256:e62763edccbdd6905ab256cb0073db5540836ca0940e468fd0e667c0f4cd7dd8 发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:27
libsmartcols1	CVE-2026-53613	未知	2.38.1-5+deb12u3	[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:b05a96227958df6091396f6fbd5aa4616df631a65626ac8688c91cfa70d1a7e6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

Java (jar)

低危漏洞:3

中危漏洞:11

高危漏洞:6

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
ch.qos.logback:logback-classic	CVE-2023-6378	高危	1.2.9	1.3.12, 1.4.12, 1.2.13	logback: serialization vulnerability in logback receiver 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2023-11-29 12:15 修改: 2026-06-17 06:50
ch.qos.logback:logback-core	CVE-2023-6378	高危	1.2.9	1.3.12, 1.4.12, 1.2.13	logback: serialization vulnerability in logback receiver 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2023-11-29 12:15 修改: 2026-06-17 06:50
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54512	高危	2.19.2	2.18.8, 3.1.4, 2.21.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54513	高危	2.19.2	2.18.8, 2.21.4, 3.1.4	jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
org.yaml:snakeyaml	CVE-2022-1471	高危	1.26	2.0	SnakeYaml: Constructor Deserialization Remote Code Execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2022-12-01 11:15 修改: 2026-06-17 04:22
org.yaml:snakeyaml	CVE-2022-25857	高危	1.26	1.31	snakeyaml: Denial of Service due to missing nested depth limitation for collections 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2022-08-30 05:15 修改: 2026-06-17 04:34
ch.qos.logback:logback-core	CVE-2025-11226	中危	1.2.9	1.5.19, 1.3.16	ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2025-10-01 08:15 修改: 2026-06-25 17:16
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54514	中危	2.19.2	2.18.8, 2.21.4, 3.1.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54515	中危	2.19.2	3.1.4, 2.18.9, 2.21.5	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
com.google.guava:guava	CVE-2023-2976	中危	27.0-jre	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.19.2	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
ch.qos.logback:logback-core	CVE-2024-12798	中危	1.2.9	1.5.13, 1.3.15	logback-core: arbitrary code execution via JaninoEventEvaluator 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2024-12-19 16:15 修改: 2026-06-17 07:00
org.yaml:snakeyaml	CVE-2022-38749	中危	1.26	1.31	snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57
org.yaml:snakeyaml	CVE-2022-38750	中危	1.26	1.31	snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57
org.yaml:snakeyaml	CVE-2022-38751	中危	1.26	1.31	snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57
org.yaml:snakeyaml	CVE-2022-38752	中危	1.26	1.32	snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57
org.yaml:snakeyaml	CVE-2022-41854	中危	1.26	1.32	dev-java/snakeyaml: DoS via stack overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2022-11-11 13:15 修改: 2026-06-17 05:03
ch.qos.logback:logback-core	CVE-2026-1225	低危	1.2.9	1.5.25	ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2026-01-22 10:16 修改: 2026-06-17 10:15
com.google.guava:guava	CVE-2020-8908	低危	27.0-jre	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
ch.qos.logback:logback-core	CVE-2024-12801	低危	1.2.9	1.5.13, 1.3.15	logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801 镜像层: sha256:bc60f3b47c3b5897d5bfa654687981f7a1eddd38fa8d9d1b77653c5e2af331fb 发布日期: 2024-12-19 17:15 修改: 2026-06-17 07:00

usr/local/bin/gosu (gobinary)

低危漏洞:2

中危漏洞:20

高危漏洞:13

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.24.6	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58
stdlib	CVE-2025-61726	高危	v1.24.6	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61729	高危	v1.24.6	1.24.11, 1.25.5	crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50
stdlib	CVE-2026-25679	高危	v1.24.6	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:25
stdlib	CVE-2026-27145	高危	v1.24.6	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:26
stdlib	CVE-2026-32280	高危	v1.24.6	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32281	高危	v1.24.6	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32283	高危	v1.24.6	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-33811	高危	v1.24.6	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
stdlib	CVE-2026-33814	高危	v1.24.6	1.25.10, 1.26.3	net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
stdlib	CVE-2026-39820	高危	v1.24.6	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39836	高危	v1.24.6	1.25.10, 1.26.3	ELSA-2026-22121: golang security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-42499	高危	v1.24.6	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:47
stdlib	CVE-2026-42504	高危	v1.24.6	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
stdlib	CVE-2025-47912	中危	v1.24.6	1.24.8, 1.25.2	net/url: Insufficient validation of bracketed IPv6 hostnames in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28
stdlib	CVE-2025-58183	中危	v1.24.6	1.24.8, 1.25.2	golang: archive/tar: Unbounded allocation when parsing GNU sparse map 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58185	中危	v1.24.6	1.24.8, 1.25.2	encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58187	中危	v1.24.6	1.24.9, 1.25.3	crypto/x509: Quadratic complexity when checking name constraints in crypto/x509 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58188	中危	v1.24.6	1.24.8, 1.25.2	crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58189	中危	v1.24.6	1.24.8, 1.25.2	crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-61723	中危	v1.24.6	1.24.8, 1.25.2	encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61724	中危	v1.24.6	1.24.8, 1.25.2	net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61725	中危	v1.24.6	1.24.8, 1.25.2	net/mail: Excessive CPU consumption in ParseAddress in net/mail 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61727	中危	v1.24.6	1.24.11, 1.25.5	golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61728	中危	v1.24.6	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61730	中危	v1.24.6	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2026-27142	中危	v1.24.6	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26
stdlib	CVE-2026-32282	中危	v1.24.6	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32288	中危	v1.24.6	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32289	中危	v1.24.6	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-39823	中危	v1.24.6	1.25.10, 1.26.3	html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39825	中危	v1.24.6	1.25.10, 1.26.3	net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39826	中危	v1.24.6	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-42507	中危	v1.24.6	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
stdlib	CVE-2025-58186	低危	v1.24.6	1.24.8, 1.25.2	golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2026-27139	低危	v1.24.6	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26
golang.org/x/sys	CVE-2026-39824	未知	v0.1.0	0.44.0	Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824 镜像层: sha256:986d9fc744f5d9e82de9a9255923068e2ceb0de39f3bece478c29a04a0140bf0 发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42