| bsdutils |
CVE-2026-27456 |
中危 |
1:2.37.2-4ubuntu3.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| busybox |
CVE-2023-42366 |
中危 |
1:1.30.1-7ubuntu3.1 |
|
busybox: A heap-buffer-overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42366
镜像层: sha256:7ef7b6be8dbe939cd09c72ba76767924a0918dd15663cd490853102635033b78
发布日期: 2023-11-27 23:15 修改: 2024-12-06 14:15
|
| busybox |
CVE-2024-58251 |
中危 |
1:1.30.1-7ubuntu3.1 |
|
In netstat in BusyBox through 1.37.0, local users can launch of networ ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251
镜像层: sha256:7ef7b6be8dbe939cd09c72ba76767924a0918dd15663cd490853102635033b78
发布日期: 2025-04-23 18:16 修改: 2026-04-15 00:35
|
| busybox |
CVE-2025-46394 |
中危 |
1:1.30.1-7ubuntu3.1 |
|
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394
镜像层: sha256:7ef7b6be8dbe939cd09c72ba76767924a0918dd15663cd490853102635033b78
发布日期: 2025-04-23 16:15 修改: 2025-09-24 14:38
|
| busybox |
CVE-2025-60876 |
中危 |
1:1.30.1-7ubuntu3.1 |
|
busybox: BusyBox wget: HTTP request-target allows header injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-60876
镜像层: sha256:7ef7b6be8dbe939cd09c72ba76767924a0918dd15663cd490853102635033b78
发布日期: 2025-11-10 20:15 修改: 2025-12-31 18:29
|
| libblkid1 |
CVE-2026-27456 |
中危 |
2.37.2-4ubuntu3.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libc-bin |
CVE-2026-4046 |
中危 |
2.35-0ubuntu3.13 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| libc-bin |
CVE-2026-4437 |
中危 |
2.35-0ubuntu3.13 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
|
| libc-bin |
CVE-2026-4438 |
中危 |
2.35-0ubuntu3.13 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
|
| libc6 |
CVE-2026-4046 |
中危 |
2.35-0ubuntu3.13 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| libc6 |
CVE-2026-4437 |
中危 |
2.35-0ubuntu3.13 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
|
| libc6 |
CVE-2026-4438 |
中危 |
2.35-0ubuntu3.13 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
|
| libcap2 |
CVE-2026-4878 |
中危 |
1:2.44-1ubuntu0.22.04.2 |
1:2.44-1ubuntu0.22.04.3 |
libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-04-09 16:16 修改: 2026-05-07 22:16
|
| libmount1 |
CVE-2026-27456 |
中危 |
2.37.2-4ubuntu3.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libsmartcols1 |
CVE-2026-27456 |
中危 |
2.37.2-4ubuntu3.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libuuid1 |
CVE-2026-27456 |
中危 |
2.37.2-4ubuntu3.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| locales |
CVE-2026-4046 |
中危 |
2.35-0ubuntu3.13 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:7ef7b6be8dbe939cd09c72ba76767924a0918dd15663cd490853102635033b78
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| locales |
CVE-2026-4437 |
中危 |
2.35-0ubuntu3.13 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:7ef7b6be8dbe939cd09c72ba76767924a0918dd15663cd490853102635033b78
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
|
| locales |
CVE-2026-4438 |
中危 |
2.35-0ubuntu3.13 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:7ef7b6be8dbe939cd09c72ba76767924a0918dd15663cd490853102635033b78
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
|
| mount |
CVE-2026-27456 |
中危 |
2.37.2-4ubuntu3.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| sed |
CVE-2026-5958 |
中危 |
4.8-1ubuntu2 |
4.8-1ubuntu2.1 |
When sed is invoked with both -i (in-place edit) and --follow-symlinks ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-04-20 12:16 修改: 2026-04-20 19:05
|
| tar |
CVE-2025-45582 |
中危 |
1.34+dfsg-1ubuntu0.1.22.04.2 |
|
tar: Tar path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
|
| tar |
CVE-2026-5704 |
中危 |
1.34+dfsg-1ubuntu0.1.22.04.2 |
|
tar: tar: Hidden file injection via crafted archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:08
|
| util-linux |
CVE-2026-27456 |
中危 |
2.37.2-4ubuntu3.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| wget |
CVE-2021-31879 |
中危 |
1.21.2-2ubuntu1.1 |
|
wget: authorization header disclosure on redirect
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879
镜像层: sha256:7ef7b6be8dbe939cd09c72ba76767924a0918dd15663cd490853102635033b78
发布日期: 2021-04-29 05:15 修改: 2024-11-21 06:06
|
| libudev1 |
CVE-2023-7008 |
低危 |
249.11-0ubuntu3.20 |
|
systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
|
| libgcrypt20 |
CVE-2024-2236 |
低危 |
1.9.4-3ubuntu3 |
|
libgcrypt: vulnerable to Marvin Attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
|
| libzstd1 |
CVE-2022-4899 |
低危 |
1.4.8+dfsg-3build1 |
|
zstd: mysql: buffer overrun in util.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-03-31 20:15 修改: 2025-02-18 18:15
|
| gcc-12-base |
CVE-2022-27943 |
低危 |
12.3.0-1ubuntu1~22.04.3 |
|
binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
|
| libncurses6 |
CVE-2023-50495 |
低危 |
6.3-2ubuntu0.1 |
|
ncurses: segmentation fault via _nc_wrap_entry()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
|
| libncursesw6 |
CVE-2023-50495 |
低危 |
6.3-2ubuntu0.1 |
|
ncurses: segmentation fault via _nc_wrap_entry()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
|
| login |
CVE-2023-29383 |
低危 |
1:4.8.1-2ubuntu2.2 |
|
shadow: Improper input validation in shadow-utils package utility chfn
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
|
| login |
CVE-2024-56433 |
低危 |
1:4.8.1-2ubuntu2.2 |
|
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
|
| libpcre2-8-0 |
CVE-2022-41409 |
低危 |
10.39-3ubuntu0.1 |
|
pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-07-18 14:15 修改: 2024-11-21 07:23
|
| ncurses-base |
CVE-2023-50495 |
低危 |
6.3-2ubuntu0.1 |
|
ncurses: segmentation fault via _nc_wrap_entry()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
|
| ncurses-bin |
CVE-2023-50495 |
低危 |
6.3-2ubuntu0.1 |
|
ncurses: segmentation fault via _nc_wrap_entry()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
|
| passwd |
CVE-2023-29383 |
低危 |
1:4.8.1-2ubuntu2.2 |
|
shadow: Improper input validation in shadow-utils package utility chfn
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
|
| passwd |
CVE-2024-56433 |
低危 |
1:4.8.1-2ubuntu2.2 |
|
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
|
| libpcre3 |
CVE-2017-11164 |
低危 |
2:8.39-13ubuntu0.22.04.1 |
|
pcre: OP_KETRMAX feature in the match function in pcre_exec.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2017-07-11 03:29 修改: 2025-04-20 01:37
|
| libgcc-s1 |
CVE-2022-27943 |
低危 |
12.3.0-1ubuntu1~22.04.3 |
|
binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
|
| libstdc++6 |
CVE-2022-27943 |
低危 |
12.3.0-1ubuntu1~22.04.3 |
|
binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
|
| libsystemd0 |
CVE-2023-7008 |
低危 |
249.11-0ubuntu3.20 |
|
systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
|
| libtinfo6 |
CVE-2023-50495 |
低危 |
6.3-2ubuntu0.1 |
|
ncurses: segmentation fault via _nc_wrap_entry()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495
镜像层: sha256:39fbf5f8fe523b2ea819cd8eb2bf68807d8eaee383549f7ab80a44503ed6860b
发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
|