docker.io/cp0204/chinatelecommonitor:main linux/arm64

docker.io/cp0204/chinatelecommonitor:main - Trivy安全扫描结果扫描时间: 2026-06-16 23:20 温馨提示: 这是一个 linux/arm64 系统架构镜像

全部漏洞信息

低危漏洞:21

中危漏洞:21

高危漏洞:15

严重漏洞:2

系统OS: alpine 3.23.3 扫描引擎: Trivy 扫描时间: 2026-06-16 23:20

docker.io/cp0204/chinatelecommonitor:main (alpine 3.23.3) (alpine)

低危漏洞:20

中危漏洞:17

高危漏洞:13

严重漏洞:2

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libcrypto3	CVE-2026-31789	严重	3.5.5-r0	3.5.6-r0	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-31789	严重	3.5.5-r0	3.5.6-r0	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-28388	高危	3.5.5-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-28389	高危	3.5.5-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-28390	高危	3.5.5-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3	CVE-2026-45447	高危	3.5.5-r0	3.5.7-r0	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 15:16
libcrypto3	CVE-2026-28387	高危	3.5.5-r0	3.5.6-r0	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28387	高危	3.5.5-r0	3.5.6-r0	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28388	高危	3.5.5-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28389	高危	3.5.5-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28390	高危	3.5.5-r0	3.5.6-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-45447	高危	3.5.5-r0	3.5.7-r0	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 15:16
musl	CVE-2026-40200	高危	1.2.5-r21	1.2.5-r23	musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
musl-utils	CVE-2026-40200	高危	1.2.5-r21	1.2.5-r23	musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
zlib	CVE-2026-22184	高危	1.3.1-r2	1.3.2-r0	zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22184 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-01-07 21:16 修改: 2026-03-18 16:26
libcrypto3	CVE-2026-34183	中危	3.5.5-r0	3.5.7-r0	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
libcrypto3	CVE-2026-42764	中危	3.5.5-r0	3.5.7-r0	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libcrypto3	CVE-2026-45445	中危	3.5.5-r0	3.5.7-r0	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-2673	中危	3.5.5-r0	3.5.6-r0	openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-03-13 19:54 修改: 2026-06-05 19:48
libssl3	CVE-2026-31790	中危	3.5.5-r0	3.5.6-r0	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-34182	中危	3.5.5-r0	3.5.7-r0	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-34183	中危	3.5.5-r0	3.5.7-r0	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
libssl3	CVE-2026-42764	中危	3.5.5-r0	3.5.7-r0	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl3	CVE-2026-45445	中危	3.5.5-r0	3.5.7-r0	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libuuid	CVE-2026-27456	中危	2.41.2-r0	2.41.4-r0	util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:aef8364e701532926e6ccf66803204095236e0457bb04be6959548ba9f43470d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libcrypto3	CVE-2026-2673	中危	3.5.5-r0	3.5.6-r0	openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-03-13 19:54 修改: 2026-06-05 19:48
musl	CVE-2026-6042	中危	1.2.5-r21	1.2.5-r22	musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
libcrypto3	CVE-2026-31790	中危	3.5.5-r0	3.5.6-r0	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
musl-utils	CVE-2026-6042	中危	1.2.5-r21	1.2.5-r22	musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
xz-libs	CVE-2026-34743	中危	5.8.2-r0	5.8.3-r0	xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:aef8364e701532926e6ccf66803204095236e0457bb04be6959548ba9f43470d 发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libcrypto3	CVE-2026-34182	中危	3.5.5-r0	3.5.7-r0	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
zlib	CVE-2026-27171	中危	1.3.1-r2	1.3.2-r0	zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-02-18 04:16 修改: 2026-03-25 21:27
libcrypto3	CVE-2026-34180	低危	3.5.5-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libcrypto3	CVE-2026-34181	低危	3.5.5-r0	3.5.7-r0	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-34180	低危	3.5.5-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-34181	低危	3.5.5-r0	3.5.7-r0	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-42766	低危	3.5.5-r0	3.5.7-r0	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl3	CVE-2026-42767	低危	3.5.5-r0	3.5.7-r0	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42768	低危	3.5.5-r0	3.5.7-r0	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42769	低危	3.5.5-r0	3.5.7-r0	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
libssl3	CVE-2026-42770	低危	3.5.5-r0	3.5.7-r0	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-45446	低危	3.5.5-r0	3.5.7-r0	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-7383	低危	3.5.5-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-9076	低危	3.5.5-r0	3.5.7-r0	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42766	低危	3.5.5-r0	3.5.7-r0	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libcrypto3	CVE-2026-42767	低危	3.5.5-r0	3.5.7-r0	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42768	低危	3.5.5-r0	3.5.7-r0	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42769	低危	3.5.5-r0	3.5.7-r0	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
libcrypto3	CVE-2026-42770	低危	3.5.5-r0	3.5.7-r0	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-45446	低危	3.5.5-r0	3.5.7-r0	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-7383	低危	3.5.5-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-9076	低危	3.5.5-r0	3.5.7-r0	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16

Python (python-pkg)

低危漏洞:1

中危漏洞:4

高危漏洞:2

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
urllib3	CVE-2026-44431	高危	2.6.3	2.7.0	urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44431 镜像层: sha256:f7be724ade44b2e73790fff67d8a63b8acea590ae4669b5f9c99b9807e9fbf01 发布日期: 2026-05-13 16:16 修改: 2026-05-14 13:56
urllib3	CVE-2026-44432	高危	2.6.3	2.7.0	urllib3: urllib3: Denial of Service due to excessive HTTP response decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44432 镜像层: sha256:f7be724ade44b2e73790fff67d8a63b8acea590ae4669b5f9c99b9807e9fbf01 发布日期: 2026-05-13 16:16 修改: 2026-05-14 13:49
pip	CVE-2026-6357	中危	25.3	26.1	pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357 镜像层: sha256:aef8364e701532926e6ccf66803204095236e0457bb04be6959548ba9f43470d 发布日期: 2026-04-27 15:16 修改: 2026-04-27 23:16
requests	CVE-2026-25645	中危	2.32.5	2.33.0	requests: Requests: Security bypass due to predictable temporary file creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25645 镜像层: sha256:f7be724ade44b2e73790fff67d8a63b8acea590ae4669b5f9c99b9807e9fbf01 发布日期: 2026-03-25 17:16 修改: 2026-03-30 14:23
idna	CVE-2026-45409	中危	3.11	3.15	Internationalized Domain Names in Applications (IDNA) for Python provi ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45409 镜像层: sha256:f7be724ade44b2e73790fff67d8a63b8acea590ae4669b5f9c99b9807e9fbf01 发布日期: 2026-06-05 23:16 修改: 2026-06-15 18:52
pip	CVE-2026-3219	中危	25.3	26.1	pip: pip: Incorrect file installation due to improper archive handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219 镜像层: sha256:aef8364e701532926e6ccf66803204095236e0457bb04be6959548ba9f43470d 发布日期: 2026-04-20 16:16 修改: 2026-04-20 21:16
pip	CVE-2026-1703	低危	25.3	26.0	pip: pip: Information disclosure via path traversal when installing crafted wheel archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703 镜像层: sha256:aef8364e701532926e6ccf66803204095236e0457bb04be6959548ba9f43470d 发布日期: 2026-02-02 15:16 修改: 2026-04-15 00:35