| docker-cli-buildx |
CVE-2026-50195 |
严重 |
0.35.0-r0 |
0.35.0-r1 |
github.com/containerd/containerd: containerd: Arbitrary code execution via CRI checkpoint image tag poisoning
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50195
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:43
|
| docker-cli-buildx |
CVE-2026-53492 |
严重 |
0.35.0-r0 |
0.35.0-r1 |
github.com/containerd/containerd: containerd: Security bypass via Container Device Interface (CDI) annotation smuggling during checkpoint restoration.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53492
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:33
|
| docker-compose |
CVE-2026-50195 |
严重 |
5.1.4-r5 |
5.1.4-r6 |
github.com/containerd/containerd: containerd: Arbitrary code execution via CRI checkpoint image tag poisoning
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50195
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:43
|
| docker-compose |
CVE-2026-53492 |
严重 |
5.1.4-r5 |
5.1.4-r6 |
github.com/containerd/containerd: containerd: Security bypass via Container Device Interface (CDI) annotation smuggling during checkpoint restoration.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53492
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:33
|
| docker-cli-buildx |
CVE-2026-39822 |
高危 |
0.35.0-r0 |
0.35.0-r3 |
os: golang: Go os.Root: Symlink following vulnerability allows directory traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39822
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-08 17:17 修改: 2026-07-13 14:54
|
| docker-cli-buildx |
CVE-2026-53488 |
高危 |
0.35.0-r0 |
0.35.0-r1 |
github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53488
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-01 02:17 修改: 2026-07-03 04:17
|
| docker-compose |
CVE-2026-53488 |
高危 |
5.1.4-r5 |
5.1.4-r6 |
github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53488
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-01 02:17 修改: 2026-07-03 04:17
|
| libexpat1 |
CVE-2026-56131 |
高危 |
2.8.1-r1 |
2.8.2-r0 |
libexpat before 2.8.2 lacks handler call depth tracking for calls to X ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56131
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15
|
| libexpat1 |
CVE-2026-56407 |
高危 |
2.8.1-r1 |
2.8.2-r0 |
libexpat before 2.8.2 has an integer overflow in doProlog that is rela ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56407
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:28
|
| libexpat1 |
CVE-2026-56408 |
高危 |
2.8.1-r1 |
2.8.2-r0 |
libexpat before 2.8.2 has an integer overflow in copyString.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56408
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:27
|
| docker-compose |
CVE-2026-41178 |
中危 |
5.1.4-r5 |
5.2.0-r0 |
OpenTelemetry-Go is the Go implementation of OpenTelemetry. Versions 1 ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41178
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-04 16:16 修改: 2026-06-18 14:34
|
| docker-compose |
CVE-2026-42505 |
中危 |
5.1.4-r5 |
5.3.1-r1 |
crypto/tls: golang: Go crypto/tls: Information disclosure in Encrypted Client Hello
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42505
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-08 17:17 修改: 2026-07-13 17:05
|
| docker-compose |
CVE-2026-47262 |
中危 |
5.1.4-r5 |
5.1.4-r6 |
github.com/containerd/containerd: containerd: Denial of Service via maliciously crafted image leading to unbounded group parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47262
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:40
|
| docker-compose |
CVE-2026-53489 |
中危 |
5.1.4-r5 |
5.1.4-r6 |
github.com/containerd/containerd: containerd: Arbitrary host file read via symlink following in CRI checkpoint restore
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53489
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:33
|
| docker-cli-buildx |
CVE-2026-42505 |
中危 |
0.35.0-r0 |
0.35.0-r3 |
crypto/tls: golang: Go crypto/tls: Information disclosure in Encrypted Client Hello
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42505
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-08 17:17 修改: 2026-07-13 17:05
|
| docker-cli-buildx |
CVE-2026-47262 |
中危 |
0.35.0-r0 |
0.35.0-r1 |
github.com/containerd/containerd: containerd: Denial of Service via maliciously crafted image leading to unbounded group parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47262
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:40
|
| docker-cli-buildx |
CVE-2026-53489 |
中危 |
0.35.0-r0 |
0.35.0-r1 |
github.com/containerd/containerd: containerd: Arbitrary host file read via symlink following in CRI checkpoint restore
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53489
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:33
|
| libexpat1 |
CVE-2026-50219 |
中危 |
2.8.1-r1 |
2.8.2-r0 |
expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50219
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-04 06:16 修改: 2026-06-17 10:57
|
| libexpat1 |
CVE-2026-56132 |
中危 |
2.8.1-r1 |
2.8.2-r0 |
expat: libexpat: Arbitrary Code Execution via Heap-based Buffer Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56132
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15
|
| libexpat1 |
CVE-2026-56403 |
中危 |
2.8.1-r1 |
2.8.2-r0 |
libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56403
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15
|
| libexpat1 |
CVE-2026-56404 |
中危 |
2.8.1-r1 |
2.8.2-r0 |
libexpat before 2.8.2 has an integer overflow in addBinding.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56404
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15
|
| libexpat1 |
CVE-2026-56405 |
中危 |
2.8.1-r1 |
2.8.2-r0 |
libexpat: libexpat: Information disclosure and arbitrary code execution via integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56405
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:14
|
| libexpat1 |
CVE-2026-56406 |
中危 |
2.8.1-r1 |
2.8.2-r0 |
libexpat: libexpat: Arbitrary code execution via integer overflow in XML_ParseBuffer
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56406
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:29
|
| libexpat1 |
CVE-2026-56409 |
中危 |
2.8.1-r1 |
2.8.2-r0 |
xmlwf in libexpat before 2.8.2 has an integer overflow for the output ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56409
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:21
|
| libexpat1 |
CVE-2026-56410 |
中危 |
2.8.1-r1 |
2.8.2-r0 |
libexpat: libexpat: Integer overflow in xmlwf can lead to information disclosure and arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56410
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:18
|
| libexpat1 |
CVE-2026-56411 |
中危 |
2.8.1-r1 |
2.8.2-r0 |
expat: libexpat: Integer Overflow Vulnerability Leading to Information Disclosure or Code Execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56411
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-21 17:16 修改: 2026-06-23 16:16
|
| libexpat1 |
CVE-2026-56412 |
中危 |
2.8.1-r1 |
2.8.2-r0 |
libexpat: libexpat: Use-after-free vulnerability due to improper handling of XML CDATA sections
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56412
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 2026-06-21 17:16 修改: 2026-06-23 15:31
|
| glibc-locale-posix |
CVE-2026-6791 |
未知 |
2.43-r8 |
2.43-r10 |
漏洞详情:
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| ld-linux |
CVE-2026-6791 |
未知 |
2.43-r8 |
2.43-r10 |
漏洞详情:
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libcrypt1 |
CVE-2026-6791 |
未知 |
2.43-r8 |
2.43-r10 |
漏洞详情:
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| glibc |
CVE-2026-6791 |
未知 |
2.43-r8 |
2.43-r10 |
漏洞详情:
镜像层: sha256:aa1a1ab58b0b2da2332b86303ecce73943947a3693711610236ca9a8ae14f0e2
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|