docker.io/hanxi/xiaomusic:v0.5.1 linux/arm64

docker.io/hanxi/xiaomusic:v0.5.1 - Trivy安全扫描结果 扫描时间: 2026-06-15 11:13 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:23 中危漏洞:40 高危漏洞:30 严重漏洞:2

系统OS: alpine 3.23.3 扫描引擎: Trivy 扫描时间: 2026-06-15 11:13

docker.io/hanxi/xiaomusic:v0.5.1 (alpine 3.23.3) (alpine)
低危漏洞:22 中危漏洞:22 高危漏洞:16 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libcrypto3 CVE-2026-31789 严重 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-31789 严重 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28387 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28388 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28389 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28390 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-45447 高危 3.5.5-r0 3.5.7-r0 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 15:16
libssh CVE-2026-0966 高危 0.11.3-r0 0.11.4-r0 libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0966

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-03-26 21:17 修改: 2026-05-19 14:16
lcms2 CVE-2026-41254 高危 2.17-r0 2.19-r0 Little CMS: lcms2: mm2/Little-CMS: Little CMS: Information disclosure or denial of service via integer overflow in CubeSize

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41254

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-04-18 07:16 修改: 2026-05-07 18:16
libssl3 CVE-2026-28387 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28388 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28389 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28390 高危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-45447 高危 3.5.5-r0 3.5.7-r0 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 15:16
libxml2 CVE-2026-6732 高危 2.13.9-r0 2.13.9-r1 libxml2: libxml2: Denial of Service via crafted XSD-validated document

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6732

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-04-23 23:16 修改: 2026-05-15 14:36
musl CVE-2026-40200 高危 1.2.5-r21 1.2.5-r23 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
musl-utils CVE-2026-40200 高危 1.2.5-r21 1.2.5-r23 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
nghttp2-libs CVE-2026-27135 高危 1.68.0-r0 1.68.1 nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-03-18 18:16 修改: 2026-05-13 22:16
libssh CVE-2026-0964 中危 0.11.3-r0 0.11.4-r0 libssh: Improper sanitation of paths received from SCP servers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0964

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-03-26 21:17 修改: 2026-05-19 14:16
libssh CVE-2026-0967 中危 0.11.3-r0 0.11.4-r0 libssh: libssh: Denial of Service via inefficient regular expression processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0967

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-03-26 21:17 修改: 2026-05-19 14:16
libcrypto3 CVE-2026-2673 中危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-03-13 19:54 修改: 2026-06-05 19:48
libcrypto3 CVE-2026-31790 中危 3.5.5-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-34182 中危 3.5.5-r0 3.5.7-r0 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libcrypto3 CVE-2026-34183 中危 3.5.5-r0 3.5.7-r0 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 16:17
libcrypto3 CVE-2026-42764 中危 3.5.5-r0 3.5.7-r0 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3 CVE-2026-45445 中危 3.5.5-r0 3.5.7-r0 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-2673 中危 3.5.5-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-03-13 19:54 修改: 2026-06-05 19:48
libssl3 CVE-2026-31790 中危 3.5.5-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-34182 中危 3.5.5-r0 3.5.7-r0 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libssl3 CVE-2026-34183 中危 3.5.5-r0 3.5.7-r0 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 16:17
libssl3 CVE-2026-42764 中危 3.5.5-r0 3.5.7-r0 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-45445 中危 3.5.5-r0 3.5.7-r0 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libuuid CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:7aa303f14a49c6a16448dcb2730f003030da5dc1cc8a2e2ef06904fae7cfed84

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libmount CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libpng CVE-2026-34757 中危 1.6.56-r0 1.6.57-r0 libpng: libpng: Information disclosure and data corruption via use-after-free vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34757

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-04-09 15:16 修改: 2026-05-13 23:07
musl CVE-2026-6042 中危 1.2.5-r21 1.2.5-r22 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
libpng CVE-2026-40930 中危 1.6.56-r0 1.6.58-r1 LIBPNG is a reference library for use in applications that process PNG ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40930

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-06-04 16:16 修改: 2026-06-04 16:23
musl-utils CVE-2026-6042 中危 1.2.5-r21 1.2.5-r22 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
libblkid CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
xz-libs CVE-2026-34743 中危 5.8.2-r0 5.8.3-r0 xz: XZ Utils: Denial of Service via buffer overflow in index decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743

镜像层: sha256:7aa303f14a49c6a16448dcb2730f003030da5dc1cc8a2e2ef06904fae7cfed84

发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libcrypto3 CVE-2026-42768 低危 3.5.5-r0 3.5.7-r0 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3 CVE-2026-42769 低危 3.5.5-r0 3.5.7-r0 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssh CVE-2026-0965 低危 0.11.3-r0 0.11.4-r0 libssh: libssh: Denial of Service via improper configuration file handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0965

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-03-26 21:17 修改: 2026-05-19 14:16
libssh CVE-2026-0968 低危 0.11.3-r0 0.11.4-r0 libssh: libssh: Denial of Service due to malformed SFTP message

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0968

镜像层: sha256:12b1d0a64fc46cfa5e072afdf7511a4edb91f3666cc6dc7cb92dee6b166cc2c8

发布日期: 2026-03-26 21:17 修改: 2026-05-19 14:16
libssl3 CVE-2026-34180 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-34181 低危 3.5.5-r0 3.5.7-r0 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libssl3 CVE-2026-42766 低危 3.5.5-r0 3.5.7-r0 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-42767 低危 3.5.5-r0 3.5.7-r0 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-42768 低危 3.5.5-r0 3.5.7-r0 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-42769 低危 3.5.5-r0 3.5.7-r0 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-42770 低危 3.5.5-r0 3.5.7-r0 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-45446 低危 3.5.5-r0 3.5.7-r0 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-7383 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-9076 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3 CVE-2026-42770 低危 3.5.5-r0 3.5.7-r0 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3 CVE-2026-45446 低危 3.5.5-r0 3.5.7-r0 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3 CVE-2026-7383 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3 CVE-2026-9076 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3 CVE-2026-34180 低危 3.5.5-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3 CVE-2026-34181 低危 3.5.5-r0 3.5.7-r0 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libcrypto3 CVE-2026-42766 低危 3.5.5-r0 3.5.7-r0 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3 CVE-2026-42767 低危 3.5.5-r0 3.5.7-r0 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:45f3ea5848e8a25ca27718b640a21ffd8c8745d342a24e1d4ddfc8c449b0a724

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
Node.js (node-pkg)
低危漏洞:1 中危漏洞:11 高危漏洞:11 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
axios CVE-2026-42033 高危 1.15.0 1.15.1, 0.31.1 axios: Axios: HTTP Transport Hijacking via Prototype Pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42033

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:02
axios CVE-2026-42035 高危 1.15.0 1.15.1, 0.31.1 axios: Axios: Arbitrary HTTP header injection via prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42035

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:58
axios CVE-2026-42043 高危 1.15.0 1.15.1, 0.31.1 axios: Axios: NO_PROXY bypass via crafted URL

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42043

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:05
axios CVE-2026-42264 高危 1.15.0 1.15.2 Axios is a promise based HTTP client for the browser and Node.js. From ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42264

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-05-08 04:16 修改: 2026-05-13 17:53
axios CVE-2026-44486 高危 1.15.0 1.16.0, 0.32.0 axios: Axios: Information disclosure of proxy credentials via HTTP redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44486

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-06-11 17:16 修改: 2026-06-13 03:16
axios CVE-2026-44487 高危 1.15.0 1.16.0, 0.32.0 axios: Axios: Information disclosure of proxy credentials via redirect flows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44487

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-06-11 17:16 修改: 2026-06-12 19:19
axios CVE-2026-44488 高危 1.15.0 1.16.0 axios: Axios: Denial of Service due to unenforced request and response size limits

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44488

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-06-11 17:16 修改: 2026-06-12 19:04
axios CVE-2026-44492 高危 1.15.0 1.16.0, 0.32.0 axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44492

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-06-11 17:16 修改: 2026-06-13 03:16
axios CVE-2026-44494 高危 1.15.0 1.16.0 axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44494

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-06-11 17:16 修改: 2026-06-12 18:01
axios CVE-2026-44495 高危 1.15.0 1.15.2, 0.31.1 axios: Axios: Information disclosure due to prototype pollution vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44495

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-06-11 17:16 修改: 2026-06-12 14:16
axios CVE-2026-44496 高危 1.15.0 1.16.0, 0.32.0 axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44496

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-06-11 17:16 修改: 2026-06-12 18:00
axios CVE-2026-42034 中危 1.15.0 1.15.1, 0.31.1 axios: Axios: Denial of Service via oversized streamed uploads bypassing body limits

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42034

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:59
axios CVE-2026-42036 中危 1.15.0 1.15.1, 0.31.1 axios: Axios: Denial of Service via unbounded stream consumption when 'responseType: 'stream'' is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42036

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:57
axios CVE-2026-42037 中危 1.15.0 1.15.1 axios: Node.js: Axios: Information disclosure via CRLF injection in multipart Content-Type header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42037

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:54
axios CVE-2026-42038 中危 1.15.0 1.15.1, 0.31.1 axios: Axios: Information disclosure due to `no_proxy` bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42038

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:52
axios CVE-2026-42039 中危 1.15.0 1.15.1, 0.31.1 axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42039

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:50
axios CVE-2026-42041 中危 1.15.0 1.15.1, 0.31.1 axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42041

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:07
axios CVE-2026-42042 中危 1.15.0 1.15.1, 0.31.1 axios: Axios: XSRF token bypass leading to information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42042

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:05
axios CVE-2026-42044 中危 1.15.0 1.15.2 axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42044

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:04
axios CVE-2026-44490 中危 1.15.0 1.16.0, 0.32.0 axios: Axios: Information disclosure and denial of service due to prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44490

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-06-11 17:16 修改: 2026-06-11 20:56
follow-redirects GHSA-r4q5-vmmm-2653 中危 1.15.11 1.16.0 follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets

漏洞详情: https://github.com/advisories/GHSA-r4q5-vmmm-2653

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-14 01:11 修改: 2026-04-14 01:11
qs CVE-2026-8723 中危 6.15.1 6.15.2 ### Summary `qs.stringify` throws `TypeError` when called with `arr ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8723

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-05-17 00:16 修改: 2026-05-18 20:23
axios CVE-2026-42040 低危 1.15.0 1.15.1, 0.31.1 Axios is a promise based HTTP client for the browser and Node.js. Prio ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42040

镜像层: sha256:14531b678e8136a38d5c612efeaf8af925bf7335631212f756d25892fe34cf6f

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:09
Python (python-pkg)
低危漏洞:0 中危漏洞:7 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
python-multipart CVE-2026-42561 高危 0.0.24 0.0.27 Python-Multipart is a streaming multipart parser for Python. Prior to ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42561

镜像层: sha256:a5c55a463d4b2c7392408974ebee2817c661668f1c7850c881db3caff1c0a2d0

发布日期: 2026-05-13 21:16 修改: 2026-05-14 17:00
urllib3 CVE-2026-44431 高危 2.6.3 2.7.0 urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44431

镜像层: sha256:a5c55a463d4b2c7392408974ebee2817c661668f1c7850c881db3caff1c0a2d0

发布日期: 2026-05-13 16:16 修改: 2026-05-14 13:56
urllib3 CVE-2026-44432 高危 2.6.3 2.7.0 urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44432

镜像层: sha256:a5c55a463d4b2c7392408974ebee2817c661668f1c7850c881db3caff1c0a2d0

发布日期: 2026-05-13 16:16 修改: 2026-05-14 13:49
pip CVE-2026-3219 中危 26.0.1 26.1 pip: pip: Incorrect file installation due to improper archive handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219

镜像层: sha256:7aa303f14a49c6a16448dcb2730f003030da5dc1cc8a2e2ef06904fae7cfed84

发布日期: 2026-04-20 16:16 修改: 2026-04-20 21:16
pip CVE-2026-6357 中危 26.0.1 26.1 pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357

镜像层: sha256:7aa303f14a49c6a16448dcb2730f003030da5dc1cc8a2e2ef06904fae7cfed84

发布日期: 2026-04-27 15:16 修改: 2026-04-27 23:16
aiohttp CVE-2026-34993 中危 3.13.5 3.14.0 aiohttp: AIOHTTP: Arbitrary code execution via untrusted input to CookieJar.load()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34993

镜像层: sha256:a5c55a463d4b2c7392408974ebee2817c661668f1c7850c881db3caff1c0a2d0

发布日期: 2026-06-02 20:16 修改: 2026-06-05 13:44
python-multipart CVE-2026-40347 中危 0.0.24 0.0.26 python-multipart: Python-Multipart: Denial of Service via crafted multipart/form-data requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40347

镜像层: sha256:a5c55a463d4b2c7392408974ebee2817c661668f1c7850c881db3caff1c0a2d0

发布日期: 2026-04-18 00:16 修改: 2026-04-24 16:51
starlette CVE-2026-48710 中危 1.0.0 1.0.1 starlette: Starlette: Security restriction bypass via malformed HTTP Host header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48710

镜像层: sha256:a5c55a463d4b2c7392408974ebee2817c661668f1c7850c881db3caff1c0a2d0

发布日期: 2026-05-26 22:16 修改: 2026-06-03 02:14
aiohttp CVE-2026-47265 中危 3.13.5 3.14.0 python-aiohttp: AIOHTTP: Information disclosure via improper handling of cookies during cross-origin redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47265

镜像层: sha256:a5c55a463d4b2c7392408974ebee2817c661668f1c7850c881db3caff1c0a2d0

发布日期: 2026-06-02 20:16 修改: 2026-06-05 13:39
idna CVE-2026-45409 中危 3.11 3.15 Internationalized Domain Names in Applications (IDNA) for Python provi ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45409

镜像层: sha256:a5c55a463d4b2c7392408974ebee2817c661668f1c7850c881db3caff1c0a2d0

发布日期: 2026-06-05 23:16 修改: 2026-06-08 15:02
/app/.venv/lib/python3.14/site-packages/yt_dlp/extractor/adultswim.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/.venv/lib/python3.14/site-packages/yt_dlp/extractor/aenetworks.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/.venv/lib/python3.14/site-packages/yt_dlp/extractor/blackboardcollaborate.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/.venv/lib/python3.14/site-packages/yt_dlp/extractor/cloudflarestream.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/.venv/lib/python3.14/site-packages/yt_dlp/extractor/espn.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/.venv/lib/python3.14/site-packages/yt_dlp/extractor/go.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/.venv/lib/python3.14/site-packages/yt_dlp/extractor/nbc.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/.venv/lib/python3.14/site-packages/yt_dlp/extractor/shahid.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/.venv/lib/python3.14/site-packages/yt_dlp/extractor/tbs.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/app/.venv/lib/python3.14/site-packages/yt_dlp/extractor/vice.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息