docker.io/homeassistant/home-assistant:2026.7.0b2 linux/arm64

docker.io/homeassistant/home-assistant:2026.7.0b2 - Trivy安全扫描结果扫描时间: 2026-06-29 01:41 温馨提示: 这是一个 linux/arm64 系统架构镜像

全部漏洞信息

低危漏洞:27

中危漏洞:92

高危漏洞:96

严重漏洞:18

系统OS: alpine 3.22.4 扫描引擎: Trivy 扫描时间: 2026-06-29 01:41

docker.io/homeassistant/home-assistant:2026.7.0b2 (alpine 3.22.4) (alpine)

低危漏洞:21

中危漏洞:34

高危漏洞:42

严重漏洞:16

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
bind-libs	CVE-2026-3593	严重	9.20.22-r0	9.20.23-r0	bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3593 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:43
bind-tools	CVE-2026-3593	严重	9.20.22-r0	9.20.23-r0	bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3593 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:43
libssh2	CVE-2026-55200	严重	1.11.1-r0	1.11.1-r2	libssh2: libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55200 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-06-17 20:17 修改: 2026-06-26 19:15
openexr-libiex	CVE-2025-48072	严重	3.3.2-r0	3.3.11-r0	openexr: OpenEXR Out of Bounds Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48072 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libiex	CVE-2026-42216	严重	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42216 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:47
openexr-libiex	CVE-2026-42217	严重	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure via malformed EXR image file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42217 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:47
openexr-libilmthread	CVE-2025-48072	严重	3.3.2-r0	3.3.11-r0	openexr: OpenEXR Out of Bounds Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48072 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libilmthread	CVE-2026-42216	严重	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42216 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:47
openexr-libilmthread	CVE-2026-42217	严重	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure via malformed EXR image file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42217 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:47
openexr-libopenexr	CVE-2025-48072	严重	3.3.2-r0	3.3.11-r0	openexr: OpenEXR Out of Bounds Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48072 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libopenexr	CVE-2026-42216	严重	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42216 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:47
openexr-libopenexr	CVE-2026-42217	严重	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure via malformed EXR image file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42217 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:47
openexr-libopenexrcore	CVE-2025-48072	严重	3.3.2-r0	3.3.11-r0	openexr: OpenEXR Out of Bounds Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48072 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libopenexrcore	CVE-2026-42216	严重	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42216 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:47
openexr-libopenexrcore	CVE-2026-42217	严重	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure via malformed EXR image file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42217 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:47
socat	CVE-2026-56123	严重	1.8.0.3-r1	1.8.1.2-r0	socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer ove ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56123 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-06-25 17:17 修改: 2026-06-26 16:50
openexr-libiex	CVE-2025-48071	高危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR Heap-Based Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48071 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libiex	CVE-2026-34379	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service due to misaligned memory write during EXR file decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34379 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libiex	CVE-2026-34543	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure via malicious EXR file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34543 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-01 21:17 修改: 2026-06-17 10:39
openexr-libiex	CVE-2026-34544	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Memory corruption and Denial of Service via crafted EXR file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34544 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-01 21:17 修改: 2026-06-17 10:39
openexr-libiex	CVE-2026-34588	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34588 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:39
openexr-libiex	CVE-2026-40244	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in EXR image processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40244 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-21 02:16 修改: 2026-06-17 10:44
openexr-libiex	CVE-2026-40250	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Integer overflow leads to memory corruption and denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40250 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-21 02:16 修改: 2026-06-17 10:44
openexr-libiex	CVE-2026-41142	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in image resizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41142 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:46
libcrypto3	CVE-2026-45447	高危	3.5.6-r0	3.5.7-r0	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
libexpat	CVE-2026-45186	高危	2.7.5-r0	2.8.1-r0	libexpat: denial of service via crafted XML input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186 镜像层: sha256:17ffd2293aba56405f709fa9ec5d0e4a78dd419d46fe2bacb6bc8639cc3b5366 发布日期: 2026-05-10 07:16 修改: 2026-06-17 10:51
bind-libs	CVE-2026-5946	高危	9.20.22-r0	9.20.23-r0	bind: BIND: Denial of Service via specially crafted DNS messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5946 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:59
openexr-libilmthread	CVE-2025-48071	高危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR Heap-Based Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48071 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libilmthread	CVE-2026-34379	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service due to misaligned memory write during EXR file decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34379 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libilmthread	CVE-2026-34543	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure via malicious EXR file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34543 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-01 21:17 修改: 2026-06-17 10:39
openexr-libilmthread	CVE-2026-34544	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Memory corruption and Denial of Service via crafted EXR file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34544 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-01 21:17 修改: 2026-06-17 10:39
openexr-libilmthread	CVE-2026-34588	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34588 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:39
openexr-libilmthread	CVE-2026-40244	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in EXR image processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40244 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-21 02:16 修改: 2026-06-17 10:44
openexr-libilmthread	CVE-2026-40250	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Integer overflow leads to memory corruption and denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40250 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-21 02:16 修改: 2026-06-17 10:44
openexr-libilmthread	CVE-2026-41142	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in image resizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41142 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:46
libssh2	CVE-2026-55199	高危	1.11.1-r0	1.11.1-r2	libssh2: libssh2: Denial of Service via crafted SSH_MSG_EXT_INFO message 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55199 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-06-17 20:17 修改: 2026-06-26 19:16
libssh2	CVE-2026-7598	高危	1.11.1-r0	1.11.1-r1	libssh2: integer overflow via large username or password arguments 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7598 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-01 22:16 修改: 2026-06-17 11:02
libssl3	CVE-2026-45447	高危	3.5.6-r0	3.5.7-r0	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
openexr-libopenexr	CVE-2025-48071	高危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR Heap-Based Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48071 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libopenexr	CVE-2026-34379	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service due to misaligned memory write during EXR file decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34379 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libopenexr	CVE-2026-34543	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure via malicious EXR file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34543 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-01 21:17 修改: 2026-06-17 10:39
openexr-libopenexr	CVE-2026-34544	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Memory corruption and Denial of Service via crafted EXR file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34544 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-01 21:17 修改: 2026-06-17 10:39
openexr-libopenexr	CVE-2026-34588	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34588 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:39
openexr-libopenexr	CVE-2026-40244	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in EXR image processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40244 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-21 02:16 修改: 2026-06-17 10:44
openexr-libopenexr	CVE-2026-40250	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Integer overflow leads to memory corruption and denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40250 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-21 02:16 修改: 2026-06-17 10:44
openexr-libopenexr	CVE-2026-41142	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in image resizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41142 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:46
libxml2	CVE-2026-6732	高危	2.13.9-r0	2.13.9-r1	libxml2: libxml2: Denial of Service via crafted XSD-validated document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6732 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-04-23 23:16 修改: 2026-06-17 11:01
bind-libs	CVE-2026-3039	高危	9.20.22-r0	9.20.23-r0	bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3039 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:42
bind-tools	CVE-2026-3039	高危	9.20.22-r0	9.20.23-r0	bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3039 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:42
openexr-libopenexrcore	CVE-2025-48071	高危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR Heap-Based Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48071 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libopenexrcore	CVE-2026-34379	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service due to misaligned memory write during EXR file decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34379 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libopenexrcore	CVE-2026-34543	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Information disclosure via malicious EXR file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34543 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-01 21:17 修改: 2026-06-17 10:39
openexr-libopenexrcore	CVE-2026-34544	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Memory corruption and Denial of Service via crafted EXR file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34544 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-01 21:17 修改: 2026-06-17 10:39
openexr-libopenexrcore	CVE-2026-34588	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34588 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:39
openexr-libopenexrcore	CVE-2026-40244	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in EXR image processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40244 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-21 02:16 修改: 2026-06-17 10:44
openexr-libopenexrcore	CVE-2026-40250	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Integer overflow leads to memory corruption and denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40250 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-21 02:16 修改: 2026-06-17 10:44
openexr-libopenexrcore	CVE-2026-41142	高危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in image resizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41142 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-05-07 04:16 修改: 2026-06-17 10:46
bind-tools	CVE-2026-5946	高危	9.20.22-r0	9.20.23-r0	bind: BIND: Denial of Service via specially crafted DNS messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5946 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:59
openexr-libilmthread	CVE-2026-34589	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Memory corruption leading to arbitrary code execution or denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34589 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:39
bind-tools	CVE-2026-5950	中危	9.20.22-r0	9.20.23-r0	bind: Unbounded resend loop in BIND 9 resolver 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5950 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:59
libssl3	CVE-2026-34182	中危	3.5.6-r0	3.5.7-r0	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libssl3	CVE-2026-34183	中危	3.5.6-r0	3.5.7-r0	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
openexr-libiex	CVE-2025-48073	中危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48073 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libiex	CVE-2025-48074	中危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR memory exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48074 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-08-01 17:15 修改: 2026-06-17 09:29
openexr-libiex	CVE-2026-34378	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service via crafted EXR file integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34378 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libiex	CVE-2026-34380	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service due to signed integer overflow in image decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34380 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libiex	CVE-2026-34589	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Memory corruption leading to arbitrary code execution or denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34589 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:39
libssl3	CVE-2026-42764	中危	3.5.6-r0	3.5.7-r0	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3	CVE-2026-45445	中危	3.5.6-r0	3.5.7-r0	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
bind-libs	CVE-2026-3592	中危	9.20.22-r0	9.20.23-r0	bind: Amplification vulnerabilities via self-pointed glue records 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3592 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:43
openexr-libopenexr	CVE-2025-48073	中危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48073 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libopenexr	CVE-2025-48074	中危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR memory exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48074 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-08-01 17:15 修改: 2026-06-17 09:29
openexr-libopenexr	CVE-2026-34378	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service via crafted EXR file integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34378 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libopenexr	CVE-2026-34380	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service due to signed integer overflow in image decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34380 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libopenexr	CVE-2026-34589	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Memory corruption leading to arbitrary code execution or denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34589 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:39
libcrypto3	CVE-2026-34182	中危	3.5.6-r0	3.5.7-r0	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libcrypto3	CVE-2026-34183	中危	3.5.6-r0	3.5.7-r0	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libcrypto3	CVE-2026-42764	中危	3.5.6-r0	3.5.7-r0	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3	CVE-2026-45445	中危	3.5.6-r0	3.5.7-r0	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
bind-libs	CVE-2026-5947	中危	9.20.22-r0	9.20.23-r0	bind: SIG(0) validation during query flood may lead to undefined behavior 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5947 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:59
bind-libs	CVE-2026-5950	中危	9.20.22-r0	9.20.23-r0	bind: Unbounded resend loop in BIND 9 resolver 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5950 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:59
bind-tools	CVE-2026-3592	中危	9.20.22-r0	9.20.23-r0	bind: Amplification vulnerabilities via self-pointed glue records 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3592 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:43
bind-tools	CVE-2026-5947	中危	9.20.22-r0	9.20.23-r0	bind: SIG(0) validation during query flood may lead to undefined behavior 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5947 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:59
openexr-libilmthread	CVE-2025-48073	中危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48073 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libilmthread	CVE-2025-48074	中危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR memory exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48074 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-08-01 17:15 修改: 2026-06-17 09:29
openexr-libilmthread	CVE-2026-34378	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service via crafted EXR file integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34378 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libopenexrcore	CVE-2025-48073	中危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48073 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29
openexr-libopenexrcore	CVE-2025-48074	中危	3.3.2-r0	3.3.11-r0	openexr: OpenEXR memory exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48074 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2025-08-01 17:15 修改: 2026-06-17 09:29
openexr-libopenexrcore	CVE-2026-34378	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service via crafted EXR file integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34378 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libopenexrcore	CVE-2026-34380	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service due to signed integer overflow in image decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34380 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
openexr-libopenexrcore	CVE-2026-34589	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Memory corruption leading to arbitrary code execution or denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34589 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:39
openexr-libilmthread	CVE-2026-34380	中危	3.3.2-r0	3.3.11-r0	OpenEXR: OpenEXR: Denial of Service due to signed integer overflow in image decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34380 镜像层: sha256:49dfc28598f83ee4b3d54ba216c825f6449a77b706ef446ec5133816052fb075 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38
libcrypto3	CVE-2026-34181	低危	3.5.6-r0	3.5.7-r0	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libcrypto3	CVE-2026-42766	低危	3.5.6-r0	3.5.7-r0	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3	CVE-2026-42767	低危	3.5.6-r0	3.5.7-r0	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3	CVE-2026-42768	低危	3.5.6-r0	3.5.7-r0	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3	CVE-2026-42769	低危	3.5.6-r0	3.5.7-r0	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3	CVE-2026-42770	低危	3.5.6-r0	3.5.7-r0	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libcrypto3	CVE-2026-45446	低危	3.5.6-r0	3.5.7-r0	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
libcrypto3	CVE-2026-7383	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
libssl3	CVE-2026-34180	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libssl3	CVE-2026-34181	低危	3.5.6-r0	3.5.7-r0	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libssl3	CVE-2026-42766	低危	3.5.6-r0	3.5.7-r0	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3	CVE-2026-42767	低危	3.5.6-r0	3.5.7-r0	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3	CVE-2026-42768	低危	3.5.6-r0	3.5.7-r0	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3	CVE-2026-42769	低危	3.5.6-r0	3.5.7-r0	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3	CVE-2026-42770	低危	3.5.6-r0	3.5.7-r0	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3	CVE-2026-45446	低危	3.5.6-r0	3.5.7-r0	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
libssl3	CVE-2026-7383	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
libssl3	CVE-2026-9076	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
libcrypto3	CVE-2026-9076	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
libcrypto3	CVE-2026-34180	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:eeaa73608b53c6a3dab2c5a85c971d005a4bddb14082a9b5c1d363c4847972ee 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libexpat	CVE-2026-41080	低危	2.7.5-r0	2.8.1-r0	libexpat: expat: libexpat: Denial of Service via hash flooding with crafted XML 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41080 镜像层: sha256:17ffd2293aba56405f709fa9ec5d0e4a78dd419d46fe2bacb6bc8639cc3b5366 发布日期: 2026-04-16 17:16 修改: 2026-06-17 10:46

Python (python-pkg)

低危漏洞:2

中危漏洞:6

高危漏洞:6

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
PyJWT	CVE-2026-48526	高危	2.12.1	2.13.0	python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48526 镜像层: sha256:41dab5e5bcc93b0f5bfa017ccf97777c97ef4594c3521bdb1e8da9b6146edbf6 发布日期: 2026-05-28 16:16 修改: 2026-06-17 10:55
ecdsa	CVE-2024-23342	高危	0.19.2		python-ecdsa: vulnerable to the Minerva attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23342 镜像层: sha256:8aa5bb633fbb0674397ad7a01303cb9ca7faf1e4ae88fba1159fdef4a821f05a 发布日期: 2024-01-23 00:15 修改: 2026-06-17 07:12
protobuf	CVE-2026-0994	高危	6.32.0	6.33.5, 5.29.6	python: protobuf: Protobuf: Denial of Service due to recursion depth bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0994 镜像层: sha256:8aa5bb633fbb0674397ad7a01303cb9ca7faf1e4ae88fba1159fdef4a821f05a 发布日期: 2026-01-23 15:16 修改: 2026-06-17 10:11
yt-dlp	CVE-2026-50023	高危	2026.3.17	2026.6.9	yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50023 镜像层: sha256:8aa5bb633fbb0674397ad7a01303cb9ca7faf1e4ae88fba1159fdef4a821f05a 发布日期: 2026-06-23 17:17 修改: 2026-06-26 20:12
yt-dlp	CVE-2026-50574	高危	2026.3.17	2026.6.9	yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50574 镜像层: sha256:8aa5bb633fbb0674397ad7a01303cb9ca7faf1e4ae88fba1159fdef4a821f05a 发布日期: 2026-06-23 17:17 修改: 2026-06-26 20:11
yt-dlp	GHSA-69qj-pvh9-c5wg	高危	2026.3.17	2026.6.9	yt-dlp: Arbitrary command injection possible if --exec option used with yt-dlp 漏洞详情: https://github.com/advisories/GHSA-69qj-pvh9-c5wg 镜像层: sha256:8aa5bb633fbb0674397ad7a01303cb9ca7faf1e4ae88fba1159fdef4a821f05a 发布日期: 2026-06-16 22:29 修改: 2026-06-16 22:29
pip	CVE-2026-6357	中危	26.0.1	26.1	pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357 镜像层: sha256:17ffd2293aba56405f709fa9ec5d0e4a78dd419d46fe2bacb6bc8639cc3b5366 发布日期: 2026-04-27 15:16 修改: 2026-06-17 11:00
PyJWT	CVE-2026-48523	中危	2.12.1	2.13.0	python-pyjwt: PyJWT: Verifier-side algorithm bypass leads to unauthorized information access 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48523 镜像层: sha256:41dab5e5bcc93b0f5bfa017ccf97777c97ef4594c3521bdb1e8da9b6146edbf6 发布日期: 2026-05-28 16:16 修改: 2026-06-17 10:55
PyJWT	CVE-2026-48525	中危	2.12.1	2.13.0	python-pyjwt: PyJWT: Denial of Service via processing of crafted detached JWS tokens 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48525 镜像层: sha256:41dab5e5bcc93b0f5bfa017ccf97777c97ef4594c3521bdb1e8da9b6146edbf6 发布日期: 2026-05-28 16:16 修改: 2026-06-17 10:55
PyJWT	CVE-2026-48522	中危	2.12.1	2.13.0	python-pyjwt: PyJWT: Server-Side Request Forgery (SSRF) via uncontrolled URL fetching in PyJWKClient 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48522 镜像层: sha256:41dab5e5bcc93b0f5bfa017ccf97777c97ef4594c3521bdb1e8da9b6146edbf6 发布日期: 2026-05-28 16:16 修改: 2026-06-17 10:55
pip	CVE-2026-3219	中危	26.0.1	26.1	pip: pip: Incorrect file installation due to improper archive handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219 镜像层: sha256:17ffd2293aba56405f709fa9ec5d0e4a78dd419d46fe2bacb6bc8639cc3b5366 发布日期: 2026-04-20 16:16 修改: 2026-06-17 10:43
yt-dlp	CVE-2026-50019	中危	2026.3.17	2026.6.9	yt-dlp is a command-line audio/video downloader. From 2023.09.24 until ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50019 镜像层: sha256:8aa5bb633fbb0674397ad7a01303cb9ca7faf1e4ae88fba1159fdef4a821f05a 发布日期: 2026-06-23 17:17 修改: 2026-06-26 20:12
paramiko	CVE-2026-44405	低危	3.5.0		paramiko: Paramiko: Data integrity could be compromised due to SHA-1 algorithm use 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44405 镜像层: sha256:8aa5bb633fbb0674397ad7a01303cb9ca7faf1e4ae88fba1159fdef4a821f05a 发布日期: 2026-05-06 00:16 修改: 2026-06-17 10:50
PyJWT	CVE-2026-48524	低危	2.12.1	2.13.0	python-pyjwt: PyJWT: Denial of Service via unverified JSON Web Token key IDs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48524 镜像层: sha256:41dab5e5bcc93b0f5bfa017ccf97777c97ef4594c3521bdb1e8da9b6146edbf6 发布日期: 2026-05-28 16:16 修改: 2026-06-17 10:55

bin/go2rtc (gobinary)

低危漏洞:1

中危漏洞:15

高危漏洞:25

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.25.6	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58
golang.org/x/crypto	CVE-2026-39828	高危	v0.47.0	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39828 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39829	高危	v0.47.0	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39829 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39830	高危	v0.47.0	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39830 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39832	高危	v0.47.0	0.52.0	golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39832 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39835	高危	v0.47.0	0.52.0	SSH servers which use CertChecker as a public key callback without set ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39835 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-42508	高危	v0.47.0	0.52.0	golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42508 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:47
golang.org/x/crypto	CVE-2026-46595	高危	v0.47.0	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46595 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
golang.org/x/crypto	CVE-2026-46597	高危	v0.47.0	0.52.0	An incorrectly placed cast from bytes to int allowed for server-side p ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46597 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
golang.org/x/net	CVE-2026-25680	高危	v0.49.0	0.55.0	Parsing arbitrary HTML can consume excessive CPU time, possibly leadin ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25
golang.org/x/net	CVE-2026-25681	高危	v0.49.0	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25
golang.org/x/net	CVE-2026-27136	高危	v0.49.0	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26
golang.org/x/net	CVE-2026-33814	高危	v0.49.0	0.53.0	net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
golang.org/x/net	CVE-2026-39821	高危	v0.49.0	0.55.0	golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:42
golang.org/x/net	CVE-2026-42502	高危	v0.49.0	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47
golang.org/x/net	CVE-2026-42506	高危	v0.49.0	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47
golang.org/x/crypto	CVE-2026-39827	高危	v0.47.0	0.52.0	An authenticated SSH client that repeatedly opened channels which were ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39827 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-25679	高危	v1.25.6	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:25
stdlib	CVE-2026-32280	高危	v1.25.6	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32281	高危	v1.25.6	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32283	高危	v1.25.6	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-33811	高危	v1.25.6	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
stdlib	CVE-2026-33814	高危	v1.25.6	1.25.10, 1.26.3	net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
stdlib	CVE-2026-39820	高危	v1.25.6	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39836	高危	v1.25.6	1.25.10, 1.26.3	ELSA-2026-22121: golang security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-42499	高危	v1.25.6	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:47
golang.org/x/crypto	CVE-2026-39833	中危	v0.47.0	0.52.0	The in-memory keyring returned by NewKeyring() silently accepted keys ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39833 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39834	中危	v0.47.0	0.52.0	When writing data larger than 4GB in a single Write call on an SSH cha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39834 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-46598	中危	v0.47.0	0.52.0	golang.org/x/crypto/ssh/agent: golang: golang.org/x/crypto/ssh/agent: Denial of Service via malformed input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46598 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
github.com/pion/dtls/v3	CVE-2026-26014	中危	v3.0.10	3.1.1, 3.0.11	github.com/pion/dtls: Pion DTLS uses random nonce generation with AES GCM ciphers risks leaking the authentication key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26014 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-02-11 21:16 修改: 2026-06-17 10:25
golang.org/x/crypto	CVE-2026-39831	中危	v0.47.0	0.52.0	The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nis ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39831 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-27142	中危	v1.25.6	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26
stdlib	CVE-2026-27145	中危	v1.25.6	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:26
stdlib	CVE-2026-32282	中危	v1.25.6	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32288	中危	v1.25.6	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32289	中危	v1.25.6	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-39823	中危	v1.25.6	1.25.10, 1.26.3	html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39825	中危	v1.25.6	1.25.10, 1.26.3	net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39826	中危	v1.25.6	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-42504	中危	v1.25.6	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
stdlib	CVE-2026-42507	中危	v1.25.6	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
stdlib	CVE-2026-27139	低危	v1.25.6	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26
golang.org/x/sys	CVE-2026-39824	未知	v0.40.0	0.44.0	Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824 镜像层: sha256:19ccff1c65f8691a72987bab558ada64e09365f87037acbdefbeb0170df60a7d 发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

usr/bin/tempio (gobinary)

低危漏洞:3

中危漏洞:37

高危漏洞:23

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.23.3	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58
golang.org/x/crypto	CVE-2025-22869	高危	v0.26.0	0.35.0	golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22869 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-02-26 08:14 修改: 2026-06-17 08:50
golang.org/x/crypto	CVE-2025-47913	高危	v0.26.0	0.43.0	golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47913 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-11-13 22:15 修改: 2026-06-17 09:28
golang.org/x/crypto	CVE-2026-39827	高危	v0.26.0	0.52.0	An authenticated SSH client that repeatedly opened channels which were ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39827 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39828	高危	v0.26.0	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39828 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39829	高危	v0.26.0	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39829 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39830	高危	v0.26.0	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39830 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39832	高危	v0.26.0	0.52.0	golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39832 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39835	高危	v0.26.0	0.52.0	SSH servers which use CertChecker as a public key callback without set ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39835 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-42508	高危	v0.26.0	0.52.0	golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42508 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:47
golang.org/x/crypto	CVE-2026-46595	高危	v0.26.0	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46595 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
golang.org/x/crypto	CVE-2026-46597	高危	v0.26.0	0.52.0	An incorrectly placed cast from bytes to int allowed for server-side p ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46597 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
golang.org/x/crypto	CVE-2024-45337	高危	v0.26.0	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2024-12-12 02:02 修改: 2026-06-17 07:54
stdlib	CVE-2025-61726	高危	v1.23.3	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61729	高危	v1.23.3	1.24.11, 1.25.5	crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50
stdlib	CVE-2026-25679	高危	v1.23.3	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:25
stdlib	CVE-2026-32280	高危	v1.23.3	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32281	高危	v1.23.3	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32283	高危	v1.23.3	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-33811	高危	v1.23.3	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
stdlib	CVE-2026-33814	高危	v1.23.3	1.25.10, 1.26.3	net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
stdlib	CVE-2026-39820	高危	v1.23.3	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39836	高危	v1.23.3	1.25.10, 1.26.3	ELSA-2026-22121: golang security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-42499	高危	v1.23.3	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:47
golang.org/x/crypto	CVE-2025-47914	中危	v0.26.0	0.45.0	golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47914 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-11-19 21:15 修改: 2026-06-17 09:28
golang.org/x/crypto	CVE-2025-58181	中危	v0.26.0	0.45.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58181 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-11-19 21:15 修改: 2026-06-17 09:44
golang.org/x/crypto	CVE-2026-39831	中危	v0.26.0	0.52.0	The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nis ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39831 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39833	中危	v0.26.0	0.52.0	The in-memory keyring returned by NewKeyring() silently accepted keys ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39833 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39834	中危	v0.26.0	0.52.0	When writing data larger than 4GB in a single Write call on an SSH cha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39834 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-46598	中危	v0.26.0	0.52.0	golang.org/x/crypto/ssh/agent: golang: golang.org/x/crypto/ssh/agent: Denial of Service via malformed input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46598 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
stdlib	CVE-2024-45336	中危	v1.23.3	1.22.11, 1.23.5, 1.24.0-rc.2	golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45336 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-01-28 02:15 修改: 2026-06-17 07:54
stdlib	CVE-2025-0913	中危	v1.23.3	1.23.10, 1.24.4	Inconsistent handling of O_CREATE\|O_EXCL on Unix and Windows in os in syscall 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0913 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-06-11 18:15 修改: 2026-06-17 08:27
stdlib	CVE-2025-22866	中危	v1.23.3	1.22.12, 1.23.6, 1.24.0-rc.3	crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22866 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-02-06 17:15 修改: 2026-06-17 08:50
stdlib	CVE-2025-22870	中危	v1.23.3	1.23.7, 1.24.1	golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22870 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-03-12 19:15 修改: 2026-06-17 08:50
stdlib	CVE-2025-22871	中危	v1.23.3	1.23.8, 1.24.2	net/http: Request smuggling due to acceptance of invalid chunked data in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22871 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-04-08 20:15 修改: 2026-06-17 08:50
stdlib	CVE-2025-22873	中危	v1.23.3	1.23.9, 1.24.3	os: os: Information disclosure via path traversal using specially crafted filenames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22873 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-02-04 23:15 修改: 2026-06-17 08:50
stdlib	CVE-2025-4673	中危	v1.23.3	1.23.10, 1.24.4	net/http: Sensitive headers not cleared on cross-origin redirect in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4673 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-06-11 17:15 修改: 2026-06-17 09:33
stdlib	CVE-2025-47906	中危	v1.23.3	1.23.12, 1.24.6	os/exec: Unexpected paths returned from LookPath in os/exec 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47906 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-09-18 19:15 修改: 2026-06-17 09:28
stdlib	CVE-2025-47907	中危	v1.23.3	1.23.12, 1.24.6	database/sql: Postgres Scan Race Condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47907 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-08-07 16:15 修改: 2026-06-17 09:28
stdlib	CVE-2025-47912	中危	v1.23.3	1.24.8, 1.25.2	net/url: Insufficient validation of bracketed IPv6 hostnames in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28
stdlib	CVE-2025-58183	中危	v1.23.3	1.24.8, 1.25.2	golang: archive/tar: Unbounded allocation when parsing GNU sparse map 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58185	中危	v1.23.3	1.24.8, 1.25.2	encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58187	中危	v1.23.3	1.24.9, 1.25.3	crypto/x509: Quadratic complexity when checking name constraints in crypto/x509 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58188	中危	v1.23.3	1.24.8, 1.25.2	crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58189	中危	v1.23.3	1.24.8, 1.25.2	crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-61723	中危	v1.23.3	1.24.8, 1.25.2	encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61724	中危	v1.23.3	1.24.8, 1.25.2	net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61725	中危	v1.23.3	1.24.8, 1.25.2	net/mail: Excessive CPU consumption in ParseAddress in net/mail 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61727	中危	v1.23.3	1.24.11, 1.25.5	golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61728	中危	v1.23.3	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61730	中危	v1.23.3	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2026-27142	中危	v1.23.3	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26
stdlib	CVE-2026-27145	中危	v1.23.3	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:26
stdlib	CVE-2026-32282	中危	v1.23.3	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32288	中危	v1.23.3	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32289	中危	v1.23.3	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-39823	中危	v1.23.3	1.25.10, 1.26.3	html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39825	中危	v1.23.3	1.25.10, 1.26.3	net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39826	中危	v1.23.3	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-42504	中危	v1.23.3	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
stdlib	CVE-2026-42507	中危	v1.23.3	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
stdlib	CVE-2024-45341	低危	v1.23.3	1.22.11, 1.23.5, 1.24.0-rc.2	golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45341 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-01-28 02:15 修改: 2026-06-17 07:54
stdlib	CVE-2025-58186	低危	v1.23.3	1.24.8, 1.25.2	golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2026-27139	低危	v1.23.3	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:65ad2d3b52055258be121576cabf60832199a31ed0f0a22c31ffbd7d74fd8449 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

usr/local/bin/uv (rustbinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/bin/uvx (rustbinary)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息