docker.io/infiniflow/ragflow:v0.26.4 linux/amd64

docker.io/infiniflow/ragflow:v0.26.4 - Trivy安全扫描结果 扫描时间: 2026-07-10 00:39
全部漏洞信息
低危漏洞:123 中危漏洞:215 高危漏洞:53 严重漏洞:4

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2026-07-10 00:39

docker.io/infiniflow/ragflow:v0.26.4 (ubuntu 24.04) (ubuntu)
低危漏洞:115 中危漏洞:175 高危漏洞:7 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libssl1.1 CVE-2021-3449 高危 1.1.1f-1ubuntu2 1.1.1j-1ubuntu3 openssl: NULL pointer dereference in signature_algorithms processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3449

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2021-03-25 15:15 修改: 2026-06-17 04:05

libssl1.1 CVE-2021-3711 高危 1.1.1f-1ubuntu2 1.1.1l-1ubuntu1 openssl: SM2 Decryption Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3711

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2021-08-24 15:15 修改: 2026-06-17 04:05

libssl1.1 CVE-2022-0778 高危 1.1.1f-1ubuntu2 3.0.2-0ubuntu1 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2022-03-15 17:15 修改: 2026-06-17 04:21

libssl1.1 CVE-2022-3602 高危 1.1.1f-1ubuntu2 3.0.5-2ubuntu2 OpenSSL: X.509 Email Address Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3602

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2022-11-01 18:15 修改: 2026-06-17 04:59

libssl1.1 CVE-2022-3786 高危 1.1.1f-1ubuntu2 3.0.5-2ubuntu2 OpenSSL: X.509 Email Address Variable Length Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3786

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2022-11-01 18:15 修改: 2026-06-17 05:00

libssl1.1 CVE-2023-0286 高危 1.1.1f-1ubuntu2 3.0.8-1ubuntu1 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:25

libssl1.1 CVE-2026-45447 高危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.11 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-06-09 17:17 修改: 2026-07-08 13:16

libavahi-common3 CVE-2025-59529 中危 0.8-13ubuntu6.2 avahi: simple clients denial-of-service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59529

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:46

libblkid1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libc-bin CVE-2026-4046 中危 2.39-0ubuntu8.7 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

libc-bin CVE-2026-4437 中危 2.39-0ubuntu8.7 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc-bin CVE-2026-4438 中危 2.39-0ubuntu8.7 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc-bin CVE-2026-5435 中危 2.39-0ubuntu8.7 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

libc-bin CVE-2026-6238 中危 2.39-0ubuntu8.7 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

libc6 CVE-2026-4046 中危 2.39-0ubuntu8.7 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

libc6 CVE-2026-4437 中危 2.39-0ubuntu8.7 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc6 CVE-2026-4438 中危 2.39-0ubuntu8.7 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc6 CVE-2026-5435 中危 2.39-0ubuntu8.7 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

libc6 CVE-2026-6238 中危 2.39-0ubuntu8.7 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

libexif12 CVE-2026-40385 中危 0.6.24-1build2 libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40385

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-12 19:16 修改: 2026-06-17 10:45

libexif12 CVE-2026-40386 中危 0.6.24-1build2 libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40386

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-12 19:16 修改: 2026-06-17 10:45

libexpat1 CVE-2025-66382 中危 2.6.1-2ubuntu0.4 libexpat: libexpat: Denial of service via crafted file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-11-28 07:15 修改: 2026-06-17 09:56

libfdisk1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libgif7 CVE-2026-23868 中危 5.2.2-1ubuntu1 giflib: Giflib: Double-free vulnerability leading to memory corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23868

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-10 20:16 修改: 2026-06-30 03:17

libgif7 CVE-2026-26740 中危 5.2.2-1ubuntu1 giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26740

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-18 18:16 修改: 2026-07-07 12:16

libmount1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libnghttp2-14 CVE-2026-58055 中危 1.59.0-1ubuntu0.3 1.59.0-1ubuntu0.4 nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade re ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58055

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-28 02:16 修改: 2026-06-30 17:41

libopenjp2-7 CVE-2023-39328 中危 2.5.0-2ubuntu0.5 openjpeg: denail of service via crafted image file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39328

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-07-09 14:15 修改: 2026-06-26 10:16

libopenjp2-7 CVE-2023-39329 中危 2.5.0-2ubuntu0.5 openjpeg: Resource exhaustion will occur in the opj_t1_decode_cblks function in the tcd.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39329

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-07-13 03:15 修改: 2026-06-17 06:12

libp11-kit0 CVE-2026-13757 中危 0.25.3-4ubuntu2.1 p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13757

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-06-29 19:16 修改: 2026-07-08 03:34

libpixman-1-0 CVE-2023-37769 中危 0.42.2-1build1 stress-test master commit e4c878 was discovered to contain a FPE vulne ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37769

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2023-07-17 20:15 修改: 2026-06-17 06:08

libpython3.12-minimal CVE-2025-13462 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34

libpython3.12-minimal CVE-2025-69534 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python-markdown: denial of service via malformed HTML-like sequences

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-05 15:16 修改: 2026-06-30 03:16

libpython3.12-minimal CVE-2026-1299 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: email header injection due to unquoted newlines

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15

libpython3.12-minimal CVE-2026-1502 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: HTTP header injection via CR/LF in proxy tunnel headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16

libpython3.12-minimal CVE-2026-2297 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: CPython: Logging Bypass in Legacy .pyc File Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30

libpython3.12-minimal CVE-2026-3276 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python unicodedata: Denial of Service due to excessive CPU consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43

libpython3.12-minimal CVE-2026-3644 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: Incomplete control character validation in http.cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16

libpython3.12-minimal CVE-2026-4224 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: Stack overflow parsing XML with deeply nested DTD content models

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56

libpython3.12-minimal CVE-2026-4519 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Command-line option injection in webbrowser.open() via crafted URLs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20

libpython3.12-minimal CVE-2026-4786 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17

libpython3.12-minimal CVE-2026-6019 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00

libpython3.12-minimal CVE-2026-6100 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21

libpython3.12-minimal CVE-2026-7774 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: CPython: Python tarfile: Arbitrary file write via crafted link entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16

libpython3.12-minimal CVE-2026-8328 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16

libpython3.12-minimal CVE-2026-9669 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Denial of Service via out-of-bounds write in BZ2 decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16

libpython3.12-stdlib CVE-2025-13462 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34

libpython3.12-stdlib CVE-2025-69534 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python-markdown: denial of service via malformed HTML-like sequences

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-05 15:16 修改: 2026-06-30 03:16

libpython3.12-stdlib CVE-2026-1299 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: email header injection due to unquoted newlines

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15

libpython3.12-stdlib CVE-2026-1502 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: HTTP header injection via CR/LF in proxy tunnel headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16

libpython3.12-stdlib CVE-2026-2297 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: CPython: Logging Bypass in Legacy .pyc File Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30

libpython3.12-stdlib CVE-2026-3276 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python unicodedata: Denial of Service due to excessive CPU consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43

libpython3.12-stdlib CVE-2026-3644 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: Incomplete control character validation in http.cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16

libpython3.12-stdlib CVE-2026-4224 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: Stack overflow parsing XML with deeply nested DTD content models

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56

libpython3.12-stdlib CVE-2026-4519 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Command-line option injection in webbrowser.open() via crafted URLs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20

libpython3.12-stdlib CVE-2026-4786 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17

libpython3.12-stdlib CVE-2026-6019 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00

libpython3.12-stdlib CVE-2026-6100 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21

libpython3.12-stdlib CVE-2026-7774 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: CPython: Python tarfile: Arbitrary file write via crafted link entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16

libpython3.12-stdlib CVE-2026-8328 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16

libpython3.12-stdlib CVE-2026-9669 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Denial of Service via out-of-bounds write in BZ2 decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16

libpython3.12t64 CVE-2025-13462 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34

libpython3.12t64 CVE-2025-69534 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python-markdown: denial of service via malformed HTML-like sequences

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-05 15:16 修改: 2026-06-30 03:16

libpython3.12t64 CVE-2026-1299 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: email header injection due to unquoted newlines

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15

libpython3.12t64 CVE-2026-1502 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: HTTP header injection via CR/LF in proxy tunnel headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16

libpython3.12t64 CVE-2026-2297 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: CPython: Logging Bypass in Legacy .pyc File Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30

libpython3.12t64 CVE-2026-3276 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python unicodedata: Denial of Service due to excessive CPU consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43

libpython3.12t64 CVE-2026-3644 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: Incomplete control character validation in http.cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16

libpython3.12t64 CVE-2026-4224 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: Stack overflow parsing XML with deeply nested DTD content models

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56

libpython3.12t64 CVE-2026-4519 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Command-line option injection in webbrowser.open() via crafted URLs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20

libpython3.12t64 CVE-2026-4786 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17

libpython3.12t64 CVE-2026-6019 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00

libpython3.12t64 CVE-2026-6100 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21

libpython3.12t64 CVE-2026-7774 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: CPython: Python tarfile: Arbitrary file write via crafted link entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16

libpython3.12t64 CVE-2026-8328 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16

libpython3.12t64 CVE-2026-9669 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Denial of Service via out-of-bounds write in BZ2 decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16

libruby3.2 CVE-2025-10990 中危 3.2.3-1ubuntu0.24.04.7 rexml: REXML: Denial of Service via inefficient regex parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10990

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-02-27 14:16 修改: 2026-06-26 00:16

libruby3.2 CVE-2026-42246 中危 3.2.3-1ubuntu0.24.04.7 3.2.3-1ubuntu0.24.04.8 net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42246

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-05-09 20:16 修改: 2026-07-07 12:16

libruby3.2 CVE-2026-42257 中危 3.2.3-1ubuntu0.24.04.7 3.2.3-1ubuntu0.24.04.8 net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42257

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-05-09 20:16 修改: 2026-06-17 10:47

libsmartcols1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

bsdutils CVE-2026-27456 中危 1:2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

git CVE-2024-52005 中危 1:2.43.0-1ubuntu7.3 git: The sideband payload is passed unfiltered to the terminal in git

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52005

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-01-15 18:15 修改: 2026-06-17 08:06

git-man CVE-2024-52005 中危 1:2.43.0-1ubuntu7.3 git: The sideband payload is passed unfiltered to the terminal in git

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52005

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-01-15 18:15 修改: 2026-06-17 08:06

gzip CVE-2026-41991 中危 1.12-1ubuntu3.1 1.12-1ubuntu3.2 gzip: gzip: Arbitrary file overwrite via insecure temporary file handling in gzexe utility

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41991

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-06-29 12:16 修改: 2026-07-01 14:02

gzip CVE-2026-41992 中危 1.12-1ubuntu3.1 1.12-1ubuntu3.2 GNU gzip contains a global buffer overflow vulnerability in the LZH de ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41992

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-06-29 12:16 修改: 2026-07-01 14:02

libavahi-client3 CVE-2025-59529 中危 0.8-13ubuntu6.2 avahi: simple clients denial-of-service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59529

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:46

libavahi-common-data CVE-2025-59529 中危 0.8-13ubuntu6.2 avahi: simple clients denial-of-service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59529

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:46

libssl1.1 CVE-2021-3712 中危 1.1.1f-1ubuntu2 1.1.1l-1ubuntu1 openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2021-08-24 15:15 修改: 2026-06-17 04:05

libssl1.1 CVE-2022-1292 中危 1.1.1f-1ubuntu2 3.0.2-0ubuntu2 openssl: c_rehash script allows command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2022-05-03 16:15 修改: 2026-06-17 04:22

libssl1.1 CVE-2022-1343 中危 1.1.1f-1ubuntu2 3.0.2-0ubuntu2 openssl: Signer certificate verification returns inaccurate response when using OCSP_NOCHECKS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1343

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2022-05-03 16:15 修改: 2026-06-17 04:22

libssl1.1 CVE-2022-2097 中危 1.1.1f-1ubuntu2 3.0.5-2ubuntu1 openssl: AES OCB fails to encrypt some bytes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2022-07-05 11:15 修改: 2026-06-17 04:41

libssl1.1 CVE-2022-4304 中危 1.1.1f-1ubuntu2 3.0.8-1ubuntu1 openssl: timing attack in RSA Decryption implementation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:20

libssl1.1 CVE-2022-4450 中危 1.1.1f-1ubuntu2 3.0.8-1ubuntu1 openssl: double free after calling PEM_read_bio_ex

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:20

libssl1.1 CVE-2023-0215 中危 1.1.1f-1ubuntu2 3.0.8-1ubuntu1 openssl: use-after-free following BIO_new_NDEF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:25

libssl1.1 CVE-2023-2650 中危 1.1.1f-1ubuntu2 3.0.8-1ubuntu3 openssl: Possible DoS translating ASN.1 object identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-05-30 14:15 修改: 2026-06-17 05:53

libssl1.1 CVE-2023-5363 中危 1.1.1f-1ubuntu2 3.0.10-1ubuntu2.1 openssl: Incorrect cipher key and IV length processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-10-25 18:17 修改: 2026-06-17 06:48

libssl1.1 CVE-2024-6119 中危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.4 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2024-09-03 16:15 修改: 2026-06-17 08:17

libssl1.1 CVE-2025-15467 中危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.7 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16

libssl1.1 CVE-2025-9230 中危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.6 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

libssl1.1 CVE-2026-31790 中危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.9 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl1.1 CVE-2026-34182 中危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.11 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl1.1 CVE-2026-45445 中危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.11 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

libuuid1 CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libxpm4 CVE-2026-4367 中危 1:3.5.17-1build2 libXpm: libXpm: Denial of Service via out-of-bounds read in XPM file parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4367

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-16 19:16 修改: 2026-06-26 22:16

mount CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

mupdf-tools CVE-2023-51103 中危 1.23.10+ds1-1build3 A floating point exception (divide-by-zero) vulnerability was discover ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51103

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2023-12-26 15:15 修改: 2026-06-17 06:40

mupdf-tools CVE-2023-51104 中危 1.23.10+ds1-1build3 A floating point exception (divide-by-zero) vulnerability was discover ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51104

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2023-12-26 15:15 修改: 2026-06-17 06:40

mupdf-tools CVE-2023-51105 中危 1.23.10+ds1-1build3 A floating point exception (divide-by-zero) vulnerability was discover ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51105

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2023-12-26 15:15 修改: 2026-06-17 06:40

mupdf-tools CVE-2023-51106 中危 1.23.10+ds1-1build3 A floating point exception (divide-by-zero) vulnerability was discover ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51106

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2023-12-26 15:15 修改: 2026-06-17 06:40

mupdf-tools CVE-2024-24258 中危 1.23.10+ds1-1build3 freeglut: memory leak via glutAddSubMenu() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24258

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-02-05 18:15 修改: 2026-06-17 07:14

mupdf-tools CVE-2024-24259 中危 1.23.10+ds1-1build3 freeglut: memory leak via glutAddMenuEntry() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24259

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-02-05 18:15 修改: 2026-06-17 07:14

mupdf-tools CVE-2024-46657 中危 1.23.10+ds1-1build3 Artifex Software mupdf v1.24.9 was discovered to contain a segmentatio ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-46657

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-12-10 17:15 修改: 2026-06-17 07:55

mupdf-tools CVE-2025-46206 中危 1.23.10+ds1-1build3 An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to c ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46206

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-08-04 18:15 修改: 2026-07-05 16:19

nodejs CVE-2024-22018 中危 20.20.2-1nodesource1 nodejs: fs.lstat bypasses permission model

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22018

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2024-07-10 02:15 修改: 2026-06-17 07:10

nodejs CVE-2024-22020 中危 20.20.2-1nodesource1 nodejs: Bypass network import restriction via data URL

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22020

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2024-07-09 02:15 修改: 2026-06-17 07:10

nodejs CVE-2024-27982 中危 20.20.2-1nodesource1 nodejs: HTTP Request Smuggling via Content Length Obfuscation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27982

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2024-05-07 17:15 修改: 2026-06-17 07:20

nodejs CVE-2024-27983 中危 20.20.2-1nodesource1 nodejs: CONTINUATION frames DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27983

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2024-04-09 01:15 修改: 2026-06-17 07:20

nodejs CVE-2025-23085 中危 20.20.2-1nodesource1 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23085

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2025-02-07 07:15 修改: 2026-06-17 08:51

nodejs CVE-2025-23166 中危 20.20.2-1nodesource1 nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23166

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2025-05-19 02:15 修改: 2026-06-17 08:52

openssh-client CVE-2026-55655 中危 1:9.6p1-3ubuntu13.16 openssh: Local MITM of X11 forwarding via abstract UNIX socket pre-binding in Red Hat Enterprise Linux OpenSSH client versions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55655

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-23 04:17 修改: 2026-07-08 14:17

python3.12 CVE-2025-13462 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34

python3.12 CVE-2025-69534 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python-markdown: denial of service via malformed HTML-like sequences

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-05 15:16 修改: 2026-06-30 03:16

python3.12 CVE-2026-1299 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: email header injection due to unquoted newlines

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15

python3.12 CVE-2026-1502 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: HTTP header injection via CR/LF in proxy tunnel headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16

python3.12 CVE-2026-2297 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: CPython: Logging Bypass in Legacy .pyc File Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30

python3.12 CVE-2026-3276 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python unicodedata: Denial of Service due to excessive CPU consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43

python3.12 CVE-2026-3644 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: Incomplete control character validation in http.cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16

python3.12 CVE-2026-4224 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: Stack overflow parsing XML with deeply nested DTD content models

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56

python3.12 CVE-2026-4519 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Command-line option injection in webbrowser.open() via crafted URLs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20

python3.12 CVE-2026-4786 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17

python3.12 CVE-2026-6019 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00

python3.12 CVE-2026-6100 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21

python3.12 CVE-2026-7774 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: CPython: Python tarfile: Arbitrary file write via crafted link entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16

python3.12 CVE-2026-8328 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16

python3.12 CVE-2026-9669 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Denial of Service via out-of-bounds write in BZ2 decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16

python3.12-minimal CVE-2025-13462 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34

python3.12-minimal CVE-2025-69534 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python-markdown: denial of service via malformed HTML-like sequences

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-05 15:16 修改: 2026-06-30 03:16

python3.12-minimal CVE-2026-1299 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: email header injection due to unquoted newlines

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15

python3.12-minimal CVE-2026-1502 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: HTTP header injection via CR/LF in proxy tunnel headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16

python3.12-minimal CVE-2026-2297 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: CPython: Logging Bypass in Legacy .pyc File Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30

python3.12-minimal CVE-2026-3276 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python unicodedata: Denial of Service due to excessive CPU consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43

python3.12-minimal CVE-2026-3644 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: Incomplete control character validation in http.cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16

python3.12-minimal CVE-2026-4224 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 cpython: Stack overflow parsing XML with deeply nested DTD content models

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56

python3.12-minimal CVE-2026-4519 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Command-line option injection in webbrowser.open() via crafted URLs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20

python3.12-minimal CVE-2026-4786 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17

python3.12-minimal CVE-2026-6019 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00

python3.12-minimal CVE-2026-6100 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21

python3.12-minimal CVE-2026-7774 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: CPython: Python tarfile: Arbitrary file write via crafted link entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16

python3.12-minimal CVE-2026-8328 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16

python3.12-minimal CVE-2026-9669 中危 3.12.3-1ubuntu0.13 3.12.3-1ubuntu0.15 python: Python: Denial of Service via out-of-bounds write in BZ2 decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16

ruby3.2 CVE-2025-10990 中危 3.2.3-1ubuntu0.24.04.7 rexml: REXML: Denial of Service via inefficient regex parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10990

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-02-27 14:16 修改: 2026-06-26 00:16

ruby3.2 CVE-2026-42246 中危 3.2.3-1ubuntu0.24.04.7 3.2.3-1ubuntu0.24.04.8 net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42246

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-05-09 20:16 修改: 2026-07-07 12:16

ruby3.2 CVE-2026-42257 中危 3.2.3-1ubuntu0.24.04.7 3.2.3-1ubuntu0.24.04.8 net-imap: Net::IMAP: Arbitrary IMAP command injection via CRLF sequences in unvalidated input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42257

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-05-09 20:16 修改: 2026-06-17 10:47

tar CVE-2025-45582 中危 1.35+dfsg-3build1 1.35+dfsg-3ubuntu0.2 tar: Tar path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2025-07-11 17:15 修改: 2026-06-17 09:25

tar CVE-2026-5704 中危 1.35+dfsg-3build1 1.35+dfsg-3ubuntu0.1 tar: tar: Hidden file injection via crafted archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:59

util-linux CVE-2026-27456 中危 2.39.3-9ubuntu6.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

vim CVE-2026-55693 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 Vim is an open source, command line text editor. Prior to 9.2.0653, th ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55693

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 14:17

vim CVE-2026-55892 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Denial of Service via crafted spell file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55892

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 19:16

vim CVE-2026-55895 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Arbitrary code execution via Vimscript code injection in netrw plugin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55895

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 05:16

vim CVE-2026-57452 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Out-of-bounds Read with libsodium-encrypted Files

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57452

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 04:12

vim CVE-2026-57455 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Denial of Service via stack out-of-bounds write in spell_soundfold_sofo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57455

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 04:23

vim CVE-2026-57456 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Arbitrary code execution via malicious docstrings in Python omni-completion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57456

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 05:16

vim-common CVE-2026-55693 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 Vim is an open source, command line text editor. Prior to 9.2.0653, th ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55693

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 14:17

vim-common CVE-2026-55892 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Denial of Service via crafted spell file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55892

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 19:16

vim-common CVE-2026-55895 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Arbitrary code execution via Vimscript code injection in netrw plugin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55895

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 05:16

vim-common CVE-2026-57452 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Out-of-bounds Read with libsodium-encrypted Files

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57452

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 04:12

vim-common CVE-2026-57455 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Denial of Service via stack out-of-bounds write in spell_soundfold_sofo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57455

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 04:23

vim-common CVE-2026-57456 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Arbitrary code execution via malicious docstrings in Python omni-completion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57456

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 05:16

vim-runtime CVE-2026-55693 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 Vim is an open source, command line text editor. Prior to 9.2.0653, th ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55693

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 14:17

vim-runtime CVE-2026-55892 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Denial of Service via crafted spell file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55892

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 19:16

vim-runtime CVE-2026-55895 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Arbitrary code execution via Vimscript code injection in netrw plugin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55895

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 05:16

vim-runtime CVE-2026-57452 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Out-of-bounds Read with libsodium-encrypted Files

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57452

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 04:12

vim-runtime CVE-2026-57455 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Denial of Service via stack out-of-bounds write in spell_soundfold_sofo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57455

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 04:23

vim-runtime CVE-2026-57456 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Arbitrary code execution via malicious docstrings in Python omni-completion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57456

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 05:16

wget CVE-2021-31879 中危 1.21.4-1ubuntu4.1 wget: authorization header disclosure on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2021-04-29 05:15 修改: 2026-06-17 03:52

xdg-utils CVE-2025-52968 中危 1.1.3-4.1ubuntu3 xdg-utils: xdg-open bypassing SameSite=Strict

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52968

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-06-23 15:15 修改: 2026-06-17 09:37

xxd CVE-2026-55693 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 Vim is an open source, command line text editor. Prior to 9.2.0653, th ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55693

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 14:17

xxd CVE-2026-55892 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Denial of Service via crafted spell file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55892

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 19:16

xxd CVE-2026-55895 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Arbitrary code execution via Vimscript code injection in netrw plugin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55895

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 05:16

xxd CVE-2026-57452 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Out-of-bounds Read with libsodium-encrypted Files

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57452

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 04:12

xxd CVE-2026-57455 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Denial of Service via stack out-of-bounds write in spell_soundfold_sofo()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57455

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 04:23

xxd CVE-2026-57456 中危 2:9.1.0016-1ubuntu7.16 2:9.1.0016-1ubuntu7.17 vim: Vim: Arbitrary code execution via malicious docstrings in Python omni-completion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57456

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-25 16:16 修改: 2026-06-26 05:16

libsystemd-shared CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libsystemd0 CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libtexlua53-5 CVE-2019-12360 低危 2023.20230311.66589-9build3 xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12360

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-05-27 23:29 修改: 2026-06-17 02:14

libtexlua53-5 CVE-2019-12493 低危 2023.20230311.66589-9build3 A stack-based buffer over-read exists in PostScriptFunction::transform ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12493

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-05-31 02:29 修改: 2026-06-17 02:14

libtexlua53-5 CVE-2019-9587 低危 2023.20230311.66589-9build3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9587

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-03-06 08:29 修改: 2026-06-17 02:43

libtexlua53-5 CVE-2019-9588 低危 2023.20230311.66589-9build3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9588

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-03-06 08:29 修改: 2026-06-17 02:43

libtinfo6 CVE-2025-69720 低危 6.4+20240113-1ubuntu2 6.4+20240113-1ubuntu2.1 ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00

libudev1 CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libptexenc1 CVE-2019-12493 低危 2023.20230311.66589-9build3 A stack-based buffer over-read exists in PostScriptFunction::transform ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12493

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-05-31 02:29 修改: 2026-06-17 02:14

libptexenc1 CVE-2019-9587 低危 2023.20230311.66589-9build3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9587

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-03-06 08:29 修改: 2026-06-17 02:43

libzzip-0-13t64 CVE-2018-17828 低危 0.13.72+dfsg.1-1.2build1 zziplib: directory traversal in unzzip_cat in the bins/unzzipcat-mem.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-17828

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2018-10-01 08:29 修改: 2026-06-17 01:46

login CVE-2024-56433 低危 1:4.13+dfsg1-4ubuntu3.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12

libptexenc1 CVE-2019-9588 低危 2023.20230311.66589-9build3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9588

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-03-06 08:29 修改: 2026-06-17 02:43

libcairo2 CVE-2018-18064 低危 1.18.0-3build1 cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18064

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2018-10-08 18:29 修改: 2026-06-17 01:46

libcurl3t64-gnutls CVE-2026-10536 低危 8.5.0-2ubuntu10.10 libcurl: libcurl: Use-after-free vulnerability leading to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:02

libcurl4t64 CVE-2026-10536 低危 8.5.0-2ubuntu10.10 libcurl: libcurl: Use-after-free vulnerability leading to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:02

libdw1t64 CVE-2025-1352 低危 0.190-1.1ubuntu0.1 elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-02-16 15:15 修改: 2026-06-17 08:38

libdw1t64 CVE-2025-1376 低危 0.190-1.1ubuntu0.1 elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1376

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-02-17 05:15 修改: 2026-06-17 08:39

libelf1t64 CVE-2025-1352 低危 0.190-1.1ubuntu0.1 elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-02-16 15:15 修改: 2026-06-17 08:38

libelf1t64 CVE-2025-1376 低危 0.190-1.1ubuntu0.1 elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1376

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-02-17 05:15 修改: 2026-06-17 08:39

libavahi-client3 CVE-2024-52615 低危 0.8-13ubuntu6.2 avahi: Avahi Wide-Area DNS Uses Constant Source Port

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-11-21 21:15 修改: 2026-06-29 23:16

ncurses-base CVE-2025-69720 低危 6.4+20240113-1ubuntu2 6.4+20240113-1ubuntu2.1 ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00

ncurses-bin CVE-2025-69720 低危 6.4+20240113-1ubuntu2 6.4+20240113-1ubuntu2.1 ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00

libavahi-common3 CVE-2024-52615 低危 0.8-13ubuntu6.2 avahi: Avahi Wide-Area DNS Uses Constant Source Port

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-11-21 21:15 修改: 2026-06-29 23:16

libexif12 CVE-2026-32775 低危 0.6.24-1build2 libexif: libexif: Buffer overwrite via integer underflow in MakerNotes decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32775

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36

libavahi-common3 CVE-2024-52616 低危 0.8-13ubuntu6.2 avahi: Avahi Wide-Area DNS Predictable Transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-11-21 21:15 修改: 2026-06-29 23:16

libruby3.2 CVE-2025-58767 低危 3.2.3-1ubuntu0.24.04.7 rexml: REXML denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58767

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-09-17 18:15 修改: 2026-06-17 09:44

libavahi-client3 CVE-2024-52616 低危 0.8-13ubuntu6.2 avahi: Avahi Wide-Area DNS Predictable Transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-11-21 21:15 修改: 2026-06-29 23:16

libgcrypt20 CVE-2024-2236 低危 1.10.3-2ubuntu0.1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24

curl CVE-2026-10536 低危 8.5.0-2ubuntu10.10 libcurl: libcurl: Use-after-free vulnerability leading to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:02

openssh-client CVE-2026-55654 低危 1:9.6p1-3ubuntu13.16 openssh: Heap out-of-bounds read in Red Hat Enterprise Linux versions of OpenSSH GSSAPI indicator cleanup due to missing NULL sentinel termination

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55654

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-06-23 04:17 修改: 2026-07-08 14:17

passwd CVE-2024-56433 低危 1:4.13+dfsg1-4ubuntu3.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12

patch CVE-2018-6952 低危 2.7.6-7build3 patch: Double free of memory in pch.c:another_hunk() causes a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6952

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2018-02-13 19:29 修改: 2026-06-17 02:02

patch CVE-2021-45261 低危 2.7.6-7build3 patch: Invalid Pointer via another_hunk function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45261

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2021-12-22 18:15 修改: 2026-06-17 04:13

libavahi-common-data CVE-2024-52615 低危 0.8-13ubuntu6.2 avahi: Avahi Wide-Area DNS Uses Constant Source Port

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-11-21 21:15 修改: 2026-06-29 23:16

libharfbuzz0b CVE-2026-22693 低危 8.3.0-2build2 harfbuzz: Null Pointer Dereference in harfbuzz

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22693

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-01-10 06:15 修改: 2026-06-17 10:20

libicu74 CVE-2025-5222 低危 74.2-1ubuntu3.1 icu: Stack buffer overflow in the SRBRoot::addTag function

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5222

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-05-27 21:15 修改: 2026-06-30 05:17

libjbig2dec0 CVE-2023-46361 低危 0.20-1build3 Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulne ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46361

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2023-10-31 06:15 修改: 2026-06-17 06:30

libkpathsea6 CVE-2019-12360 低危 2023.20230311.66589-9build3 xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12360

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-05-27 23:29 修改: 2026-06-17 02:14

libkpathsea6 CVE-2019-12493 低危 2023.20230311.66589-9build3 A stack-based buffer over-read exists in PostScriptFunction::transform ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12493

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-05-31 02:29 修改: 2026-06-17 02:14

libkpathsea6 CVE-2019-9587 低危 2023.20230311.66589-9build3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9587

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-03-06 08:29 修改: 2026-06-17 02:43

libkpathsea6 CVE-2019-9588 低危 2023.20230311.66589-9build3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9588

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-03-06 08:29 修改: 2026-06-17 02:43

libavahi-common-data CVE-2024-52616 低危 0.8-13ubuntu6.2 avahi: Avahi Wide-Area DNS Predictable Transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2024-11-21 21:15 修改: 2026-06-29 23:16

libncurses6 CVE-2025-69720 低危 6.4+20240113-1ubuntu2 6.4+20240113-1ubuntu2.1 ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00

libncursesw6 CVE-2025-69720 低危 6.4+20240113-1ubuntu2 6.4+20240113-1ubuntu2.1 ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00

libcairo-gobject2 CVE-2017-7475 低危 1.18.0-3build1 cairo: NULL pointer dereference with a crafted font file

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7475

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2017-05-19 20:29 修改: 2026-06-17 01:24

libnss-systemd CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libcairo-gobject2 CVE-2018-18064 低危 1.18.0-3build1 cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18064

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2018-10-08 18:29 修改: 2026-06-17 01:46

libcairo-script-interpreter2 CVE-2017-7475 低危 1.18.0-3build1 cairo: NULL pointer dereference with a crafted font file

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7475

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2017-05-19 20:29 修改: 2026-06-17 01:24

libopenjp2-7 CVE-2019-6988 低危 2.5.0-2ubuntu0.5 openjpeg: DoS via memory exhaustion in opj_decompress

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6988

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-01-28 16:29 修改: 2026-06-17 02:39

libcairo-script-interpreter2 CVE-2018-18064 低危 1.18.0-3build1 cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18064

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2018-10-08 18:29 修改: 2026-06-17 01:46

libpam-systemd CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libcairo2 CVE-2017-7475 低危 1.18.0-3build1 cairo: NULL pointer dereference with a crafted font file

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7475

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2017-05-19 20:29 修改: 2026-06-17 01:24

libptexenc1 CVE-2019-12360 低危 2023.20230311.66589-9build3 xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12360

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-05-27 23:29 修改: 2026-06-17 02:14

libssl1.1 CVE-2021-23840 低危 1.1.1f-1ubuntu2 1.1.1j-1ubuntu1 openssl: integer overflow in CipherUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2021-02-16 17:15 修改: 2026-06-17 03:38

libssl1.1 CVE-2022-1434 低危 1.1.1f-1ubuntu2 3.0.2-0ubuntu2 openssl: Incorrect MAC key used in the RC4-MD5 ciphersuite

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1434

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2022-05-03 16:15 修改: 2026-06-17 04:22

libssl1.1 CVE-2022-1473 低危 1.1.1f-1ubuntu2 3.0.2-0ubuntu2 openssl: OPENSSL_LH_flush() breaks reuse of memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1473

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2022-05-03 16:15 修改: 2026-06-17 04:22

libssl1.1 CVE-2022-3358 低危 1.1.1f-1ubuntu2 3.0.5-2ubuntu2 openssl: Using a Custom Cipher with NID_undef may lead to NULL encryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3358

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2022-10-11 15:15 修改: 2026-06-17 04:59

libssl1.1 CVE-2022-3996 低危 1.1.1f-1ubuntu2 3.0.7-1ubuntu1 openssl: double locking leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3996

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2022-12-13 16:15 修改: 2026-06-17 05:00

libssl1.1 CVE-2023-0464 低危 1.1.1f-1ubuntu2 3.0.8-1ubuntu2 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-03-22 17:15 修改: 2026-06-17 05:25

libssl1.1 CVE-2023-0465 低危 1.1.1f-1ubuntu2 3.0.8-1ubuntu2 openssl: Invalid certificate policies in leaf certificates are silently ignored

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-03-28 15:15 修改: 2026-06-17 05:25

libssl1.1 CVE-2023-0466 低危 1.1.1f-1ubuntu2 3.0.8-1ubuntu2 openssl: Certificate policy check not enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-03-28 15:15 修改: 2026-06-17 05:25

libssl1.1 CVE-2023-1255 低危 1.1.1f-1ubuntu2 3.0.8-1ubuntu3 openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1255

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-04-20 17:15 修改: 2026-06-17 05:27

libssl1.1 CVE-2023-5678 低危 1.1.1f-1ubuntu2 3.0.10-1ubuntu4 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49

libssl1.1 CVE-2023-6129 低危 1.1.1f-1ubuntu2 3.0.10-1ubuntu4 openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2024-01-09 17:15 修改: 2026-06-17 06:50

libssl1.1 CVE-2023-6237 低危 1.1.1f-1ubuntu2 3.0.10-1ubuntu4 openssl: Excessive time spent checking invalid RSA public keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2024-04-25 07:15 修改: 2026-06-17 06:50

libssl1.1 CVE-2024-0727 低危 1.1.1f-1ubuntu2 3.0.10-1ubuntu4 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54

ruby3.2 CVE-2025-58767 低危 3.2.3-1ubuntu0.24.04.7 rexml: REXML denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58767

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2025-09-17 18:15 修改: 2026-06-17 09:44

systemd CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

systemd-dev CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

systemd-resolved CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

systemd-sysv CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

systemd-timesyncd CVE-2026-40228 低危 255.4-1ubuntu8.16 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libssl1.1 CVE-2024-13176 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.5 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01

libssl1.1 CVE-2024-2511 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.2 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24

texlive CVE-2017-17513 低危 2023.20240207-1 texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17513

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2017-12-14 16:29 修改: 2026-06-17 01:10

texlive-base CVE-2017-17513 低危 2023.20240207-1 texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17513

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2017-12-14 16:29 修改: 2026-06-17 01:10

texlive-binaries CVE-2019-12360 低危 2023.20230311.66589-9build3 xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12360

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-05-27 23:29 修改: 2026-06-17 02:14

texlive-binaries CVE-2019-12493 低危 2023.20230311.66589-9build3 A stack-based buffer over-read exists in PostScriptFunction::transform ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12493

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-05-31 02:29 修改: 2026-06-17 02:14

texlive-binaries CVE-2019-9587 低危 2023.20230311.66589-9build3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9587

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-03-06 08:29 修改: 2026-06-17 02:43

texlive-binaries CVE-2019-9588 低危 2023.20230311.66589-9build3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9588

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-03-06 08:29 修改: 2026-06-17 02:43

texlive-fonts-recommended CVE-2017-17513 低危 2023.20240207-1 texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17513

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2017-12-14 16:29 修改: 2026-06-17 01:10

texlive-latex-base CVE-2017-17513 低危 2023.20240207-1 texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17513

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2017-12-14 16:29 修改: 2026-06-17 01:10

texlive-latex-recommended CVE-2017-17513 低危 2023.20240207-1 texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17513

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2017-12-14 16:29 修改: 2026-06-17 01:10

texlive-pictures CVE-2017-17513 低危 2023.20240207-1 texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17513

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2017-12-14 16:29 修改: 2026-06-17 01:10

texlive-xetex CVE-2017-17513 低危 2023.20240207-1 texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17513

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2017-12-14 16:29 修改: 2026-06-17 01:10

libssl1.1 CVE-2024-4603 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.2 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2024-05-16 16:15 修改: 2026-06-17 08:02

libssl1.1 CVE-2024-4741 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.2 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02

libssl1.1 CVE-2024-5535 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.2 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16

libssl1.1 CVE-2024-9143 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.5 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24

libssl1.1 CVE-2025-68160 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58

libssl1.1 CVE-2025-69418 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.7 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl1.1 CVE-2025-69419 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.7 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl1.1 CVE-2025-69420 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl1.1 CVE-2025-69421 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl1.1 CVE-2026-22795 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libssl1.1 CVE-2026-22796 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libssl1.1 CVE-2026-28387 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.9 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl1.1 CVE-2026-28388 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl1.1 CVE-2026-28389 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl1.1 CVE-2026-28390 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl1.1 CVE-2026-31789 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.9 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl1.1 CVE-2026-34180 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.11 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl1.1 CVE-2026-42766 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.11 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl1.1 CVE-2026-42767 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.11 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl1.1 CVE-2026-42770 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.11 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl1.1 CVE-2026-45446 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.11 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

xdg-utils CVE-2022-4055 低危 1.1.3-4.1ubuntu3 xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4055

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2022-11-19 00:15 修改: 2026-06-17 05:19

libssl1.1 CVE-2026-7383 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.11 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02

libssl1.1 CVE-2026-9076 低危 1.1.1f-1ubuntu2 3.0.13-0ubuntu3.11 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:e31d77699d90faeb5155605ca3cab381b6b6e9bd7e64d67848399f278bf91f0a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04

libsynctex2 CVE-2019-12360 低危 2023.20230311.66589-9build3 xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12360

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-05-27 23:29 修改: 2026-06-17 02:14

libsynctex2 CVE-2019-12493 低危 2023.20230311.66589-9build3 A stack-based buffer over-read exists in PostScriptFunction::transform ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12493

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-05-31 02:29 修改: 2026-06-17 02:14

libsynctex2 CVE-2019-9587 低危 2023.20230311.66589-9build3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9587

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-03-06 08:29 修改: 2026-06-17 02:43

libsynctex2 CVE-2019-9588 低危 2023.20230311.66589-9build3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9588

镜像层: sha256:ca6a17cd2ccb2796d64dcc0ed01dbb36ae00c4a18030aba9c797e2336dca1fa4

发布日期: 2019-03-06 08:29 修改: 2026-06-17 02:43

zlib1g CVE-2026-27171 低危 1:1.3.dfsg-3.1ubuntu2.1 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29

发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26

Java (jar)
低危漏洞:1 中危漏洞:9 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.21.1 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.21.1 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-06-23 21:17 修改: 2026-07-03 13:17

org.eclipse.jetty:jetty-http CVE-2026-2332 高危 11.0.26 12.1.7, 12.0.33 org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2332

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-04-14 12:16 修改: 2026-07-02 12:17

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.21.1 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.fasterxml.jackson.core:jackson-databind CVE-2026-54516 中危 2.21.1 2.21.4, 3.1.4 jackson-databind: jackson-databind: Security bypass due to improper handling of renamed properties

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54516

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:52

com.fasterxml.jackson.core:jackson-databind CVE-2026-54517 中危 2.21.1 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information disclosure via improper JsonView filter application

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54517

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:51

com.fasterxml.jackson.core:jackson-databind CVE-2026-54518 中危 2.21.1 2.21.4 jackson-databind: jackson-databind: Information disclosure and data manipulation via view-based access control bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54518

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-06-23 22:16 修改: 2026-06-27 20:49

org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.25.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2026-34478 中危 2.25.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34478

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.25.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.21.1 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

org.eclipse.jetty:jetty-http CVE-2024-6763 中危 11.0.26 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2024-10-14 16:15 修改: 2026-06-17 08:18

org.eclipse.jetty:jetty-http CVE-2025-11143 低危 11.0.26 12.0.31, 12.1.5 org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11143

镜像层: sha256:7512adc50764541da61d590b66bbc1b956369bc2cfa9253e6840a9e788c12bd4

发布日期: 2026-03-05 10:15 修改: 2026-06-17 08:29

Node.js (node-pkg)
低危漏洞:2 中危漏洞:4 高危漏洞:12 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
cross-spawn CVE-2024-21538 高危 7.0.3 7.0.5, 6.0.6 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2024-11-08 05:15 修改: 2026-06-17 07:09

glob CVE-2025-64756 高危 10.4.2 11.1.0, 10.5.0 glob: glob: Command Injection Vulnerability via Malicious Filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2025-11-17 18:15 修改: 2026-06-17 09:55

minimatch CVE-2026-26996 高危 9.0.5 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-02-20 03:16 修改: 2026-06-17 10:26

minimatch CVE-2026-27903 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-02-26 02:16 修改: 2026-06-17 10:27

minimatch CVE-2026-27904 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-02-26 02:16 修改: 2026-06-17 10:27

sigstore CVE-2026-48815 高危 2.3.1 4.1.1 sigstore's `certificateOIDs` verification constraints are silently dropped and never enforced

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48815

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tar CVE-2026-23745 高危 6.2.1 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-01-16 22:16 修改: 2026-06-30 03:17

tar CVE-2026-23950 高危 6.2.1 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-01-20 01:15 修改: 2026-06-30 03:17

tar CVE-2026-24842 高危 6.2.1 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-01-28 01:16 修改: 2026-06-30 05:17

tar CVE-2026-26960 高危 6.2.1 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-02-20 02:16 修改: 2026-06-17 10:26

tar CVE-2026-29786 高危 6.2.1 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-03-07 16:15 修改: 2026-06-30 03:18

tar CVE-2026-31802 高危 6.2.1 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-03-10 07:44 修改: 2026-06-17 10:34

brace-expansion CVE-2026-33750 中危 2.0.1 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-03-27 15:16 修改: 2026-06-17 10:38

ip-address CVE-2026-42338 中危 9.0.5 10.1.1 ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-05-12 20:16 修改: 2026-07-07 12:16

@sigstore/core CVE-2026-48758 中危 1.1.0 3.2.1 @sigstore/core has DSSE payloadType type-binding failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48758

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

tar CVE-2026-53655 中危 6.2.1 7.5.16 node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (nod ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-06-22 16:16 修改: 2026-06-26 20:03

diff CVE-2026-24001 低危 5.2.0 8.0.3, 5.2.2, 4.0.4, 3.5.1 jsdiff: denial of service vulnerability in parsePatch and applyPatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2026-01-22 03:15 修改: 2026-06-30 03:17

brace-expansion CVE-2025-5889 低危 2.0.1 2.0.2, 1.1.12, 3.0.1, 4.0.1 brace-expansion: juliangruber brace-expansion index.js expand redos

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889

镜像层: sha256:a32e13f5a22e93deea905e2cb84a44ebab3e39f9aa7d434076ab6dd12f5a89ef

发布日期: 2025-06-09 19:15 修改: 2026-06-17 09:48

Python (python-pkg)
低危漏洞:5 中危漏洞:27 高危漏洞:31 严重漏洞:4
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
litellm CVE-2026-35030 严重 1.82.5 1.83.0 litellm: LiteLLM: Authentication bypass and privilege escalation via OIDC userinfo cache key collision

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35030

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-04-06 17:17 修改: 2026-06-30 03:19

litellm CVE-2026-42208 严重 1.82.5 1.83.7 LiteLLM: LiteLLM: Unauthorized data access and modification via SQL injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42208

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-08 04:16 修改: 2026-06-29 17:18

litellm CVE-2026-49468 严重 1.82.5 1.84.0 litellm: LiteLLM: Authentication Bypass via Host Header Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-49468

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-06-22 21:16 修改: 2026-07-08 20:16

nltk CVE-2025-14009 严重 3.9.2 3.9.3 nltk: Zip Slip Vulnerability in nltk Leading to Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14009

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-02-18 18:24 修改: 2026-06-30 03:16

cryptography GHSA-537c-gmf6-5ccf 高危 46.0.7 48.0.1 Vulnerable OpenSSL included in cryptography wheels

漏洞详情: https://github.com/advisories/GHSA-537c-gmf6-5ccf

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-06-15 20:12 修改: 2026-06-15 20:12

curl_cffi CVE-2026-33752 高危 0.14.0 0.15.0 curl_cffi: Redirect-based SSRF leads to internal network access in curl_cffi (with TLS impersonation bypass)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33752

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38

jaraco.context CVE-2026-23949 高危 5.3.0 6.1.0 jaraco.context: jaraco.context: Path traversal via malicious tar archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23949

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-01-20 01:15 修改: 2026-06-17 10:22

PyJWT CVE-2026-32597 高危 2.8.0 2.12.0 pyjwt: PyJWT accepts unknown `crit` header extensions (RFC 7515 §4.1.11 MUST violation)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32597

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-13 19:55 修改: 2026-07-01 13:17

PyJWT CVE-2026-48526 高危 2.8.0 2.13.0 python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48526

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-28 16:16 修改: 2026-07-08 13:16

azure-core CVE-2026-21226 高危 1.37.0 1.38.0 Azure Core is vulnerable to deserialization of untrusted data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21226

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-01-13 19:16 修改: 2026-06-17 10:18

litellm CVE-2026-35029 高危 1.82.5 1.83.0 litellm: LiteLLM: Remote code execution and privilege escalation via unrestricted proxy configuration endpoint

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35029

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-04-06 17:17 修改: 2026-06-30 03:19

litellm CVE-2026-40217 高危 1.82.5 1.83.10 LiteLLM: LiteLLM: Arbitrary Code Execution via bytecode rewriting

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40217

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-04-10 14:16 修改: 2026-06-30 03:19

litellm CVE-2026-42203 高危 1.82.5 1.83.7 litellm: LiteLLM: Arbitrary code execution via unsandboxed prompt templates

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42203

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-08 04:16 修改: 2026-06-30 03:19

litellm CVE-2026-42271 高危 1.82.5 1.83.7 litellm: LiteLLM: Authenticated command execution via MCP stdio test endpoints

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42271

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-08 04:16 修改: 2026-06-30 20:19

litellm CVE-2026-47101 高危 1.82.5 1.83.14 litellm: LiteLLM: Privilege escalation via API key generation with insufficient permission validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47101

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-21 21:16 修改: 2026-07-01 13:17

litellm CVE-2026-47102 高危 1.82.5 1.83.10 litellm: LiteLLM: Privilege escalation through user role modification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47102

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-21 21:16 修改: 2026-07-02 12:17

litellm GHSA-69x8-hrgq-fjj8 高危 1.82.5 1.83.0 LiteLLM: Password hash exposure and pass-the-hash authentication bypass

漏洞详情: https://github.com/advisories/GHSA-69x8-hrgq-fjj8

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-04-08 00:04 修改: 2026-04-08 00:04

lxml CVE-2026-41066 高危 5.4.0 6.1.0 lxml: python: lxml: Information disclosure via untrusted XML input leading to local file read

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41066

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-04-24 17:16 修改: 2026-06-17 10:46

lxml_html_clean CVE-2026-49825 高危 0.4.3 0.4.5 `lxml_html_clean.Cleaner` does not strip `javascript:` URLs from namespaced URL attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-49825

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

mcp CVE-2025-66416 高危 1.19.0 1.23.0 mcp: DNS Rebinding Protection Disabled by Default in Model Context Protocol Python SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66416

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:56

mistune CVE-2026-33079 高危 3.2.0 3.2.1 mistune: Mistune: Regular Expression Denial of Service (ReDoS) via crafted Markdown input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33079

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-06 18:16 修改: 2026-07-01 13:17

cbor2 CVE-2026-26209 高危 5.8.0 5.9.0 cbor2: cbor2: Denial of Service due to uncontrolled recursion via crafted CBOR payloads

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26209

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:25

nltk CVE-2026-0846 高危 3.9.2 3.9.3 nltk: NLTK: Arbitrary file read via improper path validation in `filestring()` function

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0846

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-09 20:16 修改: 2026-06-30 03:17

nltk CVE-2026-0847 高危 3.9.2 nltk: NLTK: Arbitrary file read via path traversal vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0847

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-04 19:16 修改: 2026-06-30 03:17

nltk CVE-2026-33231 高危 3.9.2 3.9.4 nltk: NLTK: Denial of Service via unauthenticated remote shutdown

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33231

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-20 23:16 修改: 2026-06-30 03:18

nltk CVE-2026-33236 高危 3.9.2 nltk: NLTK: Arbitrary file overwrite and creation via path traversal in XML index files

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33236

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-20 23:16 修改: 2026-06-30 03:18

nltk CVE-2026-54293 高危 3.9.2 nltk: NLTK: Information Disclosure via Path Traversal in `nltk.data.load()`

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54293

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-06-22 19:17 修改: 2026-06-30 03:21

orjson CVE-2025-67221 高危 3.10.18 3.11.6 orjson: orjson: Denial of Service due to unbounded recursion with deeply nested JSON documents

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67221

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-01-22 17:16 修改: 2026-06-17 09:57

pdfminer.six CVE-2025-64512 高危 20221105 20251107 Pdfminer.six is a community maintained fork of the original PDFMiner, ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64512

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2025-11-10 22:15 修改: 2026-06-17 09:54

pdfminer.six CVE-2025-70559 高危 20221105 20251230 pdfminer.six before 20251230 contains an insecure deserialization vuln ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-70559

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-02-03 18:16 修改: 2026-06-17 10:03

protobuf CVE-2026-0994 高危 5.29.5 6.33.5, 5.29.6 python: protobuf: Protobuf: Denial of Service due to recursion depth bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0994

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-01-23 15:16 修改: 2026-06-30 03:17

pyarrow CVE-2026-25087 高危 22.0.0 23.0.1 apache-arrow: Apache Arrow C++: Denial of Service via Use After Free vulnerability when reading IPC files

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25087

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-02-17 14:16 修改: 2026-06-17 10:24

urllib3 CVE-2026-44431 高危 2.6.3 2.7.0 urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44431

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-13 16:16 修改: 2026-06-26 12:16

urllib3 CVE-2026-44432 高危 2.6.3 2.7.0 urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44432

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-13 16:16 修改: 2026-07-08 13:16

wheel CVE-2026-24049 高危 0.45.1 0.46.2 wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24049

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-01-22 05:16 修改: 2026-07-01 13:16

mistune CVE-2026-44899 中危 3.2.0 3.2.1 python-mistune: Mistune: Information disclosure via CSS injection in Image directive plugin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44899

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-26 21:16 修改: 2026-06-17 10:51

idna CVE-2026-45409 中危 3.11 3.15 Internationalized Domain Names in Applications (IDNA) for Python provi ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45409

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-06-05 23:16 修改: 2026-06-17 10:52

aiosmtplib CVE-2026-53533 中危 5.0.0 5.1.1 aiosmtplib vulnerable to SMTP command injection via CR/LF in sender/recipient address

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53533

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

Markdown CVE-2025-69534 中危 3.6 3.8.1 python-markdown: denial of service via malformed HTML-like sequences

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-05 15:16 修改: 2026-06-30 03:16

biopython CVE-2025-68463 中危 1.86 python-biopython: python-biopython: Information disclosure via XML External Entity (XXE) vulnerability in Bio.Entrez

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68463

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2025-12-18 06:15 修改: 2026-06-17 09:59

PyJWT CVE-2026-48522 中危 2.8.0 2.13.0 python-pyjwt: PyJWT: Server-Side Request Forgery (SSRF) via uncontrolled URL fetching in PyJWKClient

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48522

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-28 16:16 修改: 2026-06-17 10:55

PyJWT CVE-2026-48525 中危 2.8.0 2.13.0 python-pyjwt: PyJWT: Denial of Service via processing of crafted detached JWS tokens

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48525

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-28 16:16 修改: 2026-06-17 10:55

nltk CVE-2026-33230 中危 3.9.2 3.9.4 nltk: NLTK: Script execution via reflected cross-site scripting in WordNet Browser

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33230

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-20 23:16 修改: 2026-06-17 10:37

nltk GHSA-rf74-v2fm-23pw 中危 3.9.2 Natural Language Toolkit (NLTK) has unbounded recursion in JSONTaggedDecoder.decode_obj() may cause DoS

漏洞详情: https://github.com/advisories/GHSA-rf74-v2fm-23pw

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-18 20:17 修改: 2026-03-18 20:17

lxml_html_clean CVE-2026-28348 中危 0.4.3 0.4.4 lxml_html_clean is a project for HTML cleaning functionalities copied ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28348

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-05 20:16 修改: 2026-06-17 10:28

lxml_html_clean CVE-2026-28350 中危 0.4.3 0.4.4 lxml_html_clean is a project for HTML cleaning functionalities copied ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28350

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-05 20:16 修改: 2026-06-17 10:28

Werkzeug CVE-2026-27199 中危 3.1.5 3.1.6 Werkzeug safe_join() allows Windows special device names

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27199

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-02-21 06:17 修改: 2026-06-17 10:26

pip CVE-2026-3219 中危 25.3 26.1 pip: pip: Incorrect file installation due to improper archive handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-04-20 16:16 修改: 2026-06-17 10:43

pip CVE-2026-3219 中危 25.3 26.1 pip: pip: Incorrect file installation due to improper archive handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219

镜像层: sha256:d68b09619e2c50580eb6408a1fa1e21b67b9c7e03f6baa6f6a34d61347122133

发布日期: 2026-04-20 16:16 修改: 2026-06-17 10:43

pip CVE-2026-6357 中危 25.3 26.1 pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-04-27 15:16 修改: 2026-06-17 11:00

pip CVE-2026-6357 中危 25.3 26.1 pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357

镜像层: sha256:d68b09619e2c50580eb6408a1fa1e21b67b9c7e03f6baa6f6a34d61347122133

发布日期: 2026-04-27 15:16 修改: 2026-06-17 11:00

pip CVE-2026-8643 中危 25.3 26.1.2 python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8643

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-06-01 17:17 修改: 2026-07-08 13:16

pip CVE-2026-8643 中危 25.3 26.1.2 python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8643

镜像层: sha256:d68b09619e2c50580eb6408a1fa1e21b67b9c7e03f6baa6f6a34d61347122133

发布日期: 2026-06-01 17:17 修改: 2026-07-08 13:16

diskcache CVE-2025-69872 中危 5.6.3 python-diskcache: python-diskcache: Arbitrary code execution via insecure pickle deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69872

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-02-11 19:15 修改: 2026-07-08 13:16

mistune CVE-2026-44708 中危 3.2.0 python-mistune: Mistune: Cross-Site Scripting via improper HTML escaping in math plugin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44708

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-26 21:16 修改: 2026-06-17 10:51

pydantic-settings GHSA-4xgf-cpjx-pc3j 中危 2.12.0 2.14.2 pydantic-settings: NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size

漏洞详情: https://github.com/advisories/GHSA-4xgf-cpjx-pc3j

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-06-19 22:10 修改: 2026-06-19 22:10

pypdf GHSA-jm82-fx9c-mx94 中危 6.13.1 6.13.3 pypdf: Missing stream length values ignore defined limits

漏洞详情: https://github.com/advisories/GHSA-jm82-fx9c-mx94

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-06-18 14:28 修改: 2026-06-18 14:28

python-dotenv CVE-2026-28684 中危 1.2.1 1.2.2 python-dotenv: python-dotenv: Arbitrary file overwrite via symbolic link following

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28684

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-04-20 17:16 修改: 2026-06-17 10:28

requests CVE-2026-25645 中危 2.32.5 2.33.0 requests: Requests: Security bypass due to predictable temporary file creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25645

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-25 17:16 修改: 2026-06-17 10:25

mistune CVE-2026-44896 中危 3.2.0 3.2.1 mistune: Mistune: Cross-Site Scripting (XSS) via unescaped HTML attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44896

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-26 21:16 修改: 2026-06-17 10:51

mistune CVE-2026-44897 中危 3.2.0 3.2.1 mistune: Mistune: Cross-site scripting (XSS) via improper sanitization of HTML heading ID attribute

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44897

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-26 21:16 修改: 2026-06-17 10:51

mistune CVE-2026-44898 中危 3.2.0 3.2.1 mistune: Mistune: Arbitrary code execution via HTML injection in table of contents rendering

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44898

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-26 21:16 修改: 2026-06-17 10:51

pip CVE-2026-1703 低危 25.3 26.0 pip: pip: Information disclosure via path traversal when installing crafted wheel archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703

镜像层: sha256:d68b09619e2c50580eb6408a1fa1e21b67b9c7e03f6baa6f6a34d61347122133

发布日期: 2026-02-02 15:16 修改: 2026-06-17 10:16

Flask CVE-2026-27205 低危 3.1.2 3.1.3 flask: Flask: Information disclosure via improper caching of session data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27205

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-02-21 06:17 修改: 2026-06-17 10:26

PyJWT CVE-2026-48524 低危 2.8.0 2.13.0 python-pyjwt: PyJWT: Denial of Service via unverified JSON Web Token key IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48524

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-05-28 16:16 修改: 2026-06-17 10:55

Pygments CVE-2026-4539 低危 2.19.2 2.20.0 pygments: Pygments: Denial of Service via inefficient regular expression processing in AdlLexer

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4539

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-03-22 06:16 修改: 2026-06-17 10:56

pip CVE-2026-1703 低危 25.3 26.0 pip: pip: Information disclosure via path traversal when installing crafted wheel archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703

镜像层: sha256:01c5f319ea58a5ff23d606bc388ddc1bef2157defc7d03bf0a0688cd0a47338f

发布日期: 2026-02-02 15:16 修改: 2026-06-17 10:16

/ragflow/.venv/lib/python3.13/site-packages/seleniumwire/ca.key ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/ragflow/.venv/lib/python3.13/site-packages/tencentcloud/cloudapp/v20220530/cloudapp_client.py ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/ragflow/web/dist/chunk/js/index-CM5UKZMH.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/ragflow/web/dist/chunk/js/index-D_BPq6PZ.js ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×