docker.io/istio/pilot:1.18.7 linux/amd64

docker.io/istio/pilot:1.18.7 - Trivy安全扫描结果 扫描时间: 2026-07-03 01:49
全部漏洞信息
低危漏洞:140 中危漏洞:243 高危漏洞:50 严重漏洞:4

系统OS: ubuntu 22.04 扫描引擎: Trivy 扫描时间: 2026-07-03 01:49

docker.io/istio/pilot:1.18.7 (ubuntu 22.04) (ubuntu)
低危漏洞:136 中危漏洞:175 高危漏洞:5 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
gpgv CVE-2025-68973 高危 2.2.27-3ubuntu2.1 2.2.27-3ubuntu2.5 GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-12-28 17:16 修改: 2026-06-17 09:59

libssl3 CVE-2026-45447 高危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-09 17:17 修改: 2026-07-01 13:17

openssl CVE-2026-45447 高危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-06-09 17:17 修改: 2026-07-01 13:17

sudo CVE-2025-32462 高危 1.9.9-1ubuntu2.4 1.9.9-1ubuntu2.5 sudo: LPE via host option

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32462

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-06-30 21:15 修改: 2026-06-17 09:12

sudo CVE-2026-35535 高危 1.9.9-1ubuntu2.4 1.9.9-1ubuntu2.6 sudo: Sudo: Privilege escalation due to failure in privilege drop calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35535

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-04-03 03:16 修改: 2026-06-30 03:19

curl CVE-2024-2398 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.16 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24

curl CVE-2024-7264 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.17 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19

curl CVE-2024-8096 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.18 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-09-11 10:15 修改: 2026-06-17 08:21

curl CVE-2025-14017 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.22 curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35

curl CVE-2026-11856 中危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11856

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

curl CVE-2026-1965 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.23 curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16

curl CVE-2026-3783 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.23 curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44

curl CVE-2026-5545 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59

curl CVE-2026-6253 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

curl CVE-2026-6429 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: libcurl: Credential leak via reused proxy connection during HTTP redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

curl CVE-2026-7168 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01

curl CVE-2026-8925 中危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8925

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

curl CVE-2026-8927 中危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8927

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

bash CVE-2022-3715 中危 5.1-6ubuntu1 5.1-6ubuntu1.1 bash: a heap-buffer-overflow in valid_parameter_transform

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3715

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-01-05 15:15 修改: 2026-06-17 05:00

gpgv CVE-2025-30258 中危 2.2.27-3ubuntu2.1 2.2.27-3ubuntu2.3 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08

libblkid1 CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.4 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libblkid1 CVE-2026-27456 中危 2.37.2-4ubuntu3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libc-bin CVE-2024-2961 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.7 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25

libc-bin CVE-2024-33599 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.8 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2024-33600 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.8 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2024-33601 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.8 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2024-33602 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.8 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2025-0395 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.9 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26

libc-bin CVE-2025-15281 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.13 glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37

libc-bin CVE-2025-4802 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.10 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

libc-bin CVE-2025-8058 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.11 glibc: Double free in glibc

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06

libc-bin CVE-2026-0861 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.13 glibc: Integer overflow in memalign leads to heap corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11

libc-bin CVE-2026-0915 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.13 glibc: glibc: Information disclosure via zero-valued network query

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11

libc-bin CVE-2026-4046 中危 2.35-0ubuntu3.5 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

libc-bin CVE-2026-5435 中危 2.35-0ubuntu3.5 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

libc-bin CVE-2026-6238 中危 2.35-0ubuntu3.5 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

libc6 CVE-2024-2961 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.7 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25

libc6 CVE-2024-33599 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.8 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2024-33600 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.8 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2024-33601 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.8 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2024-33602 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.8 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2025-0395 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.9 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26

libc6 CVE-2025-15281 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.13 glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37

libc6 CVE-2025-4802 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.10 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

libc6 CVE-2025-8058 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.11 glibc: Double free in glibc

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06

libc6 CVE-2026-0861 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.13 glibc: Integer overflow in memalign leads to heap corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11

libc6 CVE-2026-0915 中危 2.35-0ubuntu3.5 2.35-0ubuntu3.13 glibc: glibc: Information disclosure via zero-valued network query

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11

libc6 CVE-2026-4046 中危 2.35-0ubuntu3.5 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

libc6 CVE-2026-5435 中危 2.35-0ubuntu3.5 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

libc6 CVE-2026-6238 中危 2.35-0ubuntu3.5 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

libcap2 CVE-2025-1390 中危 1:2.44-1ubuntu0.22.04.1 1:2.44-1ubuntu0.22.04.2 libcap: pam_cap: Fix potential configuration parsing error

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1390

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-02-18 03:15 修改: 2026-06-17 08:39

libcap2 CVE-2026-4878 中危 1:2.44-1ubuntu0.22.04.1 1:2.44-1ubuntu0.22.04.3 libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-09 16:16 修改: 2026-07-01 19:16

libcap2-bin CVE-2025-1390 中危 1:2.44-1ubuntu0.22.04.1 1:2.44-1ubuntu0.22.04.2 libcap: pam_cap: Fix potential configuration parsing error

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1390

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-02-18 03:15 修改: 2026-06-17 08:39

libcap2-bin CVE-2026-4878 中危 1:2.44-1ubuntu0.22.04.1 1:2.44-1ubuntu0.22.04.3 libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-04-09 16:16 修改: 2026-07-01 19:16

libcurl4 CVE-2024-2398 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.16 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24

libcurl4 CVE-2024-7264 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.17 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19

libcurl4 CVE-2024-8096 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.18 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-09-11 10:15 修改: 2026-06-17 08:21

libcurl4 CVE-2025-14017 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.22 curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35

libcurl4 CVE-2026-11856 中危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11856

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4 CVE-2026-1965 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.23 curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16

libcurl4 CVE-2026-3783 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.23 curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44

libcurl4 CVE-2026-5545 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59

libcurl4 CVE-2026-6253 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

libcurl4 CVE-2026-6429 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: libcurl: Credential leak via reused proxy connection during HTTP redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

libcurl4 CVE-2026-7168 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01

libcurl4 CVE-2026-8925 中危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8925

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4 CVE-2026-8927 中危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8927

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libelf1 CVE-2025-1372 中危 0.186-1build1 0.186-1ubuntu0.1 elfutils: GNU elfutils eu-readelf readelf.c print_string_section buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1372

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-02-17 03:15 修改: 2026-06-17 08:39

libelf1 CVE-2025-1377 中危 0.186-1build1 0.186-1ubuntu0.1 elfutils: GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1377

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-02-17 05:15 修改: 2026-06-17 08:39

libgcrypt20 CVE-2026-41989 中危 1.9.4-3ubuntu3 1.9.4-3ubuntu3.2 Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47

libgnutls30 CVE-2024-0553 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.4 gnutls: incomplete fix for CVE-2023-5981

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-01-16 12:15 修改: 2026-06-17 06:53

libgnutls30 CVE-2024-0567 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.4 gnutls: rejects certificate chain with distributed trust

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0567

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-01-16 14:15 修改: 2026-06-17 06:53

libgnutls30 CVE-2024-12243 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.6 gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12243

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-02-10 16:15 修改: 2026-06-17 06:59

libgnutls30 CVE-2024-28834 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.5 gnutls: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-03-21 14:15 修改: 2026-06-17 07:21

libgnutls30 CVE-2024-28835 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.5 gnutls: potential crash during chain building/verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28835

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-03-21 06:15 修改: 2026-06-17 07:21

libgnutls30 CVE-2025-14831 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.8 gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-02-09 15:16 修改: 2026-06-30 00:16

libgnutls30 CVE-2025-32988 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.7 gnutls: Vulnerability in GnuTLS otherName SAN export

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32988

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-07-10 08:15 修改: 2026-06-30 01:16

libgnutls30 CVE-2025-32989 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.7 gnutls: Vulnerability in GnuTLS SCT extension parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32989

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-07-10 08:15 修改: 2026-06-30 01:16

libgnutls30 CVE-2025-32990 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.7 gnutls: Vulnerability in GnuTLS certtool template parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32990

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-07-10 10:15 修改: 2026-06-30 01:16

libgnutls30 CVE-2025-6395 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.7 gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6395

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-07-10 16:15 修改: 2026-06-30 02:16

libgnutls30 CVE-2026-33845 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-30 18:16 修改: 2026-07-01 20:17

libgnutls30 CVE-2026-33846 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-05-04 10:15 修改: 2026-07-01 20:17

libgnutls30 CVE-2026-3832 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-30 18:16 修改: 2026-06-24 17:16

libgnutls30 CVE-2026-3833 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-30 18:16 修改: 2026-06-30 03:19

libgnutls30 CVE-2026-42009 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-05-18 13:16 修改: 2026-07-01 20:17

libgnutls30 CVE-2026-42010 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: gnutls: Authentication Bypass via NUL Character in Username

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-05-07 12:16 修改: 2026-06-30 03:19

libgnutls30 CVE-2026-42011 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: gnutls: Security bypass due to incorrect name constraint handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-05-07 15:16 修改: 2026-06-30 03:19

libgnutls30 CVE-2026-42012 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:19

libgnutls30 CVE-2026-42013 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:19

libgnutls30 CVE-2026-42014 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-16 02:16 修改: 2026-06-30 03:19

libgnutls30 CVE-2026-42015 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:19

libgnutls30 CVE-2026-5260 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.9 gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:21

libgssapi-krb5-2 CVE-2024-3596 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.5 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libgssapi-krb5-2 CVE-2024-37370 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libgssapi-krb5-2 CVE-2024-37371 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libgssapi-krb5-2 CVE-2025-24528 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libgssapi-krb5-2 CVE-2025-3576 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.7 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libk5crypto3 CVE-2024-3596 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.5 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libk5crypto3 CVE-2024-37370 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libk5crypto3 CVE-2024-37371 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libk5crypto3 CVE-2025-24528 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libk5crypto3 CVE-2025-3576 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.7 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libkrb5-3 CVE-2024-3596 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.5 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libkrb5-3 CVE-2024-37370 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libkrb5-3 CVE-2024-37371 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libkrb5-3 CVE-2025-24528 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libkrb5-3 CVE-2025-3576 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.7 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libkrb5support0 CVE-2024-3596 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.5 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libkrb5support0 CVE-2024-37370 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libkrb5support0 CVE-2024-37371 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libkrb5support0 CVE-2025-24528 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libkrb5support0 CVE-2025-3576 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.7 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

liblmdb0 CVE-2026-22185 中危 0.9.24-1build2 OpenLDAP: OpenLDAP LMDB: Denial of Service and Information Disclosure via Heap Buffer Underflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22185

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-07 21:16 修改: 2026-06-17 10:19

libmount1 CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.4 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libmount1 CVE-2026-27456 中危 2.37.2-4ubuntu3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libnghttp2-14 CVE-2024-28182 中危 1.43.0-1ubuntu0.1 1.43.0-1ubuntu0.2 nghttp2: CONTINUATION frames DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-04-04 15:15 修改: 2026-06-17 07:21

libnghttp2-14 CVE-2026-27135 中危 1.43.0-1ubuntu0.1 1.43.0-1ubuntu0.3 nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-18 18:16 修改: 2026-06-30 03:17

libp11-kit0 CVE-2026-13757 中危 0.24.0-6build1 p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13757

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-29 19:16 修改: 2026-07-01 15:16

libpam-modules CVE-2024-22365 中危 1.4.0-11ubuntu2.3 1.4.0-11ubuntu2.4 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11

libpam-modules CVE-2025-6020 中危 1.4.0-11ubuntu2.3 1.4.0-11ubuntu2.6 linux-pam: Linux-pam directory Traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-06-17 13:15 修改: 2026-06-30 11:16

libpam-modules-bin CVE-2024-22365 中危 1.4.0-11ubuntu2.3 1.4.0-11ubuntu2.4 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11

libpam-modules-bin CVE-2025-6020 中危 1.4.0-11ubuntu2.3 1.4.0-11ubuntu2.6 linux-pam: Linux-pam directory Traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-06-17 13:15 修改: 2026-06-30 11:16

libpam-runtime CVE-2024-22365 中危 1.4.0-11ubuntu2.3 1.4.0-11ubuntu2.4 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11

libpam-runtime CVE-2025-6020 中危 1.4.0-11ubuntu2.3 1.4.0-11ubuntu2.6 linux-pam: Linux-pam directory Traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-06-17 13:15 修改: 2026-06-30 11:16

libpam0g CVE-2024-22365 中危 1.4.0-11ubuntu2.3 1.4.0-11ubuntu2.4 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11

libpam0g CVE-2025-6020 中危 1.4.0-11ubuntu2.3 1.4.0-11ubuntu2.6 linux-pam: Linux-pam directory Traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-06-17 13:15 修改: 2026-06-30 11:16

libsmartcols1 CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.4 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libsmartcols1 CVE-2026-27456 中危 2.37.2-4ubuntu3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libssh-4 CVE-2023-6004 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.3 libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6004

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-01-03 17:15 修改: 2026-06-17 06:49

libssh-4 CVE-2023-6918 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.3 libssh: Missing checks for return values for digests

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6918

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2023-12-19 00:15 修改: 2026-06-17 06:51

libssh-4 CVE-2025-4877 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.4 libssh: Write beyond bounds in binary to base64 conversion functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4877

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-08-20 13:15 修改: 2026-06-30 11:16

libssh-4 CVE-2025-4878 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.4 libssh: Use of uninitialized variable in privatekey_from_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4878

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-07-22 15:15 修改: 2026-06-30 11:16

libssh-4 CVE-2025-5318 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.4 libssh: out-of-bounds read in sftp_handle()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5318

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-06-24 14:15 修改: 2026-06-30 11:16

libssh-4 CVE-2025-5372 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.4 libssh: Incorrect Return Code Handling in ssh_kdf() in libssh

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5372

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-07-04 06:15 修改: 2026-06-17 09:47

libssh-4 CVE-2026-0964 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.6 libssh: Improper sanitation of paths received from SCP servers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0964

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11

libssh-4 CVE-2026-0967 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.6 libssh: libssh: Denial of Service via inefficient regular expression processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0967

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11

libssh-4 CVE-2026-0968 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.6 libssh: libssh: Denial of Service due to malformed SFTP message

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0968

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11

libssh-4 CVE-2026-3731 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.7 libssh: libssh: Denial of Service via out-of-bounds read in SFTP extension name handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3731

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-08 11:15 修改: 2026-06-17 10:44

bsdextrautils CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.4 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libssl3 CVE-2022-40735 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40735

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2022-11-14 23:15 修改: 2026-06-17 05:01

libssl3 CVE-2024-6119 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.18 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-09-03 16:15 修改: 2026-06-17 08:17

libssl3 CVE-2025-15467 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16

libssl3 CVE-2025-9230 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.20 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

libssl3 CVE-2026-31790 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl3 CVE-2026-34182 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl3 CVE-2026-45445 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

libsystemd0 CVE-2025-4598 中危 249.11-0ubuntu3.11 249.11-0ubuntu3.16 systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-05-30 14:15 修改: 2026-06-30 11:16

libsystemd0 CVE-2026-29111 中危 249.11-0ubuntu3.11 249.11-0ubuntu3.19 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29

libsystemd0 CVE-2026-40225 中危 249.11-0ubuntu3.11 249.11-0ubuntu3.19 systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libsystemd0 CVE-2026-40226 中危 249.11-0ubuntu3.11 249.11-0ubuntu3.21 systemd: systemd nspawn: Escape-to-host action via crafted config file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libtasn1-6 CVE-2024-12133 中危 4.18.0-4build1 4.18.0-4ubuntu0.1 libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-02-10 16:15 修改: 2026-06-30 03:16

libtasn1-6 CVE-2025-13151 中危 4.18.0-4build1 4.18.0-4ubuntu0.2 libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-07 22:15 修改: 2026-06-17 08:33

libudev1 CVE-2025-4598 中危 249.11-0ubuntu3.11 249.11-0ubuntu3.16 systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-05-30 14:15 修改: 2026-06-30 11:16

libudev1 CVE-2026-29111 中危 249.11-0ubuntu3.11 249.11-0ubuntu3.19 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29

libudev1 CVE-2026-40225 中危 249.11-0ubuntu3.11 249.11-0ubuntu3.19 systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libudev1 CVE-2026-40226 中危 249.11-0ubuntu3.11 249.11-0ubuntu3.21 systemd: systemd nspawn: Escape-to-host action via crafted config file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libuuid1 CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.4 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libuuid1 CVE-2026-27456 中危 2.37.2-4ubuntu3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

mount CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.4 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

mount CVE-2026-27456 中危 2.37.2-4ubuntu3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

net-tools CVE-2025-46836 中危 1.60+git20181103.0eebece-1ubuntu5 1.60+git20181103.0eebece-1ubuntu5.4 net-tools: net-tools Stack Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46836

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-05-14 23:15 修改: 2026-06-17 09:27

bsdextrautils CVE-2026-27456 中危 2.37.2-4ubuntu3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

openssl CVE-2022-40735 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40735

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2022-11-14 23:15 修改: 2026-06-17 05:01

openssl CVE-2024-6119 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.18 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-09-03 16:15 修改: 2026-06-17 08:17

openssl CVE-2025-15467 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16

openssl CVE-2025-9230 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.20 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

openssl CVE-2026-31790 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

openssl CVE-2026-34182 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl CVE-2026-45445 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

perl-base CVE-2024-56406 中危 5.34.0-3ubuntu1.3 5.34.0-3ubuntu1.4 perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56406

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-04-13 14:15 修改: 2026-06-17 08:12

perl-base CVE-2025-40909 中危 5.34.0-3ubuntu1.3 5.34.0-3ubuntu1.5 perl: Perl threads have a working directory race condition where file operations may target unintended paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-05-30 13:15 修改: 2026-06-17 09:22

perl-base CVE-2026-42496 中危 5.34.0-3ubuntu1.3 5.34.0-3ubuntu1.7 perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-05-26 02:16 修改: 2026-06-30 03:19

perl-base CVE-2026-8376 中危 5.34.0-3ubuntu1.3 5.34.0-3ubuntu1.7 Perl versions through 5.43.10 have a heap buffer overflow when compili ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-05-26 00:16 修改: 2026-06-17 11:03

sed CVE-2026-5958 中危 4.8-1ubuntu2 4.8-1ubuntu2.1 sed: GNU sed TOCTOU race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-20 12:16 修改: 2026-06-17 10:59

bsdutils CVE-2024-28085 中危 1:2.37.2-4ubuntu3 2.37.2-4ubuntu3.4 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

bsdutils CVE-2026-27456 中危 1:2.37.2-4ubuntu3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

tar CVE-2025-45582 中危 1.34+dfsg-1ubuntu0.1.22.04.2 tar: Tar path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-07-11 17:15 修改: 2026-06-17 09:25

tar CVE-2026-5704 中危 1.34+dfsg-1ubuntu0.1.22.04.2 1.34+dfsg-1ubuntu0.1.22.04.3 tar: tar: Hidden file injection via crafted archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:59

util-linux CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.4 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

util-linux CVE-2026-27456 中危 2.37.2-4ubuntu3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

curl CVE-2025-14524 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.22 curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36

libpcre2-8-0 CVE-2022-41409 低危 10.39-3ubuntu0.1 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-07-18 14:15 修改: 2026-06-17 05:03

libpcre3 CVE-2017-11164 低危 2:8.39-13ubuntu0.22.04.1 pcre: OP_KETRMAX feature in the match function in pcre_exec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2017-07-11 03:29 修改: 2026-06-17 01:01

libbpf0 CVE-2025-29481 低危 1:0.5.0-1ubuntu22.04.1 libbpf: Heap Buffer Overflow in libbpf

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29481

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-04-07 20:15 修改: 2026-06-17 09:05

curl CVE-2025-15079 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.22 curl: Host verification bypass during SSH transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37

curl CVE-2025-15224 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.22 curl: libssh key passphrase bypass without agent set

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37

curl CVE-2026-12064 低危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4 CVE-2024-11053 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.20 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56

libcurl4 CVE-2024-9681 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.19 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-11-06 08:15 修改: 2026-06-17 08:25

libcurl4 CVE-2025-0167 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.23 When asked to use a `.netrc` file for credentials **and** to follow HT ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25

libcurl4 CVE-2025-14524 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.22 curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36

libgnutls30 CVE-2025-9820 低危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.8 gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-26 20:16 修改: 2026-06-30 09:16

libcurl4 CVE-2025-15079 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.22 curl: Host verification bypass during SSH transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37

libcurl4 CVE-2025-15224 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.22 curl: libssh key passphrase bypass without agent set

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37

libcurl4 CVE-2026-12064 低危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libssh-4 CVE-2025-8114 低危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.5 libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8114

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-07-24 15:15 修改: 2026-06-30 02:16

libssh-4 CVE-2025-8277 低危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.6 libssh: Memory Exhaustion via Repeated Key Exchange in libssh

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8277

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-09-09 12:15 修改: 2026-06-30 09:16

libssh-4 CVE-2026-0965 低危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.6 libssh: libssh: Denial of Service via improper configuration file handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0965

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11

libssh-4 CVE-2026-0966 低危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.6 libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0966

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11

libcurl4 CVE-2026-3784 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.23 curl: curl: Unauthorized access due to improper HTTP proxy connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44

libcurl4 CVE-2026-4873 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: curl: Information disclosure due to incorrect TLS connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57

libgssapi-krb5-2 CVE-2024-26458 低危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libgssapi-krb5-2 CVE-2024-26461 低危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libcurl4 CVE-2026-5773 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59

libcurl4 CVE-2026-6276 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

libcurl4 CVE-2026-8286 低危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8286

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4 CVE-2026-8458 低危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8458

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libssl3 CVE-2023-5678 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49

libssl3 CVE-2023-6129 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-01-09 17:15 修改: 2026-06-17 06:50

libssl3 CVE-2023-6237 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: Excessive time spent checking invalid RSA public keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-04-25 07:15 修改: 2026-06-17 06:50

libssl3 CVE-2024-0727 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54

libssl3 CVE-2024-13176 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.19 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01

libssl3 CVE-2024-2511 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24

libssl3 CVE-2024-4603 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-05-16 16:15 修改: 2026-06-17 08:02

libssl3 CVE-2024-4741 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02

libssl3 CVE-2024-5535 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16

libssl3 CVE-2024-9143 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.19 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24

libssl3 CVE-2025-68160 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58

libssl3 CVE-2025-69418 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3 CVE-2025-69419 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3 CVE-2025-69420 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3 CVE-2025-69421 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3 CVE-2026-22795 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libssl3 CVE-2026-22796 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libssl3 CVE-2026-28387 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3 CVE-2026-28388 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3 CVE-2026-28389 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3 CVE-2026-28390 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3 CVE-2026-31789 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl3 CVE-2026-34180 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl3 CVE-2026-42766 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3 CVE-2026-42767 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3 CVE-2026-42770 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3 CVE-2026-45446 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

libssl3 CVE-2026-7383 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02

libssl3 CVE-2026-9076 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04

libstdc++6 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37

libstdc++6 CVE-2023-4039 低危 12.3.0-1ubuntu1~22.04 12.3.0-1ubuntu1~22.04.2 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-09-13 09:15 修改: 2026-06-23 18:17

libcurl4 CVE-2026-8924 低危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8924

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libk5crypto3 CVE-2024-26458 低危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libk5crypto3 CVE-2024-26461 低危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libcurl4 CVE-2026-9547 低危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9547

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libsystemd0 CVE-2023-7008 低危 249.11-0ubuntu3.11 249.11-0ubuntu3.21 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51

libsystemd0 CVE-2026-40228 低危 249.11-0ubuntu3.11 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libdbus-1-3 CVE-2023-34969 低危 1.12.20-2ubuntu4.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2023-06-08 03:15 修改: 2026-06-17 06:04

curl CVE-2026-3784 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.23 curl: curl: Unauthorized access due to improper HTTP proxy connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44

libtasn1-6 CVE-2021-46848 低危 4.18.0-4build1 4.18.0-4ubuntu0.2 libtasn1: Out-of-bound access in ETYPE_OK

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46848

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2022-10-24 14:15 修改: 2026-06-17 04:15

libtinfo6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39

curl CVE-2026-4873 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: curl: Information disclosure due to incorrect TLS connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57

libelf1 CVE-2025-1352 低危 0.186-1build1 elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-02-16 15:15 修改: 2026-06-17 08:38

libkrb5-3 CVE-2024-26458 低危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libkrb5-3 CVE-2024-26461 低危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libudev1 CVE-2023-7008 低危 249.11-0ubuntu3.11 249.11-0ubuntu3.21 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51

libudev1 CVE-2026-40228 低危 249.11-0ubuntu3.11 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libelf1 CVE-2025-1376 低危 0.186-1build1 elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1376

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-02-17 05:15 修改: 2026-06-17 08:39

libgcc-s1 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37

libzstd1 CVE-2022-4899 低危 1.4.8+dfsg-3build1 zstd: mysql: buffer overrun in util.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-03-31 20:15 修改: 2026-06-17 05:22

login CVE-2023-29383 低危 1:4.8.1-2ubuntu2.1 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-04-14 22:15 修改: 2026-06-17 05:49

login CVE-2023-4641 低危 1:4.8.1-2ubuntu2.1 1:4.8.1-2ubuntu2.2 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-12-27 16:15 修改: 2026-06-17 06:38

login CVE-2024-56433 低危 1:4.8.1-2ubuntu2.1 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12

libgcc-s1 CVE-2023-4039 低危 12.3.0-1ubuntu1~22.04 12.3.0-1ubuntu1~22.04.2 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-09-13 09:15 修改: 2026-06-23 18:17

curl CVE-2026-5773 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59

ncurses-base CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39

ncurses-bin CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39

libgcrypt20 CVE-2024-2236 低危 1.9.4-3ubuntu3 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24

libkrb5support0 CVE-2024-26458 低危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libkrb5support0 CVE-2024-26461 低危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.6 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libldap-2.5-0 CVE-2023-2953 低危 2.5.16+dfsg-0ubuntu0.22.04.1 2.5.16+dfsg-0ubuntu0.22.04.2 openldap: null pointer dereference in ber_memalloc_x function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2023-05-30 22:15 修改: 2026-06-17 05:53

curl CVE-2026-6276 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.24 curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

liblzma5 CVE-2026-34743 低危 5.2.5-2ubuntu1 5.2.5-2ubuntu1.1 xz: XZ Utils: Denial of Service via buffer overflow in index decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39

curl CVE-2026-8286 低危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8286

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

curl CVE-2026-8458 低危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8458

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libncurses6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39

openssl CVE-2023-5678 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49

openssl CVE-2023-6129 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-01-09 17:15 修改: 2026-06-17 06:50

openssl CVE-2023-6237 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: Excessive time spent checking invalid RSA public keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-04-25 07:15 修改: 2026-06-17 06:50

openssl CVE-2024-0727 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54

openssl CVE-2024-13176 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.19 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01

openssl CVE-2024-2511 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24

openssl CVE-2024-4603 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-05-16 16:15 修改: 2026-06-17 08:02

openssl CVE-2024-4741 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02

openssl CVE-2024-5535 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16

openssl CVE-2024-9143 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.19 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24

openssl CVE-2025-68160 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58

openssl CVE-2025-69418 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

openssl CVE-2025-69419 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

openssl CVE-2025-69420 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

openssl CVE-2025-69421 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

openssl CVE-2026-22795 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

openssl CVE-2026-22796 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.21 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

openssl CVE-2026-28387 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl CVE-2026-28388 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl CVE-2026-28389 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl CVE-2026-28390 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl CVE-2026-31789 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.23 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

openssl CVE-2026-34180 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl CVE-2026-42766 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl CVE-2026-42767 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl CVE-2026-42770 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl CVE-2026-45446 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

openssl CVE-2026-7383 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02

openssl CVE-2026-9076 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.25 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04

passwd CVE-2023-29383 低危 1:4.8.1-2ubuntu2.1 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-04-14 22:15 修改: 2026-06-17 05:49

passwd CVE-2023-4641 低危 1:4.8.1-2ubuntu2.1 1:4.8.1-2ubuntu2.2 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-12-27 16:15 修改: 2026-06-17 06:38

passwd CVE-2024-56433 低危 1:4.8.1-2ubuntu2.1 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12

libncursesw6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39

curl CVE-2026-8924 低危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8924

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

curl CVE-2026-9547 低危 7.81.0-1ubuntu1.15

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9547

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

dpkg CVE-2025-6297 低危 1.21.1ubuntu2.2 1.21.1ubuntu2.6 It was discovered that dpkg-deb does not properly sanitize directory p ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6297

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2025-07-01 17:15 修改: 2026-06-17 10:01

gcc-12-base CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37

gcc-12-base CVE-2023-4039 低危 12.3.0-1ubuntu1~22.04 12.3.0-1ubuntu1~22.04.2 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:a1360aae5271bbbf575b4057cb4158dbdfbcae76698189b55fb1039bc0207400

发布日期: 2023-09-13 09:15 修改: 2026-06-23 18:17

curl CVE-2024-11053 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.20 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56

curl CVE-2024-9681 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.19 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2024-11-06 08:15 修改: 2026-06-17 08:25

iputils-ping CVE-2025-47268 低危 3:20211215-1 3:20211215-1ubuntu0.1 iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47268

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-05-05 14:15 修改: 2026-06-17 09:27

iputils-ping CVE-2025-48964 低危 3:20211215-1 3:20211215-1ubuntu0.1 iputils: iputils integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48964

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-07-22 18:15 修改: 2026-06-17 09:30

curl CVE-2025-0167 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.23 When asked to use a `.netrc` file for credentials **and** to follow HT ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167

镜像层: sha256:ca99ed9ff7c7df64422a374aaeaeb73aa1ed0fce19201ecd9770d9948d42daf3

发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25

usr/local/bin/pilot-discovery (gobinary)
低危漏洞:4 中危漏洞:68 高危漏洞:45 严重漏洞:4
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
github.com/docker/docker CVE-2024-41110 严重 v24.0.7+incompatible 23.0.15, 26.1.5, 27.1.1, 25.0.6 moby: Authz zero length regression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41110

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-07-24 17:15 修改: 2026-06-17 07:47

google.golang.org/grpc CVE-2026-33186 严重 v1.56.3 1.79.3 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-03-20 23:16 修改: 2026-07-01 13:17

stdlib CVE-2024-24790 严重 v1.20.12 1.21.11, 1.22.4 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-06-05 16:15 修改: 2026-06-17 07:14

stdlib CVE-2025-68121 严重 v1.20.12 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58

github.com/docker/docker CVE-2026-42306 高危 v24.0.7+incompatible Moby is an open source container framework. In Docker Engine prior to ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42306

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-06-12 19:16 修改: 2026-06-17 10:47

github.com/go-jose/go-jose/v3 CVE-2026-34986 高危 v3.0.1 3.0.5 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34986

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-04-06 17:17 修改: 2026-07-01 13:17

github.com/moby/spdystream CVE-2026-35469 高危 v0.2.0 0.5.1 Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35469

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-04-16 22:16 修改: 2026-07-01 13:17

github.com/prometheus/prometheus CVE-2026-42154 高危 v0.43.0 0.311.3, 0.305.2 github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42154

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-04 19:16 修改: 2026-07-01 13:17

github.com/sirupsen/logrus CVE-2025-65637 高危 v1.9.0 1.8.3, 1.9.1, 1.9.3 github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-65637

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-12-04 19:16 修改: 2026-06-17 09:55

golang.org/x/crypto CVE-2024-45337 高危 v0.17.0 0.31.0 golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-12-12 02:02 修改: 2026-06-17 07:54

golang.org/x/crypto CVE-2025-22869 高危 v0.17.0 0.35.0 golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22869

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-02-26 08:14 修改: 2026-06-17 08:50

golang.org/x/crypto CVE-2025-47913 高危 v0.17.0 0.43.0 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47913

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-11-13 22:15 修改: 2026-06-17 09:28

golang.org/x/crypto CVE-2026-39827 高危 v0.17.0 0.52.0 An authenticated SSH client that repeatedly opened channels which were ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39827

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-39828 高危 v0.17.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39828

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-07-01 13:17

golang.org/x/crypto CVE-2026-39829 高危 v0.17.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39829

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-07-01 13:17

golang.org/x/crypto CVE-2026-39830 高危 v0.17.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39830

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:19

golang.org/x/crypto CVE-2026-39832 高危 v0.17.0 0.52.0 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39832

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:19

golang.org/x/crypto CVE-2026-39835 高危 v0.17.0 0.52.0 golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39835

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-07-01 13:17

golang.org/x/crypto CVE-2026-42508 高危 v0.17.0 0.52.0 golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42508

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-07-01 13:17

golang.org/x/crypto CVE-2026-46595 高危 v0.17.0 0.52.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46595

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-07-01 13:17

golang.org/x/crypto CVE-2026-46597 高危 v0.17.0 0.52.0 An incorrectly placed cast from bytes to int allowed for server-side p ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46597

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53

golang.org/x/net CVE-2023-45288 高危 v0.17.0 0.23.0 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-04-04 21:15 修改: 2026-06-17 06:28

golang.org/x/net CVE-2024-45338 高危 v0.17.0 0.33.0 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-12-18 21:15 修改: 2026-06-17 07:54

golang.org/x/net CVE-2026-25681 高危 v0.17.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-27136 高危 v0.17.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26

golang.org/x/net CVE-2026-33814 高危 v0.17.0 0.53.0 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

golang.org/x/net CVE-2026-39821 高危 v0.17.0 0.55.0 golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 16:16 修改: 2026-07-01 13:17

golang.org/x/net CVE-2026-42502 高危 v0.17.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

golang.org/x/oauth2 CVE-2025-22868 高危 v0.7.0 0.27.0 golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22868

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-02-26 08:14 修改: 2026-06-17 08:50

github.com/docker/cli CVE-2025-15558 高危 v23.0.3+incompatible 29.2.0 docker/cli: Docker CLI for Windows: Privilege escalation via malicious plugin binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15558

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-03-04 17:16 修改: 2026-06-30 03:16

helm.sh/helm/v3 CVE-2024-26147 高危 v3.11.2 3.14.2 helm: Missing YAML Content Leads To Panic

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26147

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-02-21 23:15 修改: 2026-06-17 07:17

helm.sh/helm/v3 CVE-2025-53547 高危 v3.11.2 3.18.4, 3.17.4 helm.sh/helm/v3: Helm Chart Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53547

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-07-08 22:15 修改: 2026-06-17 09:38

github.com/docker/docker CVE-2026-34040 高危 v24.0.7+incompatible 29.3.1 Moby: Moby: Authorization bypass vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34040

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-03-31 03:15 修改: 2026-06-17 10:38

github.com/docker/docker CVE-2026-41567 高危 v24.0.7+incompatible docker: Moby/Docker Engine: Arbitrary Code Execution via malicious container image and compressed archive upload

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41567

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-06-05 02:17 修改: 2026-06-30 13:18

stdlib CVE-2023-45288 高危 v1.20.12 1.21.9, 1.22.2 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-04-04 21:15 修改: 2026-06-17 06:28

stdlib CVE-2024-34156 高危 v1.20.12 1.22.7, 1.23.1 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-09-06 21:15 修改: 2026-06-17 07:33

stdlib CVE-2025-61726 高危 v1.20.12 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-01-28 20:16 修改: 2026-07-01 13:16

stdlib CVE-2025-61729 高危 v1.20.12 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50

stdlib CVE-2026-25679 高危 v1.20.12 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-03-06 22:16 修改: 2026-07-01 13:16

stdlib CVE-2026-27145 高危 v1.20.12 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-06-02 23:16 修改: 2026-07-01 13:16

stdlib CVE-2026-32280 高危 v1.20.12 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-04-08 02:16 修改: 2026-07-01 13:17

stdlib CVE-2026-32281 高危 v1.20.12 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32283 高危 v1.20.12 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-04-08 02:16 修改: 2026-07-01 13:17

stdlib CVE-2026-33811 高危 v1.20.12 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-07 20:16 修改: 2026-07-01 13:17

stdlib CVE-2026-33814 高危 v1.20.12 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-39820 高危 v1.20.12 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-07 20:16 修改: 2026-07-01 13:17

stdlib CVE-2026-39836 高危 v1.20.12 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.20.12 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-07 20:16 修改: 2026-07-01 13:17

stdlib CVE-2026-42504 高危 v1.20.12 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

golang.org/x/net CVE-2026-42506 中危 v0.17.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

github.com/docker/docker CVE-2024-24557 中危 v24.0.7+incompatible 24.0.9, 25.0.2 moby: classic builder cache poisoning

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24557

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-02-01 17:15 修改: 2026-06-17 07:14

github.com/go-jose/go-jose/v3 CVE-2024-28180 中危 v3.0.1 3.0.3 jose-go: improper handling of highly compressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28180

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-03-09 01:15 修改: 2026-06-17 07:21

google.golang.org/protobuf CVE-2024-24786 中危 v1.31.0 1.33.0 golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-03-05 23:15 修改: 2026-06-17 07:14

gopkg.in/square/go-jose.v2 CVE-2024-28180 中危 v2.6.0 jose-go: improper handling of highly compressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28180

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-03-09 01:15 修改: 2026-06-17 07:21

github.com/go-jose/go-jose/v3 CVE-2025-27144 中危 v3.0.1 3.0.4 go-jose: Go JOSE's Parsing Vulnerable to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27144

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-02-24 23:15 修改: 2026-06-17 09:03

golang.org/x/crypto CVE-2025-47914 中危 v0.17.0 0.45.0 golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47914

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-11-19 21:15 修改: 2026-06-17 09:28

helm.sh/helm/v3 CVE-2024-25620 中危 v3.11.2 3.14.1 helm: Dependency management path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25620

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-02-15 00:15 修改: 2026-06-17 07:16

helm.sh/helm/v3 CVE-2025-32386 中危 v3.11.2 3.17.3 helm.sh/helm/v3: Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32386

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-04-09 23:15 修改: 2026-06-17 09:11

helm.sh/helm/v3 CVE-2025-32387 中危 v3.11.2 3.17.3 helm.sh/helm/v3: Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32387

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-04-09 23:15 修改: 2026-06-17 09:11

helm.sh/helm/v3 CVE-2025-55198 中危 v3.11.2 3.18.5 helm.sh/helm/v3: Helm YAML Parsing Panic Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55198

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-08-14 00:15 修改: 2026-06-17 09:41

helm.sh/helm/v3 CVE-2025-55199 中危 v3.11.2 3.18.5 helm.sh/helm/v3: Helm Chart JSON Schema Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55199

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-08-14 00:15 修改: 2026-06-17 09:41

helm.sh/helm/v3 CVE-2026-35206 中危 v3.11.2 3.20.2 github.com/helm/helm: Helm: Files written to unexpected directory via specially crafted Chart

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35206

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-04-09 21:16 修改: 2026-06-17 10:40

golang.org/x/crypto CVE-2025-58181 中危 v0.17.0 0.45.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58181

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-11-19 21:15 修改: 2026-06-17 09:44

golang.org/x/crypto CVE-2026-39831 中危 v0.17.0 0.52.0 The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nis ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39831

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-39833 中危 v0.17.0 0.52.0 golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39833

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-39834 中危 v0.17.0 0.52.0 When writing data larger than 4GB in a single Write call on an SSH cha ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39834

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42

golang.org/x/crypto CVE-2026-46598 中危 v0.17.0 0.52.0 golang.org/x/crypto/ssh/agent: golang: golang.org/x/crypto/ssh/agent: Denial of Service via malformed input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46598

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53

github.com/lestrrat-go/jwx CVE-2023-49290 中危 v1.2.26 1.2.27 jwx: Malicious parameters in JWE can cause denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49290

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2023-12-05 00:15 修改: 2026-06-17 06:35

github.com/lestrrat-go/jwx CVE-2024-21664 中危 v1.2.26 1.2.28 jwx: parsing JSON serialized payload without protected field can lead to panic

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21664

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-01-09 20:15 修改: 2026-06-17 07:09

github.com/lestrrat-go/jwx CVE-2024-28122 中危 v1.2.26 1.2.29 jwx: denial of service attack using compressed JWE message

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28122

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-03-09 01:15 修改: 2026-06-17 07:21

github.com/docker/docker CVE-2026-33997 中危 v24.0.7+incompatible 29.3.1 moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33997

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-03-31 03:15 修改: 2026-06-30 03:18

github.com/docker/docker CVE-2026-41568 中危 v24.0.7+incompatible github.com/docker/docker: github.com/moby/moby: Moby: Denial of Service via race condition in docker cp mount setup

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41568

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-06-12 19:16 修改: 2026-06-17 10:46

github.com/prometheus/prometheus CVE-2026-40179 中危 v0.43.0 0.311.2-0.20260410083055-07c6232d159b Prometheus has Stored XSS via metric names and label values in Prometheus web UI tooltips and metrics explorer

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40179

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-04-15 23:16 修改: 2026-06-17 10:44

github.com/prometheus/prometheus CVE-2026-44903 中危 v0.43.0 0.311.3 Prometheus is an open-source monitoring system and time series databas ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44903

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-26 22:16 修改: 2026-06-17 10:51

golang.org/x/net CVE-2025-22870 中危 v0.17.0 0.36.0 golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22870

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-03-12 19:15 修改: 2026-06-17 08:50

golang.org/x/net CVE-2025-22872 中危 v0.17.0 0.38.0 golang.org/x/net/html: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22872

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-04-16 18:16 修改: 2026-06-17 08:50

golang.org/x/net CVE-2025-47911 中危 v0.17.0 0.45.0 golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47911

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:28

golang.org/x/net CVE-2025-58190 中危 v0.17.0 0.45.0 golang.org/x/net/html: Infinite parsing loop in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58190

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:44

golang.org/x/net CVE-2026-25680 中危 v0.17.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Denial of Service due to excessive HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

stdlib CVE-2023-45289 中危 v1.20.12 1.21.8, 1.22.1 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-03-05 23:15 修改: 2026-06-17 06:28

stdlib CVE-2023-45290 中危 v1.20.12 1.21.8, 1.22.1 golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-03-05 23:15 修改: 2026-06-17 06:28

stdlib CVE-2024-24783 中危 v1.20.12 1.21.8, 1.22.1 golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-03-05 23:15 修改: 2026-06-17 07:14

stdlib CVE-2024-24784 中危 v1.20.12 1.21.8, 1.22.1 golang: net/mail: comments in display names are incorrectly handled

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-03-05 23:15 修改: 2026-06-17 07:14

stdlib CVE-2024-24785 中危 v1.20.12 1.21.8, 1.22.1 golang: html/template: errors returned from MarshalJSON methods may break template escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-03-05 23:15 修改: 2026-06-17 07:14

stdlib CVE-2024-24789 中危 v1.20.12 1.21.11, 1.22.4 golang: archive/zip: Incorrect handling of certain ZIP files

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-06-05 16:15 修改: 2026-06-17 07:14

stdlib CVE-2024-24791 中危 v1.20.12 1.21.12, 1.22.5 net/http: Denial of service due to improper 100-continue handling in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-07-02 22:15 修改: 2026-06-17 07:14

stdlib CVE-2024-34155 中危 v1.20.12 1.22.7, 1.23.1 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-09-06 21:15 修改: 2026-06-17 07:33

stdlib CVE-2024-34158 中危 v1.20.12 1.22.7, 1.23.1 go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2024-09-06 21:15 修改: 2026-06-17 07:33

stdlib CVE-2024-45336 中危 v1.20.12 1.22.11, 1.23.5, 1.24.0-rc.2 golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45336

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-01-28 02:15 修改: 2026-06-17 07:54

stdlib CVE-2025-0913 中危 v1.20.12 1.23.10, 1.24.4 Inconsistent handling of O_CREATE|O_EXCL on Unix and Windows in os in syscall

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0913

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-06-11 18:15 修改: 2026-06-17 08:27

stdlib CVE-2025-22866 中危 v1.20.12 1.22.12, 1.23.6, 1.24.0-rc.3 crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22866

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-02-06 17:15 修改: 2026-06-17 08:50

stdlib CVE-2025-22870 中危 v1.20.12 1.23.7, 1.24.1 golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22870

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-03-12 19:15 修改: 2026-06-17 08:50

stdlib CVE-2025-22871 中危 v1.20.12 1.23.8, 1.24.2 net/http: Request smuggling due to acceptance of invalid chunked data in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22871

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-04-08 20:15 修改: 2026-06-17 08:50

stdlib CVE-2025-22873 中危 v1.20.12 1.23.9, 1.24.3 os: os: Information disclosure via path traversal using specially crafted filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22873

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-02-04 23:15 修改: 2026-06-17 08:50

stdlib CVE-2025-4673 中危 v1.20.12 1.23.10, 1.24.4 net/http: Sensitive headers not cleared on cross-origin redirect in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4673

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-06-11 17:15 修改: 2026-06-17 09:33

stdlib CVE-2025-47906 中危 v1.20.12 1.23.12, 1.24.6 os/exec: Unexpected paths returned from LookPath in os/exec

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47906

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-09-18 19:15 修改: 2026-06-17 09:28

stdlib CVE-2025-47907 中危 v1.20.12 1.23.12, 1.24.6 database/sql: Postgres Scan Race Condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47907

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-08-07 16:15 修改: 2026-06-17 09:28

stdlib CVE-2025-47912 中危 v1.20.12 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28

stdlib CVE-2025-58183 中危 v1.20.12 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58185 中危 v1.20.12 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58187 中危 v1.20.12 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58188 中危 v1.20.12 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58189 中危 v1.20.12 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-61723 中危 v1.20.12 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61724 中危 v1.20.12 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61725 中危 v1.20.12 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61727 中危 v1.20.12 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61728 中危 v1.20.12 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61730 中危 v1.20.12 1.24.12, 1.25.6 crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2026-27142 中危 v1.20.12 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

stdlib CVE-2026-32282 中危 v1.20.12 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32288 中危 v1.20.12 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32289 中危 v1.20.12 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-39823 中危 v1.20.12 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.20.12 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.20.12 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42507 中危 v1.20.12 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

github.com/docker/docker CVE-2025-54410 低危 v24.0.7+incompatible 25.0.13, 28.0.0 github.com/moby/moby: Moby's Firewalld reload removes bridge network isolation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-54410

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-07-30 14:15 修改: 2026-06-17 09:40

stdlib CVE-2024-45341 低危 v1.20.12 1.22.11, 1.23.5, 1.24.0-rc.2 golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45341

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-01-28 02:15 修改: 2026-06-17 07:54

stdlib CVE-2025-58186 低危 v1.20.12 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2026-27139 低危 v1.20.12 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

golang.org/x/sys CVE-2026-39824 未知 v0.15.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:f895fbae0c57412681422f4d19947004ae3ed03e78eb91e68b4bcb97419f5359

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×