| github.com/moby/spdystream |
CVE-2026-35469 |
高危 |
v0.5.0 |
0.5.1 |
Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35469
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-04-16 22:16 修改: 2026-06-17 10:40
|
| github.com/prometheus/prometheus |
CVE-2026-42151 |
高危 |
v0.310.0 |
0.311.3 |
github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42151
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-04 19:16 修改: 2026-06-17 10:47
|
| github.com/prometheus/prometheus |
CVE-2026-42154 |
高危 |
v0.310.0 |
0.311.3, 0.305.2 |
github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42154
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-04 19:16 修改: 2026-06-17 10:47
|
| golang.org/x/crypto |
CVE-2026-39827 |
高危 |
v0.51.0 |
0.52.0 |
An authenticated SSH client that repeatedly opened channels which were ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39827
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39828 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39828
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39829 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39829
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39830 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39830
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39835 |
高危 |
v0.51.0 |
0.52.0 |
SSH servers which use CertChecker as a public key callback without set ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39835
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-42508 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42508
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:47
|
| golang.org/x/crypto |
CVE-2026-46595 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46595
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
|
| golang.org/x/crypto |
CVE-2026-46597 |
高危 |
v0.51.0 |
0.52.0 |
An incorrectly placed cast from bytes to int allowed for server-side p ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46597
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
|
| istio.io/istio |
CVE-2019-14993 |
高危 |
v0.0.0-20260604142548-10229c76f285 |
1.1.13, 1.2.4 |
istio/envoy: mishandling regular expressions for long URIs leading to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14993
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2019-08-13 18:15 修改: 2026-06-17 02:19
|
| istio.io/istio |
CVE-2021-39155 |
高危 |
v0.0.0-20260604142548-10229c76f285 |
1.9.8, 1.10.4, 1.11.1 |
istio/istio: HTTP request can bypass authorization mechanisms due to case insensitive host comparison
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39155
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2021-08-24 23:15 修改: 2026-06-17 04:03
|
| istio.io/istio |
CVE-2021-39156 |
高危 |
v0.0.0-20260604142548-10229c76f285 |
1.9.8, 1.10.4, 1.11.1 |
istio/istio: HTTP request with fragment in URI can bypass authorization mechanisms
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39156
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2021-08-24 23:15 修改: 2026-06-17 04:03
|
| istio.io/istio |
CVE-2022-23635 |
高危 |
v0.0.0-20260604142548-10229c76f285 |
1.13.1, 1.12.4, 1.11.7 |
istio: unauthenticated control plane denial of service attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23635
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2022-02-22 22:15 修改: 2026-06-17 04:30
|
| stdlib |
CVE-2026-27145 |
高危 |
v1.26.3 |
1.25.11, 1.26.4 |
*x509.Certificate).VerifyHostname previously called matchHostnames in ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:26
|
| stdlib |
CVE-2026-42504 |
高危 |
v1.26.3 |
1.25.11, 1.26.4 |
Decoding a maliciously-crafted MIME header containing many invalid enc ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
|
| golang.org/x/crypto |
CVE-2026-46598 |
中危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh/agent: golang: golang.org/x/crypto/ssh/agent: Denial of Service via malformed input
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46598
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
|
| github.com/prometheus/prometheus |
CVE-2026-40179 |
中危 |
v0.310.0 |
0.311.2-0.20260410083055-07c6232d159b |
Prometheus has Stored XSS via metric names and label values in Prometheus web UI tooltips and metrics explorer
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40179
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-04-15 23:16 修改: 2026-06-17 10:44
|
| github.com/prometheus/prometheus |
CVE-2026-44903 |
中危 |
v0.310.0 |
0.311.3 |
Prometheus is an open-source monitoring system and time series databas ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44903
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-26 22:16 修改: 2026-06-17 10:51
|
| golang.org/x/crypto |
CVE-2026-39831 |
中危 |
v0.51.0 |
0.52.0 |
The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nis ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39831
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39832 |
中危 |
v0.51.0 |
0.52.0 |
When adding a key to a remote agent constraint extensions such as rest ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39832
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| istio.io/istio |
CVE-2022-31045 |
中危 |
v0.0.0-20260604142548-10229c76f285 |
1.12.18, 1.13.5, 1.14.1 |
Istio: Unsafe memory access in metadata exchange.
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31045
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2022-06-09 21:15 修改: 2026-06-17 04:44
|
| golang.org/x/crypto |
CVE-2026-39833 |
中危 |
v0.51.0 |
0.52.0 |
The in-memory keyring returned by NewKeyring() silently accepted keys ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39833
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39834 |
中危 |
v0.51.0 |
0.52.0 |
When writing data larger than 4GB in a single Write call on an SSH cha ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39834
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| stdlib |
CVE-2026-42507 |
中危 |
v1.26.3 |
1.25.11, 1.26.4 |
net/textproto: golang: Golang net/textproto: Misleading error messages via input injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507
镜像层: sha256:8c471129241b3d56a7c00b51b26505facb3ffff63e54cb3f1506b6583ab5045a
发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
|