| bsdutils |
CVE-2026-27456 |
中危 |
1:2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| gzip |
CVE-2026-41991 |
中危 |
1.12-1ubuntu3.1 |
1.12-1ubuntu3.2 |
gzip: gzip: Arbitrary file overwrite via insecure temporary file handling in gzexe utility
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41991
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-06-29 12:16 修改: 2026-07-01 14:02
|
| gzip |
CVE-2026-41992 |
中危 |
1.12-1ubuntu3.1 |
1.12-1ubuntu3.2 |
GNU gzip contains a global buffer overflow vulnerability in the LZH de ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41992
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-06-29 12:16 修改: 2026-07-01 14:02
|
| libblkid1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| libc-bin |
CVE-2026-4046 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-03-30 18:16 修改: 2026-07-14 13:18
|
| libc-bin |
CVE-2026-4437 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-03-20 20:16 修改: 2026-07-14 13:18
|
| libc-bin |
CVE-2026-4438 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-03-20 20:16 修改: 2026-07-14 13:18
|
| libc-bin |
CVE-2026-5435 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-28 13:19 修改: 2026-07-14 13:19
|
| libc-bin |
CVE-2026-6238 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-28 19:37 修改: 2026-07-14 13:19
|
| libc6 |
CVE-2026-4046 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-03-30 18:16 修改: 2026-07-14 13:18
|
| libc6 |
CVE-2026-4437 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-03-20 20:16 修改: 2026-07-14 13:18
|
| libc6 |
CVE-2026-4438 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-03-20 20:16 修改: 2026-07-14 13:18
|
| libc6 |
CVE-2026-5435 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-28 13:19 修改: 2026-07-14 13:19
|
| libc6 |
CVE-2026-6238 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-28 19:37 修改: 2026-07-14 13:19
|
| libexpat1 |
CVE-2025-66382 |
中危 |
2.6.1-2ubuntu0.4 |
|
libexpat: libexpat: Denial of service via crafted file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2025-11-28 07:15 修改: 2026-06-17 09:56
|
| libmount1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| libnghttp2-14 |
CVE-2026-58055 |
中危 |
1.59.0-1ubuntu0.3 |
1.59.0-1ubuntu0.4 |
nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade re ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58055
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-06-28 02:16 修改: 2026-06-30 17:41
|
| libp11-kit0 |
CVE-2026-13757 |
中危 |
0.25.3-4ubuntu2.1 |
|
p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13757
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-06-29 19:16 修改: 2026-07-13 06:16
|
| libsmartcols1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| libuuid1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| libxslt1.1 |
CVE-2025-10911 |
中危 |
1.1.39-0exp1ubuntu0.24.04.3 |
|
libxslt: use-after-free with key data stored cross-RVT
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10911
镜像层: sha256:144683fb65424c5827e0c4843764379a07d9ac53213c974be5555b2644812090
发布日期: 2025-09-25 16:15 修改: 2026-06-30 00:16
|
| libxslt1.1 |
CVE-2025-7425 |
中危 |
1.1.39-0exp1ubuntu0.24.04.3 |
|
libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425
镜像层: sha256:144683fb65424c5827e0c4843764379a07d9ac53213c974be5555b2644812090
发布日期: 2025-07-10 14:15 修改: 2026-06-29 21:16
|
| locales |
CVE-2026-4046 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-03-30 18:16 修改: 2026-07-14 13:18
|
| locales |
CVE-2026-4437 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-03-20 20:16 修改: 2026-07-14 13:18
|
| locales |
CVE-2026-4438 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-03-20 20:16 修改: 2026-07-14 13:18
|
| locales |
CVE-2026-5435 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-04-28 13:19 修改: 2026-07-14 13:19
|
| locales |
CVE-2026-6238 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-04-28 19:37 修改: 2026-07-14 13:19
|
| mount |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| p11-kit |
CVE-2026-13757 |
中危 |
0.25.3-4ubuntu2.1 |
|
p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13757
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-06-29 19:16 修改: 2026-07-13 06:16
|
| p11-kit-modules |
CVE-2026-13757 |
中危 |
0.25.3-4ubuntu2.1 |
|
p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13757
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-06-29 19:16 修改: 2026-07-13 06:16
|
| python3-urllib3 |
CVE-2026-9375 |
中危 |
2.0.7-1ubuntu0.7 |
|
urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9375
镜像层: sha256:144683fb65424c5827e0c4843764379a07d9ac53213c974be5555b2644812090
发布日期: 2026-06-19 19:16 修改: 2026-06-22 19:49
|
| tar |
CVE-2025-45582 |
中危 |
1.35+dfsg-3build1 |
1.35+dfsg-3ubuntu0.2 |
tar: Tar path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2025-07-11 17:15 修改: 2026-06-17 09:25
|
| tar |
CVE-2026-5704 |
中危 |
1.35+dfsg-3build1 |
1.35+dfsg-3ubuntu0.1 |
tar: tar: Hidden file injection via crafted archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:59
|
| util-linux |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| wget |
CVE-2021-31879 |
中危 |
1.21.4-1ubuntu4.1 |
|
wget: authorization header disclosure on redirect
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2021-04-29 05:15 修改: 2026-06-17 03:52
|
| wget |
CVE-2026-58469 |
中危 |
1.21.4-1ubuntu4.1 |
1.21.4-1ubuntu4.3 |
GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buff ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58469
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-07-07 21:17 修改: 2026-07-09 15:59
|
| wget |
CVE-2026-58470 |
中危 |
1.21.4-1ubuntu4.1 |
1.21.4-1ubuntu4.3 |
wget: GNU Wget: Integer overflow in Content-Range header parsing causes download desynchronization
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58470
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-07-07 21:17 修改: 2026-07-09 16:01
|
| wget |
CVE-2026-58471 |
中危 |
1.21.4-1ubuntu4.1 |
1.21.4-1ubuntu4.3 |
wget: GNU Wget: Heap buffer overflow via server-supplied filename leads to memory corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58471
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-07-07 21:17 修改: 2026-07-09 16:02
|
| wget |
CVE-2026-58472 |
中危 |
1.21.4-1ubuntu4.1 |
1.21.4-1ubuntu4.3 |
wget: GNU Wget: Arbitrary code execution or denial of service via crafted HTML attribute
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58472
镜像层: sha256:8adad71f57ece33ebf3b5b220511da41f924970947b1b59ac00228bc8dbad6e7
发布日期: 2026-07-07 21:17 修改: 2026-07-09 15:58
|
| passwd |
CVE-2024-56433 |
低危 |
1:4.13+dfsg1-4ubuntu3.2 |
|
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
|
| libudev1 |
CVE-2026-40228 |
低危 |
255.4-1ubuntu8.16 |
|
systemd: systemd-journald: Unintended output to user terminals via logger command
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
|
| libicu74 |
CVE-2025-5222 |
低危 |
74.2-1ubuntu3.1 |
|
icu: Stack buffer overflow in the SRBRoot::addTag function
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5222
镜像层: sha256:144683fb65424c5827e0c4843764379a07d9ac53213c974be5555b2644812090
发布日期: 2025-05-27 21:15 修改: 2026-07-14 13:17
|
| libgcrypt20 |
CVE-2024-2236 |
低危 |
1.10.3-2ubuntu0.1 |
|
libgcrypt: vulnerable to Marvin Attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24
|
| login |
CVE-2024-56433 |
低危 |
1:4.13+dfsg1-4ubuntu3.2 |
|
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
|
| libncursesw6 |
CVE-2025-69720 |
低危 |
6.4+20240113-1ubuntu2 |
6.4+20240113-1ubuntu2.1 |
ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
|
| ncurses-base |
CVE-2025-69720 |
低危 |
6.4+20240113-1ubuntu2 |
6.4+20240113-1ubuntu2.1 |
ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
|
| ncurses-bin |
CVE-2025-69720 |
低危 |
6.4+20240113-1ubuntu2 |
6.4+20240113-1ubuntu2.1 |
ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
|
| libsystemd0 |
CVE-2026-40228 |
低危 |
255.4-1ubuntu8.16 |
|
systemd: systemd-journald: Unintended output to user terminals via logger command
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
|
| libtinfo6 |
CVE-2025-69720 |
低危 |
6.4+20240113-1ubuntu2 |
6.4+20240113-1ubuntu2.1 |
ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
|
| zlib1g |
CVE-2026-27171 |
低危 |
1:1.3.dfsg-3.1ubuntu2.1 |
|
zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171
镜像层: sha256:f103cd120fdd6cbc7f3d0e1d5bfb3e16290c32ead7b822d15c34460ecdf64b29
发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26
|