docker.io/kiwigrid/k8s-sidecar:1.30.9 linux/arm64

docker.io/kiwigrid/k8s-sidecar:1.30.9 - Trivy安全扫描结果 扫描时间: 2026-07-01 18:22 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:43 中危漏洞:35 高危漏洞:25 严重漏洞:2

系统OS: alpine 3.22.1 扫描引擎: Trivy 扫描时间: 2026-07-01 18:22

docker.io/kiwigrid/k8s-sidecar:1.30.9 (alpine 3.22.1) (alpine)
低危漏洞:41 中危漏洞:27 高危漏洞:17 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libcrypto3 CVE-2026-31789 严重 3.5.1-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl3 CVE-2026-31789 严重 3.5.1-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libcrypto3 CVE-2025-69421 高危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libcrypto3 CVE-2026-28387 高危 3.5.1-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libcrypto3 CVE-2026-28388 高危 3.5.1-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libcrypto3 CVE-2026-28389 高危 3.5.1-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libcrypto3 CVE-2026-28390 高危 3.5.1-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libcrypto3 CVE-2026-45447 高危 3.5.1-r0 3.5.7-r0 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-30 03:20

libcrypto3 CVE-2025-15467 高危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16

libssl3 CVE-2025-15467 高危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16

libssl3 CVE-2025-69421 高危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3 CVE-2026-28387 高危 3.5.1-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3 CVE-2026-28388 高危 3.5.1-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3 CVE-2026-28389 高危 3.5.1-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3 CVE-2026-28390 高危 3.5.1-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3 CVE-2026-45447 高危 3.5.1-r0 3.5.7-r0 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-30 03:20

musl CVE-2026-40200 高危 1.2.5-r10 1.2.5-r12 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-10 17:17 修改: 2026-06-17 10:44

musl-utils CVE-2026-40200 高危 1.2.5-r10 1.2.5-r12 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-10 17:17 修改: 2026-06-17 10:44

zlib CVE-2026-22184 高危 1.3.1-r2 1.3.2-r0 zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22184

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-07 21:16 修改: 2026-06-30 03:17

libcrypto3 CVE-2026-45445 中危 3.5.1-r0 3.5.7-r0 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

busybox CVE-2024-58251 中危 1.37.0-r18 1.37.0-r20 In netstat in BusyBox through 1.37.0, local users can launch of networ ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-04-23 18:16 修改: 2026-06-17 08:14

busybox-binsh CVE-2024-58251 中危 1.37.0-r18 1.37.0-r20 In netstat in BusyBox through 1.37.0, local users can launch of networ ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-04-23 18:16 修改: 2026-06-17 08:14

libcrypto3 CVE-2025-11187 中危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:29

libcrypto3 CVE-2025-69419 中危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libcrypto3 CVE-2025-9230 中危 3.5.1-r0 3.5.4-r0 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

libcrypto3 CVE-2025-9231 中危 3.5.1-r0 3.5.4-r0 openssl: Timing side-channel in SM2 algorithm on 64 bit ARM

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

libcrypto3 CVE-2026-2673 中危 3.5.1-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31

libcrypto3 CVE-2026-31790 中危 3.5.1-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl3 CVE-2025-11187 中危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:29

libssl3 CVE-2025-69419 中危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3 CVE-2025-9230 中危 3.5.1-r0 3.5.4-r0 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

libssl3 CVE-2025-9231 中危 3.5.1-r0 3.5.4-r0 openssl: Timing side-channel in SM2 algorithm on 64 bit ARM

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

libssl3 CVE-2026-2673 中危 3.5.1-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31

libssl3 CVE-2026-31790 中危 3.5.1-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl3 CVE-2026-34182 中危 3.5.1-r0 3.5.7-r0 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl3 CVE-2026-34183 中危 3.5.1-r0 3.5.7-r0 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl3 CVE-2026-42764 中危 3.5.1-r0 3.5.7-r0 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3 CVE-2026-45445 中危 3.5.1-r0 3.5.7-r0 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

libcrypto3 CVE-2026-34182 中危 3.5.1-r0 3.5.7-r0 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

musl CVE-2026-6042 中危 1.2.5-r10 1.2.5-r11 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-10 09:16 修改: 2026-06-17 11:00

libcrypto3 CVE-2026-34183 中危 3.5.1-r0 3.5.7-r0 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

musl-utils CVE-2026-6042 中危 1.2.5-r10 1.2.5-r11 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-04-10 09:16 修改: 2026-06-17 11:00

ssl_client CVE-2024-58251 中危 1.37.0-r18 1.37.0-r20 In netstat in BusyBox through 1.37.0, local users can launch of networ ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-04-23 18:16 修改: 2026-06-17 08:14

xz-libs CVE-2026-34743 中危 5.8.1-r0 5.8.3-r0 xz: XZ Utils: Denial of Service via buffer overflow in index decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743

镜像层: sha256:242768c72245743481cc7b5986a3f037b21ff578c582cb1d4bdf451a3dd43a4b

发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39

libcrypto3 CVE-2026-42764 中危 3.5.1-r0 3.5.7-r0 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

zlib CVE-2026-27171 中危 1.3.1-r2 1.3.2-r0 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26

libcrypto3 CVE-2025-68160 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58

libcrypto3 CVE-2025-69418 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libcrypto3 CVE-2025-69420 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libcrypto3 CVE-2025-9232 低危 3.5.1-r0 3.5.4-r0 openssl: Out-of-bounds read in HTTP client no_proxy handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

libcrypto3 CVE-2026-22795 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libcrypto3 CVE-2026-22796 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libcrypto3 CVE-2026-34180 低危 3.5.1-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libcrypto3 CVE-2026-34181 低危 3.5.1-r0 3.5.7-r0 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libcrypto3 CVE-2026-42766 低危 3.5.1-r0 3.5.7-r0 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libcrypto3 CVE-2026-42767 低危 3.5.1-r0 3.5.7-r0 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libcrypto3 CVE-2026-42768 低危 3.5.1-r0 3.5.7-r0 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libcrypto3 CVE-2026-42769 低危 3.5.1-r0 3.5.7-r0 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libcrypto3 CVE-2026-42770 低危 3.5.1-r0 3.5.7-r0 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3 CVE-2025-15468 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37

libssl3 CVE-2025-15469 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37

libssl3 CVE-2025-66199 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56

libssl3 CVE-2025-68160 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58

libssl3 CVE-2025-69418 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3 CVE-2025-69420 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3 CVE-2025-9232 低危 3.5.1-r0 3.5.4-r0 openssl: Out-of-bounds read in HTTP client no_proxy handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

libssl3 CVE-2026-22795 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libssl3 CVE-2026-22796 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libssl3 CVE-2026-34180 低危 3.5.1-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl3 CVE-2026-34181 低危 3.5.1-r0 3.5.7-r0 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl3 CVE-2026-42766 低危 3.5.1-r0 3.5.7-r0 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3 CVE-2026-42767 低危 3.5.1-r0 3.5.7-r0 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3 CVE-2026-42768 低危 3.5.1-r0 3.5.7-r0 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3 CVE-2026-42769 低危 3.5.1-r0 3.5.7-r0 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3 CVE-2026-42770 低危 3.5.1-r0 3.5.7-r0 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3 CVE-2026-45446 低危 3.5.1-r0 3.5.7-r0 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

libssl3 CVE-2026-7383 低危 3.5.1-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02

libssl3 CVE-2026-9076 低危 3.5.1-r0 3.5.7-r0 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04

libcrypto3 CVE-2026-45446 低危 3.5.1-r0 3.5.7-r0 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

libcrypto3 CVE-2026-7383 低危 3.5.1-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02

libcrypto3 CVE-2026-9076 低危 3.5.1-r0 3.5.7-r0 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04

busybox CVE-2025-46394 低危 1.37.0-r18 1.37.0-r20 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-04-23 16:15 修改: 2026-06-17 09:26

busybox-binsh CVE-2025-46394 低危 1.37.0-r18 1.37.0-r20 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-04-23 16:15 修改: 2026-06-17 09:26

ssl_client CVE-2025-46394 低危 1.37.0-r18 1.37.0-r20 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2025-04-23 16:15 修改: 2026-06-17 09:26

libcrypto3 CVE-2025-15468 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37

libcrypto3 CVE-2025-15469 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37

libcrypto3 CVE-2025-66199 低危 3.5.1-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199

镜像层: sha256:0b83d017db6efafadf6b3f18d087d2ce1d67d8f0e927dc7254b0ad088074cd3a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56

Python (python-pkg)
低危漏洞:2 中危漏洞:8 高危漏洞:8 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
jaraco.context CVE-2026-23949 高危 5.3.0 6.1.0 jaraco.context: jaraco.context: Path traversal via malicious tar archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23949

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-01-20 01:15 修改: 2026-06-17 10:22

pyasn1 CVE-2026-23490 高危 0.6.1 0.6.2 pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23490

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-01-16 19:16 修改: 2026-06-30 03:17

pyasn1 CVE-2026-30922 高危 0.6.1 0.6.3 pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-30922

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-03-18 04:17 修改: 2026-06-17 10:33

urllib3 CVE-2025-66418 高危 2.5.0 2.6.0 urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66418

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2025-12-05 16:15 修改: 2026-06-17 09:56

urllib3 CVE-2025-66471 高危 2.5.0 2.6.0 urllib3: urllib3 Streaming API improperly handles highly compressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66471

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2025-12-05 17:16 修改: 2026-06-17 09:56

urllib3 CVE-2026-21441 高危 2.5.0 2.6.3 urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21441

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-01-07 22:15 修改: 2026-06-30 03:17

urllib3 CVE-2026-44431 高危 2.5.0 2.7.0 urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44431

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-05-13 16:16 修改: 2026-06-26 12:16

wheel CVE-2026-24049 高危 0.45.1 0.46.2 wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24049

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-01-22 05:16 修改: 2026-06-30 03:17

idna CVE-2026-45409 中危 3.10 3.15 Internationalized Domain Names in Applications (IDNA) for Python provi ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45409

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-06-05 23:16 修改: 2026-06-17 10:52

pip CVE-2025-8869 中危 25.2 25.3 pip: pip missing checks on symbolic link extraction

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8869

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2025-09-24 15:15 修改: 2026-06-17 10:07

requests CVE-2026-25645 中危 2.32.4 2.33.0 requests: Requests: Security bypass due to predictable temporary file creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25645

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-03-25 17:16 修改: 2026-06-17 10:25

pip CVE-2025-8869 中危 25.2 25.3 pip: pip missing checks on symbolic link extraction

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8869

镜像层: sha256:242768c72245743481cc7b5986a3f037b21ff578c582cb1d4bdf451a3dd43a4b

发布日期: 2025-09-24 15:15 修改: 2026-06-17 10:07

pip CVE-2026-3219 中危 25.2 26.1 pip: pip: Incorrect file installation due to improper archive handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-04-20 16:16 修改: 2026-06-17 10:43

pip CVE-2026-3219 中危 25.2 26.1 pip: pip: Incorrect file installation due to improper archive handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219

镜像层: sha256:242768c72245743481cc7b5986a3f037b21ff578c582cb1d4bdf451a3dd43a4b

发布日期: 2026-04-20 16:16 修改: 2026-06-17 10:43

pip CVE-2026-6357 中危 25.2 26.1 pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-04-27 15:16 修改: 2026-06-17 11:00

pip CVE-2026-6357 中危 25.2 26.1 pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357

镜像层: sha256:242768c72245743481cc7b5986a3f037b21ff578c582cb1d4bdf451a3dd43a4b

发布日期: 2026-04-27 15:16 修改: 2026-06-17 11:00

pip CVE-2026-1703 低危 25.2 26.0 pip: pip: Information disclosure via path traversal when installing crafted wheel archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703

镜像层: sha256:6d5d2b56b00171b59e7dee35aaf58d3935acdf87199e6fc5b466246df1d0cf7a

发布日期: 2026-02-02 15:16 修改: 2026-06-17 10:16

pip CVE-2026-1703 低危 25.2 26.0 pip: pip: Information disclosure via path traversal when installing crafted wheel archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703

镜像层: sha256:242768c72245743481cc7b5986a3f037b21ff578c582cb1d4bdf451a3dd43a4b

发布日期: 2026-02-02 15:16 修改: 2026-06-17 10:16

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×