docker.io/kong/kong:3.9.1 linux/amd64

docker.io/kong/kong:3.9.1 - Trivy安全扫描结果扫描时间: 2026-05-16 15:16

全部漏洞信息

低危漏洞:31

中危漏洞:56

高危漏洞:1

严重漏洞:0

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2026-05-16 15:16

docker.io/kong/kong:3.9.1 (ubuntu 24.04) (ubuntu)

低危漏洞:31

中危漏洞:56

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
gpgv	CVE-2025-68973	高危	2.4.4-2ubuntu17.2	2.4.4-2ubuntu17.4	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
dpkg	CVE-2026-2219	中危	1.22.6ubuntu6.1	1.22.6ubuntu6.6	It was discovered that dpkg-deb (a component of dpkg, the Debian packa ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2219 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-03-07 09:16 修改: 2026-03-09 15:15
bsdutils	CVE-2026-27456	中危	1:2.39.3-9ubuntu6.2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libblkid1	CVE-2026-27456	中危	2.39.3-9ubuntu6.2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libc-bin	CVE-2025-15281	中危	2.39-0ubuntu8.4	2.39-0ubuntu8.7	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
libc-bin	CVE-2025-5702	中危	2.39-0ubuntu8.4	2.39-0ubuntu8.5	glibc: Vector register overwrite bug in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5702 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-06-05 19:15 修改: 2025-10-01 15:37
libc-bin	CVE-2025-8058	中危	2.39-0ubuntu8.4	2.39-0ubuntu8.6	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
libc-bin	CVE-2026-0861	中危	2.39-0ubuntu8.4	2.39-0ubuntu8.7	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
libc-bin	CVE-2026-0915	中危	2.39-0ubuntu8.4	2.39-0ubuntu8.7	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
libc-bin	CVE-2026-4046	中危	2.39-0ubuntu8.4		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-bin	CVE-2026-4437	中危	2.39-0ubuntu8.4		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc-bin	CVE-2026-4438	中危	2.39-0ubuntu8.4		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libc6	CVE-2025-15281	中危	2.39-0ubuntu8.4	2.39-0ubuntu8.7	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
libc6	CVE-2025-5702	中危	2.39-0ubuntu8.4	2.39-0ubuntu8.5	glibc: Vector register overwrite bug in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5702 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-06-05 19:15 修改: 2025-10-01 15:37
libc6	CVE-2025-8058	中危	2.39-0ubuntu8.4	2.39-0ubuntu8.6	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
libc6	CVE-2026-0861	中危	2.39-0ubuntu8.4	2.39-0ubuntu8.7	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
libc6	CVE-2026-0915	中危	2.39-0ubuntu8.4	2.39-0ubuntu8.7	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
libc6	CVE-2026-4046	中危	2.39-0ubuntu8.4		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc6	CVE-2026-4437	中危	2.39-0ubuntu8.4		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc6	CVE-2026-4438	中危	2.39-0ubuntu8.4		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libcap2	CVE-2026-4878	中危	1:2.66-5ubuntu2.2	1:2.66-5ubuntu2.4	libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-09 16:16 修改: 2026-05-07 22:16
libgnutls30t64	CVE-2025-14831	中危	3.8.3-1.1ubuntu3.3	3.8.3-1.1ubuntu3.5	gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-02-09 15:16 修改: 2026-05-12 13:16
libgnutls30t64	CVE-2025-32988	中危	3.8.3-1.1ubuntu3.3	3.8.3-1.1ubuntu3.4	gnutls: Vulnerability in GnuTLS otherName SAN export 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32988 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-07-10 08:15 修改: 2026-05-12 13:16
libgnutls30t64	CVE-2025-32989	中危	3.8.3-1.1ubuntu3.3	3.8.3-1.1ubuntu3.4	gnutls: Vulnerability in GnuTLS SCT extension parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32989 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-07-10 08:15 修改: 2026-05-12 13:16
libgnutls30t64	CVE-2025-32990	中危	3.8.3-1.1ubuntu3.3	3.8.3-1.1ubuntu3.4	gnutls: Vulnerability in GnuTLS certtool template parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32990 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-07-10 10:15 修改: 2026-04-20 22:16
libgnutls30t64	CVE-2025-6395	中危	3.8.3-1.1ubuntu3.3	3.8.3-1.1ubuntu3.4	gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6395 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-07-10 16:15 修改: 2026-05-12 13:17
libmount1	CVE-2026-27456	中危	2.39.3-9ubuntu6.2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libpam-modules	CVE-2024-10963	中危	1.5.3-5ubuntu5.1	1.5.3-5ubuntu5.5	pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2024-11-07 16:15 修改: 2026-04-15 00:35
libpam-modules	CVE-2025-6020	中危	1.5.3-5ubuntu5.1	1.5.3-5ubuntu5.4	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libpam-modules-bin	CVE-2024-10963	中危	1.5.3-5ubuntu5.1	1.5.3-5ubuntu5.5	pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2024-11-07 16:15 修改: 2026-04-15 00:35
libpam-modules-bin	CVE-2025-6020	中危	1.5.3-5ubuntu5.1	1.5.3-5ubuntu5.4	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libpam-runtime	CVE-2024-10963	中危	1.5.3-5ubuntu5.1	1.5.3-5ubuntu5.5	pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2024-11-07 16:15 修改: 2026-04-15 00:35
libpam-runtime	CVE-2025-6020	中危	1.5.3-5ubuntu5.1	1.5.3-5ubuntu5.4	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libpam0g	CVE-2024-10963	中危	1.5.3-5ubuntu5.1	1.5.3-5ubuntu5.5	pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2024-11-07 16:15 修改: 2026-04-15 00:35
libpam0g	CVE-2025-6020	中危	1.5.3-5ubuntu5.1	1.5.3-5ubuntu5.4	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libperl5.38t64	CVE-2025-40909	中危	5.38.2-3.2ubuntu0.1	5.38.2-3.2ubuntu0.2	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
libsmartcols1	CVE-2026-27456	中危	2.39.3-9ubuntu6.2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libssl3t64	CVE-2025-15467	中危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-27 16:16 修改: 2026-05-07 18:12
libssl3t64	CVE-2025-9230	中危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.6	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-09-30 14:15 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-31790	中危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libsystemd0	CVE-2025-4598	中危	255.4-1ubuntu8.6	255.4-1ubuntu8.8	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-05-30 14:15 修改: 2026-05-12 13:17
libsystemd0	CVE-2026-29111	中危	255.4-1ubuntu8.6	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libtasn1-6	CVE-2025-13151	中危	4.19.0-3ubuntu0.24.04.1	4.19.0-3ubuntu0.24.04.2	libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-07 22:15 修改: 2026-02-02 19:27
libudev1	CVE-2025-4598	中危	255.4-1ubuntu8.6	255.4-1ubuntu8.8	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-05-30 14:15 修改: 2026-05-12 13:17
libudev1	CVE-2026-29111	中危	255.4-1ubuntu8.6	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libuuid1	CVE-2026-27456	中危	2.39.3-9ubuntu6.2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
mount	CVE-2026-27456	中危	2.39.3-9ubuntu6.2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
openssl	CVE-2025-15467	中危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-01-27 16:16 修改: 2026-05-07 18:12
openssl	CVE-2025-9230	中危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.6	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2025-09-30 14:15 修改: 2026-05-12 13:17
openssl	CVE-2026-31790	中危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
perl	CVE-2025-40909	中危	5.38.2-3.2ubuntu0.1	5.38.2-3.2ubuntu0.2	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-base	CVE-2025-40909	中危	5.38.2-3.2ubuntu0.1	5.38.2-3.2ubuntu0.2	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-modules-5.38	CVE-2025-40909	中危	5.38.2-3.2ubuntu0.1	5.38.2-3.2ubuntu0.2	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
sed	CVE-2026-5958	中危	4.9-2build1	4.9-2ubuntu0.24.04.1	When sed is invoked with both -i (in-place edit) and --follow-symlinks ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-20 12:16 修改: 2026-04-20 19:05
tar	CVE-2025-45582	中危	1.35+dfsg-3build1		tar: Tar path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
tar	CVE-2026-5704	中危	1.35+dfsg-3build1		tar: tar: Hidden file injection via crafted archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:08
util-linux	CVE-2026-27456	中危	2.39.3-9ubuntu6.2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libgcrypt20	CVE-2024-2236	低危	1.10.3-2build1		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
dpkg	CVE-2025-6297	低危	1.22.6ubuntu6.1	1.22.6ubuntu6.5	It was discovered that dpkg-deb does not properly sanitize directory p ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6297 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2025-07-01 17:15 修改: 2025-08-19 17:50
libgnutls30t64	CVE-2025-9820	低危	3.8.3-1.1ubuntu3.3	3.8.3-1.1ubuntu3.5	gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-26 20:16 修改: 2026-05-12 13:17
libpcre3	CVE-2017-11164	低危	2:8.39-15build1		pcre: OP_KETRMAX feature in the match function in pcre_exec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2017-07-11 03:29 修改: 2025-04-20 01:37
libpcre3	CVE-2019-20838	低危	2:8.39-15build1		pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20838 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2020-06-15 17:15 修改: 2024-11-21 04:39
libssl3t64	CVE-2025-68160	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
login	CVE-2024-56433	低危	1:4.13+dfsg1-4ubuntu3.2		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libssl3t64	CVE-2025-69418	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2025-69419	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2025-69420	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2025-69421	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-68160	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69418	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69419	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69420	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69421	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-22795	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-22796	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28387	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28388	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28389	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28390	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-31789	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:d7a7c51466e337b55e3aba1afefd520f8adc60d1693abab2c5255333399a19fa 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
passwd	CVE-2024-56433	低危	1:4.13+dfsg1-4ubuntu3.2		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libssl3t64	CVE-2026-22795	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-22796	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-28387	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-28388	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-28389	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-28390	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-31789	低危	3.0.13-0ubuntu3.5	3.0.13-0ubuntu3.9	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:a8346d259389bc6221b4f3c61bad4e48087c5b82308e8f53ce703cfc8333c7b3 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17