docker.io/kubeovn/kube-ovn:v1.14.5 linux/arm64

docker.io/kubeovn/kube-ovn:v1.14.5 - Trivy安全扫描结果 扫描时间: 2026-07-01 15:15 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:128 中危漏洞:551 高危漏洞:181 严重漏洞:13

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2026-07-01 15:15

docker.io/kubeovn/kube-ovn:v1.14.5 (ubuntu 24.04) (ubuntu)
低危漏洞:110 中危漏洞:339 高危漏洞:5 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
inetutils-ping CVE-2026-24061 高危 2:2.5-3ubuntu4 2:2.5-3ubuntu4.1 telnetd in GNU Inetutils through 2.7 allows remote authentication bypa ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24061

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-21 07:16 修改: 2026-06-17 10:22

libssl3t64 CVE-2026-45447 高危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-09 17:17 修改: 2026-06-30 03:20

libssl3t64-fips CVE-2026-45447 高危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-06-09 17:17 修改: 2026-06-30 03:20

libunbound8 CVE-2026-33278 高危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 unbound: Unbound DNSSEC Validator Use-After-Free via Deep Copy Pointer Overwrite Leading to DoS and Possible Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33278

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-30 03:18

openssl CVE-2026-45447 高危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 17:17 修改: 2026-06-30 03:20

bind9-dnsutils CVE-2026-3592 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: Amplification vulnerabilities via self-pointed glue records

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3592

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:43

bind9-dnsutils CVE-2026-5946 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: BIND: Denial of Service via specially crafted DNS messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5946

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-30 03:21

bind9-dnsutils CVE-2026-5950 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: Unbounded resend loop in BIND 9 resolver

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5950

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:59

bind9-host CVE-2025-40778 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Cache poisoning attacks with unsolicited RRs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40778

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 09:22

bind9-host CVE-2025-40780 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Cache poisoning due to weak PRNG

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40780

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 09:22

bind9-host CVE-2025-8677 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Resource exhaustion via malformed DNSKEY handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8677

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 10:07

bind9-host CVE-2026-1519 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.3 bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1519

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-25 14:16 修改: 2026-06-30 03:17

bind9-host CVE-2026-3039 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3039

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-30 03:19

bind9-host CVE-2026-3592 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: Amplification vulnerabilities via self-pointed glue records

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3592

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:43

bind9-host CVE-2026-5946 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: BIND: Denial of Service via specially crafted DNS messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5946

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-30 03:21

bind9-host CVE-2026-5950 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: Unbounded resend loop in BIND 9 resolver

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5950

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:59

bind9-libs CVE-2025-40778 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Cache poisoning attacks with unsolicited RRs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40778

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 09:22

bind9-libs CVE-2025-40780 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Cache poisoning due to weak PRNG

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40780

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 09:22

bind9-libs CVE-2025-8677 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Resource exhaustion via malformed DNSKEY handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8677

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 10:07

bind9-libs CVE-2026-1519 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.3 bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1519

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-25 14:16 修改: 2026-06-30 03:17

bind9-libs CVE-2026-3039 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3039

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-30 03:19

bind9-libs CVE-2026-3592 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: Amplification vulnerabilities via self-pointed glue records

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3592

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:43

bind9-libs CVE-2026-5946 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: BIND: Denial of Service via specially crafted DNS messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5946

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-30 03:21

bind9-libs CVE-2026-5950 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: Unbounded resend loop in BIND 9 resolver

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5950

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:59

bsdutils CVE-2026-27456 中危 1:2.39.3-9ubuntu6.3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

curl CVE-2025-14017 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35

curl CVE-2026-11856 中危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11856

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

curl CVE-2026-1965 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.8 curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16

curl CVE-2026-3783 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.8 curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44

curl CVE-2026-5545 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59

curl CVE-2026-6253 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

curl CVE-2026-6429 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: libcurl: Credential leak via reused proxy connection during HTTP redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

curl CVE-2026-7168 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01

curl CVE-2026-8925 中危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8925

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

curl CVE-2026-8927 中危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8927

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

dnsutils CVE-2025-40778 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Cache poisoning attacks with unsolicited RRs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40778

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 09:22

dnsutils CVE-2025-40780 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Cache poisoning due to weak PRNG

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40780

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 09:22

dnsutils CVE-2025-8677 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Resource exhaustion via malformed DNSKEY handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8677

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 10:07

dnsutils CVE-2026-1519 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.3 bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1519

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-25 14:16 修改: 2026-06-30 03:17

dnsutils CVE-2026-3039 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3039

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-30 03:19

dnsutils CVE-2026-3592 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: Amplification vulnerabilities via self-pointed glue records

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3592

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:43

dnsutils CVE-2026-5946 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: BIND: Denial of Service via specially crafted DNS messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5946

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-30 03:21

dnsutils CVE-2026-5950 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: Unbounded resend loop in BIND 9 resolver

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5950

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-17 10:59

dpkg CVE-2026-2219 中危 1.22.6ubuntu6.1 1.22.6ubuntu6.6 It was discovered that dpkg-deb (a component of dpkg, the Debian packa ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2219

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-03-07 09:16 修改: 2026-06-17 10:30

bind9-dnsutils CVE-2025-40778 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Cache poisoning attacks with unsolicited RRs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40778

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 09:22

inetutils-ping CVE-2026-28372 中危 2:2.5-3ubuntu4 2:2.5-3ubuntu4.2 telnetd in GNU inetutils through 2.7 allows privilege escalation that ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28372

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-02-27 06:18 修改: 2026-06-17 10:28

inetutils-ping CVE-2026-32746 中危 2:2.5-3ubuntu4 2:2.5-3ubuntu4.2 telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32746

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-13 19:55 修改: 2026-06-17 10:36

inetutils-ping CVE-2026-32772 中危 2:2.5-3ubuntu4 2:2.5-3ubuntu4.2 telnet in GNU inetutils through 2.7 allows servers to read arbitrary e ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32772

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36

libblkid1 CVE-2026-27456 中危 2.39.3-9ubuntu6.3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libc-bin CVE-2025-15281 中危 2.39-0ubuntu8.5 2.39-0ubuntu8.7 glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37

libc-bin CVE-2025-8058 中危 2.39-0ubuntu8.5 2.39-0ubuntu8.6 glibc: Double free in glibc

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06

libc-bin CVE-2026-0861 中危 2.39-0ubuntu8.5 2.39-0ubuntu8.7 glibc: Integer overflow in memalign leads to heap corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11

libc-bin CVE-2026-0915 中危 2.39-0ubuntu8.5 2.39-0ubuntu8.7 glibc: glibc: Information disclosure via zero-valued network query

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11

libc-bin CVE-2026-4046 中危 2.39-0ubuntu8.5 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

libc-bin CVE-2026-4437 中危 2.39-0ubuntu8.5 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc-bin CVE-2026-4438 中危 2.39-0ubuntu8.5 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc-bin CVE-2026-5435 中危 2.39-0ubuntu8.5 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

libc-bin CVE-2026-6238 中危 2.39-0ubuntu8.5 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

libc6 CVE-2025-15281 中危 2.39-0ubuntu8.5 2.39-0ubuntu8.7 glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37

libc6 CVE-2025-8058 中危 2.39-0ubuntu8.5 2.39-0ubuntu8.6 glibc: Double free in glibc

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06

libc6 CVE-2026-0861 中危 2.39-0ubuntu8.5 2.39-0ubuntu8.7 glibc: Integer overflow in memalign leads to heap corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11

libc6 CVE-2026-0915 中危 2.39-0ubuntu8.5 2.39-0ubuntu8.7 glibc: glibc: Information disclosure via zero-valued network query

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11

libc6 CVE-2026-4046 中危 2.39-0ubuntu8.5 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

libc6 CVE-2026-4437 中危 2.39-0ubuntu8.5 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc6 CVE-2026-4438 中危 2.39-0ubuntu8.5 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc6 CVE-2026-5435 中危 2.39-0ubuntu8.5 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

libc6 CVE-2026-6238 中危 2.39-0ubuntu8.5 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

libcap2 CVE-2026-4878 中危 1:2.66-5ubuntu2.2 1:2.66-5ubuntu2.4 libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-09 16:16 修改: 2026-06-30 03:20

libcap2-bin CVE-2026-4878 中危 1:2.66-5ubuntu2.2 1:2.66-5ubuntu2.4 libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-09 16:16 修改: 2026-06-30 03:20

libcharon-extauth-plugins CVE-2025-62291 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.1 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-16 19:16 修改: 2026-06-17 09:51

libcharon-extauth-plugins CVE-2026-25075 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.2 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:24

libcharon-extauth-plugins CVE-2026-35328 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35328

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extauth-plugins CVE-2026-35329 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: pkcs7 crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35329

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extauth-plugins CVE-2026-35330 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libsimaka infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35330

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extauth-plugins CVE-2026-35331 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: constraints plugin]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35331

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extauth-plugins CVE-2026-35332 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls ECDH crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35332

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extauth-plugins CVE-2026-35333 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libradius infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35333

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extauth-plugins CVE-2026-35334 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: gmp plugin crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35334

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extauth-plugins CVE-2026-47895 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.4

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47895

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extra-plugins CVE-2025-62291 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.1 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-16 19:16 修改: 2026-06-17 09:51

libcharon-extra-plugins CVE-2026-25075 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.2 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:24

libcharon-extra-plugins CVE-2026-35328 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35328

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extra-plugins CVE-2026-35329 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: pkcs7 crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35329

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extra-plugins CVE-2026-35330 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libsimaka infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35330

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extra-plugins CVE-2026-35331 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: constraints plugin]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35331

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extra-plugins CVE-2026-35332 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls ECDH crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35332

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extra-plugins CVE-2026-35333 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libradius infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35333

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extra-plugins CVE-2026-35334 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: gmp plugin crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35334

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcharon-extra-plugins CVE-2026-47895 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.4

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47895

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4t64 CVE-2025-14017 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35

libcurl4t64 CVE-2026-11856 中危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11856

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4t64 CVE-2026-1965 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.8 curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16

libcurl4t64 CVE-2026-3783 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.8 curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44

libcurl4t64 CVE-2026-5545 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59

libcurl4t64 CVE-2026-6253 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

libcurl4t64 CVE-2026-6429 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: libcurl: Credential leak via reused proxy connection during HTTP redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

libcurl4t64 CVE-2026-7168 中危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01

libcurl4t64 CVE-2026-8925 中危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8925

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4t64 CVE-2026-8927 中危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8927

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libexpat1 CVE-2025-66382 中危 2.6.1-2ubuntu0.3 libexpat: libexpat: Denial of service via crafted file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-11-28 07:15 修改: 2026-06-17 09:56

libexpat1 CVE-2026-24515 中危 2.6.1-2ubuntu0.3 2.6.1-2ubuntu0.4 libexpat: libexpat null pointer dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-23 08:16 修改: 2026-06-17 10:23

libexpat1 CVE-2026-25210 中危 2.6.1-2ubuntu0.3 2.6.1-2ubuntu0.4 libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-30 07:16 修改: 2026-06-17 10:24

libfdisk1 CVE-2026-27456 中危 2.39.3-9ubuntu6.3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libgcrypt20 CVE-2026-41989 中危 1.10.3-2build1 1.10.3-2ubuntu0.1 Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47

libgnutls30t64 CVE-2025-14831 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.5 gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-02-09 15:16 修改: 2026-06-30 00:16

libgnutls30t64 CVE-2026-33845 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-30 18:16 修改: 2026-06-30 03:18

libgnutls30t64 CVE-2026-33846 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-05-04 10:15 修改: 2026-06-30 03:18

libgnutls30t64 CVE-2026-3832 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-30 18:16 修改: 2026-06-24 17:16

libgnutls30t64 CVE-2026-3833 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-30 18:16 修改: 2026-06-30 03:19

libgnutls30t64 CVE-2026-42009 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-05-18 13:16 修改: 2026-06-30 03:19

libgnutls30t64 CVE-2026-42010 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: gnutls: Authentication Bypass via NUL Character in Username

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-05-07 12:16 修改: 2026-06-30 03:19

libgnutls30t64 CVE-2026-42011 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: gnutls: Security bypass due to incorrect name constraint handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-05-07 15:16 修改: 2026-06-30 03:19

libgnutls30t64 CVE-2026-42012 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:19

libgnutls30t64 CVE-2026-42013 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:19

libgnutls30t64 CVE-2026-42014 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-16 02:16 修改: 2026-06-30 03:19

libgnutls30t64 CVE-2026-42015 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:19

libgnutls30t64 CVE-2026-5260 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:21

libgnutls30t64 CVE-2026-5419 中危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.6 gnutls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-01 21:16 修改: 2026-06-29 12:16

liblmdb0 CVE-2026-22185 中危 0.9.31-1build1 OpenLDAP: OpenLDAP LMDB: Denial of Service and Information Disclosure via Heap Buffer Underflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22185

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-07 21:16 修改: 2026-06-17 10:19

libmount1 CVE-2026-27456 中危 2.39.3-9ubuntu6.3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libnghttp2-14 CVE-2026-27135 中危 1.59.0-1ubuntu0.2 1.59.0-1ubuntu0.3 nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-18 18:16 修改: 2026-06-30 03:17

libpam-modules CVE-2024-10963 中危 1.5.3-5ubuntu5.4 1.5.3-5ubuntu5.5 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2024-11-07 16:15 修改: 2026-06-17 06:56

libpam-modules-bin CVE-2024-10963 中危 1.5.3-5ubuntu5.4 1.5.3-5ubuntu5.5 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2024-11-07 16:15 修改: 2026-06-17 06:56

libpam-runtime CVE-2024-10963 中危 1.5.3-5ubuntu5.4 1.5.3-5ubuntu5.5 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2024-11-07 16:15 修改: 2026-06-17 06:56

libpam0g CVE-2024-10963 中危 1.5.3-5ubuntu5.4 1.5.3-5ubuntu5.5 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2024-11-07 16:15 修改: 2026-06-17 06:56

libperl5.38t64 CVE-2026-42496 中危 5.38.2-3.2ubuntu0.2 5.38.2-3.2ubuntu0.3 perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-26 02:16 修改: 2026-06-30 03:19

libperl5.38t64 CVE-2026-8376 中危 5.38.2-3.2ubuntu0.2 5.38.2-3.2ubuntu0.3 Perl versions through 5.43.10 have a heap buffer overflow when compili ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-26 00:16 修改: 2026-06-17 11:03

libpython3.12-minimal CVE-2025-11468 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Missing character filtering in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30

libpython3.12-minimal CVE-2025-12084 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31

libpython3.12-minimal CVE-2025-13462 中危 3.12.3-1ubuntu0.7 cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34

libpython3.12-minimal CVE-2025-13836 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.10 cpython: Excessive read buffering DoS in http.client

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34

libpython3.12-minimal CVE-2025-13837 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Out-of-memory when loading Plist

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34

libpython3.12-minimal CVE-2025-15282 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Header injection via newlines in data URL mediatype in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37

libpython3.12-minimal CVE-2025-6069 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.8 cpython: Python HTMLParser quadratic complexity

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01

libpython3.12-minimal CVE-2025-6075 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.9 python: Quadratic complexity in os.path.expandvars() with user-controlled template

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01

libpython3.12-minimal CVE-2025-8194 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.8 cpython: Cpython infinite loop when parsing a tarfile

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06

libpython3.12-minimal CVE-2025-8291 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.9 cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06

libpython3.12-minimal CVE-2026-0672 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Header injection in http.cookies.Morsel in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11

libpython3.12-minimal CVE-2026-0865 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: wsgiref.headers.Headers allows header newline injection in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11

libpython3.12-minimal CVE-2026-2297 中危 3.12.3-1ubuntu0.7 cpython: CPython: Logging Bypass in Legacy .pyc File Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30

libpython3.12-stdlib CVE-2025-11468 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Missing character filtering in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30

libpython3.12-stdlib CVE-2025-12084 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31

libpython3.12-stdlib CVE-2025-13462 中危 3.12.3-1ubuntu0.7 cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34

libpython3.12-stdlib CVE-2025-13836 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.10 cpython: Excessive read buffering DoS in http.client

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34

libpython3.12-stdlib CVE-2025-13837 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Out-of-memory when loading Plist

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34

libpython3.12-stdlib CVE-2025-15282 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Header injection via newlines in data URL mediatype in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37

libpython3.12-stdlib CVE-2025-6069 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.8 cpython: Python HTMLParser quadratic complexity

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01

libpython3.12-stdlib CVE-2025-6075 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.9 python: Quadratic complexity in os.path.expandvars() with user-controlled template

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01

libpython3.12-stdlib CVE-2025-8194 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.8 cpython: Cpython infinite loop when parsing a tarfile

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06

libpython3.12-stdlib CVE-2025-8291 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.9 cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06

libpython3.12-stdlib CVE-2026-0672 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Header injection in http.cookies.Morsel in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11

libpython3.12-stdlib CVE-2026-0865 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: wsgiref.headers.Headers allows header newline injection in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11

libpython3.12-stdlib CVE-2026-2297 中危 3.12.3-1ubuntu0.7 cpython: CPython: Logging Bypass in Legacy .pyc File Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30

libsmartcols1 CVE-2026-27456 中危 2.39.3-9ubuntu6.3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libsqlite3-0 CVE-2025-7709 中危 3.45.1-1ubuntu2.4 3.45.1-1ubuntu2.5 An integer overflow exists in the FTS5 https://sqlite.org/fts5.html e ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7709

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-09-08 15:15 修改: 2026-06-17 10:05

libsqlite3-0 CVE-2026-11822 中危 3.45.1-1ubuntu2.4 3.45.1-1ubuntu2.6 SQLite before 3.53.2 contains memory corruption vulnerabilities in the ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11822

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 20:16 修改: 2026-06-17 10:14

libsqlite3-0 CVE-2026-11824 中危 3.45.1-1ubuntu2.4 3.45.1-1ubuntu2.6 SQLite before 3.53.2 contains a heap-based buffer overflow vulnerabili ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11824

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 20:16 修改: 2026-06-17 10:14

libssh-4 CVE-2026-0964 中危 0.10.6-2ubuntu0.1 0.10.6-2ubuntu0.3 libssh: Improper sanitation of paths received from SCP servers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0964

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11

libssh-4 CVE-2026-0967 中危 0.10.6-2ubuntu0.1 0.10.6-2ubuntu0.3 libssh: libssh: Denial of Service via inefficient regular expression processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0967

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11

libssh-4 CVE-2026-0968 中危 0.10.6-2ubuntu0.1 0.10.6-2ubuntu0.3 libssh: libssh: Denial of Service due to malformed SFTP message

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0968

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11

libssh-4 CVE-2026-3731 中危 0.10.6-2ubuntu0.1 0.10.6-2ubuntu0.4 libssh: libssh: Denial of Service via out-of-bounds read in SFTP extension name handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3731

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-08 11:15 修改: 2026-06-17 10:44

bind9-dnsutils CVE-2025-40780 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Cache poisoning due to weak PRNG

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40780

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 09:22

libssl3t64 CVE-2025-15467 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16

libssl3t64 CVE-2025-9230 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.6 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

libssl3t64 CVE-2026-31790 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl3t64 CVE-2026-34182 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl3t64 CVE-2026-45445 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

bind9-dnsutils CVE-2025-8677 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.2 bind: Resource exhaustion via malformed DNSKEY handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8677

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 16:15 修改: 2026-06-17 10:07

libssl3t64-fips CVE-2025-15467 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16

libssl3t64-fips CVE-2025-9230 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.6 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

libssl3t64-fips CVE-2026-31790 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl3t64-fips CVE-2026-34182 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl3t64-fips CVE-2026-45445 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

libstrongswan CVE-2025-62291 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.1 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-16 19:16 修改: 2026-06-17 09:51

libstrongswan CVE-2026-25075 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.2 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:24

libstrongswan CVE-2026-35328 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35328

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan CVE-2026-35329 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: pkcs7 crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35329

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan CVE-2026-35330 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libsimaka infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35330

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan CVE-2026-35331 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: constraints plugin]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35331

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan CVE-2026-35332 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls ECDH crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35332

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan CVE-2026-35333 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libradius infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35333

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan CVE-2026-35334 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: gmp plugin crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35334

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan CVE-2026-47895 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.4

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47895

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-extra-plugins CVE-2025-62291 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.1 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-16 19:16 修改: 2026-06-17 09:51

libstrongswan-extra-plugins CVE-2026-25075 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.2 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:24

libstrongswan-extra-plugins CVE-2026-35328 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35328

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-extra-plugins CVE-2026-35329 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: pkcs7 crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35329

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-extra-plugins CVE-2026-35330 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libsimaka infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35330

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-extra-plugins CVE-2026-35331 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: constraints plugin]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35331

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-extra-plugins CVE-2026-35332 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls ECDH crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35332

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-extra-plugins CVE-2026-35333 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libradius infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35333

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-extra-plugins CVE-2026-35334 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: gmp plugin crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35334

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-extra-plugins CVE-2026-47895 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.4

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47895

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-standard-plugins CVE-2025-62291 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.1 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-16 19:16 修改: 2026-06-17 09:51

libstrongswan-standard-plugins CVE-2026-25075 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.2 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:24

libstrongswan-standard-plugins CVE-2026-35328 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35328

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-standard-plugins CVE-2026-35329 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: pkcs7 crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35329

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-standard-plugins CVE-2026-35330 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libsimaka infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35330

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-standard-plugins CVE-2026-35331 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: constraints plugin]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35331

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-standard-plugins CVE-2026-35332 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls ECDH crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35332

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-standard-plugins CVE-2026-35333 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libradius infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35333

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-standard-plugins CVE-2026-35334 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: gmp plugin crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35334

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libstrongswan-standard-plugins CVE-2026-47895 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.4

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47895

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libsystemd-shared CVE-2026-29111 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29

libsystemd-shared CVE-2026-40225 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libsystemd-shared CVE-2026-40226 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.16 systemd: systemd nspawn: Escape-to-host action via crafted config file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libsystemd0 CVE-2026-29111 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29

libsystemd0 CVE-2026-40225 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libsystemd0 CVE-2026-40226 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.16 systemd: systemd nspawn: Escape-to-host action via crafted config file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libtasn1-6 CVE-2025-13151 中危 4.19.0-3ubuntu0.24.04.1 4.19.0-3ubuntu0.24.04.2 libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-07 22:15 修改: 2026-06-17 08:33

libudev1 CVE-2026-29111 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29

libudev1 CVE-2026-40225 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libudev1 CVE-2026-40226 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.16 systemd: systemd nspawn: Escape-to-host action via crafted config file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

bind9-dnsutils CVE-2026-1519 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.3 bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1519

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-25 14:16 修改: 2026-06-30 03:17

libunbound8 CVE-2025-11411 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.7 unbound: Unbound domain hijacking via promiscuous records

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11411

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-22 13:15 修改: 2026-06-17 08:30

libunbound8 CVE-2026-32792 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 unbound: Packet of death with DNSCrypt

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32792

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-17 10:36

libunbound8 CVE-2026-40622 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vul ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40622

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-17 10:45

libunbound8 CVE-2026-41292 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 unbound: Unbound: Denial of Service via excessive EDNS options

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41292

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-30 03:19

libunbound8 CVE-2026-42534 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 unbound: Unbound: Denial of Service due to degraded resolution performance in jostle logic

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42534

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-30 03:19

libunbound8 CVE-2026-42923 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 unbound: Unbound DNSSEC Validator NSEC3 Hash Calculation Limit Bypass via Negative Cache Code Path Leading to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42923

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-17 10:48

libunbound8 CVE-2026-42944 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42944

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-30 03:19

libunbound8 CVE-2026-42959 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42959

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-30 03:19

libunbound8 CVE-2026-42960 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 unbound: Unbound DNS Cache Poisoning via Promiscuous Additional Section RRSet Acceptance

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42960

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-17 10:48

libunbound8 CVE-2026-44390 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 unbound: Unbound: Denial of Service due to excessive resource consumption with large DNS Resource Record Sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44390

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-30 03:19

libunbound8 CVE-2026-44608 中危 1.19.2-1ubuntu3.5 1.19.2-1ubuntu3.8 unbound: Unbound: Denial of Service due to locking inconsistency during RPZ XFR reload

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44608

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 10:16 修改: 2026-06-17 10:51

libuuid1 CVE-2026-27456 中危 2.39.3-9ubuntu6.3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libxml2 CVE-2025-49794 中危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.4 libxml: Heap use after free (UAF) leads to Denial of service (DoS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49794

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-06-16 16:15 修改: 2026-06-29 21:16

libxml2 CVE-2025-49796 中危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.4 libxml: Type confusion leads to Denial of service (DoS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49796

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-06-16 16:15 修改: 2026-06-29 21:16

libxml2 CVE-2025-6021 中危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.4 libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6021

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-06-12 13:15 修改: 2026-06-25 05:16

libxml2 CVE-2025-6170 中危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.4 libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6170

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-06-16 16:15 修改: 2026-06-25 08:16

libxml2 CVE-2025-7425 中危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.6 libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-07-10 14:15 修改: 2026-06-29 21:16

libxml2 CVE-2025-9714 中危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.5 libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9714

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-09-10 19:15 修改: 2026-06-17 10:09

libxml2 CVE-2026-0989 中危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.7 libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0989

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-15 15:15 修改: 2026-06-29 19:05

libxml2 CVE-2026-0990 中危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.7 libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0990

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-15 15:15 修改: 2026-06-29 19:04

libxml2 CVE-2026-0992 中危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.7 libxml2: libxml2: Denial of Service via crafted XML catalogs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0992

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-15 15:15 修改: 2026-06-29 19:03

libxml2 CVE-2026-6653 中危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.8 libxml2: mingw-libxml2: libxml2: Denial of Service via crafted XML input due to use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6653

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-22 14:17 修改: 2026-06-22 18:16

mount CVE-2026-27456 中危 2.39.3-9ubuntu6.3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

bind9-dnsutils CVE-2026-3039 中危 1:9.18.30-0ubuntu0.24.04.2 1:9.18.39-0ubuntu0.24.04.5 bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3039

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-20 13:16 修改: 2026-06-30 03:19

openssl CVE-2025-15467 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16

openssl CVE-2025-9230 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.6 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08

openssl CVE-2026-31790 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

openssl CVE-2026-34182 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl CVE-2026-45445 中危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

openvswitch-common CVE-2019-25076 中危 3.3.6-1 openvswitch: DoS via crafted packet

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25076

镜像层: sha256:f8da9f7156c2e8e3870358978b9105fbf5b3935c7617715800f910106cd43818

发布日期: 2022-09-08 23:15 修改: 2026-06-17 02:31

openvswitch-ipsec CVE-2019-25076 中危 3.3.6-1 openvswitch: DoS via crafted packet

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25076

镜像层: sha256:f8da9f7156c2e8e3870358978b9105fbf5b3935c7617715800f910106cd43818

发布日期: 2022-09-08 23:15 修改: 2026-06-17 02:31

openvswitch-pki CVE-2019-25076 中危 3.3.6-1 openvswitch: DoS via crafted packet

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25076

镜像层: sha256:f8da9f7156c2e8e3870358978b9105fbf5b3935c7617715800f910106cd43818

发布日期: 2022-09-08 23:15 修改: 2026-06-17 02:31

openvswitch-switch CVE-2019-25076 中危 3.3.6-1 openvswitch: DoS via crafted packet

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25076

镜像层: sha256:f8da9f7156c2e8e3870358978b9105fbf5b3935c7617715800f910106cd43818

发布日期: 2022-09-08 23:15 修改: 2026-06-17 02:31

perl CVE-2026-42496 中危 5.38.2-3.2ubuntu0.2 5.38.2-3.2ubuntu0.3 perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-26 02:16 修改: 2026-06-30 03:19

perl CVE-2026-8376 中危 5.38.2-3.2ubuntu0.2 5.38.2-3.2ubuntu0.3 Perl versions through 5.43.10 have a heap buffer overflow when compili ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-26 00:16 修改: 2026-06-17 11:03

perl-base CVE-2026-42496 中危 5.38.2-3.2ubuntu0.2 5.38.2-3.2ubuntu0.3 perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-26 02:16 修改: 2026-06-30 03:19

perl-base CVE-2026-8376 中危 5.38.2-3.2ubuntu0.2 5.38.2-3.2ubuntu0.3 Perl versions through 5.43.10 have a heap buffer overflow when compili ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-26 00:16 修改: 2026-06-17 11:03

perl-modules-5.38 CVE-2026-42496 中危 5.38.2-3.2ubuntu0.2 5.38.2-3.2ubuntu0.3 perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-26 02:16 修改: 2026-06-30 03:19

perl-modules-5.38 CVE-2026-8376 中危 5.38.2-3.2ubuntu0.2 5.38.2-3.2ubuntu0.3 Perl versions through 5.43.10 have a heap buffer overflow when compili ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-26 00:16 修改: 2026-06-17 11:03

python3-openvswitch CVE-2019-25076 中危 3.3.6-1 openvswitch: DoS via crafted packet

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25076

镜像层: sha256:f8da9f7156c2e8e3870358978b9105fbf5b3935c7617715800f910106cd43818

发布日期: 2022-09-08 23:15 修改: 2026-06-17 02:31

python3.12 CVE-2025-11468 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Missing character filtering in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30

python3.12 CVE-2025-12084 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31

python3.12 CVE-2025-13462 中危 3.12.3-1ubuntu0.7 cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34

python3.12 CVE-2025-13836 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.10 cpython: Excessive read buffering DoS in http.client

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34

python3.12 CVE-2025-13837 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Out-of-memory when loading Plist

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34

python3.12 CVE-2025-15282 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Header injection via newlines in data URL mediatype in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37

python3.12 CVE-2025-6069 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.8 cpython: Python HTMLParser quadratic complexity

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01

python3.12 CVE-2025-6075 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.9 python: Quadratic complexity in os.path.expandvars() with user-controlled template

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01

python3.12 CVE-2025-8194 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.8 cpython: Cpython infinite loop when parsing a tarfile

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06

python3.12 CVE-2025-8291 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.9 cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06

python3.12 CVE-2026-0672 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Header injection in http.cookies.Morsel in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11

python3.12 CVE-2026-0865 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: wsgiref.headers.Headers allows header newline injection in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11

python3.12 CVE-2026-2297 中危 3.12.3-1ubuntu0.7 cpython: CPython: Logging Bypass in Legacy .pyc File Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30

python3.12-minimal CVE-2025-11468 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Missing character filtering in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30

python3.12-minimal CVE-2025-12084 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31

python3.12-minimal CVE-2025-13462 中危 3.12.3-1ubuntu0.7 cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34

python3.12-minimal CVE-2025-13836 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.10 cpython: Excessive read buffering DoS in http.client

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34

python3.12-minimal CVE-2025-13837 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Out-of-memory when loading Plist

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34

python3.12-minimal CVE-2025-15282 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Header injection via newlines in data URL mediatype in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37

python3.12-minimal CVE-2025-6069 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.8 cpython: Python HTMLParser quadratic complexity

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01

python3.12-minimal CVE-2025-6075 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.9 python: Quadratic complexity in os.path.expandvars() with user-controlled template

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01

python3.12-minimal CVE-2025-8194 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.8 cpython: Cpython infinite loop when parsing a tarfile

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06

python3.12-minimal CVE-2025-8291 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.9 cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06

python3.12-minimal CVE-2026-0672 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: Header injection in http.cookies.Morsel in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11

python3.12-minimal CVE-2026-0865 中危 3.12.3-1ubuntu0.7 3.12.3-1ubuntu0.11 cpython: wsgiref.headers.Headers allows header newline injection in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11

python3.12-minimal CVE-2026-2297 中危 3.12.3-1ubuntu0.7 cpython: CPython: Logging Bypass in Legacy .pyc File Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30

sed CVE-2026-5958 中危 4.9-2build1 4.9-2ubuntu0.24.04.1 sed: GNU sed TOCTOU race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-20 12:16 修改: 2026-06-17 10:59

strongswan CVE-2025-62291 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.1 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-16 19:16 修改: 2026-06-17 09:51

strongswan CVE-2026-25075 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.2 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:24

strongswan CVE-2026-35328 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35328

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan CVE-2026-35329 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: pkcs7 crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35329

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan CVE-2026-35330 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libsimaka infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35330

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan CVE-2026-35331 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: constraints plugin]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35331

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan CVE-2026-35332 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls ECDH crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35332

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan CVE-2026-35333 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libradius infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35333

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan CVE-2026-35334 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: gmp plugin crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35334

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan CVE-2026-47895 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.4

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47895

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-charon CVE-2025-62291 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.1 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-16 19:16 修改: 2026-06-17 09:51

strongswan-charon CVE-2026-25075 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.2 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:24

strongswan-charon CVE-2026-35328 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35328

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-charon CVE-2026-35329 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: pkcs7 crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35329

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-charon CVE-2026-35330 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libsimaka infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35330

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-charon CVE-2026-35331 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: constraints plugin]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35331

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-charon CVE-2026-35332 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls ECDH crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35332

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-charon CVE-2026-35333 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libradius infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35333

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-charon CVE-2026-35334 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: gmp plugin crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35334

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-charon CVE-2026-47895 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.4

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47895

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-libcharon CVE-2025-62291 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.1 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-16 19:16 修改: 2026-06-17 09:51

strongswan-libcharon CVE-2026-25075 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.2 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:24

strongswan-libcharon CVE-2026-35328 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35328

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-libcharon CVE-2026-35329 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: pkcs7 crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35329

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-libcharon CVE-2026-35330 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libsimaka infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35330

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-libcharon CVE-2026-35331 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: constraints plugin]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35331

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-libcharon CVE-2026-35332 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls ECDH crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35332

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-libcharon CVE-2026-35333 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libradius infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35333

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-libcharon CVE-2026-35334 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: gmp plugin crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35334

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-libcharon CVE-2026-47895 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.4

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47895

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-pki CVE-2025-62291 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.1 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-16 19:16 修改: 2026-06-17 09:51

strongswan-pki CVE-2026-25075 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.2 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:24

strongswan-pki CVE-2026-35328 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35328

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-pki CVE-2026-35329 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: pkcs7 crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35329

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-pki CVE-2026-35330 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libsimaka infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35330

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-pki CVE-2026-35331 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: constraints plugin]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35331

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-pki CVE-2026-35332 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls ECDH crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35332

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-pki CVE-2026-35333 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libradius infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35333

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-pki CVE-2026-35334 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: gmp plugin crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35334

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-pki CVE-2026-47895 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.4

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47895

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-starter CVE-2025-62291 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.1 strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62291

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-16 19:16 修改: 2026-06-17 09:51

strongswan-starter CVE-2026-25075 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.2 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25075

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 19:16 修改: 2026-06-17 10:24

strongswan-starter CVE-2026-35328 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35328

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-starter CVE-2026-35329 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: pkcs7 crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35329

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-starter CVE-2026-35330 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libsimaka infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35330

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-starter CVE-2026-35331 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: constraints plugin]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35331

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-starter CVE-2026-35332 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libtls ECDH crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35332

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-starter CVE-2026-35333 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: libradius infinite loop]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35333

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-starter CVE-2026-35334 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.3 [strongswan: gmp plugin crash]

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35334

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

strongswan-starter CVE-2026-47895 中危 5.9.13-2ubuntu4 5.9.13-2ubuntu4.24.04.4

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47895

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

systemd CVE-2026-29111 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29

systemd CVE-2026-40225 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

systemd CVE-2026-40226 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.16 systemd: systemd nspawn: Escape-to-host action via crafted config file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

systemd-dev CVE-2026-29111 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29

systemd-dev CVE-2026-40225 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

systemd-dev CVE-2026-40226 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.16 systemd: systemd nspawn: Escape-to-host action via crafted config file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

tar CVE-2025-45582 中危 1.35+dfsg-3build1 tar: Tar path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2025-07-11 17:15 修改: 2026-06-17 09:25

tar CVE-2026-5704 中危 1.35+dfsg-3build1 1.35+dfsg-3ubuntu0.1 tar: tar: Hidden file injection via crafted archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:59

udev CVE-2026-29111 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29

udev CVE-2026-40225 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.14 systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

udev CVE-2026-40226 中危 255.4-1ubuntu8.10 255.4-1ubuntu8.16 systemd: systemd nspawn: Escape-to-host action via crafted config file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

util-linux CVE-2026-27456 中危 2.39.3-9ubuntu6.3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

uuid-runtime CVE-2026-27456 中危 2.39.3-9ubuntu6.3 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

openssl CVE-2026-42770 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl CVE-2026-45446 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

openssl CVE-2026-7383 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02

openssl CVE-2026-9076 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04

libssl3t64-fips CVE-2026-28387 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3t64-fips CVE-2026-28388 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3t64-fips CVE-2026-28389 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3t64-fips CVE-2026-28390 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

passwd CVE-2024-56433 低危 1:4.13+dfsg1-4ubuntu3.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12

libssl3t64-fips CVE-2026-31789 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl3t64-fips CVE-2026-34180 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl3t64-fips CVE-2026-42766 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3t64-fips CVE-2026-42767 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3t64-fips CVE-2026-42770 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3t64-fips CVE-2026-45446 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

libssl3t64-fips CVE-2026-7383 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02

libssl3t64-fips CVE-2026-9076 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04

libelf1t64 CVE-2025-1352 低危 0.190-1.1ubuntu0.1 elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-02-16 15:15 修改: 2026-06-17 08:38

libelf1t64 CVE-2025-1376 低危 0.190-1.1ubuntu0.1 elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1376

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-02-17 05:15 修改: 2026-06-17 08:39

curl CVE-2026-6276 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

curl CVE-2026-8286 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8286

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

curl CVE-2026-8458 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8458

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libbpf1 CVE-2025-29481 低危 1:1.3.0-2build2 libbpf: Heap Buffer Overflow in libbpf

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29481

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-04-07 20:15 修改: 2026-06-17 09:05

curl CVE-2026-8924 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8924

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libgcrypt20 CVE-2024-2236 低危 1.10.3-2build1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24

curl CVE-2026-9547 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9547

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

curl CVE-2025-0167 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.8 When asked to use a `.netrc` file for credentials **and** to follow HT ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25

curl CVE-2025-10148 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: predictable WebSocket mask

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10148

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-09-12 06:15 修改: 2026-06-17 08:27

curl CVE-2025-14524 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36

curl CVE-2025-14819 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: libcurl: Improper certificate validation due to cached TLS settings reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36

curl CVE-2025-15079 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: Host verification bypass during SSH transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37

curl CVE-2025-15224 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: libssh key passphrase bypass without agent set

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37

curl CVE-2026-10536 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

curl CVE-2026-12064 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

curl CVE-2026-3784 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.8 curl: curl: Unauthorized access due to improper HTTP proxy connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44

dpkg CVE-2025-6297 低危 1.22.6ubuntu6.1 1.22.6ubuntu6.5 It was discovered that dpkg-deb does not properly sanitize directory p ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6297

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2025-07-01 17:15 修改: 2026-06-17 10:01

curl CVE-2026-4873 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: curl: Information disclosure due to incorrect TLS connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57

curl CVE-2026-5773 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59

libcurl4t64 CVE-2025-0167 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.8 When asked to use a `.netrc` file for credentials **and** to follow HT ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25

libgnutls30t64 CVE-2025-9820 低危 3.8.3-1.1ubuntu3.4 3.8.3-1.1ubuntu3.5 gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-26 20:16 修改: 2026-06-25 08:16

libicu74 CVE-2025-5222 低危 74.2-1ubuntu3.1 icu: Stack buffer overflow in the SRBRoot::addTag function

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5222

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-05-27 21:15 修改: 2026-06-30 05:17

libcurl4t64 CVE-2025-10148 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: predictable WebSocket mask

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10148

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-09-12 06:15 修改: 2026-06-17 08:27

liblzma5 CVE-2026-34743 低危 5.6.1+really5.4.5-1ubuntu0.2 5.6.1+really5.4.5-1ubuntu0.3 xz: XZ Utils: Denial of Service via buffer overflow in index decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39

libcurl4t64 CVE-2025-14524 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36

libcurl4t64 CVE-2025-14819 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: libcurl: Improper certificate validation due to cached TLS settings reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36

libssh-4 CVE-2025-8114 低危 0.10.6-2ubuntu0.1 0.10.6-2ubuntu0.2 libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8114

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-07-24 15:15 修改: 2026-06-30 02:16

libssh-4 CVE-2025-8277 低危 0.10.6-2ubuntu0.1 0.10.6-2ubuntu0.3 libssh: Memory Exhaustion via Repeated Key Exchange in libssh

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8277

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-09-09 12:15 修改: 2026-06-25 08:16

libssh-4 CVE-2026-0965 低危 0.10.6-2ubuntu0.1 0.10.6-2ubuntu0.3 libssh: libssh: Denial of Service via improper configuration file handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0965

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11

libssh-4 CVE-2026-0966 低危 0.10.6-2ubuntu0.1 0.10.6-2ubuntu0.3 libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0966

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11

libcurl4t64 CVE-2025-15079 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: Host verification bypass during SSH transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37

libsystemd-shared CVE-2026-40228 低危 255.4-1ubuntu8.10 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libcurl4t64 CVE-2025-15224 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.7 curl: libssh key passphrase bypass without agent set

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37

libcurl4t64 CVE-2026-10536 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4t64 CVE-2026-12064 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libsystemd0 CVE-2026-40228 低危 255.4-1ubuntu8.10 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libcurl4t64 CVE-2026-3784 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.8 curl: curl: Unauthorized access due to improper HTTP proxy connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44

libcurl4t64 CVE-2026-4873 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: curl: Information disclosure due to incorrect TLS connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57

libssl3t64 CVE-2025-68160 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58

libssl3t64 CVE-2025-69418 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libudev1 CVE-2026-40228 低危 255.4-1ubuntu8.10 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libssl3t64 CVE-2025-69419 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3t64 CVE-2025-69420 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3t64 CVE-2025-69421 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3t64 CVE-2026-22795 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libssl3t64 CVE-2026-22796 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libssl3t64 CVE-2026-28387 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3t64 CVE-2026-28388 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3t64 CVE-2026-28389 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3t64 CVE-2026-28390 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

libssl3t64 CVE-2026-31789 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

libssl3t64 CVE-2026-34180 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

libssl3t64 CVE-2026-42766 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3t64 CVE-2026-42767 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3t64 CVE-2026-42770 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

libssl3t64 CVE-2026-45446 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

libssl3t64 CVE-2026-7383 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02

libssl3t64 CVE-2026-9076 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04

libcurl4t64 CVE-2026-5773 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59

libcurl4t64 CVE-2026-6276 低危 8.5.0-2ubuntu10.6 8.5.0-2ubuntu10.9 curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00

libcurl4t64 CVE-2026-8286 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8286

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4t64 CVE-2026-8458 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8458

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4t64 CVE-2026-8924 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8924

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libcurl4t64 CVE-2026-9547 低危 8.5.0-2ubuntu10.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9547

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libxml2 CVE-2025-8732 低危 2.9.14+dfsg-1.3ubuntu3.3 2.9.14+dfsg-1.3ubuntu3.7 libxml2: libxml2: Uncontrolled Recursion Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8732

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2025-08-08 17:15 修改: 2026-06-29 19:05

libssl3t64-fips CVE-2025-68160 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58

libssl3t64-fips CVE-2025-69418 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3t64-fips CVE-2025-69419 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3t64-fips CVE-2025-69420 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3t64-fips CVE-2025-69421 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

libssl3t64-fips CVE-2026-22795 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

libssl3t64-fips CVE-2026-22796 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:38566bed7b8212bf58ece0b68bc24a797f2f167117bea9a19d23fc15dfac8798

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

openssl CVE-2025-68160 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58

openssl CVE-2025-69418 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

openssl CVE-2025-69419 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

openssl CVE-2025-69420 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

openssl CVE-2025-69421 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00

systemd CVE-2026-40228 低危 255.4-1ubuntu8.10 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

openssl CVE-2026-22795 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

openssl CVE-2026-22796 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.7 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20

openssl CVE-2026-28387 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

systemd-dev CVE-2026-40228 低危 255.4-1ubuntu8.10 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

openssl CVE-2026-28388 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl CVE-2026-28389 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl CVE-2026-28390 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

openssl CVE-2026-31789 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.9 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34

openssl CVE-2026-34180 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

udev CVE-2026-40228 低危 255.4-1ubuntu8.10 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

openssl CVE-2026-42766 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl CVE-2026-42767 低危 3.0.13-0ubuntu3.5 3.0.13-0ubuntu3.11 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:ec8c6508b7637ba7438d51e16460487c7e695b94fb85baf3fc342ac2c0301d7a

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

zlib1g CVE-2026-27171 低危 1:1.3.dfsg-3.1ubuntu2.1 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:7e9d7e82ac4b59cd388602b3144b74bad80098dc456e1a4fc57ca79388be5efe

发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26

kube-ovn/kube-ovn (gobinary)
低危漏洞:2 中危漏洞:24 高危漏洞:20 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2025-68121 严重 v1.24.6 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58

golang.org/x/net CVE-2026-25680 高危 v0.43.0 0.55.0 Parsing arbitrary HTML can consume excessive CPU time, possibly leadin ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-25681 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-27136 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26

golang.org/x/net CVE-2026-33814 高危 v0.43.0 0.53.0 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

golang.org/x/net CVE-2026-39821 高危 v0.43.0 0.55.0 golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-30 03:19

golang.org/x/net CVE-2026-42502 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

github.com/moby/spdystream CVE-2026-35469 高危 v0.5.0 0.5.1 Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35469

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-16 22:16 修改: 2026-06-30 03:19

stdlib CVE-2025-61726 高危 v1.24.6 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-30 03:16

stdlib CVE-2025-61729 高危 v1.24.6 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50

stdlib CVE-2026-25679 高危 v1.24.6 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-30 03:17

stdlib CVE-2026-27145 高危 v1.24.6 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-30 03:17

stdlib CVE-2026-32280 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-32281 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32283 高危 v1.24.6 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33811 高危 v1.24.6 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33814 高危 v1.24.6 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-39820 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-39836 高危 v1.24.6 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-42504 高危 v1.24.6 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

golang.org/x/net CVE-2025-58190 中危 v0.43.0 0.45.0 golang.org/x/net/html: Infinite parsing loop in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58190

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:44

golang.org/x/net CVE-2026-42506 中危 v0.43.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

github.com/containernetworking/plugins CVE-2025-67499 中危 v1.7.1 1.9.0 CNI portmap plugin: github.com/containernetworking/plugins/plugins/meta/portmap: CNI portmap plugin: HostPort forwarding vulnerability allows traffic interception

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67499

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-10 00:16 修改: 2026-06-17 09:57

golang.org/x/net CVE-2025-47911 中危 v0.43.0 0.45.0 golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47911

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:28

stdlib CVE-2025-47912 中危 v1.24.6 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28

stdlib CVE-2025-58183 中危 v1.24.6 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58185 中危 v1.24.6 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58187 中危 v1.24.6 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58188 中危 v1.24.6 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58189 中危 v1.24.6 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-61723 中危 v1.24.6 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61724 中危 v1.24.6 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61725 中危 v1.24.6 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61727 中危 v1.24.6 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61728 中危 v1.24.6 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61730 中危 v1.24.6 1.24.12, 1.25.6 crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2026-27142 中危 v1.24.6 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

stdlib CVE-2026-32282 中危 v1.24.6 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32288 中危 v1.24.6 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32289 中危 v1.24.6 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-39823 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.24.6 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42507 中危 v1.24.6 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

stdlib CVE-2025-58186 低危 v1.24.6 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2026-27139 低危 v1.24.6 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

golang.org/x/sys CVE-2026-39824 未知 v0.35.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

kube-ovn/kube-ovn-cmd (gobinary)
低危漏洞:2 中危漏洞:23 高危漏洞:23 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
google.golang.org/grpc CVE-2026-33186 严重 v1.73.0 1.79.3 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-20 23:16 修改: 2026-06-30 03:18

stdlib CVE-2025-68121 严重 v1.24.6 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58

go.opentelemetry.io/otel/sdk CVE-2026-24051 高危 v1.37.0 1.40.0 OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24051

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-02 23:16 修改: 2026-06-17 10:22

go.opentelemetry.io/otel/sdk CVE-2026-39883 高危 v1.37.0 1.43.0 github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Arbitrary code execution via PATH hijacking on BSD/Solaris

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39883

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 21:17 修改: 2026-06-30 03:19

golang.org/x/net CVE-2026-25680 高危 v0.43.0 0.55.0 Parsing arbitrary HTML can consume excessive CPU time, possibly leadin ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-25681 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-27136 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26

golang.org/x/net CVE-2026-33814 高危 v0.43.0 0.53.0 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

golang.org/x/net CVE-2026-39821 高危 v0.43.0 0.55.0 golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-30 03:19

golang.org/x/net CVE-2026-42502 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

github.com/moby/spdystream CVE-2026-35469 高危 v0.5.0 0.5.1 Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35469

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-16 22:16 修改: 2026-06-30 03:19

go.opentelemetry.io/otel CVE-2026-29181 高危 v1.37.0 1.41.0 github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-07 21:17 修改: 2026-06-30 03:18

stdlib CVE-2025-61726 高危 v1.24.6 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-30 03:16

stdlib CVE-2025-61729 高危 v1.24.6 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50

stdlib CVE-2026-25679 高危 v1.24.6 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-30 03:17

stdlib CVE-2026-27145 高危 v1.24.6 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-30 03:17

stdlib CVE-2026-32280 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-32281 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32283 高危 v1.24.6 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33811 高危 v1.24.6 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33814 高危 v1.24.6 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-39820 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-39836 高危 v1.24.6 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-42504 高危 v1.24.6 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

golang.org/x/net CVE-2025-47911 中危 v0.43.0 0.45.0 golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47911

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:28

golang.org/x/net CVE-2025-58190 中危 v0.43.0 0.45.0 golang.org/x/net/html: Infinite parsing loop in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58190

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:44

golang.org/x/net CVE-2026-42506 中危 v0.43.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

stdlib CVE-2025-47912 中危 v1.24.6 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28

stdlib CVE-2025-58183 中危 v1.24.6 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58185 中危 v1.24.6 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58187 中危 v1.24.6 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58188 中危 v1.24.6 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58189 中危 v1.24.6 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-61723 中危 v1.24.6 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61724 中危 v1.24.6 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61725 中危 v1.24.6 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61727 中危 v1.24.6 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61728 中危 v1.24.6 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61730 中危 v1.24.6 1.24.12, 1.25.6 crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2026-27142 中危 v1.24.6 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

stdlib CVE-2026-32282 中危 v1.24.6 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32288 中危 v1.24.6 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32289 中危 v1.24.6 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-39823 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.24.6 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42507 中危 v1.24.6 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

stdlib CVE-2025-58186 低危 v1.24.6 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2026-27139 低危 v1.24.6 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

golang.org/x/sys CVE-2026-39824 未知 v0.35.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

kube-ovn/kube-ovn-controller (gobinary)
低危漏洞:2 中危漏洞:23 高危漏洞:23 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
google.golang.org/grpc CVE-2026-33186 严重 v1.73.0 1.79.3 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-20 23:16 修改: 2026-06-30 03:18

stdlib CVE-2025-68121 严重 v1.24.6 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58

go.opentelemetry.io/otel/sdk CVE-2026-24051 高危 v1.37.0 1.40.0 OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24051

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-02 23:16 修改: 2026-06-17 10:22

go.opentelemetry.io/otel/sdk CVE-2026-39883 高危 v1.37.0 1.43.0 github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Arbitrary code execution via PATH hijacking on BSD/Solaris

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39883

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 21:17 修改: 2026-06-30 03:19

golang.org/x/net CVE-2026-25680 高危 v0.43.0 0.55.0 Parsing arbitrary HTML can consume excessive CPU time, possibly leadin ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-25681 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-27136 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26

golang.org/x/net CVE-2026-33814 高危 v0.43.0 0.53.0 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

golang.org/x/net CVE-2026-39821 高危 v0.43.0 0.55.0 golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-30 03:19

golang.org/x/net CVE-2026-42502 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

github.com/moby/spdystream CVE-2026-35469 高危 v0.5.0 0.5.1 Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35469

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-16 22:16 修改: 2026-06-30 03:19

go.opentelemetry.io/otel CVE-2026-29181 高危 v1.37.0 1.41.0 github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-07 21:17 修改: 2026-06-30 03:18

stdlib CVE-2025-61726 高危 v1.24.6 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-30 03:16

stdlib CVE-2025-61729 高危 v1.24.6 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50

stdlib CVE-2026-25679 高危 v1.24.6 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-30 03:17

stdlib CVE-2026-27145 高危 v1.24.6 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-30 03:17

stdlib CVE-2026-32280 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-32281 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32283 高危 v1.24.6 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33811 高危 v1.24.6 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33814 高危 v1.24.6 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-39820 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-39836 高危 v1.24.6 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-42504 高危 v1.24.6 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

golang.org/x/net CVE-2025-47911 中危 v0.43.0 0.45.0 golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47911

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:28

golang.org/x/net CVE-2025-58190 中危 v0.43.0 0.45.0 golang.org/x/net/html: Infinite parsing loop in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58190

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:44

golang.org/x/net CVE-2026-42506 中危 v0.43.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

stdlib CVE-2025-47912 中危 v1.24.6 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28

stdlib CVE-2025-58183 中危 v1.24.6 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58185 中危 v1.24.6 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58187 中危 v1.24.6 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58188 中危 v1.24.6 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58189 中危 v1.24.6 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-61723 中危 v1.24.6 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61724 中危 v1.24.6 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61725 中危 v1.24.6 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61727 中危 v1.24.6 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61728 中危 v1.24.6 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61730 中危 v1.24.6 1.24.12, 1.25.6 crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2026-27142 中危 v1.24.6 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

stdlib CVE-2026-32282 中危 v1.24.6 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32288 中危 v1.24.6 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32289 中危 v1.24.6 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-39823 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.24.6 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42507 中危 v1.24.6 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

stdlib CVE-2025-58186 低危 v1.24.6 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2026-27139 低危 v1.24.6 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

golang.org/x/sys CVE-2026-39824 未知 v0.35.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

kube-ovn/kube-ovn-daemon (gobinary)
低危漏洞:2 中危漏洞:31 高危漏洞:31 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
google.golang.org/grpc CVE-2026-33186 严重 v1.73.0 1.79.3 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-20 23:16 修改: 2026-06-30 03:18

stdlib CVE-2025-68121 严重 v1.24.6 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58

github.com/containerd/containerd/v2 CVE-2026-53488 高危 v2.1.3 2.0.10, 2.1.9, 2.2.5, 2.3.2 CVE-2026-53488 affecting package containerd2 for versions less than 2.2.4-3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53488

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

github.com/containerd/containerd/v2 CVE-2026-53489 高危 v2.1.3 2.1.9, 2.2.5, 2.3.2 CVE-2026-53489 affecting package containerd2 for versions less than 2.2.4-3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53489

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

github.com/containerd/containerd/v2 CVE-2026-53492 高危 v2.1.3 2.1.9, 2.2.5, 2.3.2 CVE-2026-53492 affecting package containerd2 for versions less than 2.2.4-3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53492

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

github.com/docker/docker CVE-2026-34040 高危 v28.3.3+incompatible 29.3.1 Moby: Moby: Authorization bypass vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34040

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-31 03:15 修改: 2026-06-17 10:38

github.com/docker/docker CVE-2026-41567 高危 v28.3.3+incompatible docker: Moby/Docker Engine: Arbitrary Code Execution via malicious container image and compressed archive upload

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41567

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-05 02:17 修改: 2026-06-30 03:19

github.com/docker/docker CVE-2026-42306 高危 v28.3.3+incompatible Moby is an open source container framework. In Docker Engine prior to ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42306

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-12 19:16 修改: 2026-06-17 10:47

github.com/moby/spdystream CVE-2026-35469 高危 v0.5.0 0.5.1 Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35469

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-16 22:16 修改: 2026-06-30 03:19

go.opentelemetry.io/otel CVE-2026-29181 高危 v1.37.0 1.41.0 github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-07 21:17 修改: 2026-06-30 03:18

go.opentelemetry.io/otel/sdk CVE-2026-24051 高危 v1.37.0 1.40.0 OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24051

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-02 23:16 修改: 2026-06-17 10:22

go.opentelemetry.io/otel/sdk CVE-2026-39883 高危 v1.37.0 1.43.0 github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Arbitrary code execution via PATH hijacking on BSD/Solaris

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39883

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 21:17 修改: 2026-06-30 03:19

golang.org/x/net CVE-2026-25680 高危 v0.43.0 0.55.0 Parsing arbitrary HTML can consume excessive CPU time, possibly leadin ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-25681 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-27136 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26

golang.org/x/net CVE-2026-33814 高危 v0.43.0 0.53.0 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

golang.org/x/net CVE-2026-39821 高危 v0.43.0 0.55.0 golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-30 03:19

golang.org/x/net CVE-2026-42502 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

github.com/containerd/containerd/v2 CVE-2024-25621 高危 v2.1.3 2.0.7, 2.1.5, 2.2.0 github.com/containerd/containerd: containerd local privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25621

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-11-06 19:15 修改: 2026-06-17 07:16

github.com/containerd/containerd/v2 CVE-2026-46680 高危 v2.1.3 2.0.9, 2.2.4, 2.3.1 containerd user ID handling bypass allows runAsNonRoot evasion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46680

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

stdlib CVE-2025-61726 高危 v1.24.6 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-30 03:16

stdlib CVE-2025-61729 高危 v1.24.6 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50

stdlib CVE-2026-25679 高危 v1.24.6 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-30 03:17

stdlib CVE-2026-27145 高危 v1.24.6 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-30 03:17

stdlib CVE-2026-32280 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-32281 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32283 高危 v1.24.6 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33811 高危 v1.24.6 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33814 高危 v1.24.6 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-39820 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-39836 高危 v1.24.6 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-42504 高危 v1.24.6 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

github.com/containerd/containerd/v2 CVE-2026-47262 中危 v2.1.3 2.0.10, 2.1.9, 2.2.5, 2.3.2 CVE-2026-47262 affecting package containerd2 for versions less than 2.2.4-3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47262

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

github.com/containerd/containerd/v2 CVE-2026-50195 中危 v2.1.3 2.1.9, 2.2.5, 2.3.2 CVE-2026-50195 affecting package containerd2 for versions less than 2.2.4-3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50195

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

golang.org/x/net CVE-2025-47911 中危 v0.43.0 0.45.0 golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47911

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:28

golang.org/x/net CVE-2025-58190 中危 v0.43.0 0.45.0 golang.org/x/net/html: Infinite parsing loop in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58190

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:44

golang.org/x/net CVE-2026-42506 中危 v0.43.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

github.com/docker/docker CVE-2026-33997 中危 v28.3.3+incompatible 29.3.1 moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33997

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-31 03:15 修改: 2026-06-30 03:18

k8s.io/kubernetes CVE-2025-13281 中危 v1.32.7 1.32.10, 1.33.6, 1.34.2 kube-controller-manager: Portworx Half-Blind SSRF in kube-controller-manager

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13281

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-14 22:15 修改: 2026-06-17 08:33

k8s.io/kubernetes CVE-2025-5187 中危 v1.32.7 1.31.12, 1.32.8, 1.33.4 kubernetes: kube-apiserver: Nodes can delete themselves by adding an OwnerReference

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5187

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-08-27 17:15 修改: 2026-06-17 09:47

github.com/docker/docker CVE-2026-41568 中危 v28.3.3+incompatible github.com/docker/docker: github.com/moby/moby: Moby: Denial of Service via race condition in docker cp mount setup

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41568

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-12 19:16 修改: 2026-06-17 10:46

github.com/containernetworking/plugins CVE-2025-67499 中危 v1.7.1 1.9.0 CNI portmap plugin: github.com/containernetworking/plugins/plugins/meta/portmap: CNI portmap plugin: HostPort forwarding vulnerability allows traffic interception

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67499

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-10 00:16 修改: 2026-06-17 09:57

github.com/containerd/containerd/v2 CVE-2025-64329 中危 v2.1.3 2.0.7, 2.1.5, 2.2.0 github.com/containerd/containerd: containerd: Memory exhaustion via CRI Attach implementation goroutine leaks

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64329

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-11-07 05:16 修改: 2026-06-17 09:54

stdlib CVE-2025-47912 中危 v1.24.6 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28

stdlib CVE-2025-58183 中危 v1.24.6 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58185 中危 v1.24.6 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58187 中危 v1.24.6 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58188 中危 v1.24.6 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58189 中危 v1.24.6 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-61723 中危 v1.24.6 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61724 中危 v1.24.6 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61725 中危 v1.24.6 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61727 中危 v1.24.6 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61728 中危 v1.24.6 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61730 中危 v1.24.6 1.24.12, 1.25.6 crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2026-27142 中危 v1.24.6 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

stdlib CVE-2026-32282 中危 v1.24.6 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32288 中危 v1.24.6 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32289 中危 v1.24.6 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-39823 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.24.6 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42507 中危 v1.24.6 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

stdlib CVE-2025-58186 低危 v1.24.6 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2026-27139 低危 v1.24.6 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

golang.org/x/sys CVE-2026-39824 未知 v0.35.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:192040b28f4e528a5f3a5a1a17de934c1f362c7fbb27a0c5bbde8b6b5c9d739f

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

loopback (gobinary)
低危漏洞:2 中危漏洞:21 高危漏洞:13 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2025-68121 严重 v1.24.6 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58

stdlib CVE-2025-61726 高危 v1.24.6 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-30 03:16

stdlib CVE-2025-61729 高危 v1.24.6 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50

stdlib CVE-2026-25679 高危 v1.24.6 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-30 03:17

stdlib CVE-2026-27145 高危 v1.24.6 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-30 03:17

stdlib CVE-2026-32280 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-32281 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32283 高危 v1.24.6 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33811 高危 v1.24.6 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33814 高危 v1.24.6 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-39820 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-39836 高危 v1.24.6 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-42504 高危 v1.24.6 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

github.com/containernetworking/plugins CVE-2025-67499 中危 v1.7.1 1.9.0 CNI portmap plugin: github.com/containernetworking/plugins/plugins/meta/portmap: CNI portmap plugin: HostPort forwarding vulnerability allows traffic interception

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67499

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-10 00:16 修改: 2026-06-17 09:57

stdlib CVE-2025-47912 中危 v1.24.6 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28

stdlib CVE-2025-58183 中危 v1.24.6 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58185 中危 v1.24.6 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58187 中危 v1.24.6 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58188 中危 v1.24.6 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58189 中危 v1.24.6 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-61723 中危 v1.24.6 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61724 中危 v1.24.6 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61725 中危 v1.24.6 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61727 中危 v1.24.6 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61728 中危 v1.24.6 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61730 中危 v1.24.6 1.24.12, 1.25.6 crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2026-27142 中危 v1.24.6 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

stdlib CVE-2026-32282 中危 v1.24.6 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32288 中危 v1.24.6 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32289 中危 v1.24.6 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-39823 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.24.6 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42507 中危 v1.24.6 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

stdlib CVE-2025-58186 低危 v1.24.6 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2026-27139 低危 v1.24.6 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

golang.org/x/sys CVE-2026-39824 未知 v0.32.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

macvlan (gobinary)
低危漏洞:2 中危漏洞:21 高危漏洞:13 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2025-68121 严重 v1.24.6 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58

stdlib CVE-2025-61726 高危 v1.24.6 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-30 03:16

stdlib CVE-2025-61729 高危 v1.24.6 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50

stdlib CVE-2026-25679 高危 v1.24.6 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-30 03:17

stdlib CVE-2026-27145 高危 v1.24.6 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-30 03:17

stdlib CVE-2026-32280 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-32281 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32283 高危 v1.24.6 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33811 高危 v1.24.6 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33814 高危 v1.24.6 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-39820 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-39836 高危 v1.24.6 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-42504 高危 v1.24.6 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

github.com/containernetworking/plugins CVE-2025-67499 中危 v1.7.1 1.9.0 CNI portmap plugin: github.com/containernetworking/plugins/plugins/meta/portmap: CNI portmap plugin: HostPort forwarding vulnerability allows traffic interception

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67499

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-10 00:16 修改: 2026-06-17 09:57

stdlib CVE-2025-47912 中危 v1.24.6 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28

stdlib CVE-2025-58183 中危 v1.24.6 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58185 中危 v1.24.6 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58187 中危 v1.24.6 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58188 中危 v1.24.6 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58189 中危 v1.24.6 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-61723 中危 v1.24.6 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61724 中危 v1.24.6 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61725 中危 v1.24.6 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61727 中危 v1.24.6 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61728 中危 v1.24.6 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61730 中危 v1.24.6 1.24.12, 1.25.6 crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2026-27142 中危 v1.24.6 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

stdlib CVE-2026-32282 中危 v1.24.6 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32288 中危 v1.24.6 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32289 中危 v1.24.6 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-39823 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.24.6 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42507 中危 v1.24.6 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

stdlib CVE-2025-58186 低危 v1.24.6 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2026-27139 低危 v1.24.6 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

golang.org/x/sys CVE-2026-39824 未知 v0.32.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

portmap (gobinary)
低危漏洞:2 中危漏洞:21 高危漏洞:13 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2025-68121 严重 v1.24.6 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58

stdlib CVE-2025-61726 高危 v1.24.6 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-30 03:16

stdlib CVE-2025-61729 高危 v1.24.6 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50

stdlib CVE-2026-25679 高危 v1.24.6 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-30 03:17

stdlib CVE-2026-27145 高危 v1.24.6 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-30 03:17

stdlib CVE-2026-32280 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-32281 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32283 高危 v1.24.6 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33811 高危 v1.24.6 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33814 高危 v1.24.6 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-39820 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-39836 高危 v1.24.6 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-42504 高危 v1.24.6 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

github.com/containernetworking/plugins CVE-2025-67499 中危 v1.7.1 1.9.0 CNI portmap plugin: github.com/containernetworking/plugins/plugins/meta/portmap: CNI portmap plugin: HostPort forwarding vulnerability allows traffic interception

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67499

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-10 00:16 修改: 2026-06-17 09:57

stdlib CVE-2025-47912 中危 v1.24.6 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28

stdlib CVE-2025-58183 中危 v1.24.6 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58185 中危 v1.24.6 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58187 中危 v1.24.6 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58188 中危 v1.24.6 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58189 中危 v1.24.6 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-61723 中危 v1.24.6 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61724 中危 v1.24.6 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61725 中危 v1.24.6 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61727 中危 v1.24.6 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61728 中危 v1.24.6 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61730 中危 v1.24.6 1.24.12, 1.25.6 crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2026-27142 中危 v1.24.6 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

stdlib CVE-2026-32282 中危 v1.24.6 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32288 中危 v1.24.6 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32289 中危 v1.24.6 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-39823 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.24.6 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42507 中危 v1.24.6 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

stdlib CVE-2025-58186 低危 v1.24.6 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2026-27139 低危 v1.24.6 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

golang.org/x/sys CVE-2026-39824 未知 v0.32.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

usr/bin/gobgp (gobinary)
低危漏洞:2 中危漏洞:23 高危漏洞:19 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
google.golang.org/grpc CVE-2026-33186 严重 v1.56.3 1.79.3 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-20 23:16 修改: 2026-06-30 03:18

stdlib CVE-2025-68121 严重 v1.24.6 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58

golang.org/x/net CVE-2026-27136 高危 v0.38.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26

golang.org/x/net CVE-2026-33814 高危 v0.38.0 0.53.0 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

golang.org/x/net CVE-2026-39821 高危 v0.38.0 0.55.0 golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-22 16:16 修改: 2026-06-30 03:19

golang.org/x/net CVE-2026-42502 高危 v0.38.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

golang.org/x/net CVE-2026-25680 高危 v0.38.0 0.55.0 Parsing arbitrary HTML can consume excessive CPU time, possibly leadin ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-25681 高危 v0.38.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

stdlib CVE-2025-61726 高危 v1.24.6 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-30 03:16

stdlib CVE-2025-61729 高危 v1.24.6 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50

stdlib CVE-2026-25679 高危 v1.24.6 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-30 03:17

stdlib CVE-2026-27145 高危 v1.24.6 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-30 03:17

stdlib CVE-2026-32280 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-32281 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32283 高危 v1.24.6 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33811 高危 v1.24.6 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33814 高危 v1.24.6 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-39820 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-39836 高危 v1.24.6 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-42504 高危 v1.24.6 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

golang.org/x/net CVE-2025-47911 中危 v0.38.0 0.45.0 golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47911

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:28

golang.org/x/net CVE-2025-58190 中危 v0.38.0 0.45.0 golang.org/x/net/html: Infinite parsing loop in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58190

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:44

golang.org/x/net CVE-2026-42506 中危 v0.38.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

stdlib CVE-2025-47912 中危 v1.24.6 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28

stdlib CVE-2025-58183 中危 v1.24.6 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58185 中危 v1.24.6 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58187 中危 v1.24.6 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58188 中危 v1.24.6 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58189 中危 v1.24.6 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-61723 中危 v1.24.6 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61724 中危 v1.24.6 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61725 中危 v1.24.6 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61727 中危 v1.24.6 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61728 中危 v1.24.6 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61730 中危 v1.24.6 1.24.12, 1.25.6 crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2026-27142 中危 v1.24.6 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

stdlib CVE-2026-32282 中危 v1.24.6 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32288 中危 v1.24.6 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32289 中危 v1.24.6 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-39823 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.24.6 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42507 中危 v1.24.6 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

stdlib CVE-2025-58186 低危 v1.24.6 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2026-27139 低危 v1.24.6 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

golang.org/x/sys CVE-2026-39824 未知 v0.31.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

usr/bin/kubectl (gobinary)
低危漏洞:2 中危漏洞:25 高危漏洞:21 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2025-68121 严重 v1.24.6 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58

go.opentelemetry.io/otel CVE-2026-29181 高危 v1.37.0 1.41.0 github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-04-07 21:17 修改: 2026-06-30 03:18

golang.org/x/net CVE-2026-25680 高危 v0.43.0 0.55.0 Parsing arbitrary HTML can consume excessive CPU time, possibly leadin ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-25681 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-27136 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26

golang.org/x/net CVE-2026-33814 高危 v0.43.0 0.53.0 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

golang.org/x/net CVE-2026-39821 高危 v0.43.0 0.55.0 golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-05-22 16:16 修改: 2026-06-30 03:19

golang.org/x/net CVE-2026-42502 高危 v0.43.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

github.com/moby/spdystream CVE-2026-35469 高危 v0.5.0 0.5.1 Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35469

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-16 22:16 修改: 2026-06-30 03:19

stdlib CVE-2025-61726 高危 v1.24.6 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-30 03:16

stdlib CVE-2025-61729 高危 v1.24.6 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50

stdlib CVE-2026-25679 高危 v1.24.6 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-30 03:17

stdlib CVE-2026-27145 高危 v1.24.6 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-30 03:17

stdlib CVE-2026-32280 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-32281 高危 v1.24.6 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32283 高危 v1.24.6 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33811 高危 v1.24.6 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-33814 高危 v1.24.6 1.25.10, 1.26.3 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:18

stdlib CVE-2026-39820 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: Go net/mail: Denial of Service via crafted email inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-39836 高危 v1.24.6 1.25.10, 1.26.3 ELSA-2026-22121: golang security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42499 高危 v1.24.6 1.25.10, 1.26.3 net/mail: golang: net/mail: Denial of Service via pathological email address parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-30 03:19

stdlib CVE-2026-42504 高危 v1.24.6 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

k8s.io/kubernetes CVE-2025-5187 中危 v1.32.7 1.31.12, 1.32.8, 1.33.4 kubernetes: kube-apiserver: Nodes can delete themselves by adding an OwnerReference

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5187

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2025-08-27 17:15 修改: 2026-06-17 09:47

golang.org/x/net CVE-2025-47911 中危 v0.43.0 0.45.0 golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47911

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:28

golang.org/x/net CVE-2025-58190 中危 v0.43.0 0.45.0 golang.org/x/net/html: Infinite parsing loop in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58190

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:44

golang.org/x/net CVE-2026-42506 中危 v0.43.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

k8s.io/kubernetes CVE-2025-13281 中危 v1.32.7 1.32.10, 1.33.6, 1.34.2 kube-controller-manager: Portworx Half-Blind SSRF in kube-controller-manager

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13281

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2025-12-14 22:15 修改: 2026-06-17 08:33

stdlib CVE-2025-47912 中危 v1.24.6 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28

stdlib CVE-2025-58183 中危 v1.24.6 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58185 中危 v1.24.6 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58187 中危 v1.24.6 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58188 中危 v1.24.6 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-58189 中危 v1.24.6 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2025-61723 中危 v1.24.6 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61724 中危 v1.24.6 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61725 中危 v1.24.6 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61727 中危 v1.24.6 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61728 中危 v1.24.6 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2025-61730 中危 v1.24.6 1.24.12, 1.25.6 crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50

stdlib CVE-2026-27142 中危 v1.24.6 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

stdlib CVE-2026-32282 中危 v1.24.6 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32288 中危 v1.24.6 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-32289 中危 v1.24.6 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35

stdlib CVE-2026-39823 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39825 中危 v1.24.6 1.25.10, 1.26.3 net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-39826 中危 v1.24.6 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42

stdlib CVE-2026-42507 中危 v1.24.6 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

stdlib CVE-2025-58186 低危 v1.24.6 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44

stdlib CVE-2026-27139 低危 v1.24.6 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:801319ace671afb0eeb67aed1b22bb3d9cfe099e3d4eb71298b1fb26a77e1387

发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26

golang.org/x/sys CVE-2026-39824 未知 v0.35.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:43c23bc63abd3751dd3d53667c6345212f3d125e6aa1182e515a15f5c3e64700

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×