docker.io/library/flink:1.20-scala_2.12 linux/amd64

docker.io/library/flink:1.20-scala_2.12 - Trivy安全扫描结果扫描时间: 2026-06-18 09:28

全部漏洞信息

低危漏洞:35

中危漏洞:44

高危漏洞:2

严重漏洞:0

系统OS: ubuntu 22.04 扫描引擎: Trivy 扫描时间: 2026-06-18 09:28

docker.io/library/flink:1.20-scala_2.12 (ubuntu 22.04) (ubuntu)

低危漏洞:35

中危漏洞:39

高危漏洞:2

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libssl3	CVE-2026-45447	高危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
openssl	CVE-2026-45447	高危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libc-bin	CVE-2026-4046	中危	2.35-0ubuntu3.13		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-bin	CVE-2026-5435	中危	2.35-0ubuntu3.13		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc-bin	CVE-2026-6238	中危	2.35-0ubuntu3.13		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libc6	CVE-2026-4046	中危	2.35-0ubuntu3.13		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc6	CVE-2026-5435	中危	2.35-0ubuntu3.13		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc6	CVE-2026-6238	中危	2.35-0ubuntu3.13		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libexpat1	CVE-2025-66382	中危	2.4.7-1ubuntu0.7		libexpat: libexpat: Denial of service via crafted file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2025-11-28 07:15 修改: 2026-06-02 14:16
libgcrypt20	CVE-2026-41989	中危	1.9.4-3ubuntu3	1.9.4-3ubuntu3.2	Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
libgnutls30	CVE-2026-33845	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-33846	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-3832	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-30 18:16 修改: 2026-06-02 17:16
libgnutls30	CVE-2026-3833	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42009	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-18 13:16 修改: 2026-06-08 17:16
libgnutls30	CVE-2026-42010	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-07 12:16 修改: 2026-06-10 16:17
libgnutls30	CVE-2026-42011	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42012	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42013	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42014	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-16 02:16 修改: 2026-06-16 15:26
libgnutls30	CVE-2026-42015	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-5260	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libmount1	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libpng16-16	CVE-2026-40930	中危	1.6.37-3ubuntu0.5		LIBPNG is a reference library for use in applications that process PNG ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40930 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-04 16:16 修改: 2026-06-04 16:23
libsmartcols1	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
bsdutils	CVE-2026-27456	中危	1:2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libssl3	CVE-2026-34182	中危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-45445	中危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libsystemd0	CVE-2026-40226	中危	249.11-0ubuntu3.20	249.11-0ubuntu3.21	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libudev1	CVE-2026-40226	中危	249.11-0ubuntu3.20	249.11-0ubuntu3.21	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libuuid1	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
locales	CVE-2026-4046	中危	2.35-0ubuntu3.13		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
locales	CVE-2026-5435	中危	2.35-0ubuntu3.13		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
locales	CVE-2026-6238	中危	2.35-0ubuntu3.13		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
mount	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libblkid1	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
openssl	CVE-2026-34182	中危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl	CVE-2026-45445	中危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
tar	CVE-2025-45582	中危	1.34+dfsg-1ubuntu0.1.22.04.2		tar: Tar path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
util-linux	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
wget	CVE-2021-31879	中危	1.21.2-2ubuntu1.1		wget: authorization header disclosure on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2021-04-29 05:15 修改: 2024-11-21 06:06
libssl3	CVE-2026-7383	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
libssl3	CVE-2026-9076	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libstdc++6	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04.3		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
libncursesw6	CVE-2023-50495	低危	6.3-2ubuntu0.1		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libsystemd0	CVE-2023-7008	低危	249.11-0ubuntu3.20	249.11-0ubuntu3.21	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
libsystemd0	CVE-2026-40228	低危	249.11-0ubuntu3.20		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libtinfo6	CVE-2023-50495	低危	6.3-2ubuntu0.1		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libpcre2-8-0	CVE-2022-41409	低危	10.39-3ubuntu0.1		pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-07-18 14:15 修改: 2024-11-21 07:23
libudev1	CVE-2023-7008	低危	249.11-0ubuntu3.20	249.11-0ubuntu3.21	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
libudev1	CVE-2026-40228	低危	249.11-0ubuntu3.20		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libpcre3	CVE-2017-11164	低危	2:8.39-13ubuntu0.22.04.1		pcre: OP_KETRMAX feature in the match function in pcre_exec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2017-07-11 03:29 修改: 2025-04-20 01:37
libzstd1	CVE-2022-4899	低危	1.4.8+dfsg-3build1		zstd: mysql: buffer overrun in util.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-03-31 20:15 修改: 2025-02-18 18:15
gcc-12-base	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04.3		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
libgcrypt20	CVE-2024-2236	低危	1.9.4-3ubuntu3		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
liblzma5	CVE-2026-34743	低危	5.2.5-2ubuntu1	5.2.5-2ubuntu1.1	xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
login	CVE-2023-29383	低危	1:4.8.1-2ubuntu2.2		shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
login	CVE-2024-56433	低危	1:4.8.1-2ubuntu2.2		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libgcc-s1	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04.3		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
ncurses-base	CVE-2023-50495	低危	6.3-2ubuntu0.1		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
ncurses-bin	CVE-2023-50495	低危	6.3-2ubuntu0.1		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libncurses6	CVE-2023-50495	低危	6.3-2ubuntu0.1		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libssl3	CVE-2026-34180	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-42766	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl	CVE-2026-34180	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl	CVE-2026-42766	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl	CVE-2026-42767	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl	CVE-2026-42770	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl	CVE-2026-45446	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
openssl	CVE-2026-7383	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
openssl	CVE-2026-9076	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:cb0875e1258e5edc580f6f811d54aa84e31c80efe463dc0f3e0dd98d2561b38f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
passwd	CVE-2023-29383	低危	1:4.8.1-2ubuntu2.2		shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
passwd	CVE-2024-56433	低危	1:4.8.1-2ubuntu2.2		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libssl3	CVE-2026-42767	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3	CVE-2026-42770	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3	CVE-2026-45446	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57

Java (jar)

低危漏洞:0

中危漏洞:5

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
org.apache.logging.log4j:log4j-1.2-api	CVE-2026-34479	中危	2.24.3	2.25.4	org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479 镜像层: sha256:c83da032e874a2dc50b1af2f4e830e3cae355d0ebe55087b61e9dbf5bad617dc 发布日期: 2026-04-10 16:16 修改: 2026-05-06 18:21
org.apache.logging.log4j:log4j-core	CVE-2025-68161	中危	2.24.3	2.25.3	Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161 镜像层: sha256:c83da032e874a2dc50b1af2f4e830e3cae355d0ebe55087b61e9dbf5bad617dc 发布日期: 2025-12-18 21:15 修改: 2026-01-20 01:15
org.apache.logging.log4j:log4j-core	CVE-2026-34477	中危	2.24.3	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477 镜像层: sha256:c83da032e874a2dc50b1af2f4e830e3cae355d0ebe55087b61e9dbf5bad617dc 发布日期: 2026-04-10 16:16 修改: 2026-05-06 16:49
org.apache.logging.log4j:log4j-core	CVE-2026-34478	中危	2.24.3	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34478 镜像层: sha256:c83da032e874a2dc50b1af2f4e830e3cae355d0ebe55087b61e9dbf5bad617dc 发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:10
org.apache.logging.log4j:log4j-core	CVE-2026-34480	中危	2.24.3	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480 镜像层: sha256:c83da032e874a2dc50b1af2f4e830e3cae355d0ebe55087b61e9dbf5bad617dc 发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:21