docker.io/logstash:9.4.2 linux/amd64

docker.io/logstash:9.4.2 - Trivy安全扫描结果 扫描时间: 2026-06-29 15:04
全部漏洞信息
低危漏洞:69 中危漏洞:106 高危漏洞:27 严重漏洞:1

系统OS: redhat 9.8 扫描引擎: Trivy 扫描时间: 2026-06-29 15:04

docker.io/logstash:9.4.2 (redhat 9.8) (redhat)
低危漏洞:61 中危漏洞:72 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bzip2-libs CVE-2026-42250 中危 1.0.8-11.el9 bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42250

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-28 14:16 修改: 2026-06-17 10:47
coreutils-single CVE-2025-5278 中危 8.32-40.el9 8.32-41.el9_8 coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-05-27 21:15 修改: 2026-06-25 05:16
curl-minimal CVE-2025-13034 中危 7.76.1-40.el9 curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:33
curl-minimal CVE-2025-14017 中危 7.76.1-40.el9 curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
curl-minimal CVE-2026-1965 中危 7.76.1-40.el9 curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16
curl-minimal CVE-2026-3783 中危 7.76.1-40.el9 curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
curl-minimal CVE-2026-3784 中危 7.76.1-40.el9 curl: curl: Unauthorized access due to improper HTTP proxy connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
curl-minimal CVE-2026-3805 中危 7.76.1-40.el9 curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
curl-minimal CVE-2026-4873 中危 7.76.1-40.el9 curl: curl: Information disclosure due to incorrect TLS connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57
curl-minimal CVE-2026-5545 中危 7.76.1-40.el9 curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
curl-minimal CVE-2026-5773 中危 7.76.1-40.el9 curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
curl-minimal CVE-2026-6253 中危 7.76.1-40.el9 curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
curl-minimal CVE-2026-6429 中危 7.76.1-40.el9 curl: libcurl: Credential leak via reused proxy connection during HTTP redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
curl-minimal CVE-2026-7168 中危 7.76.1-40.el9 curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01
glib2 CVE-2026-1484 中危 2.68.4-19.el9_8.1 Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1484

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-27 14:15 修改: 2026-06-17 10:15
glib2 CVE-2026-1489 中危 2.68.4-19.el9_8.1 Glib: GLib: Memory corruption via integer overflow in Unicode case conversion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1489

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-27 15:15 修改: 2026-06-17 10:15
glibc CVE-2026-5435 中危 2.34-270.el9_8 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
glibc CVE-2026-5450 中危 2.34-270.el9_8 glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc CVE-2026-5928 中危 2.34-270.el9_8 glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc CVE-2026-6238 中危 2.34-270.el9_8 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
glibc-common CVE-2026-5435 中危 2.34-270.el9_8 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
glibc-common CVE-2026-5450 中危 2.34-270.el9_8 glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc-common CVE-2026-5928 中危 2.34-270.el9_8 glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc-common CVE-2026-6238 中危 2.34-270.el9_8 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
glibc-minimal-langpack CVE-2026-5435 中危 2.34-270.el9_8 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
glibc-minimal-langpack CVE-2026-5450 中危 2.34-270.el9_8 glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc-minimal-langpack CVE-2026-5928 中危 2.34-270.el9_8 glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc-minimal-langpack CVE-2026-6238 中危 2.34-270.el9_8 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
gnupg2 CVE-2025-68972 中危 2.3.3-5.el9_7 gnupg: GnuPG: Signature bypass via form feed character in signed messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-12-27 23:15 修改: 2026-06-17 09:59
krb5-libs CVE-2026-11850 中危 1.21.1-10.el9_8 krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
libarchive CVE-2023-30571 中危 3.5.3-9.el9_7 libarchive: Race condition in multi-threaded use of archive_write_disk_header() on posix based systems

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-30571

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2023-05-29 20:15 修改: 2026-06-17 05:55
libarchive CVE-2025-60753 中危 3.5.3-9.el9_7 libarchive: bsdtar hangs and OOMs with zero-length pattern matches

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-60753

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-11-05 16:15 修改: 2026-06-17 09:50
libarchive CVE-2026-4426 中危 3.5.3-9.el9_7 libarchive: libarchive: Denial of Service via malformed ISO file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4426

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:56
libarchive CVE-2026-5745 中危 3.5.3-9.el9_7 libarchive: A NULL pointer dereference vulnerability exists in the ACL parser of libarchive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5745

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-07 16:16 修改: 2026-06-17 10:59
libblkid CVE-2026-27456 中危 2.37.4-25.el9 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libcurl-minimal CVE-2025-13034 中危 7.76.1-40.el9 curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:33
libcurl-minimal CVE-2025-14017 中危 7.76.1-40.el9 curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
libcurl-minimal CVE-2026-1965 中危 7.76.1-40.el9 curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16
libcurl-minimal CVE-2026-3783 中危 7.76.1-40.el9 curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
libcurl-minimal CVE-2026-3784 中危 7.76.1-40.el9 curl: curl: Unauthorized access due to improper HTTP proxy connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
libcurl-minimal CVE-2026-3805 中危 7.76.1-40.el9 curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
libcurl-minimal CVE-2026-4873 中危 7.76.1-40.el9 curl: curl: Information disclosure due to incorrect TLS connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57
libcurl-minimal CVE-2026-5545 中危 7.76.1-40.el9 curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
libcurl-minimal CVE-2026-5773 中危 7.76.1-40.el9 curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
libcurl-minimal CVE-2026-6253 中危 7.76.1-40.el9 curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
libcurl-minimal CVE-2026-6429 中危 7.76.1-40.el9 curl: libcurl: Credential leak via reused proxy connection during HTTP redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
libcurl-minimal CVE-2026-7168 中危 7.76.1-40.el9 curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01
libgcrypt CVE-2026-41989 中危 1.10.0-11.el9 Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47
libmount CVE-2026-27456 中危 2.37.4-25.el9 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libsmartcols CVE-2026-27456 中危 2.37.4-25.el9 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libsolv CVE-2026-48864 中危 0.7.24-5.el9_8 libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48864

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-26 17:16 修改: 2026-06-24 03:16
libsolv CVE-2026-9149 中危 0.7.24-5.el9_8 libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9149

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-21 00:16 修改: 2026-06-27 00:16
libsolv CVE-2026-9150 中危 0.7.24-5.el9_8 libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9150

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-20 23:16 修改: 2026-06-27 00:16
libuuid CVE-2026-27456 中危 2.37.4-25.el9 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libxml2 CVE-2026-0990 中危 2.9.13-14.el9_8.1 libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0990

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-15 15:15 修改: 2026-06-17 10:11
libxml2 CVE-2026-1757 中危 2.9.13-14.el9_8.1 libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1757

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-02-02 13:15 修改: 2026-06-17 10:16
libxml2 CVE-2026-6653 中危 2.9.13-14.el9_8.1 libxml2: mingw-libxml2: libxml2: Denial of Service via crafted XML input due to use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6653

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-06-22 14:17 修改: 2026-06-22 18:16
libxml2 CVE-2026-6732 中危 2.9.13-14.el9_8.1 libxml2: libxml2: Denial of Service via crafted XSD-validated document

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6732

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-23 23:16 修改: 2026-06-17 11:01
openldap CVE-2026-22185 中危 2.6.8-4.el9 OpenLDAP: OpenLDAP LMDB: Denial of Service and Information Disclosure via Heap Buffer Underflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22185

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-07 21:16 修改: 2026-06-17 10:19
openssl CVE-2026-2673 中危 1:3.5.5-4.el9_8 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
openssl-fips-provider CVE-2026-2673 中危 3.0.7-11.el9_8 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
openssl-fips-provider-so CVE-2026-2673 中危 3.0.7-11.el9_8 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
openssl-libs CVE-2026-2673 中危 1:3.5.5-4.el9_8 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
rpm CVE-2026-44604 中危 4.16.1.3-40.el9 rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44604

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-28 08:16 修改: 2026-06-23 20:16
rpm-libs CVE-2026-44604 中危 4.16.1.3-40.el9 rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44604

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-28 08:16 修改: 2026-06-23 20:16
sed CVE-2026-5958 中危 4.8-10.el9 sed: GNU sed TOCTOU race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-20 12:16 修改: 2026-06-17 10:59
systemd-libs CVE-2026-4105 中危 252-67.el9_8.4 systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-13 19:55 修改: 2026-06-17 10:55
tar CVE-2005-2541 中危 2:1.34-11.el9 tar: does not properly warn the user when extracting setuid or setgid files

漏洞详情: https://avd.aquasec.com/nvd/cve-2005-2541

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2005-08-10 04:00 修改: 2026-04-16 00:27
tar CVE-2025-64118 中危 2:1.34-11.el9 node-tar: tar: node-tar: Information disclosure via reading a truncated tar file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64118

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2025-10-30 18:15 修改: 2026-06-17 09:53
tar CVE-2026-33056 中危 2:1.34-11.el9 tar-rs: tar-rs: Arbitrary directory permission modification via crafted tar archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33056

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2026-03-20 08:16 修改: 2026-06-17 10:36
tar CVE-2026-5704 中危 2:1.34-11.el9 tar: tar: Hidden file injection via crafted archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:59
xz-libs CVE-2026-34743 中危 5.2.5-8.el9_0 xz: XZ Utils: Denial of Service via buffer overflow in index decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39
libcurl-minimal CVE-2025-14524 低危 7.76.1-40.el9 curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
libcurl-minimal CVE-2025-15079 低危 7.76.1-40.el9 curl: Host verification bypass during SSH transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
libcurl-minimal CVE-2025-15224 低危 7.76.1-40.el9 curl: libssh key passphrase bypass without agent set

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
libcurl-minimal CVE-2026-6276 低危 7.76.1-40.el9 curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
libgcc CVE-2021-46195 低危 11.5.0-14.el9 gcc: uncontrolled recursion in libiberty/rust-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46195

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2022-01-14 20:15 修改: 2026-06-17 04:14
libgcc CVE-2022-27943 低危 11.5.0-14.el9 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37
curl-minimal CVE-2025-14524 低危 7.76.1-40.el9 curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
libgcrypt CVE-2026-41990 低危 1.10.0-11.el9 Libgcrypt: Libgcrypt: Denial of Service or data integrity issues from missing bounds check during Dilithium signing.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41990

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47
curl-minimal CVE-2025-15079 低危 7.76.1-40.el9 curl: Host verification bypass during SSH transfers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
curl-minimal CVE-2025-15224 低危 7.76.1-40.el9 curl: libssh key passphrase bypass without agent set

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
curl-minimal CVE-2026-6276 低危 7.76.1-40.el9 curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
libarchive CVE-2025-1632 低危 3.5.3-9.el9_7 libarchive: null pointer dereference in bsdunzip.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1632

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-02-24 14:15 修改: 2026-06-17 08:39
libarchive CVE-2025-5915 低危 3.5.3-9.el9_7 libarchive: Heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5915

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-06-09 20:15 修改: 2026-06-25 08:16
libstdc++ CVE-2021-46195 低危 11.5.0-14.el9 gcc: uncontrolled recursion in libiberty/rust-demangle.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46195

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2022-01-14 20:15 修改: 2026-06-17 04:14
libstdc++ CVE-2022-27943 低危 11.5.0-14.el9 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37
libarchive CVE-2025-5916 低危 3.5.3-9.el9_7 libarchive: Integer overflow while reading warc files at archive_read_support_format_warc.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5916

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-06-09 20:15 修改: 2026-06-25 08:16
libarchive CVE-2025-5917 低危 3.5.3-9.el9_7 libarchive: Off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5917

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-06-09 20:15 修改: 2026-06-25 08:16
libarchive CVE-2025-5918 低危 3.5.3-9.el9_7 libarchive: Reading past EOF may be triggered for piped file streams

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5918

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-06-09 20:15 修改: 2026-06-25 08:16
gawk CVE-2023-4156 低危 5.1.0-6.el9 gawk: heap out of bound read in builtin.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4156

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2023-09-25 18:15 修改: 2026-06-17 06:37
curl-minimal CVE-2024-11053 低危 7.76.1-40.el9 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
libxml2 CVE-2023-45322 低危 2.9.13-14.el9_8.1 libxml2: use-after-free in xmlUnlinkNode() in tree.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45322

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2023-10-06 22:15 修改: 2026-06-17 06:28
libxml2 CVE-2025-27113 低危 2.9.13-14.el9_8.1 libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27113

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-02-18 23:15 修改: 2026-06-17 09:03
libxml2 CVE-2025-6170 低危 2.9.13-14.el9_8.1 libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6170

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-06-16 16:15 修改: 2026-06-25 08:16
libxml2 CVE-2026-0989 低危 2.9.13-14.el9_8.1 libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0989

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-15 15:15 修改: 2026-06-17 10:11
libxml2 CVE-2026-0992 低危 2.9.13-14.el9_8.1 libxml2: libxml2: Denial of Service via crafted XML catalogs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0992

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-15 15:15 修改: 2026-06-17 10:11
ncurses-base CVE-2023-50495 低危 6.2-12.20210508.el9 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
ncurses-libs CVE-2023-50495 低危 6.2-12.20210508.el9 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
curl-minimal CVE-2024-7264 低危 7.76.1-40.el9 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19
glib2 CVE-2023-32636 低危 2.68.4-19.el9_8.1 glib: Timeout in fuzz_variant_text

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32636

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2023-09-14 20:15 修改: 2026-06-17 05:59
openssl CVE-2024-13176 低危 1:3.5.5-4.el9_8 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
openssl CVE-2024-41996 低危 1:3.5.5-4.el9_8 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2024-08-26 06:15 修改: 2026-06-17 07:48
openssl CVE-2025-9232 低危 1:3.5.5-4.el9_8 openssl: Out-of-bounds read in HTTP client no_proxy handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
openssl CVE-2026-28387 低危 1:3.5.5-4.el9_8 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl CVE-2026-28388 低危 1:3.5.5-4.el9_8 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl CVE-2026-28389 低危 1:3.5.5-4.el9_8 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl CVE-2026-31789 低危 1:3.5.5-4.el9_8 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
glib2 CVE-2025-3360 低危 2.68.4-19.el9_8.1 glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601().

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3360

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-04-07 13:15 修改: 2026-06-26 02:16
glib2 CVE-2025-7039 低危 2.68.4-19.el9_8.1 glib: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7039

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-09-03 02:15 修改: 2026-06-17 10:04
glib2 CVE-2026-0988 低危 2.68.4-19.el9_8.1 glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0988

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-21 12:15 修改: 2026-06-17 10:11
openssl-libs CVE-2024-13176 低危 1:3.5.5-4.el9_8 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
openssl-libs CVE-2024-41996 低危 1:3.5.5-4.el9_8 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2024-08-26 06:15 修改: 2026-06-17 07:48
openssl-libs CVE-2025-9232 低危 1:3.5.5-4.el9_8 openssl: Out-of-bounds read in HTTP client no_proxy handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
openssl-libs CVE-2026-28387 低危 1:3.5.5-4.el9_8 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl-libs CVE-2026-28388 低危 1:3.5.5-4.el9_8 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl-libs CVE-2026-28389 低危 1:3.5.5-4.el9_8 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl-libs CVE-2026-31789 低危 1:3.5.5-4.el9_8 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
pcre2 CVE-2022-41409 低危 10.40-6.el9 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2023-07-18 14:15 修改: 2026-06-17 05:03
pcre2-syntax CVE-2022-41409 低危 10.40-6.el9 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2023-07-18 14:15 修改: 2026-06-17 05:03
glib2 CVE-2026-1485 低危 2.68.4-19.el9_8.1 Glib: Glib: Local denial of service via buffer underflow in content type parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1485

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-27 14:15 修改: 2026-06-17 10:15
gnupg2 CVE-2022-3219 低危 2.3.3-5.el9_7 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2023-02-23 20:15 修改: 2026-06-17 04:59
gnupg2 CVE-2025-30258 低危 2.3.3-5.el9_7 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
sqlite-libs CVE-2024-0232 低危 3.34.1-10.el9_8 sqlite: use-after-free bug in jsonParseAddNodeArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0232

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2024-01-16 14:15 修改: 2026-06-17 06:53
sqlite-libs CVE-2025-70873 低危 3.34.1-10.el9_8 sqlite: SQLite: Information Disclosure via Crafted ZIP File

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-70873

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-03-12 19:16 修改: 2026-06-17 10:03
gnupg2 CVE-2026-24883 低危 2.3.3-5.el9_7 GnuPG: GnuPG: Denial of service due to specially crafted signature packet

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24883

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-01-27 19:16 修改: 2026-06-17 10:23
gnupg2 CVE-2026-57062 低危 2.3.3-5.el9_7 GnuPG: Incorrect cryptographic message parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57062

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-06-23 18:18 修改: 2026-06-25 20:16
curl-minimal CVE-2024-9681 低危 7.76.1-40.el9 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2024-11-06 08:15 修改: 2026-06-17 08:25
libcurl-minimal CVE-2024-11053 低危 7.76.1-40.el9 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
libcurl-minimal CVE-2024-7264 低危 7.76.1-40.el9 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19
tar CVE-2023-39804 低危 2:1.34-11.el9 tar: Incorrectly handled extension attributes in PAX archives can lead to a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39804

镜像层: sha256:24ced1ee98fcb269db357686feac435b52dcb2bb4a5929c56ed185b9cae29eb0

发布日期: 2024-03-27 04:15 修改: 2026-06-17 06:12
libcurl-minimal CVE-2024-9681 低危 7.76.1-40.el9 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2024-11-06 08:15 修改: 2026-06-17 08:25
zlib CVE-2026-27171 低危 1.2.11-40.el9 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:76c30a19831466a2388cd37770733c4a149dba7034565b568358b06088a23bf2

发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26
Java (jar)
低危漏洞:0 中危漏洞:30 高危漏洞:22 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.15.0 2.18.8, 3.1.4, 2.21.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.16.2 2.18.8, 3.1.4, 2.21.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.16.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.21.2 2.18.8, 3.1.4, 2.21.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.21.2 2.18.8, 3.1.4, 2.21.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.21.2 2.18.8, 3.1.4, 2.21.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.21.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.21.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.21.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
io.netty:netty-handler CVE-2026-44249 高危 4.1.134.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler CVE-2026-44249 高危 4.1.134.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler CVE-2026-44249 高危 4.1.134.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler CVE-2026-45416 高危 4.1.134.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler CVE-2026-45416 高危 4.1.134.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler CVE-2026-45416 高危 4.1.134.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler CVE-2026-50010 高危 4.1.134.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-handler CVE-2026-50010 高危 4.1.134.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-handler CVE-2026-50010 高危 4.1.134.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
org.bouncycastle:bcprov-jdk18on CVE-2026-5598 高危 1.83 1.84 bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5598

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-04-15 10:16 修改: 2026-06-17 10:59
tools.jackson.core:jackson-databind CVE-2026-54512 高危 3.1.1 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
tools.jackson.core:jackson-databind CVE-2026-54513 高危 3.1.1 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.21.2 3.1.4, 2.18.9, 2.21.5 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
com.fasterxml.jackson.core:jackson-databind CVE-2026-54516 中危 2.21.2 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54516

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:52
com.fasterxml.jackson.core:jackson-databind CVE-2026-54516 中危 2.21.2 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54516

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:52
com.fasterxml.jackson.core:jackson-databind CVE-2026-54516 中危 2.21.2 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54516

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:52
com.fasterxml.jackson.core:jackson-databind CVE-2026-54517 中危 2.21.2 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54517

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:51
com.fasterxml.jackson.core:jackson-databind CVE-2026-54517 中危 2.21.2 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54517

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:51
com.fasterxml.jackson.core:jackson-databind CVE-2026-54517 中危 2.21.2 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54517

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:51
com.fasterxml.jackson.core:jackson-databind CVE-2026-54518 中危 2.21.2 2.21.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54518

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 22:16 修改: 2026-06-27 20:49
com.fasterxml.jackson.core:jackson-databind CVE-2026-54518 中危 2.21.2 2.21.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54518

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 22:16 修改: 2026-06-27 20:49
com.fasterxml.jackson.core:jackson-databind CVE-2026-54518 中危 2.21.2 2.21.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54518

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 22:16 修改: 2026-06-27 20:49
io.netty:netty-codec-http CVE-2026-50020 中危 4.1.134.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.16.2 3.1.4, 2.18.9, 2.21.5 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.16.2 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.15.0 3.1.4, 2.18.9, 2.21.5 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.17.2 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.16.2 2.18.8, 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.21.2 2.18.8, 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.21.2 2.18.8, 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
org.bouncycastle:bcpkix-jdk18on CVE-2026-5588 中危 1.83 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-04-15 10:16 修改: 2026-06-17 10:59
com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.21.2 2.18.8, 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
org.bouncycastle:bcprov-jdk18on CVE-2026-0636 中危 1.83 1.84 bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-04-15 10:16 修改: 2026-06-17 10:11
com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.21.2 3.1.4, 2.18.9, 2.21.5 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.21.2 3.1.4, 2.18.9, 2.21.5 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
tools.jackson.core:jackson-databind CVE-2026-54514 中危 3.1.1 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
tools.jackson.core:jackson-databind CVE-2026-54515 中危 3.1.1 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
tools.jackson.core:jackson-databind CVE-2026-54516 中危 3.1.1 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54516

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:52
tools.jackson.core:jackson-databind CVE-2026-54517 中危 3.1.1 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54517

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:51
tools.jackson.core:jackson-databind CVE-2026-54518 中危 3.1.1 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54518

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-23 22:16 修改: 2026-06-27 20:49
Ruby (gemspec)
低危漏洞:8 中危漏洞:4 高危漏洞:5 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
concurrent-ruby CVE-2026-54906 严重 1.1.9 >= 1.3.7 concurrent-ruby: rubygem-concurrent-ruby: concurrent-ruby: Synchronization flaw in ReadWriteLock allows unauthorized lock release and denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54906

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-24 17:17 修改: 2026-06-26 20:00
concurrent-ruby CVE-2026-54904 高危 1.1.9 >= 1.3.7 concurrent-ruby: rubygem-concurrent-ruby: concurrent-ruby: Denial of Service due to infinite loop in AtomicReference#update

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54904

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-24 17:17 修改: 2026-06-26 19:26
erb CVE-2026-41316 高危 4.0.4 ~> 4.0.3.1, ~> 4.0.4.1, ~> 6.0.1.1, >= 6.0.4 erb: ERB: Arbitrary code execution via deserialization bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41316

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-04-24 03:16 修改: 2026-06-17 10:46
faraday CVE-2026-54297 高危 2.14.2 >= 2.14.3 faraday: Faraday: Denial of Service via crafted nested query strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54297

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-24 17:17 修改: 2026-06-26 20:01
puma CVE-2026-47736 高危 6.6.1 ~> 7.2.1, >= 8.0.2 Puma PROXY Protocol v1 Parser Allows Remote Memory Exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47736

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
puma CVE-2026-47737 高危 6.6.1 ~> 7.2.1, >= 8.0.2 Puma PROXY Protocol v1 Accepts Repeated Protocol Headers on Persistent Connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47737

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
net-imap CVE-2026-47242 中危 0.6.4 ~> 0.5.15, >= 0.6.4.1 Net::IMAP: Command Injection via ID command argument

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47242

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-22 21:16 修改: 2026-06-23 15:03
nokogiri GHSA-5prr-v3j2-97mh 中危 1.19.3 >= 1.19.4 Nokogiri: Possible Out-of-Bounds Read in `Nokogiri::XML::NodeSet#[]`

漏洞详情: https://github.com/advisories/GHSA-5prr-v3j2-97mh

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-19 16:36 修改: 2026-06-19 16:36
concurrent-ruby CVE-2026-54905 中危 1.1.9 >= 1.3.7 concurrent-ruby: Concurrent-ruby: Incorrect write lock granting leading to broken mutual exclusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54905

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-24 17:17 修改: 2026-06-26 20:01
net-imap CVE-2026-47240 中危 0.6.4 ~> 0.5.15, >= 0.6.4.1 Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47240

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-22 21:16 修改: 2026-06-23 16:16
nokogiri GHSA-8678-w3jw-xfc2 低危 1.19.3 >= 1.19.4 Nokogiri: XML::Schema on JRuby allows network requests when NONET is set, bypassing CVE-2020-26247

漏洞详情: https://github.com/advisories/GHSA-8678-w3jw-xfc2

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-19 16:36 修改: 2026-06-19 16:36
nokogiri GHSA-9cv2-cfxc-v4v2 低危 1.19.3 >= 1.19.4 Nokogiri: Null Pointer Dereference calling methods on uninitialized wrapper classes

漏洞详情: https://github.com/advisories/GHSA-9cv2-cfxc-v4v2

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-19 16:36 修改: 2026-06-19 16:36
nokogiri GHSA-p67v-3w7g-wjg7 低危 1.19.3 >= 1.19.4 Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime

漏洞详情: https://github.com/advisories/GHSA-p67v-3w7g-wjg7

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-19 16:37 修改: 2026-06-19 16:37
nokogiri GHSA-phwj-rprq-35pp 低危 1.19.3 >= 1.19.4 Nokogiri: Possible Use-After-Free when setting an attribute value via `Nokogiri::XML::Attr#value=` or `#content=`

漏洞详情: https://github.com/advisories/GHSA-phwj-rprq-35pp

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-19 16:37 修改: 2026-06-19 16:37
nokogiri GHSA-wfpw-mmfh-qq69 低危 1.19.3 >= 1.19.4 Nokogiri: Possible Use-After-Free in XInclude Processing

漏洞详情: https://github.com/advisories/GHSA-wfpw-mmfh-qq69

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-19 16:37 修改: 2026-06-19 16:37
nokogiri GHSA-wjv4-x9w8-wm3h 低危 1.19.3 >= 1.19.4 Nokogiri: Possible Use-After-Free when setting `Document#root=` to an invalid node type

漏洞详情: https://github.com/advisories/GHSA-wjv4-x9w8-wm3h

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-19 16:36 修改: 2026-06-19 16:36
net-imap CVE-2026-47241 低危 0.6.4 ~> 0.5.15, >= 0.6.4.1 Net::IMAP: Denial of Service via incomplete raw argument validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47241

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-22 21:16 修改: 2026-06-23 15:16
nokogiri GHSA-5v8h-3h3q-446p 低危 1.19.3 >= 1.19.4 Nokogiri: Possible Use-After-Free when `Nokogiri::XML::Document#encoding=` raises an exception

漏洞详情: https://github.com/advisories/GHSA-5v8h-3h3q-446p

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 2026-06-19 16:35 修改: 2026-06-19 16:35
nokogiri GHSA-g9g8-vgvw-g3vf 未知 1.19.3 >= 1.19.4 Possible invalid memory read when calling `Nokogiri::XML::Node#initialize_copy_with_args` with incorrect argument type

漏洞详情: https://github.com/advisories/GHSA-g9g8-vgvw-g3vf

镜像层: sha256:58371f807ac0db475b4fbca5060fa6a031953b3e8552a2d6fed5bc415d4252e3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×