docker.io/maven:3.9.8-eclipse-temurin-17-alpine linux/amd64

docker.io/maven:3.9.8-eclipse-temurin-17-alpine - Trivy安全扫描结果扫描时间: 2026-06-24 12:15

全部漏洞信息

低危漏洞:46

中危漏洞:43

高危漏洞:41

严重漏洞:5

系统OS: alpine 3.20.2 扫描引擎: Trivy 扫描时间: 2026-06-24 12:15

docker.io/maven:3.9.8-eclipse-temurin-17-alpine (alpine 3.20.2) (alpine)

低危漏洞:46

中危漏洞:43

高危漏洞:40

严重漏洞:5

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libcrypto3	CVE-2026-31789	严重	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
libexpat	CVE-2024-45491	严重	2.6.2-r0	2.6.3-r0	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
libexpat	CVE-2024-45492	严重	2.6.2-r0	2.6.3-r0	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
libssl3	CVE-2026-31789	严重	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
openssl	CVE-2026-31789	严重	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
libcrypto3	CVE-2025-69421	高危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libcrypto3	CVE-2026-28387	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libcrypto3	CVE-2026-28388	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libcrypto3	CVE-2026-28389	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libcrypto3	CVE-2026-28390	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
binutils	CVE-2025-0840	高危	2.42-r0	2.42-r1	binutils: GNU Binutils objdump.c disassemble_bytes stack-based overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0840 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-01-29 20:15 修改: 2026-06-17 08:27
libcrypto3	CVE-2024-12797	高危	3.3.1-r3	3.3.3-r0	openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12797 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-02-11 16:15 修改: 2026-06-17 07:00
libexpat	CVE-2024-45490	高危	2.6.2-r0	2.6.3-r0	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
libexpat	CVE-2025-59375	高危	2.6.2-r0	2.7.2-r0	firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-09-15 03:15 修改: 2026-06-17 09:46
libexpat	CVE-2026-25210	高危	2.6.2-r0	2.7.4-r0	libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-30 07:16 修改: 2026-06-17 10:24
libexpat	CVE-2026-45186	高危	2.6.2-r0	2.8.1-r0	libexpat: denial of service via crafted XML input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-05-10 07:16 修改: 2026-06-17 10:51
libpng	CVE-2025-64720	高危	1.6.43-r0	1.6.53-r0	libpng: LIBPNG buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64720 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-11-25 00:15 修改: 2026-06-17 09:55
libpng	CVE-2025-65018	高危	1.6.43-r0	1.6.53-r0	libpng: LIBPNG heap buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-65018 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-11-25 00:15 修改: 2026-06-17 09:55
libpng	CVE-2025-66293	高危	1.6.43-r0	1.6.53-r0	libpng: LIBPNG out-of-bounds read in png_image_read_composite 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66293 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-12-03 21:15 修改: 2026-06-17 09:56
libpng	CVE-2026-22695	高危	1.6.43-r0	1.6.54-r0	libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22695 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-12 23:15 修改: 2026-06-17 10:20
libpng	CVE-2026-22801	高危	1.6.43-r0	1.6.54-r0	libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22801 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-12 23:15 修改: 2026-06-17 10:20
libpng	CVE-2026-25646	高危	1.6.43-r0	1.6.55-r0	libpng: LIBPNG has a heap buffer overflow in png_set_quantize 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25646 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-02-10 18:16 修改: 2026-06-17 10:25
libcrypto3	CVE-2024-6119	高危	3.3.1-r3	3.3.2-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2024-09-03 16:15 修改: 2026-06-17 08:17
libssl3	CVE-2024-12797	高危	3.3.1-r3	3.3.3-r0	openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12797 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-02-11 16:15 修改: 2026-06-17 07:00
libssl3	CVE-2024-6119	高危	3.3.1-r3	3.3.2-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2024-09-03 16:15 修改: 2026-06-17 08:17
libssl3	CVE-2025-15467	高危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
libssl3	CVE-2025-69421	高危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libssl3	CVE-2026-28387	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3	CVE-2026-28388	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3	CVE-2026-28389	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3	CVE-2026-28390	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
musl	CVE-2025-26519	高危	1.2.5-r0	1.2.5-r1	musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26519 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-02-14 04:15 修改: 2026-06-17 09:01
musl	CVE-2026-40200	高危	1.2.5-r0	1.2.5-r3	musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-10 17:17 修改: 2026-06-17 10:44
musl-utils	CVE-2025-26519	高危	1.2.5-r0	1.2.5-r1	musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26519 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-02-14 04:15 修改: 2026-06-17 09:01
musl-utils	CVE-2026-40200	高危	1.2.5-r0	1.2.5-r3	musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-10 17:17 修改: 2026-06-17 10:44
libcrypto3	CVE-2025-15467	高危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
openssl	CVE-2024-12797	高危	3.3.1-r3	3.3.3-r0	openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12797 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-02-11 16:15 修改: 2026-06-17 07:00
openssl	CVE-2024-6119	高危	3.3.1-r3	3.3.2-r0	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2024-09-03 16:15 修改: 2026-06-17 08:17
openssl	CVE-2025-15467	高危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
openssl	CVE-2025-69421	高危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2026-28387	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-28388	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-28389	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-28390	高危	3.3.1-r3	3.3.7-r0	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
zlib	CVE-2026-22184	高危	1.3.1-r1	1.3.2-r0	zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22184 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-07 21:16 修改: 2026-06-17 10:19
libcrypto3	CVE-2025-9230	中危	3.3.1-r3	3.3.5-r0	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
libcrypto3	CVE-2025-9231	中危	3.3.1-r3	3.3.5-r0	openssl: Timing side-channel in SM2 algorithm on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
libpng	CVE-2025-64505	中危	1.6.43-r0	1.6.53-r0	libpng: LIBPNG heap buffer overflow via malformed palette index 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64505 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-11-25 00:15 修改: 2026-06-17 09:54
libpng	CVE-2025-64506	中危	1.6.43-r0	1.6.53-r0	libpng: LIBPNG heap buffer over-read 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64506 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-11-25 00:15 修改: 2026-06-17 09:54
libpng	CVE-2026-33416	中危	1.6.43-r0	1.6.56-r0	libpng: libpng: Arbitrary code execution due to use-after-free vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33416 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-03-26 17:16 修改: 2026-06-17 10:37
libpng	CVE-2026-33636	中危	1.6.43-r0	1.6.56-r0	libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33636 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-03-26 17:16 修改: 2026-06-17 10:37
libpng	CVE-2026-34757	中危	1.6.43-r0	1.6.57-r0	libpng: libpng: Information disclosure and data corruption via use-after-free vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34757 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-04-09 15:16 修改: 2026-06-17 10:39
libcrypto3	CVE-2026-31790	中危	3.3.1-r3	3.3.7-r0	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
libcurl	CVE-2024-7264	中危	8.9.0-r0	8.9.1-r0	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19
libcurl	CVE-2024-8096	中危	8.9.0-r0	8.10.0-r0	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2024-09-11 10:15 修改: 2026-06-17 08:21
libcurl	CVE-2024-9681	中危	8.9.0-r0	8.11.0-r0	curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2024-11-06 08:15 修改: 2026-06-17 08:25
libcurl	CVE-2025-4947	中危	8.9.0-r0	8.14.0-r0	libcurl: curl: QUIC certificate check skip with wolfSSL 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4947 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-05-28 07:15 修改: 2026-06-17 09:34
libcurl	CVE-2025-5025	中危	8.9.0-r0	8.14.0-r0	curl: libcurl: QUIC Certificate Pinning Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5025 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-05-28 07:15 修改: 2026-06-17 09:47
libcurl	CVE-2025-5399	中危	8.9.0-r0	8.14.1-r0	curl: libcurl: WebSocket endless loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5399 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-06-07 08:15 修改: 2026-06-17 09:47
libcurl	CVE-2025-9086	中危	8.9.0-r0	8.14.1-r2	curl: libcurl: Curl out of bounds read for cookie path 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
busybox	CVE-2024-58251	中危	1.36.1-r29	1.36.1-r31	In netstat in BusyBox through 1.37.0, local users can launch of networ ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-04-23 18:16 修改: 2026-06-17 08:14
libssl3	CVE-2025-69419	中危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libssl3	CVE-2025-9230	中危	3.3.1-r3	3.3.5-r0	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
libssl3	CVE-2025-9231	中危	3.3.1-r3	3.3.5-r0	openssl: Timing side-channel in SM2 algorithm on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
libssl3	CVE-2026-31790	中危	3.3.1-r3	3.3.7-r0	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
libtasn1	CVE-2024-12133	中危	4.19.0-r2	4.20.0-r0	libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-02-10 16:15 修改: 2026-06-17 06:59
busybox-binsh	CVE-2024-58251	中危	1.36.1-r29	1.36.1-r31	In netstat in BusyBox through 1.37.0, local users can launch of networ ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-04-23 18:16 修改: 2026-06-17 08:14
curl	CVE-2024-7264	中危	8.9.0-r0	8.9.1-r0	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19
musl	CVE-2026-6042	中危	1.2.5-r0	1.2.5-r2	musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-10 09:16 修改: 2026-06-17 11:00
curl	CVE-2024-8096	中危	8.9.0-r0	8.10.0-r0	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2024-09-11 10:15 修改: 2026-06-17 08:21
curl	CVE-2024-9681	中危	8.9.0-r0	8.11.0-r0	curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2024-11-06 08:15 修改: 2026-06-17 08:25
musl-utils	CVE-2026-6042	中危	1.2.5-r0	1.2.5-r2	musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-04-10 09:16 修改: 2026-06-17 11:00
curl	CVE-2025-4947	中危	8.9.0-r0	8.14.0-r0	libcurl: curl: QUIC certificate check skip with wolfSSL 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4947 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-05-28 07:15 修改: 2026-06-17 09:34
libexpat	CVE-2024-50602	中危	2.6.2-r0	2.6.4-r0	libexpat: expat: DoS via XML_ResumeParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2024-10-27 05:15 修改: 2026-06-17 08:04
libexpat	CVE-2024-8176	中危	2.6.2-r0	2.7.0-r0	libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8176 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-03-14 09:15 修改: 2026-06-17 08:22
libexpat	CVE-2026-32776	中危	2.6.2-r0	2.7.5-r0	libexpat: libexpat: Denial of Service due to NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32776 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
libexpat	CVE-2026-32777	中危	2.6.2-r0	2.7.5-r0	libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32777 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
libexpat	CVE-2026-32778	中危	2.6.2-r0	2.7.5-r0	libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32778 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
curl	CVE-2025-5025	中危	8.9.0-r0	8.14.0-r0	curl: libcurl: QUIC Certificate Pinning Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5025 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-05-28 07:15 修改: 2026-06-17 09:47
curl	CVE-2025-5399	中危	8.9.0-r0	8.14.1-r0	curl: libcurl: WebSocket endless loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5399 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-06-07 08:15 修改: 2026-06-17 09:47
curl	CVE-2025-9086	中危	8.9.0-r0	8.14.1-r2	curl: libcurl: Curl out of bounds read for cookie path 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
openssl	CVE-2025-69419	中危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2025-9230	中危	3.3.1-r3	3.3.5-r0	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
openssl	CVE-2025-9231	中危	3.3.1-r3	3.3.5-r0	openssl: Timing side-channel in SM2 algorithm on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
openssl	CVE-2026-31790	中危	3.3.1-r3	3.3.7-r0	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
ssl_client	CVE-2024-58251	中危	1.36.1-r29	1.36.1-r31	In netstat in BusyBox through 1.37.0, local users can launch of networ ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-58251 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-04-23 18:16 修改: 2026-06-17 08:14
libcrypto3	CVE-2025-69419	中危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
zlib	CVE-2026-27171	中危	1.3.1-r1	1.3.2-r0	zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26
libexpat	CVE-2026-41080	低危	2.6.2-r0	2.8.1-r0	libexpat: expat: libexpat: Denial of Service via hash flooding with crafted XML 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41080 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-04-16 17:16 修改: 2026-06-17 10:46
libssl3	CVE-2024-13176	低危	3.3.1-r3	3.3.2-r2	openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
libssl3	CVE-2024-9143	低危	3.3.1-r3	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24
libssl3	CVE-2025-15468	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
libssl3	CVE-2025-66199	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
libssl3	CVE-2025-68160	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
libssl3	CVE-2025-69418	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libssl3	CVE-2025-69420	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libssl3	CVE-2025-9232	低危	3.3.1-r3	3.3.5-r0	openssl: Out-of-bounds read in HTTP client no_proxy handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
libssl3	CVE-2026-22795	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
libssl3	CVE-2026-22796	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
busybox-binsh	CVE-2025-46394	低危	1.36.1-r29	1.36.1-r31	In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-04-23 16:15 修改: 2026-06-17 09:26
libtasn1	CVE-2025-13151	低危	4.19.0-r2	4.21.0-r0	libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-07 22:15 修改: 2026-06-17 08:33
busybox	CVE-2025-46394	低危	1.36.1-r29	1.36.1-r31	In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-04-23 16:15 修改: 2026-06-17 09:26
curl	CVE-2024-11053	低危	8.9.0-r0	8.11.1-r0	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
curl	CVE-2025-0167	低危	8.9.0-r0	8.12.0-r0	When asked to use a `.netrc` file for credentials and to follow HT ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25
curl	CVE-2025-0665	低危	8.9.0-r0	8.12.0-r0	libcurl: Double Close of Eventfd in libcurl 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0665 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:26
curl	CVE-2025-0725	低危	8.9.0-r0	8.12.0-r0	libcurl: Buffer Overflow in libcurl via zlib Integer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0725 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:27
libcurl	CVE-2024-11053	低危	8.9.0-r0	8.11.1-r0	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
libcurl	CVE-2025-0167	低危	8.9.0-r0	8.12.0-r0	When asked to use a `.netrc` file for credentials and to follow HT ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25
libcurl	CVE-2025-0665	低危	8.9.0-r0	8.12.0-r0	libcurl: Double Close of Eventfd in libcurl 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0665 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:26
libcurl	CVE-2025-0725	低危	8.9.0-r0	8.12.0-r0	libcurl: Buffer Overflow in libcurl via zlib Integer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0725 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:27
libcurl	CVE-2025-10148	低危	8.9.0-r0	8.14.1-r2	curl: predictable WebSocket mask 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10148 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-09-12 06:15 修改: 2026-06-17 08:27
libcrypto3	CVE-2024-13176	低危	3.3.1-r3	3.3.2-r2	openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
libcrypto3	CVE-2024-9143	低危	3.3.1-r3	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24
libcrypto3	CVE-2025-15468	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
libcrypto3	CVE-2025-66199	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
libcrypto3	CVE-2025-68160	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
libcrypto3	CVE-2025-69418	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libcrypto3	CVE-2025-69420	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libcrypto3	CVE-2025-9232	低危	3.3.1-r3	3.3.5-r0	openssl: Out-of-bounds read in HTTP client no_proxy handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
libcrypto3	CVE-2026-22795	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
openssl	CVE-2024-13176	低危	3.3.1-r3	3.3.2-r2	openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
openssl	CVE-2024-9143	低危	3.3.1-r3	3.3.2-r1	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24
openssl	CVE-2025-15468	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
openssl	CVE-2025-66199	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
openssl	CVE-2025-68160	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
openssl	CVE-2025-69418	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2025-69420	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2025-9232	低危	3.3.1-r3	3.3.5-r0	openssl: Out-of-bounds read in HTTP client no_proxy handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
openssl	CVE-2026-22795	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
openssl	CVE-2026-22796	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
libcrypto3	CVE-2026-22796	低危	3.3.1-r3	3.3.6-r0	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
ssl_client	CVE-2025-46394	低危	1.36.1-r29	1.36.1-r31	In tar in BusyBox through 1.37.0, a TAR archive can have filenames hid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46394 镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07 发布日期: 2025-04-23 16:15 修改: 2026-06-17 09:26
curl	CVE-2025-10148	低危	8.9.0-r0	8.14.1-r2	curl: predictable WebSocket mask 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10148 镜像层: sha256:37fe96fcdc8f59af71a001827be2344bc29e6498f752ff77fe716fb5f3771584 发布日期: 2025-09-12 06:15 修改: 2026-06-17 08:27
libexpat	CVE-2026-24515	低危	2.6.2-r0	2.7.4-r0	libexpat: libexpat null pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515 镜像层: sha256:1062e8e98187251a38c6250463432e1f158c042d3e5ebd85db6148fa37ed09fc 发布日期: 2026-01-23 08:16 修改: 2026-06-17 10:23

Java (jar)

低危漏洞:0

中危漏洞:0

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
org.codehaus.plexus:plexus-utils	CVE-2025-67030	高危	3.5.1	4.0.3, 3.6.1	org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67030 镜像层: sha256:1f6dc2280d54cea485d76fdb018f88cfe69eee5afd4876460dc96e7a0ab4df04 发布日期: 2026-03-25 18:16 修改: 2026-06-17 09:57

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

org.codehaus.plexus:plexus-utils

CVE-2025-67030

高危

3.5.1

4.0.3, 3.6.1

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67030

镜像层: sha256:1f6dc2280d54cea485d76fdb018f88cfe69eee5afd4876460dc96e7a0ab4df04

发布日期: 2026-03-25 18:16 修改: 2026-06-17 09:57