docker.io/minio/minio:RELEASE.2021-11-24T23-19-33Z linux/amd64

docker.io/minio/minio:RELEASE.2021-11-24T23-19-33Z - Trivy安全扫描结果扫描时间: 2026-06-26 09:46

全部漏洞信息

低危漏洞:237

中危漏洞:545

高危漏洞:172

严重漏洞:7

系统OS: redhat 8.5 扫描引擎: Trivy 扫描时间: 2026-06-26 09:46

docker.io/minio/minio:RELEASE.2021-11-24T23-19-33Z (redhat 8.5) (redhat)

低危漏洞:232

中危漏洞:462

高危漏洞:78

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
brotli	CVE-2025-6176	高危	1.0.6-3.el8	1.0.6-4.el8_10	Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6176 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-10-31 00:15 修改: 2026-06-17 10:01
cyrus-sasl-lib	CVE-2022-24407	高危	2.1.27-5.el8	2.1.27-6.el8_5	cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-02-24 15:15 修改: 2026-06-17 04:31
expat	CVE-2022-22822	高危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Integer overflow in addBinding in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22822 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-10 14:12 修改: 2026-06-17 04:29
expat	CVE-2022-22823	高危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Integer overflow in build_model in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22823 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-10 14:12 修改: 2026-06-17 04:29
expat	CVE-2022-22824	高危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Integer overflow in defineAttribute in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22824 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-10 14:12 修改: 2026-06-17 04:29
expat	CVE-2022-25235	高危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25235 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-02-16 01:15 修改: 2026-06-17 04:33
expat	CVE-2022-25236	高危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25236 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-02-16 01:15 修改: 2026-06-17 04:33
expat	CVE-2022-25315	高危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Integer overflow in storeRawNames() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25315 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-02-18 05:15 修改: 2026-06-17 04:33
expat	CVE-2022-40674	高危	2.2.5-4.el8	2.2.5-8.el8_6.3	expat: a use-after-free in the doContent function in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40674 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-14 11:15 修改: 2026-06-17 05:01
expat	CVE-2025-59375	高危	2.2.5-4.el8	2.5.0-1.el8_10	firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-09-15 03:15 修改: 2026-06-17 09:46
expat	CVE-2026-45186	高危	2.2.5-4.el8	2.5.0-2.el8_10	libexpat: denial of service via crafted XML input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-10 07:16 修改: 2026-06-17 10:51
glibc	CVE-2023-4911	高危	2.28-164.el8	2.28-225.el8_8.6	glibc: buffer overflow in ld.so leading to privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-03 18:15 修改: 2026-06-17 06:38
glibc	CVE-2024-2961	高危	2.28-164.el8	2.28-251.el8_10.1	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25
glibc	CVE-2024-33599	高危	2.28-164.el8	2.28-251.el8_10.2	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-common	CVE-2023-4911	高危	2.28-164.el8	2.28-225.el8_8.6	glibc: buffer overflow in ld.so leading to privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-03 18:15 修改: 2026-06-17 06:38
glibc-common	CVE-2024-2961	高危	2.28-164.el8	2.28-251.el8_10.1	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25
glibc-common	CVE-2024-33599	高危	2.28-164.el8	2.28-251.el8_10.2	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-langpack-en	CVE-2023-4911	高危	2.28-164.el8	2.28-225.el8_8.6	glibc: buffer overflow in ld.so leading to privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-03 18:15 修改: 2026-06-17 06:38
glibc-langpack-en	CVE-2024-2961	高危	2.28-164.el8	2.28-251.el8_10.1	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25
glibc-langpack-en	CVE-2024-33599	高危	2.28-164.el8	2.28-251.el8_10.2	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-minimal-langpack	CVE-2023-4911	高危	2.28-164.el8	2.28-225.el8_8.6	glibc: buffer overflow in ld.so leading to privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-03 18:15 修改: 2026-06-17 06:38
glibc-minimal-langpack	CVE-2024-2961	高危	2.28-164.el8	2.28-251.el8_10.1	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25
glibc-minimal-langpack	CVE-2024-33599	高危	2.28-164.el8	2.28-251.el8_10.2	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
gnupg2	CVE-2025-68973	高危	2.2.20-2.el8	2.2.20-4.el8_10	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-12-28 17:16 修改: 2026-06-17 09:59
gnutls	CVE-2026-33845	高危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-30 18:16 修改: 2026-06-24 17:16
gnutls	CVE-2026-33846	高危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-04 10:15 修改: 2026-06-24 17:16
gnutls	CVE-2026-42009	高危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-18 13:16 修改: 2026-06-24 17:16
gnutls	CVE-2026-42010	高危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 12:16 修改: 2026-06-24 17:16
gzip	CVE-2022-1271	高危	1.9-12.el8	1.9-13.el8_5	gzip: arbitrary-file-write vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-31 16:15 修改: 2026-06-17 04:22
krb5-libs	CVE-2022-42898	高危	1.18.2-14.el8	1.18.2-25.el8_8	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-12-25 06:15 修改: 2026-06-17 05:05
krb5-libs	CVE-2024-3596	高危	1.18.2-14.el8	1.18.2-30.el8_10	freeradius: forgery attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
libarchive	CVE-2025-5914	高危	3.3.3-1.el8	3.3.3-6.el8_10	libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5914 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-06-09 20:15 修改: 2026-06-25 03:16
libarchive	CVE-2026-4424	高危	3.3.3-1.el8	3.3.3-7.el8_10	libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4424 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:56
libcap	CVE-2026-4878	高危	2.26-5.el8	2.48-6.el8_10.1	libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-09 16:16 修改: 2026-06-25 11:16
libksba	CVE-2022-3515	高危	1.3.5-7.el8	1.3.5-8.el8_6	libksba: integer overflow may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3515 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-01-12 15:15 修改: 2026-06-17 04:59
libksba	CVE-2022-47629	高危	1.3.5-7.el8	1.3.5-9.el8_7	libksba: integer overflow to code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47629 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-12-20 23:15 修改: 2026-06-17 05:13
libnghttp2	CVE-2023-44487	高危	1.33.0-3.el8_2.1	1.33.0-5.el8_8	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-10-10 14:15 修改: 2026-06-17 06:27
libnghttp2	CVE-2026-27135	高危	1.33.0-3.el8_2.1	1.33.0-6.el8_10.2	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-03-18 18:16 修改: 2026-06-17 10:26
libxml2	CVE-2024-56171	高危	2.9.7-9.el8_4.2	2.9.7-19.el8_10	libxml2: Use-After-Free in libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56171 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-02-18 22:15 修改: 2026-06-17 08:11
libxml2	CVE-2025-24928	高危	2.9.7-9.el8_4.2	2.9.7-19.el8_10	libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24928 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-02-18 23:15 修改: 2026-06-17 08:59
libxml2	CVE-2025-49794	高危	2.9.7-9.el8_4.2	2.9.7-21.el8_10.1	libxml: Heap use after free (UAF) leads to Denial of service (DoS) 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49794 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-06-16 16:15 修改: 2026-06-25 03:16
libxml2	CVE-2025-49796	高危	2.9.7-9.el8_4.2	2.9.7-21.el8_10.1	libxml: Type confusion leads to Denial of service (DoS) 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49796 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-06-16 16:15 修改: 2026-06-25 03:16
libxml2	CVE-2025-7425	高危	2.9.7-9.el8_4.2	2.9.7-21.el8_10.2	libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-07-10 14:15 修改: 2026-06-25 03:16
openssl	CVE-2022-0778	高危	1:1.1.1k-4.el8	1:1.1.1k-6.el8_5	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-03-15 17:15 修改: 2026-06-17 04:21
openssl	CVE-2023-0286	高危	1:1.1.1k-4.el8	1:1.1.1k-9.el8_7	openssl: X.400 address type confusion in X.509 GeneralName 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:25
openssl	CVE-2026-45447	高危	1:1.1.1k-4.el8	1:1.1.1k-16.el8_6	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
openssl-libs	CVE-2022-0778	高危	1:1.1.1k-4.el8	1:1.1.1k-6.el8_5	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-03-15 17:15 修改: 2026-06-17 04:21
openssl-libs	CVE-2023-0286	高危	1:1.1.1k-4.el8	1:1.1.1k-9.el8_7	openssl: X.400 address type confusion in X.509 GeneralName 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:25
openssl-libs	CVE-2026-45447	高危	1:1.1.1k-4.el8	1:1.1.1k-16.el8_6	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
pam	CVE-2024-10963	高危	1.3.1-15.el8	1.3.1-36.el8_10	pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-11-07 16:15 修改: 2026-06-17 06:56
pam	CVE-2025-6020	高危	1.3.1-15.el8	1.3.1-38.el8_10	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-17 13:15 修改: 2026-06-25 03:16
pam	CVE-2025-8941	高危	1.3.1-15.el8	1.3.1-38.el8_10	linux-pam: Incomplete fix for CVE-2025-6020 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8941 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-08-13 15:15 修改: 2026-06-17 10:07
platform-python	CVE-2023-24329	高危	3.6.8-41.el8	3.6.8-51.el8_8.1	python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-17 15:15 修改: 2026-06-17 05:39
platform-python	CVE-2023-40217	高危	3.6.8-41.el8	3.6.8-51.el8_8.2	python: TLS handshake bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-25 01:15 修改: 2026-06-17 06:16
platform-python	CVE-2023-6597	高危	3.6.8-41.el8	3.6.8-62.el8_10	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-19 16:15 修改: 2026-06-17 06:51
platform-python	CVE-2024-12718	高危	3.6.8-41.el8	3.6.8-70.el8_10	cpython: python: Bypass extraction filter to modify file metadata outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-03 13:15 修改: 2026-06-17 07:00
platform-python	CVE-2025-4138	高危	3.6.8-41.el8	3.6.8-70.el8_10	cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:32
platform-python	CVE-2025-4517	高危	3.6.8-41.el8	3.6.8-70.el8_10	python: cpython: Arbitrary writes via tarfile realpath overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
platform-python	CVE-2026-4519	高危	3.6.8-41.el8	3.6.8-75.el8_10	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 15:16 修改: 2026-06-17 10:56
platform-python	CVE-2026-4786	高危	3.6.8-41.el8	3.6.8-76.el8_10	python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-13 22:16 修改: 2026-06-17 10:57
platform-python	CVE-2026-6100	高危	3.6.8-41.el8	3.6.8-76.el8_10	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-13 18:16 修改: 2026-06-17 11:00
platform-python-setuptools	CVE-2024-6345	高危	39.2.0-6.el8	39.2.0-8.el8_10	pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-07-15 01:15 修改: 2026-06-17 08:17
python3-libs	CVE-2023-24329	高危	3.6.8-41.el8	3.6.8-51.el8_8.1	python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-17 15:15 修改: 2026-06-17 05:39
python3-libs	CVE-2023-40217	高危	3.6.8-41.el8	3.6.8-51.el8_8.2	python: TLS handshake bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-25 01:15 修改: 2026-06-17 06:16
python3-libs	CVE-2023-6597	高危	3.6.8-41.el8	3.6.8-62.el8_10	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-19 16:15 修改: 2026-06-17 06:51
python3-libs	CVE-2024-12718	高危	3.6.8-41.el8	3.6.8-70.el8_10	cpython: python: Bypass extraction filter to modify file metadata outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-03 13:15 修改: 2026-06-17 07:00
python3-libs	CVE-2025-4138	高危	3.6.8-41.el8	3.6.8-70.el8_10	cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:32
python3-libs	CVE-2025-4517	高危	3.6.8-41.el8	3.6.8-70.el8_10	python: cpython: Arbitrary writes via tarfile realpath overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
python3-libs	CVE-2026-4519	高危	3.6.8-41.el8	3.6.8-75.el8_10	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 15:16 修改: 2026-06-17 10:56
python3-libs	CVE-2026-4786	高危	3.6.8-41.el8	3.6.8-76.el8_10	python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-13 22:16 修改: 2026-06-17 10:57
python3-libs	CVE-2026-6100	高危	3.6.8-41.el8	3.6.8-76.el8_10	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-13 18:16 修改: 2026-06-17 11:00
python3-setuptools-wheel	CVE-2024-6345	高危	39.2.0-6.el8	39.2.0-8.el8_10	pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-07-15 01:15 修改: 2026-06-17 08:17
sqlite-libs	CVE-2025-6965	高危	3.26.0-15.el8	3.26.0-20.el8_10	sqlite: Integer Truncation in SQLite 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6965 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-15 14:15 修改: 2026-06-17 10:02
systemd	CVE-2022-2526	高危	239-51.el8	239-58.el8_6.4	systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-09 15:15 修改: 2026-06-17 04:42
systemd-libs	CVE-2022-2526	高危	239-51.el8	239-58.el8_6.4	systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-09 15:15 修改: 2026-06-17 04:42
systemd-pam	CVE-2022-2526	高危	239-51.el8	239-58.el8_6.4	systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-09 15:15 修改: 2026-06-17 04:42
xz-libs	CVE-2022-1271	高危	5.2.4-3.el8	5.2.4-4.el8_6	gzip: arbitrary-file-write vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-08-31 16:15 修改: 2026-06-17 04:22
zlib	CVE-2018-25032	高危	1.2.11-17.el8	1.2.11-18.el8_5	zlib: A flaw found in zlib when compressing (not decompressing) certain inputs 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-03-25 09:15 修改: 2026-06-17 01:54
expat	CVE-2026-32776	中危	2.2.5-4.el8		libexpat: libexpat: Denial of Service due to NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32776 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
expat	CVE-2026-32777	中危	2.2.5-4.el8		libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32777 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
expat	CVE-2026-32778	中危	2.2.5-4.el8		libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32778 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
expat	CVE-2026-50219	中危	2.2.5-4.el8		expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50219 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-04 06:16 修改: 2026-06-17 10:57
expat	CVE-2026-56403	中危	2.2.5-4.el8		libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56403 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15
expat	CVE-2026-56405	中危	2.2.5-4.el8		libexpat: libexpat: Information disclosure and arbitrary code execution via integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56405 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:14
expat	CVE-2026-56406	中危	2.2.5-4.el8		libexpat: libexpat: Arbitrary code execution via integer overflow in XML_ParseBuffer 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56406 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:29
expat	CVE-2026-56412	中危	2.2.5-4.el8		libexpat: libexpat: Use-after-free vulnerability due to improper handling of XML CDATA sections 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56412 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-21 17:16 修改: 2026-06-23 15:31
file-libs	CVE-2019-8905	中危	5.33-20.el8		file: stack-based buffer over-read in do_core_note in readelf.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8905 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-02-18 17:29 修改: 2026-06-17 02:42
glib2	CVE-2022-22624	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Use-after-free leading to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22624 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-23 19:15 修改: 2026-06-17 04:28
glib2	CVE-2022-22628	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Use-after-free leading to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22628 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-23 19:15 修改: 2026-06-17 04:28
glib2	CVE-2022-22629	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Buffer overflow leading to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22629 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-23 20:15 修改: 2026-06-17 04:28
glib2	CVE-2022-22662	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Cookie management issue leading to sensitive user information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22662 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-05-26 18:15 修改: 2026-06-17 04:28
glib2	CVE-2022-26700	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Memory corruption issue leading to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26700 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-23 19:15 修改: 2026-06-17 04:35
glib2	CVE-2022-26709	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Use-after-free leading to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26709 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-01 20:15 修改: 2026-06-17 04:35
glib2	CVE-2022-26710	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Use-after-free leading to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26710 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-01 20:15 修改: 2026-06-17 04:35
glib2	CVE-2022-26716	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Memory corruption issue leading to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26716 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-01 20:15 修改: 2026-06-17 04:35
glib2	CVE-2022-26717	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Use-after-free leading to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26717 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-01 20:15 修改: 2026-06-17 04:35
glib2	CVE-2022-26719	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Memory corruption issue leading to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26719 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-01 20:15 修改: 2026-06-17 04:35
glib2	CVE-2022-30293	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30293 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-05-06 05:15 修改: 2026-06-17 04:43
glib2	CVE-2022-32792	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32792 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-23 19:15 修改: 2026-06-17 04:47
glib2	CVE-2022-32816	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: malicious content may lead to UI spoofing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32816 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-23 19:15 修改: 2026-06-17 04:47
glib2	CVE-2022-32891	中危	2.56.4-156.el8	2.56.4-159.el8	webkitgtk: UI spoofing while Visiting a website that frames malicious content 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32891 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-27 20:15 修改: 2026-06-17 04:48
glib2	CVE-2024-34397	中危	2.56.4-156.el8	2.56.4-166.el8_10	glib2: Signal subscription vulnerabilities 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-07 18:15 修改: 2026-06-17 07:33
glib2	CVE-2024-52533	中危	2.56.4-156.el8	2.56.4-166.el8_10	glib: buffer overflow in set_connect_msg() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52533 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-11-11 23:15 修改: 2026-06-17 08:07
glib2	CVE-2025-13601	中危	2.56.4-156.el8	2.56.4-168.el8_10	glib: Integer overflow in in g_escape_uri_string() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13601 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-11-26 15:15 修改: 2026-06-25 04:17
glib2	CVE-2025-14087	中危	2.56.4-156.el8	2.56.4-169.el8_10	glib: GLib: Buffer underflow in GVariant parser leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14087 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-10 09:15 修改: 2026-06-25 04:17
glib2	CVE-2025-14512	中危	2.56.4-156.el8	2.56.4-169.el8_10	glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14512 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-11 07:16 修改: 2026-06-25 04:17
glib2	CVE-2025-4373	中危	2.56.4-156.el8	2.56.4-166.el8_10	glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4373 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-06 15:16 修改: 2026-06-25 05:16
glib2	CVE-2026-1484	中危	2.56.4-156.el8		Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1484 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 14:15 修改: 2026-06-17 10:15
glib2	CVE-2026-1489	中危	2.56.4-156.el8		Glib: GLib: Memory corruption via integer overflow in Unicode case conversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1489 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 15:15 修改: 2026-06-17 10:15
curl	CVE-2023-23916	中危	7.61.1-22.el8	7.61.1-25.el8_7.3	curl: HTTP multi-header compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-23 20:15 修改: 2026-06-17 05:38
curl	CVE-2023-27535	中危	7.61.1-22.el8	7.61.1-30.el8_8.2	curl: FTP too eager connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-30 20:15 修改: 2026-06-17 05:45
curl	CVE-2023-27536	中危	7.61.1-22.el8	7.61.1-30.el8_8.3	curl: GSS delegation too eager connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-30 20:15 修改: 2026-06-17 05:45
glibc	CVE-2021-3999	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Off-by-one buffer overflow/underflow in getcwd() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-24 16:15 修改: 2026-06-17 04:06
glibc	CVE-2022-23218	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Stack-based buffer overflow in svcunix_create via long pathnames 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-14 07:15 修改: 2026-06-17 04:29
glibc	CVE-2022-23219	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-14 07:15 修改: 2026-06-17 04:29
glibc	CVE-2023-4527	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: Stack read overflow in getaddrinfo in no-aaaa mode 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
glibc	CVE-2023-4806	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
glibc	CVE-2023-4813	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
glibc	CVE-2024-33600	中危	2.28-164.el8	2.28-251.el8_10.2	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc	CVE-2025-0395	中危	2.28-164.el8	2.28-251.el8_10.16	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
glibc	CVE-2025-4802	中危	2.28-164.el8	2.28-251.el8_10.22	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
glibc	CVE-2025-8058	中危	2.28-164.el8	2.28-251.el8_10.25	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06
glibc	CVE-2026-0915	中危	2.28-164.el8	2.28-251.el8_10.31	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
glibc	CVE-2026-4046	中危	2.28-164.el8	2.28-251.el8_10.37	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
glibc	CVE-2026-4437	中危	2.28-164.el8		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
glibc	CVE-2026-5435	中危	2.28-164.el8		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
glibc	CVE-2026-5450	中危	2.28-164.el8		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc	CVE-2026-5928	中危	2.28-164.el8		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc	CVE-2026-6238	中危	2.28-164.el8		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
curl	CVE-2023-28321	中危	7.61.1-22.el8	7.61.1-30.el8_8.3	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-26 21:15 修改: 2026-06-17 05:47
curl	CVE-2023-46218	中危	7.61.1-22.el8	7.61.1-33.el8_9.5	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-07 01:15 修改: 2026-06-17 06:30
curl	CVE-2024-2398	中危	7.61.1-22.el8	7.61.1-34.el8_10.2	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24
glibc-common	CVE-2021-3999	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Off-by-one buffer overflow/underflow in getcwd() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-24 16:15 修改: 2026-06-17 04:06
glibc-common	CVE-2022-23218	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Stack-based buffer overflow in svcunix_create via long pathnames 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-14 07:15 修改: 2026-06-17 04:29
glibc-common	CVE-2022-23219	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-14 07:15 修改: 2026-06-17 04:29
glibc-common	CVE-2023-4527	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: Stack read overflow in getaddrinfo in no-aaaa mode 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
glibc-common	CVE-2023-4806	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
glibc-common	CVE-2023-4813	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
glibc-common	CVE-2024-33600	中危	2.28-164.el8	2.28-251.el8_10.2	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-common	CVE-2025-0395	中危	2.28-164.el8	2.28-251.el8_10.16	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
glibc-common	CVE-2025-4802	中危	2.28-164.el8	2.28-251.el8_10.22	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
glibc-common	CVE-2025-8058	中危	2.28-164.el8	2.28-251.el8_10.25	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06
glibc-common	CVE-2026-0915	中危	2.28-164.el8	2.28-251.el8_10.31	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
glibc-common	CVE-2026-4046	中危	2.28-164.el8	2.28-251.el8_10.37	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
glibc-common	CVE-2026-4437	中危	2.28-164.el8		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
glibc-common	CVE-2026-5435	中危	2.28-164.el8		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
glibc-common	CVE-2026-5450	中危	2.28-164.el8		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc-common	CVE-2026-5928	中危	2.28-164.el8		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc-common	CVE-2026-6238	中危	2.28-164.el8		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
curl	CVE-2025-13034	中危	7.61.1-22.el8		curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:33
curl	CVE-2025-14017	中危	7.61.1-22.el8		curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
curl	CVE-2025-9086	中危	7.61.1-22.el8	7.61.1-34.el8_10.9	curl: libcurl: Curl out of bounds read for cookie path 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
glibc-langpack-en	CVE-2021-3999	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Off-by-one buffer overflow/underflow in getcwd() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-24 16:15 修改: 2026-06-17 04:06
glibc-langpack-en	CVE-2022-23218	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Stack-based buffer overflow in svcunix_create via long pathnames 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-14 07:15 修改: 2026-06-17 04:29
glibc-langpack-en	CVE-2022-23219	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-14 07:15 修改: 2026-06-17 04:29
glibc-langpack-en	CVE-2023-4527	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: Stack read overflow in getaddrinfo in no-aaaa mode 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
glibc-langpack-en	CVE-2023-4806	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
glibc-langpack-en	CVE-2023-4813	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
glibc-langpack-en	CVE-2024-33600	中危	2.28-164.el8	2.28-251.el8_10.2	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-langpack-en	CVE-2025-0395	中危	2.28-164.el8	2.28-251.el8_10.16	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
glibc-langpack-en	CVE-2025-4802	中危	2.28-164.el8	2.28-251.el8_10.22	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
glibc-langpack-en	CVE-2025-8058	中危	2.28-164.el8	2.28-251.el8_10.25	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06
glibc-langpack-en	CVE-2026-0915	中危	2.28-164.el8	2.28-251.el8_10.31	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
glibc-langpack-en	CVE-2026-4046	中危	2.28-164.el8	2.28-251.el8_10.37	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
glibc-langpack-en	CVE-2026-4437	中危	2.28-164.el8		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
glibc-langpack-en	CVE-2026-5435	中危	2.28-164.el8		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
glibc-langpack-en	CVE-2026-5450	中危	2.28-164.el8		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc-langpack-en	CVE-2026-5928	中危	2.28-164.el8		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc-langpack-en	CVE-2026-6238	中危	2.28-164.el8		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
curl	CVE-2026-1965	中危	7.61.1-22.el8		curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16
curl	CVE-2026-3783	中危	7.61.1-22.el8		curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
curl	CVE-2026-3784	中危	7.61.1-22.el8		curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
glibc-minimal-langpack	CVE-2021-3999	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Off-by-one buffer overflow/underflow in getcwd() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-24 16:15 修改: 2026-06-17 04:06
glibc-minimal-langpack	CVE-2022-23218	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Stack-based buffer overflow in svcunix_create via long pathnames 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-14 07:15 修改: 2026-06-17 04:29
glibc-minimal-langpack	CVE-2022-23219	中危	2.28-164.el8	2.28-164.el8_5.3	glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-14 07:15 修改: 2026-06-17 04:29
glibc-minimal-langpack	CVE-2023-4527	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: Stack read overflow in getaddrinfo in no-aaaa mode 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4527 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
glibc-minimal-langpack	CVE-2023-4806	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
glibc-minimal-langpack	CVE-2023-4813	中危	2.28-164.el8	2.28-225.el8_8.6	glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
glibc-minimal-langpack	CVE-2024-33600	中危	2.28-164.el8	2.28-251.el8_10.2	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-minimal-langpack	CVE-2025-0395	中危	2.28-164.el8	2.28-251.el8_10.16	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
glibc-minimal-langpack	CVE-2025-4802	中危	2.28-164.el8	2.28-251.el8_10.22	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
glibc-minimal-langpack	CVE-2025-8058	中危	2.28-164.el8	2.28-251.el8_10.25	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06
glibc-minimal-langpack	CVE-2026-0915	中危	2.28-164.el8	2.28-251.el8_10.31	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
glibc-minimal-langpack	CVE-2026-4046	中危	2.28-164.el8	2.28-251.el8_10.37	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
glibc-minimal-langpack	CVE-2026-4437	中危	2.28-164.el8		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
glibc-minimal-langpack	CVE-2026-5435	中危	2.28-164.el8		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
glibc-minimal-langpack	CVE-2026-5450	中危	2.28-164.el8		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc-minimal-langpack	CVE-2026-5928	中危	2.28-164.el8		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
glibc-minimal-langpack	CVE-2026-6238	中危	2.28-164.el8		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
gmp	CVE-2021-43618	中危	1:6.1.2-10.el8	1:6.1.2-11.el8	gmp: Integer overflow and resultant buffer overflow via crafted input 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43618 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2021-11-15 04:15 修改: 2026-06-17 04:11
curl	CVE-2026-3805	中危	7.61.1-22.el8		curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
gnupg2	CVE-2022-34903	中危	2.2.20-2.el8	2.2.20-3.el8_6	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-07-01 22:15 修改: 2026-06-17 04:51
gnupg2	CVE-2025-68972	中危	2.2.20-2.el8		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-12-27 23:15 修改: 2026-06-17 09:59
curl	CVE-2026-4873	中危	7.61.1-22.el8		curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57
curl	CVE-2026-5545	中危	7.61.1-22.el8		curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
curl	CVE-2026-5773	中危	7.61.1-22.el8		curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
curl	CVE-2026-6253	中危	7.61.1-22.el8		curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
gnutls	CVE-2022-2509	中危	3.6.16-4.el8	3.6.16-5.el8_6	gnutls: Double free during gnutls_pkcs7_verify 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2509 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-01 14:15 修改: 2026-06-17 04:42
gnutls	CVE-2023-0361	中危	3.6.16-4.el8	3.6.16-6.el8_7	gnutls: timing side-channel in the TLS RSA key exchange code 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0361 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-15 18:15 修改: 2026-06-17 05:25
gnutls	CVE-2023-5981	中危	3.6.16-4.el8	3.6.16-8.el8_9	gnutls: timing side-channel in the RSA-PSK authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5981 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-11-28 12:15 修改: 2026-06-17 06:49
gnutls	CVE-2024-0553	中危	3.6.16-4.el8	3.6.16-8.el8_9.1	gnutls: incomplete fix for CVE-2023-5981 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-01-16 12:15 修改: 2026-06-17 06:53
gnutls	CVE-2024-12243	中危	3.6.16-4.el8	3.6.16-8.el8_10.3	gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12243 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-02-10 16:15 修改: 2026-06-17 06:59
gnutls	CVE-2024-28834	中危	3.6.16-4.el8	3.6.16-8.el8_9.3	gnutls: vulnerable to Minerva side-channel information leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-21 14:15 修改: 2026-06-17 07:21
gnutls	CVE-2025-14831	中危	3.6.16-4.el8	3.6.16-8.el8_10.5	gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-02-09 15:16 修改: 2026-06-25 04:17
gnutls	CVE-2025-32988	中危	3.6.16-4.el8	3.6.16-8.el8_10.4	gnutls: Vulnerability in GnuTLS otherName SAN export 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32988 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-10 08:15 修改: 2026-06-25 05:16
gnutls	CVE-2025-32990	中危	3.6.16-4.el8	3.6.16-8.el8_10.4	gnutls: Vulnerability in GnuTLS certtool template parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32990 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-10 10:15 修改: 2026-06-25 05:16
gnutls	CVE-2025-6395	中危	3.6.16-4.el8	3.6.16-8.el8_10.4	gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6395 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-10 16:15 修改: 2026-06-25 05:16
gnutls	CVE-2026-3833	中危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-30 18:16 修改: 2026-06-24 17:16
gnutls	CVE-2026-42011	中危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 15:16 修改: 2026-06-24 17:16
gnutls	CVE-2026-42012	中危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-26 22:16 修改: 2026-06-24 17:17
gnutls	CVE-2026-42013	中危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-26 22:16 修改: 2026-06-24 17:17
gnutls	CVE-2026-42014	中危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-16 02:16 修改: 2026-06-24 17:17
gnutls	CVE-2026-42015	中危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-26 22:16 修改: 2026-06-24 17:17
gnutls	CVE-2026-5260	中危	3.6.16-4.el8	3.6.16-8.el8_10.6	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-26 22:16 修改: 2026-06-24 17:17
curl	CVE-2026-6429	中危	7.61.1-22.el8		curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
curl	CVE-2026-7168	中危	7.61.1-22.el8		curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01
bzip2-libs	CVE-2019-12900	中危	1.0.6-26.el8	1.0.6-28.el8_10	bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail). 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2019-06-19 23:15 修改: 2026-06-17 02:15
krb5-libs	CVE-2024-37370	中危	1.18.2-14.el8	1.18.2-29.el8_10	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
krb5-libs	CVE-2024-37371	中危	1.18.2-14.el8	1.18.2-29.el8_10	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
krb5-libs	CVE-2025-24528	中危	1.18.2-14.el8	1.18.2-31.el8_10	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
krb5-libs	CVE-2025-3576	中危	1.18.2-14.el8	1.18.2-32.el8_10	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-04-15 06:15 修改: 2026-06-25 05:16
krb5-libs	CVE-2026-11850	中危	1.18.2-14.el8		krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
krb5-libs	CVE-2026-40355	中危	1.18.2-14.el8	1.18.2-34.el8_10	krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 06:16 修改: 2026-06-17 10:45
krb5-libs	CVE-2026-40356	中危	1.18.2-14.el8	1.18.2-34.el8_10	krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 07:16 修改: 2026-06-17 10:45
dbus	CVE-2022-42010	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
dbus	CVE-2022-42011	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
libarchive	CVE-2021-23177	中危	3.3.3-1.el8	3.3.3-3.el8_5	libarchive: extracting a symlink with ACLs modifies ACLs of target 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23177 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-08-23 16:15 修改: 2026-06-17 03:38
libarchive	CVE-2021-31566	中危	3.3.3-1.el8	3.3.3-3.el8_5	libarchive: symbolic links incorrectly followed when changing modes, times, ACL and flags of a file while extracting an archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31566 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-08-23 16:15 修改: 2026-06-17 03:52
libarchive	CVE-2024-57970	中危	3.3.3-1.el8		libarchive: heap buffer over-read in header_gnu_longlink 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-57970 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-02-16 04:15 修改: 2026-06-17 08:14
libarchive	CVE-2025-25724	中危	3.3.3-1.el8		libarchive: Buffer Overflow vulnerability in libarchive 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25724 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-03-02 02:15 修改: 2026-06-17 09:01
libarchive	CVE-2025-60753	中危	3.3.3-1.el8		libarchive: bsdtar hangs and OOMs with zero-length pattern matches 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-60753 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-11-05 16:15 修改: 2026-06-17 09:50
libarchive	CVE-2026-4426	中危	3.3.3-1.el8		libarchive: libarchive: Denial of Service via malformed ISO file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4426 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:56
libarchive	CVE-2026-5121	中危	3.3.3-1.el8	3.3.3-7.el8_10	libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5121 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-03-30 08:16 修改: 2026-06-17 10:58
libarchive	CVE-2026-5745	中危	3.3.3-1.el8		libarchive: A NULL pointer dereference vulnerability exists in the ACL parser of libarchive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5745 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-04-07 16:16 修改: 2026-06-17 10:59
libblkid	CVE-2025-14104	中危	2.32.1-28.el8	2.32.1-48.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libblkid	CVE-2026-27456	中危	2.32.1-28.el8		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
dbus	CVE-2022-42012	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
libcap	CVE-2023-2603	中危	2.26-5.el8	2.48-5.el8_8	libcap: Integer Overflow in _libcap_strdup() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2603 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-06-06 20:15 修改: 2026-06-17 05:52
libcom_err	CVE-2022-1304	中危	1.45.6-2.el8	1.45.6-5.el8	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-04-14 21:15 修改: 2026-06-17 04:22
libcurl	CVE-2022-22576	中危	7.61.1-22.el8	7.61.1-22.el8_6.3	curl: OAUTH2 bearer bypass in connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-05-26 17:15 修改: 2026-06-17 04:28
libcurl	CVE-2022-27774	中危	7.61.1-22.el8	7.61.1-22.el8_6.3	curl: credential leak on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-02 14:15 修改: 2026-06-17 04:37
libcurl	CVE-2022-27776	中危	7.61.1-22.el8	7.61.1-22.el8_6.3	curl: auth/cookie leak on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-02 14:15 修改: 2026-06-17 04:37
libcurl	CVE-2022-27782	中危	7.61.1-22.el8	7.61.1-22.el8_6.3	curl: TLS and SSH connection too eager reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-02 14:15 修改: 2026-06-17 04:37
libcurl	CVE-2022-32206	中危	7.61.1-22.el8	7.61.1-22.el8_6.4	curl: HTTP compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-07-07 13:15 修改: 2026-06-17 04:46
libcurl	CVE-2022-32208	中危	7.61.1-22.el8	7.61.1-22.el8_6.4	curl: FTP-KRB bad message verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-07-07 13:15 修改: 2026-06-17 04:46
libcurl	CVE-2023-23916	中危	7.61.1-22.el8	7.61.1-25.el8_7.3	curl: HTTP multi-header compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-23 20:15 修改: 2026-06-17 05:38
libcurl	CVE-2023-27535	中危	7.61.1-22.el8	7.61.1-30.el8_8.2	curl: FTP too eager connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-30 20:15 修改: 2026-06-17 05:45
libcurl	CVE-2023-27536	中危	7.61.1-22.el8	7.61.1-30.el8_8.3	curl: GSS delegation too eager connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-30 20:15 修改: 2026-06-17 05:45
libcurl	CVE-2023-28321	中危	7.61.1-22.el8	7.61.1-30.el8_8.3	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-26 21:15 修改: 2026-06-17 05:47
libcurl	CVE-2023-46218	中危	7.61.1-22.el8	7.61.1-33.el8_9.5	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-07 01:15 修改: 2026-06-17 06:30
libcurl	CVE-2024-2398	中危	7.61.1-22.el8	7.61.1-34.el8_10.2	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24
libcurl	CVE-2025-13034	中危	7.61.1-22.el8		curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:33
libcurl	CVE-2025-14017	中危	7.61.1-22.el8		curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
libcurl	CVE-2025-9086	中危	7.61.1-22.el8	7.61.1-34.el8_10.9	curl: libcurl: Curl out of bounds read for cookie path 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
libcurl	CVE-2026-1965	中危	7.61.1-22.el8		curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16
libcurl	CVE-2026-3783	中危	7.61.1-22.el8		curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
libcurl	CVE-2026-3784	中危	7.61.1-22.el8		curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
libcurl	CVE-2026-3805	中危	7.61.1-22.el8		curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
libcurl	CVE-2026-4873	中危	7.61.1-22.el8		curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57
libcurl	CVE-2026-5545	中危	7.61.1-22.el8		curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
libcurl	CVE-2026-5773	中危	7.61.1-22.el8		curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
libcurl	CVE-2026-6253	中危	7.61.1-22.el8		curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
libcurl	CVE-2026-6429	中危	7.61.1-22.el8		curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
libcurl	CVE-2026-7168	中危	7.61.1-22.el8		curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01
libfdisk	CVE-2025-14104	中危	2.32.1-28.el8	2.32.1-48.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libfdisk	CVE-2026-27456	中危	2.32.1-28.el8		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libgcc	CVE-2020-11023	中危	8.5.0-4.el8_5	8.5.0-23.el8_10	jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2020-04-29 21:15 修改: 2026-06-17 02:48
libgcrypt	CVE-2019-12904	中危	1.8.5-6.el8		Libgcrypt: physical addresses being available to other processes leads to a flush-and-reload side-channel attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12904 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-06-20 00:15 修改: 2026-06-17 02:15
libgcrypt	CVE-2021-40528	中危	1.8.5-6.el8	1.8.5-7.el8_6	libgcrypt: ElGamal implementation allows plaintext recovery 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40528 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-09-06 19:15 修改: 2026-06-17 04:07
libgcrypt	CVE-2024-2236	中危	1.8.5-6.el8		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24
libgcrypt	CVE-2026-41989	中危	1.8.5-6.el8		Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47
dbus	CVE-2023-34969	中危	1:1.12.8-14.el8	1:1.12.8-24.el8_8.1	dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-06-08 03:15 修改: 2026-06-17 06:04
dbus-common	CVE-2022-42010	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
libmount	CVE-2025-14104	中危	2.32.1-28.el8	2.32.1-48.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libmount	CVE-2026-27456	中危	2.32.1-28.el8		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
dbus-common	CVE-2022-42011	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
dbus-common	CVE-2022-42012	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
libnghttp2	CVE-2024-28182	中危	1.33.0-3.el8_2.1	1.33.0-6.el8_10.1	nghttp2: CONTINUATION frames DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2024-04-04 15:15 修改: 2026-06-17 07:21
libsmartcols	CVE-2025-14104	中危	2.32.1-28.el8	2.32.1-48.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libsmartcols	CVE-2026-27456	中危	2.32.1-28.el8		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libsolv	CVE-2026-48864	中危	0.7.19-1.el8		libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48864 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-26 17:16 修改: 2026-06-24 03:16
libsolv	CVE-2026-9149	中危	0.7.19-1.el8		libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9149 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-21 00:16 修改: 2026-06-24 03:16
libssh	CVE-2023-1667	中危	0.9.4-3.el8	0.9.6-10.el8_8	libssh: NULL pointer dereference during rekeying with algorithm guessing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1667 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-26 18:15 修改: 2026-06-17 05:28
libssh	CVE-2023-2283	中危	0.9.4-3.el8	0.9.6-10.el8_8	libssh: authorization bypass in pki_verify_data_signature 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2283 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-26 18:15 修改: 2026-06-17 05:52
libssh	CVE-2023-48795	中危	0.9.4-3.el8	0.9.6-13.el8_9	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-18 16:15 修改: 2026-06-17 06:34
libssh	CVE-2025-5318	中危	0.9.4-3.el8	0.9.6-15.el8_10	libssh: out-of-bounds read in sftp_handle() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5318 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-24 14:15 修改: 2026-06-25 05:16
libssh	CVE-2025-5351	中危	0.9.4-3.el8		libssh: Double Free Vulnerability in libssh Key Export Functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5351 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-04 09:15 修改: 2026-06-25 05:16
libssh	CVE-2025-5372	中危	0.9.4-3.el8	0.9.6-16.el8_10	libssh: Incorrect Return Code Handling in ssh_kdf() in libssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5372 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-04 06:15 修改: 2026-06-17 09:47
libssh	CVE-2025-8114	中危	0.9.4-3.el8		libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8114 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-24 15:15 修改: 2026-06-25 05:16
libssh	CVE-2026-0964	中危	0.9.4-3.el8		libssh: Improper sanitation of paths received from SCP servers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0964 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh	CVE-2026-0966	中危	0.9.4-3.el8		libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0966 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh	CVE-2026-3731	中危	0.9.4-3.el8		libssh: libssh: Denial of Service via out-of-bounds read in SFTP extension name handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3731 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-08 11:15 修改: 2026-06-17 10:44
libssh-config	CVE-2023-1667	中危	0.9.4-3.el8	0.9.6-10.el8_8	libssh: NULL pointer dereference during rekeying with algorithm guessing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1667 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-26 18:15 修改: 2026-06-17 05:28
libssh-config	CVE-2023-2283	中危	0.9.4-3.el8	0.9.6-10.el8_8	libssh: authorization bypass in pki_verify_data_signature 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2283 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-26 18:15 修改: 2026-06-17 05:52
libssh-config	CVE-2023-48795	中危	0.9.4-3.el8	0.9.6-13.el8_9	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-18 16:15 修改: 2026-06-17 06:34
libssh-config	CVE-2025-5318	中危	0.9.4-3.el8	0.9.6-15.el8_10	libssh: out-of-bounds read in sftp_handle() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5318 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-24 14:15 修改: 2026-06-25 05:16
libssh-config	CVE-2025-5351	中危	0.9.4-3.el8		libssh: Double Free Vulnerability in libssh Key Export Functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5351 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-04 09:15 修改: 2026-06-25 05:16
libssh-config	CVE-2025-5372	中危	0.9.4-3.el8	0.9.6-16.el8_10	libssh: Incorrect Return Code Handling in ssh_kdf() in libssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5372 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-04 06:15 修改: 2026-06-17 09:47
libssh-config	CVE-2025-8114	中危	0.9.4-3.el8		libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8114 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-24 15:15 修改: 2026-06-25 05:16
libssh-config	CVE-2026-0964	中危	0.9.4-3.el8		libssh: Improper sanitation of paths received from SCP servers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0964 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh-config	CVE-2026-0966	中危	0.9.4-3.el8		libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0966 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh-config	CVE-2026-3731	中危	0.9.4-3.el8		libssh: libssh: Denial of Service via out-of-bounds read in SFTP extension name handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3731 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-08 11:15 修改: 2026-06-17 10:44
libstdc++	CVE-2020-11023	中危	8.5.0-4.el8_5	8.5.0-23.el8_10	jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2020-04-29 21:15 修改: 2026-06-17 02:48
libtasn1	CVE-2021-46848	中危	4.13-3.el8	4.13-4.el8_7	libtasn1: Out-of-bound access in ETYPE_OK 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46848 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-10-24 14:15 修改: 2026-06-17 04:15
libtasn1	CVE-2024-12133	中危	4.13-3.el8	4.13-5.el8_10	libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-02-10 16:15 修改: 2026-06-17 06:59
libtirpc	CVE-2021-46828	中危	1.1.4-5.el8	1.1.4-6.el8	libtirpc: DoS vulnerability with lots of connections 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46828 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-07-20 06:15 修改: 2026-06-17 04:15
libuuid	CVE-2025-14104	中危	2.32.1-28.el8	2.32.1-48.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
libuuid	CVE-2026-27456	中危	2.32.1-28.el8		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
dbus-common	CVE-2023-34969	中危	1:1.12.8-14.el8	1:1.12.8-24.el8_8.1	dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-06-08 03:15 修改: 2026-06-17 06:04
dbus-daemon	CVE-2022-42010	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
dbus-daemon	CVE-2022-42011	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
dbus-daemon	CVE-2022-42012	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
dbus-daemon	CVE-2023-34969	中危	1:1.12.8-14.el8	1:1.12.8-24.el8_8.1	dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-06-08 03:15 修改: 2026-06-17 06:04
libxml2	CVE-2016-3709	中危	2.9.7-9.el8_4.2	2.9.7-15.el8	libxml2: Incorrect server side include parsing can lead to XSS 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3709 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-07-28 17:15 修改: 2026-06-17 00:46
libxml2	CVE-2022-23308	中危	2.9.7-9.el8_4.2	2.9.7-12.el8_5	libxml2: Use-after-free of ID and IDREF attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23308 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-02-26 05:15 修改: 2026-06-17 04:29
libxml2	CVE-2022-29824	中危	2.9.7-9.el8_4.2	2.9.7-13.el8_6.1	libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29824 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-05-03 03:15 修改: 2026-06-17 04:40
libxml2	CVE-2022-40303	中危	2.9.7-9.el8_4.2	2.9.7-15.el8_7.1	libxml2: integer overflows with XML_PARSE_HUGE 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40303 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-11-23 00:15 修改: 2026-06-17 05:01
libxml2	CVE-2022-40304	中危	2.9.7-9.el8_4.2	2.9.7-15.el8_7.1	libxml2: dict corruption caused by entity reference cycles 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40304 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-11-23 18:15 修改: 2026-06-17 05:01
libxml2	CVE-2022-49043	中危	2.9.7-9.el8_4.2	2.9.7-18.el8_10.2	libxml: use-after-free in xmlXIncludeAddNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-49043 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-01-26 06:15 修改: 2026-06-17 05:16
libxml2	CVE-2023-28484	中危	2.9.7-9.el8_4.2	2.9.7-16.el8_8.1	libxml2: NULL dereference in xmlSchemaFixupComplexType 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28484 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-04-24 21:15 修改: 2026-06-17 05:47
libxml2	CVE-2023-29469	中危	2.9.7-9.el8_4.2	2.9.7-16.el8_8.1	libxml2: Hashing of empty dict strings isn't deterministic 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29469 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-04-24 21:15 修改: 2026-06-17 05:50
libxml2	CVE-2023-39615	中危	2.9.7-9.el8_4.2	2.9.7-18.el8_9	libxml2: crafted xml can cause global buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39615 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-08-29 17:15 修改: 2026-06-17 06:12
libxml2	CVE-2024-25062	中危	2.9.7-9.el8_4.2	2.9.7-18.el8_10.1	libxml2: use-after-free in XMLReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2024-02-04 16:15 修改: 2026-06-17 07:15
libxml2	CVE-2025-32414	中危	2.9.7-9.el8_4.2	2.9.7-20.el8_10	libxml2: Out-of-Bounds Read in libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-04-08 03:15 修改: 2026-06-17 09:11
libxml2	CVE-2025-32415	中危	2.9.7-9.el8_4.2	2.9.7-21.el8_10.3	libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-04-17 17:15 修改: 2026-06-17 09:11
libxml2	CVE-2025-6021	中危	2.9.7-9.el8_4.2	2.9.7-21.el8_10.1	libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6021 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-06-12 13:15 修改: 2026-06-25 05:16
libxml2	CVE-2025-9714	中危	2.9.7-9.el8_4.2	2.9.7-21.el8_10.4	libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9714 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-09-10 19:15 修改: 2026-06-17 10:09
libxml2	CVE-2026-0990	中危	2.9.7-9.el8_4.2		libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0990 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-01-15 15:15 修改: 2026-06-17 10:11
libxml2	CVE-2026-1757	中危	2.9.7-9.el8_4.2		libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1757 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-02-02 13:15 修改: 2026-06-17 10:16
libxml2	CVE-2026-6653	中危	2.9.7-9.el8_4.2		libxml2: mingw-libxml2: libxml2: Denial of Service via crafted XML input due to use-after-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6653 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-06-22 14:17 修改: 2026-06-22 18:16
libxml2	CVE-2026-6732	中危	2.9.7-9.el8_4.2		libxml2: libxml2: Denial of Service via crafted XSD-validated document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6732 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-04-23 23:16 修改: 2026-06-17 11:01
libzstd	CVE-2022-4899	中危	1.4.4-1.el8		zstd: mysql: buffer overrun in util.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-03-31 20:15 修改: 2026-06-17 05:22
lz4-libs	CVE-2019-17543	中危	1.8.3-3.el8_4	1.8.3-5.el8_10	lz4: heap-based buffer overflow in LZ4_write32 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17543 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2019-10-14 02:15 修改: 2026-06-17 02:24
ncurses-base	CVE-2023-29491	中危	6.1-9.20180224.el8	6.1-9.20180224.el8_8.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-04-14 01:15 修改: 2026-06-17 05:50
ncurses-libs	CVE-2023-29491	中危	6.1-9.20180224.el8	6.1-9.20180224.el8_8.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-04-14 01:15 修改: 2026-06-17 05:50
openldap	CVE-2026-22185	中危	2.4.46-18.el8		OpenLDAP: OpenLDAP LMDB: Denial of Service and Information Disclosure via Heap Buffer Underflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22185 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-07 21:16 修改: 2026-06-17 10:19
dbus-libs	CVE-2022-42010	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
dbus-libs	CVE-2022-42011	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
dbus-libs	CVE-2022-42012	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
openssl	CVE-2021-3712	中危	1:1.1.1k-4.el8	1:1.1.1k-5.el8_5	openssl: Read buffer overruns processing ASN.1 strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-08-24 15:15 修改: 2026-06-17 04:05
openssl	CVE-2022-1292	中危	1:1.1.1k-4.el8	1:1.1.1k-7.el8_6	openssl: c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-05-03 16:15 修改: 2026-06-17 04:22
openssl	CVE-2022-2068	中危	1:1.1.1k-4.el8	1:1.1.1k-7.el8_6	openssl: the c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2068 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-21 15:15 修改: 2026-06-17 04:41
openssl	CVE-2022-2097	中危	1:1.1.1k-4.el8	1:1.1.1k-7.el8_6	openssl: AES OCB fails to encrypt some bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-07-05 11:15 修改: 2026-06-17 04:41
openssl	CVE-2022-4304	中危	1:1.1.1k-4.el8	1:1.1.1k-9.el8_7	openssl: timing attack in RSA Decryption implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:20
openssl	CVE-2022-4450	中危	1:1.1.1k-4.el8	1:1.1.1k-9.el8_7	openssl: double free after calling PEM_read_bio_ex 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:20
openssl	CVE-2023-0215	中危	1:1.1.1k-4.el8	1:1.1.1k-9.el8_7	openssl: use-after-free following BIO_new_NDEF 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:25
openssl	CVE-2023-0466	中危	1:1.1.1k-4.el8		openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-28 15:15 修改: 2026-06-17 05:25
openssl	CVE-2024-2408	中危	1:1.1.1k-4.el8	1:1.1.1k-12.el8_9	php: potential exposure to Marvin attack via unsafe implementation of RSA decryption API 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2408 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-09 20:15 修改: 2026-06-17 07:24
openssl	CVE-2025-69419	中危	1:1.1.1k-4.el8	1:1.1.1k-15.el8_6	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2025-9230	中危	1:1.1.1k-4.el8	1:1.1.1k-14.el8_10	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
openssl	CVE-2026-28390	中危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-34182	中危	1:1.1.1k-4.el8		openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
openssl	CVE-2026-34183	中危	1:1.1.1k-4.el8		openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
dbus-libs	CVE-2023-34969	中危	1:1.12.8-14.el8	1:1.12.8-24.el8_8.1	dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-06-08 03:15 修改: 2026-06-17 06:04
dbus-tools	CVE-2022-42010	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
dbus-tools	CVE-2022-42011	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
openssl-libs	CVE-2021-3712	中危	1:1.1.1k-4.el8	1:1.1.1k-5.el8_5	openssl: Read buffer overruns processing ASN.1 strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-08-24 15:15 修改: 2026-06-17 04:05
openssl-libs	CVE-2022-1292	中危	1:1.1.1k-4.el8	1:1.1.1k-7.el8_6	openssl: c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-05-03 16:15 修改: 2026-06-17 04:22
openssl-libs	CVE-2022-2068	中危	1:1.1.1k-4.el8	1:1.1.1k-7.el8_6	openssl: the c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2068 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-21 15:15 修改: 2026-06-17 04:41
openssl-libs	CVE-2022-2097	中危	1:1.1.1k-4.el8	1:1.1.1k-7.el8_6	openssl: AES OCB fails to encrypt some bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-07-05 11:15 修改: 2026-06-17 04:41
openssl-libs	CVE-2022-4304	中危	1:1.1.1k-4.el8	1:1.1.1k-9.el8_7	openssl: timing attack in RSA Decryption implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:20
openssl-libs	CVE-2022-4450	中危	1:1.1.1k-4.el8	1:1.1.1k-9.el8_7	openssl: double free after calling PEM_read_bio_ex 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:20
openssl-libs	CVE-2023-0215	中危	1:1.1.1k-4.el8	1:1.1.1k-9.el8_7	openssl: use-after-free following BIO_new_NDEF 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:25
openssl-libs	CVE-2023-0466	中危	1:1.1.1k-4.el8		openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-28 15:15 修改: 2026-06-17 05:25
openssl-libs	CVE-2024-2408	中危	1:1.1.1k-4.el8	1:1.1.1k-12.el8_9	php: potential exposure to Marvin attack via unsafe implementation of RSA decryption API 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2408 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-09 20:15 修改: 2026-06-17 07:24
openssl-libs	CVE-2025-69419	中危	1:1.1.1k-4.el8	1:1.1.1k-15.el8_6	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl-libs	CVE-2025-9230	中危	1:1.1.1k-4.el8	1:1.1.1k-14.el8_10	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
openssl-libs	CVE-2026-28390	中危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl-libs	CVE-2026-34182	中危	1:1.1.1k-4.el8		openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
openssl-libs	CVE-2026-34183	中危	1:1.1.1k-4.el8		openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
dbus-tools	CVE-2022-42012	中危	1:1.12.8-14.el8	1:1.12.8-23.el8_7.1	dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-10 00:15 修改: 2026-06-17 05:04
dbus-tools	CVE-2023-34969	中危	1:1.12.8-14.el8	1:1.12.8-24.el8_8.1	dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-06-08 03:15 修改: 2026-06-17 06:04
bzip2-libs	CVE-2026-42250	中危	1.0.6-26.el8		bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42250 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-05-28 14:16 修改: 2026-06-17 10:47
pam	CVE-2024-10041	中危	1.3.1-15.el8	1.3.1-36.el8_10	pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-10-23 14:15 修改: 2026-06-25 05:16
pam	CVE-2024-22365	中危	1.3.1-15.el8	1.3.1-33.el8	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11
pam	CVE-2026-54411	中危	1.3.1-15.el8		linux-pam: Plaintext password recovery via timing discrepancy in pam_userdb module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54411 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-14 18:17 修改: 2026-06-17 10:58
pcre2	CVE-2022-1586	中危	10.32-2.el8	10.32-3.el8_6	pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1586 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-05-16 21:15 修改: 2026-06-17 04:22
coreutils-single	CVE-2025-5278	中危	8.30-12.el8		coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-27 21:15 修改: 2026-06-25 05:16
cryptsetup-libs	CVE-2021-4122	中危	2.3.3-4.el8	2.3.3-4.el8_5.1	cryptsetup: disable encryption via header rewrite 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4122 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-24 16:15 修改: 2026-06-17 04:19
curl	CVE-2022-22576	中危	7.61.1-22.el8	7.61.1-22.el8_6.3	curl: OAUTH2 bearer bypass in connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-05-26 17:15 修改: 2026-06-17 04:28
curl	CVE-2022-27774	中危	7.61.1-22.el8	7.61.1-22.el8_6.3	curl: credential leak on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-02 14:15 修改: 2026-06-17 04:37
curl	CVE-2022-27776	中危	7.61.1-22.el8	7.61.1-22.el8_6.3	curl: auth/cookie leak on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-02 14:15 修改: 2026-06-17 04:37
curl	CVE-2022-27782	中危	7.61.1-22.el8	7.61.1-22.el8_6.3	curl: TLS and SSH connection too eager reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-02 14:15 修改: 2026-06-17 04:37
curl	CVE-2022-32206	中危	7.61.1-22.el8	7.61.1-22.el8_6.4	curl: HTTP compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-07-07 13:15 修改: 2026-06-17 04:46
curl	CVE-2022-32208	中危	7.61.1-22.el8	7.61.1-22.el8_6.4	curl: FTP-KRB bad message verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-07-07 13:15 修改: 2026-06-17 04:46
expat	CVE-2013-0340	中危	2.2.5-4.el8	2.5.0-1.el8_10	expat: internal entity expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-0340 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2014-01-21 18:55 修改: 2026-04-29 01:13
platform-python	CVE-2007-4559	中危	3.6.8-41.el8	3.6.8-56.el8_9	python: tarfile module directory traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2007-08-28 01:17 修改: 2026-04-23 00:35
platform-python	CVE-2015-20107	中危	3.6.8-41.el8	3.6.8-47.el8_6	python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-04-13 16:15 修改: 2025-11-03 22:15
platform-python	CVE-2020-10735	中危	3.6.8-41.el8	3.6.8-48.el8_7.1	python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-09 14:15 修改: 2026-06-17 02:48
platform-python	CVE-2021-28861	中危	3.6.8-41.el8	3.6.8-48.el8_7.1	python: open redirection vulnerability in lib/http/server.py may lead to information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-23 01:15 修改: 2026-06-17 03:46
platform-python	CVE-2021-4189	中危	3.6.8-41.el8	3.6.8-45.el8	python: ftplib should not use the host from the PASV response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-24 16:15 修改: 2026-06-17 04:19
platform-python	CVE-2022-0391	中危	3.6.8-41.el8	3.6.8-47.el8_6	python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-02-09 23:15 修改: 2026-06-17 04:20
platform-python	CVE-2022-45061	中危	3.6.8-41.el8	3.6.8-48.el8_7.1	python: CPU denial of service via inefficient IDNA decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-09 07:15 修改: 2026-06-17 05:09
platform-python	CVE-2022-48560	中危	3.6.8-41.el8	3.6.8-56.el8_9.2	python: use after free in heappushpop() of heapq module 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48560 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:16 修改: 2026-06-17 05:15
platform-python	CVE-2022-48564	中危	3.6.8-41.el8	3.6.8-56.el8_9.2	python: DoS when processing malformed Apple Property List files in binary format 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48564 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:16 修改: 2026-06-17 05:15
platform-python	CVE-2023-27043	中危	3.6.8-41.el8	3.6.8-56.el8_9.3	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
platform-python	CVE-2024-0450	中危	3.6.8-41.el8	3.6.8-62.el8_10	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-19 16:15 修改: 2026-06-17 06:53
platform-python	CVE-2024-11168	中危	3.6.8-41.el8	3.6.8-69.el8_10	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-11-12 22:15 修改: 2026-06-17 06:57
platform-python	CVE-2024-6232	中危	3.6.8-41.el8	3.6.8-67.el8_10	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-09-03 13:15 修改: 2026-06-17 08:17
platform-python	CVE-2024-6923	中危	3.6.8-41.el8	3.6.8-67.el8_10	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-08-01 14:15 修改: 2026-06-17 08:18
platform-python	CVE-2024-9287	中危	3.6.8-41.el8	3.6.8-69.el8_10	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-10-22 17:15 修改: 2026-06-17 08:24
platform-python	CVE-2025-0938	中危	3.6.8-41.el8	3.6.8-74.el8_10	python: cpython: URL parser allowed square brackets in domain names 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-31 18:15 修改: 2026-06-17 08:27
platform-python	CVE-2025-11468	中危	3.6.8-41.el8		cpython: Missing character filtering in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30
platform-python	CVE-2025-12084	中危	3.6.8-41.el8	3.6.8-72.el8_10	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
platform-python	CVE-2025-12781	中危	3.6.8-41.el8		cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
platform-python	CVE-2025-13837	中危	3.6.8-41.el8		cpython: Out-of-memory when loading Plist 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34
platform-python	CVE-2025-15282	中危	3.6.8-41.el8		cpython: Header injection via newlines in data URL mediatype in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
platform-python	CVE-2025-15366	中危	3.6.8-41.el8	3.6.8-73.el8_10	cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
platform-python	CVE-2025-15367	中危	3.6.8-41.el8	3.6.8-73.el8_10	cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
platform-python	CVE-2025-4330	中危	3.6.8-41.el8	3.6.8-70.el8_10	cpython: python: Extraction filter bypass for linking outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
platform-python	CVE-2025-4435	中危	3.6.8-41.el8	3.6.8-70.el8_10	cpython: Tarfile extracts filtered members when errorlevel=0 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
platform-python	CVE-2025-4516	中危	3.6.8-41.el8		cpython: python: CPython DecodeError Handling Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-15 14:15 修改: 2026-06-17 09:33
platform-python	CVE-2025-6069	中危	3.6.8-41.el8		cpython: Python HTMLParser quadratic complexity 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01
platform-python	CVE-2025-8194	中危	3.6.8-41.el8	3.6.8-71.el8_10	cpython: Cpython infinite loop when parsing a tarfile 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06
platform-python	CVE-2025-8291	中危	3.6.8-41.el8		cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06
platform-python	CVE-2026-0672	中危	3.6.8-41.el8		cpython: Header injection in http.cookies.Morsel in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
platform-python	CVE-2026-0865	中危	3.6.8-41.el8	3.6.8-73.el8_10	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
platform-python	CVE-2026-1299	中危	3.6.8-41.el8	3.6.8-73.el8_10	cpython: email header injection due to unquoted newlines 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
platform-python	CVE-2026-1502	中危	3.6.8-41.el8		python: Python: HTTP header injection via CR/LF in proxy tunnel headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-10 18:16 修改: 2026-06-17 10:15
platform-python	CVE-2026-3276	中危	3.6.8-41.el8		python: Python unicodedata: Denial of Service due to excessive CPU consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
platform-python	CVE-2026-3644	中危	3.6.8-41.el8		cpython: Incomplete control character validation in http.cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:43
platform-python	CVE-2026-4224	中危	3.6.8-41.el8		cpython: Stack overflow parsing XML with deeply nested DTD content models 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
platform-python	CVE-2026-42308	中危	3.6.8-41.el8		Pillow: python: Pillow: Denial of Service via integer overflow in font processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42308 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-09 06:16 修改: 2026-06-17 10:47
platform-python	CVE-2026-5713	中危	3.6.8-41.el8		python: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5713 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-14 16:16 修改: 2026-06-17 10:59
platform-python	CVE-2026-6019	中危	3.6.8-41.el8		python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
platform-python	CVE-2026-7210	中危	3.6.8-41.el8		python: expat: Python/Expat: Denial of Service via crafted XML document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
platform-python-pip	CVE-2007-4559	中危	9.0.3-20.el8	9.0.3-23.el8	python: tarfile module directory traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2007-08-28 01:17 修改: 2026-04-23 00:35
platform-python-pip	CVE-2023-45803	中危	9.0.3-20.el8		urllib3: Request body not stripped after redirect from 303 status changes request method to GET 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45803 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-17 20:15 修改: 2026-06-17 06:29
platform-python-pip	CVE-2025-50181	中危	9.0.3-20.el8		urllib3: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-50181 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-19 01:15 修改: 2026-06-17 09:34
platform-python-pip	CVE-2025-50182	中危	9.0.3-20.el8		urllib3: urllib3 does not control redirects in browsers and Node.js 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-50182 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-19 02:15 修改: 2026-06-17 09:34
platform-python-pip	CVE-2026-25645	中危	9.0.3-20.el8		requests: Requests: Security bypass due to predictable temporary file creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25645 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-25 17:16 修改: 2026-06-17 10:25
expat	CVE-2021-45960	中危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Large number of prefixed XML attributes on a single tag can crash libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45960 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-01 19:15 修改: 2026-06-17 04:14
platform-python-setuptools	CVE-2022-40897	中危	39.2.0-6.el8	39.2.0-6.el8_7.1	pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-12-23 00:15 修改: 2026-06-17 05:02
platform-python-setuptools	CVE-2025-47273	中危	39.2.0-6.el8	39.2.0-9.el8_10	setuptools: Path Traversal Vulnerability in setuptools PackageIndex 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47273 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-17 16:15 修改: 2026-06-17 09:27
expat	CVE-2021-46143	中危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Integer overflow in doProlog in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46143 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-06 04:15 修改: 2026-06-17 04:14
expat	CVE-2022-22825	中危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Integer overflow in lookup in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22825 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-10 14:12 修改: 2026-06-17 04:29
expat	CVE-2022-22826	中危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Integer overflow in nextScaffoldPart in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22826 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-10 14:12 修改: 2026-06-17 04:29
expat	CVE-2022-22827	中危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Integer overflow in storeAtts in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22827 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-10 14:12 修改: 2026-06-17 04:29
expat	CVE-2022-23852	中危	2.2.5-4.el8	2.2.5-4.el8_5.3	expat: Integer overflow in function XML_GetBuffer 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23852 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-24 02:15 修改: 2026-06-17 04:30
expat	CVE-2022-23990	中危	2.2.5-4.el8	2.5.0-1.el8_10	expat: integer overflow in the doProlog function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23990 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-26 19:15 修改: 2026-06-17 04:31
expat	CVE-2022-25313	中危	2.2.5-4.el8	2.2.5-8.el8_6.2	expat: Stack exhaustion in doctype parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25313 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-02-18 05:15 修改: 2026-06-17 04:33
expat	CVE-2022-25314	中危	2.2.5-4.el8	2.2.5-8.el8_6.2	expat: Integer overflow in copyString() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25314 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-02-18 05:15 修改: 2026-06-17 04:33
expat	CVE-2022-43680	中危	2.2.5-4.el8	2.2.5-10.el8_7.1	expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43680 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-24 14:15 修改: 2026-06-17 05:07
python3-libs	CVE-2007-4559	中危	3.6.8-41.el8	3.6.8-56.el8_9	python: tarfile module directory traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2007-08-28 01:17 修改: 2026-04-23 00:35
python3-libs	CVE-2015-20107	中危	3.6.8-41.el8	3.6.8-47.el8_6	python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-04-13 16:15 修改: 2025-11-03 22:15
python3-libs	CVE-2020-10735	中危	3.6.8-41.el8	3.6.8-48.el8_7.1	python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-09 14:15 修改: 2026-06-17 02:48
python3-libs	CVE-2021-28861	中危	3.6.8-41.el8	3.6.8-48.el8_7.1	python: open redirection vulnerability in lib/http/server.py may lead to information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-23 01:15 修改: 2026-06-17 03:46
python3-libs	CVE-2021-4189	中危	3.6.8-41.el8	3.6.8-45.el8	python: ftplib should not use the host from the PASV response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-24 16:15 修改: 2026-06-17 04:19
python3-libs	CVE-2022-0391	中危	3.6.8-41.el8	3.6.8-47.el8_6	python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-02-09 23:15 修改: 2026-06-17 04:20
python3-libs	CVE-2022-45061	中危	3.6.8-41.el8	3.6.8-48.el8_7.1	python: CPU denial of service via inefficient IDNA decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-09 07:15 修改: 2026-06-17 05:09
python3-libs	CVE-2022-48560	中危	3.6.8-41.el8	3.6.8-56.el8_9.2	python: use after free in heappushpop() of heapq module 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48560 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:16 修改: 2026-06-17 05:15
python3-libs	CVE-2022-48564	中危	3.6.8-41.el8	3.6.8-56.el8_9.2	python: DoS when processing malformed Apple Property List files in binary format 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48564 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:16 修改: 2026-06-17 05:15
python3-libs	CVE-2023-27043	中危	3.6.8-41.el8	3.6.8-56.el8_9.3	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
python3-libs	CVE-2024-0450	中危	3.6.8-41.el8	3.6.8-62.el8_10	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-19 16:15 修改: 2026-06-17 06:53
python3-libs	CVE-2024-11168	中危	3.6.8-41.el8	3.6.8-69.el8_10	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-11-12 22:15 修改: 2026-06-17 06:57
python3-libs	CVE-2024-6232	中危	3.6.8-41.el8	3.6.8-67.el8_10	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-09-03 13:15 修改: 2026-06-17 08:17
python3-libs	CVE-2024-6923	中危	3.6.8-41.el8	3.6.8-67.el8_10	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-08-01 14:15 修改: 2026-06-17 08:18
python3-libs	CVE-2024-9287	中危	3.6.8-41.el8	3.6.8-69.el8_10	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-10-22 17:15 修改: 2026-06-17 08:24
python3-libs	CVE-2025-0938	中危	3.6.8-41.el8	3.6.8-74.el8_10	python: cpython: URL parser allowed square brackets in domain names 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-31 18:15 修改: 2026-06-17 08:27
python3-libs	CVE-2025-11468	中危	3.6.8-41.el8		cpython: Missing character filtering in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30
python3-libs	CVE-2025-12084	中危	3.6.8-41.el8	3.6.8-72.el8_10	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
python3-libs	CVE-2025-12781	中危	3.6.8-41.el8		cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
python3-libs	CVE-2025-13837	中危	3.6.8-41.el8		cpython: Out-of-memory when loading Plist 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34
python3-libs	CVE-2025-15282	中危	3.6.8-41.el8		cpython: Header injection via newlines in data URL mediatype in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
python3-libs	CVE-2025-15366	中危	3.6.8-41.el8	3.6.8-73.el8_10	cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
python3-libs	CVE-2025-15367	中危	3.6.8-41.el8	3.6.8-73.el8_10	cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
python3-libs	CVE-2025-4330	中危	3.6.8-41.el8	3.6.8-70.el8_10	cpython: python: Extraction filter bypass for linking outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
python3-libs	CVE-2025-4435	中危	3.6.8-41.el8	3.6.8-70.el8_10	cpython: Tarfile extracts filtered members when errorlevel=0 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
python3-libs	CVE-2025-4516	中危	3.6.8-41.el8		cpython: python: CPython DecodeError Handling Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-15 14:15 修改: 2026-06-17 09:33
python3-libs	CVE-2025-6069	中危	3.6.8-41.el8		cpython: Python HTMLParser quadratic complexity 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01
python3-libs	CVE-2025-8194	中危	3.6.8-41.el8	3.6.8-71.el8_10	cpython: Cpython infinite loop when parsing a tarfile 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06
python3-libs	CVE-2025-8291	中危	3.6.8-41.el8		cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06
python3-libs	CVE-2026-0672	中危	3.6.8-41.el8		cpython: Header injection in http.cookies.Morsel in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
python3-libs	CVE-2026-0865	中危	3.6.8-41.el8	3.6.8-73.el8_10	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
python3-libs	CVE-2026-1299	中危	3.6.8-41.el8	3.6.8-73.el8_10	cpython: email header injection due to unquoted newlines 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
python3-libs	CVE-2026-1502	中危	3.6.8-41.el8		python: Python: HTTP header injection via CR/LF in proxy tunnel headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-10 18:16 修改: 2026-06-17 10:15
python3-libs	CVE-2026-3276	中危	3.6.8-41.el8		python: Python unicodedata: Denial of Service due to excessive CPU consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
python3-libs	CVE-2026-3644	中危	3.6.8-41.el8		cpython: Incomplete control character validation in http.cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:43
python3-libs	CVE-2026-4224	中危	3.6.8-41.el8		cpython: Stack overflow parsing XML with deeply nested DTD content models 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
python3-libs	CVE-2026-42308	中危	3.6.8-41.el8		Pillow: python: Pillow: Denial of Service via integer overflow in font processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42308 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-09 06:16 修改: 2026-06-17 10:47
python3-libs	CVE-2026-5713	中危	3.6.8-41.el8		python: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5713 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-14 16:16 修改: 2026-06-17 10:59
python3-libs	CVE-2026-6019	中危	3.6.8-41.el8		python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
python3-libs	CVE-2026-7210	中危	3.6.8-41.el8		python: expat: Python/Expat: Denial of Service via crafted XML document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
python3-pip-wheel	CVE-2007-4559	中危	9.0.3-20.el8	9.0.3-23.el8	python: tarfile module directory traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2007-08-28 01:17 修改: 2026-04-23 00:35
python3-pip-wheel	CVE-2023-45803	中危	9.0.3-20.el8		urllib3: Request body not stripped after redirect from 303 status changes request method to GET 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45803 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-17 20:15 修改: 2026-06-17 06:29
python3-pip-wheel	CVE-2025-50181	中危	9.0.3-20.el8		urllib3: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-50181 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-19 01:15 修改: 2026-06-17 09:34
python3-pip-wheel	CVE-2025-50182	中危	9.0.3-20.el8		urllib3: urllib3 does not control redirects in browsers and Node.js 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-50182 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-19 02:15 修改: 2026-06-17 09:34
python3-pip-wheel	CVE-2026-25645	中危	9.0.3-20.el8		requests: Requests: Security bypass due to predictable temporary file creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25645 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-25 17:16 修改: 2026-06-17 10:25
expat	CVE-2023-52425	中危	2.2.5-4.el8	2.2.5-11.el8_9.1	expat: parsing large tokens can trigger a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-02-04 20:15 修改: 2026-06-17 06:42
python3-setuptools-wheel	CVE-2022-40897	中危	39.2.0-6.el8	39.2.0-6.el8_7.1	pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-12-23 00:15 修改: 2026-06-17 05:02
python3-setuptools-wheel	CVE-2025-47273	中危	39.2.0-6.el8	39.2.0-9.el8_10	setuptools: Path Traversal Vulnerability in setuptools PackageIndex 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47273 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-17 16:15 修改: 2026-06-17 09:27
rpm	CVE-2021-3521	中危	4.14.3-19.el8	4.14.3-19.el8_5.2	rpm: RPM does not require subkeys to have a valid binding signature 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-22 15:15 修改: 2026-06-17 04:05
rpm	CVE-2021-35937	中危	4.14.3-19.el8	4.14.3-28.el8_9	rpm: TOCTOU race in checks for unsafe symlinks 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-25 20:15 修改: 2026-06-17 03:57
rpm	CVE-2021-35938	中危	4.14.3-19.el8	4.14.3-28.el8_9	rpm: races with chown/chmod/capabilities calls during installation 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-25 20:15 修改: 2026-06-17 03:57
rpm	CVE-2021-35939	中危	4.14.3-19.el8	4.14.3-28.el8_9	rpm: checks for unsafe symlinks are not performed for intermediary directories 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-26 16:15 修改: 2026-06-17 03:57
rpm	CVE-2026-44604	中危	4.14.3-19.el8		rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44604 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-28 08:16 修改: 2026-06-23 20:16
rpm-libs	CVE-2021-3521	中危	4.14.3-19.el8	4.14.3-19.el8_5.2	rpm: RPM does not require subkeys to have a valid binding signature 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-22 15:15 修改: 2026-06-17 04:05
rpm-libs	CVE-2021-35937	中危	4.14.3-19.el8	4.14.3-28.el8_9	rpm: TOCTOU race in checks for unsafe symlinks 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-25 20:15 修改: 2026-06-17 03:57
rpm-libs	CVE-2021-35938	中危	4.14.3-19.el8	4.14.3-28.el8_9	rpm: races with chown/chmod/capabilities calls during installation 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-25 20:15 修改: 2026-06-17 03:57
rpm-libs	CVE-2021-35939	中危	4.14.3-19.el8	4.14.3-28.el8_9	rpm: checks for unsafe symlinks are not performed for intermediary directories 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-26 16:15 修改: 2026-06-17 03:57
rpm-libs	CVE-2026-44604	中危	4.14.3-19.el8		rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44604 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-28 08:16 修改: 2026-06-23 20:16
sed	CVE-2026-5958	中危	4.5-2.el8		sed: GNU sed TOCTOU race condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-04-20 12:16 修改: 2026-06-17 10:59
expat	CVE-2024-28757	中危	2.2.5-4.el8	2.5.0-1.el8_10	expat: XML Entity Expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-10 05:15 修改: 2026-06-17 07:21
sqlite-libs	CVE-2020-24736	中危	3.26.0-15.el8	3.26.0-18.el8_8	sqlite: Crash due to misuse of window functions. 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24736 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-04-11 18:15 修改: 2026-06-17 03:06
sqlite-libs	CVE-2020-35527	中危	3.26.0-15.el8	3.26.0-16.el8_6	sqlite: Out of bounds access during table rename 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35527 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-01 18:15 修改: 2026-06-17 03:13
sqlite-libs	CVE-2022-35737	中危	3.26.0-15.el8	3.26.0-17.el8_7	sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35737 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-03 06:15 修改: 2026-06-17 04:52
sqlite-libs	CVE-2023-7104	中危	3.26.0-15.el8	3.26.0-19.el8_9	sqlite: heap-buffer-overflow at sessionfuzz 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-29 10:15 修改: 2026-06-17 06:52
expat	CVE-2024-45490	中危	2.2.5-4.el8	2.2.5-15.el8_10	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
systemd	CVE-2018-20839	中危	239-51.el8		systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-05-17 04:29 修改: 2026-06-17 01:53
systemd	CVE-2022-3821	中危	239-51.el8	239-68.el8_7.1	systemd: buffer overrun in format_timespan() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-08 22:15 修改: 2026-06-17 05:00
systemd	CVE-2022-4415	中危	239-51.el8	239-68.el8_7.4	systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-01-11 15:15 修改: 2026-06-17 05:20
systemd	CVE-2023-26604	中危	239-51.el8	239-74.el8_8.2	systemd: privilege escalation via the less pager 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-03 16:15 修改: 2026-06-17 05:43
systemd	CVE-2023-7008	中危	239-51.el8	239-82.el8	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51
systemd	CVE-2025-4598	中危	239-51.el8		systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-30 14:15 修改: 2026-06-25 05:16
systemd	CVE-2026-29111	中危	239-51.el8		systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29
systemd	CVE-2026-4105	中危	239-51.el8		systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-13 19:55 修改: 2026-06-17 10:55
expat	CVE-2024-45491	中危	2.2.5-4.el8	2.2.5-15.el8_10	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
systemd-libs	CVE-2018-20839	中危	239-51.el8		systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-05-17 04:29 修改: 2026-06-17 01:53
systemd-libs	CVE-2022-3821	中危	239-51.el8	239-68.el8_7.1	systemd: buffer overrun in format_timespan() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-08 22:15 修改: 2026-06-17 05:00
systemd-libs	CVE-2022-4415	中危	239-51.el8	239-68.el8_7.4	systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-01-11 15:15 修改: 2026-06-17 05:20
systemd-libs	CVE-2023-26604	中危	239-51.el8	239-74.el8_8.2	systemd: privilege escalation via the less pager 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-03 16:15 修改: 2026-06-17 05:43
systemd-libs	CVE-2023-7008	中危	239-51.el8	239-82.el8	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51
systemd-libs	CVE-2025-4598	中危	239-51.el8		systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-30 14:15 修改: 2026-06-25 05:16
systemd-libs	CVE-2026-29111	中危	239-51.el8		systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29
systemd-libs	CVE-2026-4105	中危	239-51.el8		systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-13 19:55 修改: 2026-06-17 10:55
expat	CVE-2024-45492	中危	2.2.5-4.el8	2.2.5-15.el8_10	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
systemd-pam	CVE-2018-20839	中危	239-51.el8		systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20839 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-05-17 04:29 修改: 2026-06-17 01:53
systemd-pam	CVE-2022-3821	中危	239-51.el8	239-68.el8_7.1	systemd: buffer overrun in format_timespan() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-08 22:15 修改: 2026-06-17 05:00
systemd-pam	CVE-2022-4415	中危	239-51.el8	239-68.el8_7.4	systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-01-11 15:15 修改: 2026-06-17 05:20
systemd-pam	CVE-2023-26604	中危	239-51.el8	239-74.el8_8.2	systemd: privilege escalation via the less pager 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-03 16:15 修改: 2026-06-17 05:43
systemd-pam	CVE-2023-7008	中危	239-51.el8	239-82.el8	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51
systemd-pam	CVE-2025-4598	中危	239-51.el8		systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-05-30 14:15 修改: 2026-06-25 05:16
systemd-pam	CVE-2026-29111	中危	239-51.el8		systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29
systemd-pam	CVE-2026-4105	中危	239-51.el8		systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-13 19:55 修改: 2026-06-17 10:55
util-linux	CVE-2025-14104	中危	2.32.1-28.el8	2.32.1-48.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-05 17:16 修改: 2026-06-25 04:17
util-linux	CVE-2026-27456	中危	2.32.1-28.el8		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
expat	CVE-2024-50602	中危	2.2.5-4.el8	2.2.5-16.el8_10	libexpat: expat: DoS via XML_ResumeParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-10-27 05:15 修改: 2026-06-17 08:04
xz-libs	CVE-2026-34743	中危	5.2.4-3.el8		xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39
expat	CVE-2024-8176	中危	2.2.5-4.el8	2.2.5-17.el8_10	libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8176 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-03-14 09:15 修改: 2026-06-25 04:17
zlib	CVE-2022-37434	中危	1.2.11-17.el8	1.2.11-19.el8_6	zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-08-05 07:15 修改: 2026-06-17 04:55
openssl-libs	CVE-2024-13176	低危	1:1.1.1k-4.el8		openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
openssl-libs	CVE-2024-2511	低危	1:1.1.1k-4.el8		openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24
openssl-libs	CVE-2024-41996	低危	1:1.1.1k-4.el8		openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-08-26 06:15 修改: 2026-06-17 07:48
openssl-libs	CVE-2024-4741	低危	1:1.1.1k-4.el8	1:1.1.1k-16.el8_6	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02
openssl-libs	CVE-2024-5535	低危	1:1.1.1k-4.el8	1:1.1.1k-14.el8_6	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16
openssl-libs	CVE-2025-15468	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
openssl-libs	CVE-2025-15469	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
openssl-libs	CVE-2025-68160	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
openssl-libs	CVE-2025-69418	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl-libs	CVE-2025-69420	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl-libs	CVE-2025-69421	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl-libs	CVE-2026-22795	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
openssl-libs	CVE-2026-22796	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
openssl-libs	CVE-2026-28387	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl-libs	CVE-2026-28388	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl-libs	CVE-2026-28389	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl-libs	CVE-2026-31789	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
openssl-libs	CVE-2026-34180	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
openssl-libs	CVE-2026-34181	低危	1:1.1.1k-4.el8		openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
openssl-libs	CVE-2026-42766	低危	1:1.1.1k-4.el8		openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl-libs	CVE-2026-42767	低危	1:1.1.1k-4.el8		openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl-libs	CVE-2026-42768	低危	1:1.1.1k-4.el8		openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl-libs	CVE-2026-42769	低危	1:1.1.1k-4.el8		openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl-libs	CVE-2026-42770	低危	1:1.1.1k-4.el8		openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl-libs	CVE-2026-45446	低危	1:1.1.1k-4.el8		openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
openssl-libs	CVE-2026-7383	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
openssl-libs	CVE-2026-9076	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
elfutils-libs	CVE-2024-25260	低危	0.185-1.el8		elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-02-20 18:15 修改: 2026-06-17 07:15
glibc-common	CVE-2024-33601	低危	2.28-164.el8	2.28-251.el8_10.2	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-common	CVE-2024-33602	低危	2.28-164.el8	2.28-251.el8_10.2	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-common	CVE-2025-15281	低危	2.28-164.el8	2.28-251.el8_10.31	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
libssh	CVE-2021-3634	低危	0.9.4-3.el8	0.9.6-3.el8	libssh: possible heap-based buffer overflow when rekeying 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3634 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-08-31 17:15 修改: 2026-06-17 04:05
libssh	CVE-2023-6004	低危	0.9.4-3.el8	0.9.6-14.el8	libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6004 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-01-03 17:15 修改: 2026-06-17 06:49
libssh	CVE-2023-6918	低危	0.9.4-3.el8	0.9.6-14.el8	libssh: Missing checks for return values for digests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6918 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-19 00:15 修改: 2026-06-17 06:51
pcre2	CVE-2022-41409	低危	10.32-2.el8		pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-07-18 14:15 修改: 2026-06-17 05:03
libssh	CVE-2025-4878	低危	0.9.4-3.el8		libssh: Use of uninitialized variable in privatekey_from_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4878 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-22 15:15 修改: 2026-06-25 08:16
libssh	CVE-2025-8277	低危	0.9.4-3.el8		libssh: Memory Exhaustion via Repeated Key Exchange in libssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8277 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-09-09 12:15 修改: 2026-06-25 08:16
libssh	CVE-2026-0965	低危	0.9.4-3.el8		libssh: libssh: Denial of Service via improper configuration file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0965 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh	CVE-2026-0967	低危	0.9.4-3.el8		libssh: libssh: Denial of Service via inefficient regular expression processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0967 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh	CVE-2026-0968	低危	0.9.4-3.el8		libssh: libssh: Denial of Service due to malformed SFTP message 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0968 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libarchive	CVE-2018-1000879	低危	3.3.3-1.el8		libarchive: NULL pointer dereference in ACL parser resulting in a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000879 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2018-12-20 17:29 修改: 2026-06-17 01:33
libarchive	CVE-2018-1000880	低危	3.3.3-1.el8		libarchive: Improper input validation in WARC parser resulting in a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000880 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2018-12-20 17:29 修改: 2026-06-17 01:33
libarchive	CVE-2022-36227	低危	3.3.3-1.el8	3.3.3-5.el8	libarchive: NULL pointer dereference in archive_write.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36227 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2022-11-22 02:15 修改: 2026-06-17 04:53
libarchive	CVE-2025-1632	低危	3.3.3-1.el8		libarchive: null pointer dereference in bsdunzip.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1632 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-02-24 14:15 修改: 2026-06-17 08:39
libarchive	CVE-2025-5915	低危	3.3.3-1.el8		libarchive: Heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5915 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-06-09 20:15 修改: 2026-06-25 08:16
libarchive	CVE-2025-5916	低危	3.3.3-1.el8		libarchive: Integer overflow while reading warc files at archive_read_support_format_warc.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5916 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-06-09 20:15 修改: 2026-06-25 08:16
libarchive	CVE-2025-5917	低危	3.3.3-1.el8		libarchive: Off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5917 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-06-09 20:15 修改: 2026-06-25 08:16
libarchive	CVE-2025-5918	低危	3.3.3-1.el8		libarchive: Reading past EOF may be triggered for piped file streams 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5918 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-06-09 20:15 修改: 2026-06-25 08:16
glibc-minimal-langpack	CVE-2024-33601	低危	2.28-164.el8	2.28-251.el8_10.2	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-minimal-langpack	CVE-2024-33602	低危	2.28-164.el8	2.28-251.el8_10.2	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
libssh-config	CVE-2021-3634	低危	0.9.4-3.el8	0.9.6-3.el8	libssh: possible heap-based buffer overflow when rekeying 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3634 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-08-31 17:15 修改: 2026-06-17 04:05
libssh-config	CVE-2023-6004	低危	0.9.4-3.el8	0.9.6-14.el8	libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6004 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-01-03 17:15 修改: 2026-06-17 06:49
libssh-config	CVE-2023-6918	低危	0.9.4-3.el8	0.9.6-14.el8	libssh: Missing checks for return values for digests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6918 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-19 00:15 修改: 2026-06-17 06:51
libssh-config	CVE-2025-4878	低危	0.9.4-3.el8		libssh: Use of uninitialized variable in privatekey_from_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4878 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-07-22 15:15 修改: 2026-06-25 08:16
libssh-config	CVE-2025-8277	低危	0.9.4-3.el8		libssh: Memory Exhaustion via Repeated Key Exchange in libssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8277 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-09-09 12:15 修改: 2026-06-25 08:16
libssh-config	CVE-2026-0965	低危	0.9.4-3.el8		libssh: libssh: Denial of Service via improper configuration file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0965 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh-config	CVE-2026-0967	低危	0.9.4-3.el8		libssh: libssh: Denial of Service via inefficient regular expression processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0967 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh-config	CVE-2026-0968	低危	0.9.4-3.el8		libssh: libssh: Denial of Service due to malformed SFTP message 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0968 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
glibc-minimal-langpack	CVE-2025-15281	低危	2.28-164.el8	2.28-251.el8_10.31	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
libstdc++	CVE-2018-20657	低危	8.5.0-4.el8_5		libiberty: Memory leak in demangle_template function resulting in a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20657 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-01-02 14:29 修改: 2026-06-17 01:53
libstdc++	CVE-2019-14250	低危	8.5.0-4.el8_5		binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14250 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-07-24 04:15 修改: 2026-06-17 02:18
libstdc++	CVE-2022-27943	低危	8.5.0-4.el8_5		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37
glibc-minimal-langpack	CVE-2026-4438	低危	2.28-164.el8		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libcap	CVE-2023-2602	低危	2.26-5.el8	2.48-5.el8_8	libcap: Memory Leak on pthread_create() Error 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2602 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-06-06 20:15 修改: 2026-06-17 05:52
libtasn1	CVE-2018-1000654	低危	4.13-3.el8		libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000654 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2018-08-20 19:31 修改: 2026-06-17 01:33
libtasn1	CVE-2025-13151	低危	4.13-3.el8		libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-01-07 22:15 修改: 2026-06-17 08:33
glibc-common	CVE-2026-4438	低危	2.28-164.el8		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
curl	CVE-2025-14524	低危	7.61.1-22.el8		curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
dbus-common	CVE-2020-35512	低危	1:1.12.8-14.el8		dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-02-15 17:15 修改: 2026-06-17 03:13
curl	CVE-2025-15079	低危	7.61.1-22.el8		curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
gnupg2	CVE-2022-3219	低危	2.2.20-2.el8		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-02-23 20:15 修改: 2026-06-17 04:59
gnupg2	CVE-2025-30258	低危	2.2.20-2.el8		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gnupg2	CVE-2026-24883	低危	2.2.20-2.el8		GnuPG: GnuPG: Denial of service due to specially crafted signature packet 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24883 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-01-27 19:16 修改: 2026-06-17 10:23
curl	CVE-2025-15224	低危	7.61.1-22.el8		curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
curl	CVE-2026-6276	低危	7.61.1-22.el8		curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
ca-certificates	CVE-2023-37920	低危	2021.2.50-80.0.el8_4	2024.2.69_v8.0.303-80.0.el8_10	python-certifi: Removal of e-Tugra root certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37920 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-07-25 21:15 修改: 2026-06-17 06:08
dbus-daemon	CVE-2020-35512	低危	1:1.12.8-14.el8		dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-02-15 17:15 修改: 2026-06-17 03:13
curl	CVE-2022-35252	低危	7.61.1-22.el8	7.61.1-30.el8	curl: Incorrect handling of control code characters in cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-23 14:15 修改: 2026-06-17 04:51
curl	CVE-2022-43552	低危	7.61.1-22.el8	7.61.1-30.el8	curl: Use-after-free triggered by an HTTP proxy deny response 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-09 20:15 修改: 2026-06-17 05:06
curl	CVE-2023-27534	低危	7.61.1-22.el8		curl: SFTP path ~ resolving discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-30 20:15 修改: 2026-06-17 05:45
curl	CVE-2023-28322	低危	7.61.1-22.el8	7.61.1-33.el8_9.5	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-26 21:15 修改: 2026-06-17 05:47
dbus-libs	CVE-2020-35512	低危	1:1.12.8-14.el8		dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-02-15 17:15 修改: 2026-06-17 03:13
dbus	CVE-2020-35512	低危	1:1.12.8-14.el8		dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-02-15 17:15 修改: 2026-06-17 03:13
glibc	CVE-2024-33601	低危	2.28-164.el8	2.28-251.el8_10.2	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
platform-python	CVE-2019-9674	低危	3.6.8-41.el8		python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9674 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2020-02-04 15:15 修改: 2026-06-17 02:44
platform-python	CVE-2021-3737	低危	3.6.8-41.el8	3.6.8-45.el8	python: urllib: HTTP client possible infinite loop on a 100 Continue response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-03-04 19:15 修改: 2026-06-17 04:05
platform-python	CVE-2024-0397	低危	3.6.8-41.el8		cpython: python: Memory race condition in ssl.SSLContext certificate store methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-17 16:15 修改: 2026-06-17 06:53
platform-python	CVE-2024-4032	低危	3.6.8-41.el8	3.6.8-67.el8_10	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-17 15:15 修改: 2026-06-17 08:00
platform-python	CVE-2024-7592	低危	3.6.8-41.el8		cpython: python: Uncontrolled CPU resource consumption when in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-08-19 19:15 修改: 2026-06-17 08:20
platform-python	CVE-2025-13462	低危	3.6.8-41.el8		cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
platform-python	CVE-2025-1795	低危	3.6.8-41.el8		python: Mishandling of comma during folding and unicode-encoding of email headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-02-28 19:15 修改: 2026-06-17 08:39
platform-python	CVE-2025-6075	低危	3.6.8-41.el8		python: Quadratic complexity in os.path.expandvars() with user-controlled template 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01
platform-python	CVE-2026-2297	低危	3.6.8-41.el8		cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
platform-python	CVE-2026-3479	低危	3.6.8-41.el8		python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
glibc	CVE-2024-33602	低危	2.28-164.el8	2.28-251.el8_10.2	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc	CVE-2025-15281	低危	2.28-164.el8	2.28-251.el8_10.31	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
glibc	CVE-2026-4438	低危	2.28-164.el8		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
curl	CVE-2023-38546	低危	7.61.1-22.el8	7.61.1-33.el8_9.5	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-18 04:15 修改: 2026-06-17 06:10
curl	CVE-2024-11053	低危	7.61.1-22.el8		curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
platform-python-pip	CVE-2018-20225	低危	9.0.3-20.el8		python-pip: when --extra-index-url option is used and package does not already exist in the public index, the installation of malicious package with arbitrary version number is possible. 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20225 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2020-05-08 18:15 修改: 2026-06-17 01:52
expat	CVE-2025-66382	低危	2.2.5-4.el8		libexpat: libexpat: Denial of service via crafted file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-11-28 07:15 修改: 2026-06-17 09:56
glibc-langpack-en	CVE-2024-33601	低危	2.28-164.el8	2.28-251.el8_10.2	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-langpack-en	CVE-2024-33602	低危	2.28-164.el8	2.28-251.el8_10.2	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
libxml2	CVE-2023-45322	低危	2.9.7-9.el8_4.2		libxml2: use-after-free in xmlUnlinkNode() in tree.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45322 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-10-06 22:15 修改: 2026-06-17 06:28
libxml2	CVE-2024-34459	低危	2.9.7-9.el8_4.2	2.9.7-21.el8_10.5	libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2024-05-14 15:39 修改: 2026-06-17 07:33
libxml2	CVE-2025-27113	低危	2.9.7-9.el8_4.2		libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27113 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-02-18 23:15 修改: 2026-06-17 09:03
libxml2	CVE-2025-6170	低危	2.9.7-9.el8_4.2		libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6170 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2025-06-16 16:15 修改: 2026-06-25 08:16
libxml2	CVE-2026-0989	低危	2.9.7-9.el8_4.2		libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0989 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-01-15 15:15 修改: 2026-06-17 10:11
libxml2	CVE-2026-0992	低危	2.9.7-9.el8_4.2		libxml2: libxml2: Denial of Service via crafted XML catalogs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0992 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-01-15 15:15 修改: 2026-06-17 10:11
libcurl	CVE-2022-35252	低危	7.61.1-22.el8	7.61.1-30.el8	curl: Incorrect handling of control code characters in cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-23 14:15 修改: 2026-06-17 04:51
libzstd	CVE-2021-24032	低危	1.4.4-1.el8		zstd: Race condition allows attacker to access world-readable destination file 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-24032 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2021-03-04 21:15 修改: 2026-06-17 03:39
libcurl	CVE-2022-43552	低危	7.61.1-22.el8	7.61.1-30.el8	curl: Use-after-free triggered by an HTTP proxy deny response 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-09 20:15 修改: 2026-06-17 05:06
libcurl	CVE-2023-27534	低危	7.61.1-22.el8		curl: SFTP path ~ resolving discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-30 20:15 修改: 2026-06-17 05:45
ncurses-base	CVE-2018-19211	低危	6.1-9.20180224.el8		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2018-11-12 19:29 修改: 2026-06-17 01:48
ncurses-base	CVE-2020-19185	低危	6.1-9.20180224.el8		ncurses: Heap buffer overflow in one_one_mapping function in progs/dump_entry.c:1373 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19185 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:15 修改: 2026-06-17 02:59
ncurses-base	CVE-2020-19186	低危	6.1-9.20180224.el8		ncurses: Buffer overflow in _nc_find_entry function in tinfo/comp_hash.c:66 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19186 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:15 修改: 2026-06-17 02:59
ncurses-base	CVE-2020-19187	低危	6.1-9.20180224.el8		ncurses: Heap buffer overflow in fmt_entry function in progs/dump_entry.c:1100 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19187 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:15 修改: 2026-06-17 02:59
ncurses-base	CVE-2020-19188	低危	6.1-9.20180224.el8		ncurses: Stack buffer overflow in fmt_entry function in progs/dump_entry.c:1116 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19188 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:16 修改: 2026-06-17 02:59
ncurses-base	CVE-2020-19189	低危	6.1-9.20180224.el8		ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19189 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:16 修改: 2026-06-17 02:59
ncurses-base	CVE-2020-19190	低危	6.1-9.20180224.el8		ncurses: Heap buffer overflow in _nc_find_entry in tinfo/comp_hash.c:70 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19190 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:16 修改: 2026-06-17 02:59
ncurses-base	CVE-2021-39537	低危	6.1-9.20180224.el8		ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-09-20 16:15 修改: 2026-06-17 04:03
ncurses-base	CVE-2023-50495	低危	6.1-9.20180224.el8		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
libcurl	CVE-2023-28322	低危	7.61.1-22.el8	7.61.1-33.el8_9.5	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-26 21:15 修改: 2026-06-17 05:47
ncurses-libs	CVE-2018-19211	低危	6.1-9.20180224.el8		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2018-11-12 19:29 修改: 2026-06-17 01:48
ncurses-libs	CVE-2020-19185	低危	6.1-9.20180224.el8		ncurses: Heap buffer overflow in one_one_mapping function in progs/dump_entry.c:1373 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19185 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:15 修改: 2026-06-17 02:59
ncurses-libs	CVE-2020-19186	低危	6.1-9.20180224.el8		ncurses: Buffer overflow in _nc_find_entry function in tinfo/comp_hash.c:66 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19186 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:15 修改: 2026-06-17 02:59
ncurses-libs	CVE-2020-19187	低危	6.1-9.20180224.el8		ncurses: Heap buffer overflow in fmt_entry function in progs/dump_entry.c:1100 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19187 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:15 修改: 2026-06-17 02:59
ncurses-libs	CVE-2020-19188	低危	6.1-9.20180224.el8		ncurses: Stack buffer overflow in fmt_entry function in progs/dump_entry.c:1116 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19188 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:16 修改: 2026-06-17 02:59
ncurses-libs	CVE-2020-19189	低危	6.1-9.20180224.el8		ncurses: Heap buffer overflow in postprocess_terminfo function in tinfo/parse_entry.c:997 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19189 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:16 修改: 2026-06-17 02:59
ncurses-libs	CVE-2020-19190	低危	6.1-9.20180224.el8		ncurses: Heap buffer overflow in _nc_find_entry in tinfo/comp_hash.c:70 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19190 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-22 19:16 修改: 2026-06-17 02:59
ncurses-libs	CVE-2021-39537	低危	6.1-9.20180224.el8		ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-09-20 16:15 修改: 2026-06-17 04:03
ncurses-libs	CVE-2023-50495	低危	6.1-9.20180224.el8		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
libcurl	CVE-2023-38546	低危	7.61.1-22.el8	7.61.1-33.el8_9.5	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-18 04:15 修改: 2026-06-17 06:10
openldap	CVE-2023-2953	低危	2.4.46-18.el8	2.4.46-19.el8_10	openldap: null pointer dereference in ber_memalloc_x function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-30 22:15 修改: 2026-06-17 05:53
libcurl	CVE-2024-11053	低危	7.61.1-22.el8		curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
libcurl	CVE-2024-7264	低危	7.61.1-22.el8		curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19
libcurl	CVE-2025-14524	低危	7.61.1-22.el8		curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
libcurl	CVE-2025-15079	低危	7.61.1-22.el8		curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
libcurl	CVE-2025-15224	低危	7.61.1-22.el8		curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
libcurl	CVE-2026-6276	低危	7.61.1-22.el8		curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
glibc-langpack-en	CVE-2025-15281	低危	2.28-164.el8	2.28-251.el8_10.31	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
glibc-langpack-en	CVE-2026-4438	低危	2.28-164.el8		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
gnutls	CVE-2021-4209	低危	3.6.16-4.el8		GnuTLS: Null pointer dereference in MD_UPDATE 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4209 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-24 16:15 修改: 2026-06-17 04:19
libgcc	CVE-2018-20657	低危	8.5.0-4.el8_5		libiberty: Memory leak in demangle_template function resulting in a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20657 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-01-02 14:29 修改: 2026-06-17 01:53
libgcc	CVE-2019-14250	低危	8.5.0-4.el8_5		binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14250 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-07-24 04:15 修改: 2026-06-17 02:18
libgcc	CVE-2022-27943	低危	8.5.0-4.el8_5		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37
gnutls	CVE-2025-9820	低危	3.6.16-4.el8	3.6.16-8.el8_10.5	gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-26 20:16 修改: 2026-06-25 08:16
gnutls	CVE-2026-3832	低危	3.6.16-4.el8		gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-30 18:16 修改: 2026-06-24 17:16
gnutls	CVE-2026-5419	低危	3.6.16-4.el8		guntls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-01 21:16 修改: 2026-06-24 17:17
expat	CVE-2026-24515	低危	2.2.5-4.el8		libexpat: libexpat null pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-23 08:16 修改: 2026-06-17 10:23
libgcrypt	CVE-2026-41990	低危	1.8.5-6.el8		Libgcrypt: Libgcrypt: Denial of Service or data integrity issues from missing bounds check during Dilithium signing. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41990 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47
openssl	CVE-2023-0464	低危	1:1.1.1k-4.el8		openssl: Denial of service by excessive resource usage in verifying X509 policy constraints 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-22 17:15 修改: 2026-06-17 05:25
python3-libs	CVE-2019-9674	低危	3.6.8-41.el8		python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9674 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2020-02-04 15:15 修改: 2026-06-17 02:44
python3-libs	CVE-2021-3737	低危	3.6.8-41.el8	3.6.8-45.el8	python: urllib: HTTP client possible infinite loop on a 100 Continue response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-03-04 19:15 修改: 2026-06-17 04:05
python3-libs	CVE-2024-0397	低危	3.6.8-41.el8		cpython: python: Memory race condition in ssl.SSLContext certificate store methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-17 16:15 修改: 2026-06-17 06:53
python3-libs	CVE-2024-4032	低危	3.6.8-41.el8	3.6.8-67.el8_10	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-17 15:15 修改: 2026-06-17 08:00
python3-libs	CVE-2024-7592	低危	3.6.8-41.el8		cpython: python: Uncontrolled CPU resource consumption when in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-08-19 19:15 修改: 2026-06-17 08:20
python3-libs	CVE-2025-13462	低危	3.6.8-41.el8		cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
python3-libs	CVE-2025-1795	低危	3.6.8-41.el8		python: Mishandling of comma during folding and unicode-encoding of email headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-02-28 19:15 修改: 2026-06-17 08:39
python3-libs	CVE-2025-6075	低危	3.6.8-41.el8		python: Quadratic complexity in os.path.expandvars() with user-controlled template 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01
python3-libs	CVE-2026-2297	低危	3.6.8-41.el8		cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
python3-libs	CVE-2026-3479	低危	3.6.8-41.el8		python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
openssl	CVE-2023-0465	低危	1:1.1.1k-4.el8		openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-28 15:15 修改: 2026-06-17 05:25
openssl	CVE-2023-2650	低危	1:1.1.1k-4.el8		openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-30 14:15 修改: 2026-06-17 05:53
openssl	CVE-2023-3446	低危	1:1.1.1k-4.el8	1:1.1.1k-12.el8_9	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-07-19 12:15 修改: 2026-06-17 06:14
openssl	CVE-2023-3817	低危	1:1.1.1k-4.el8	1:1.1.1k-12.el8_9	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-07-31 16:15 修改: 2026-06-17 06:14
openssl	CVE-2023-5678	低危	1:1.1.1k-4.el8	1:1.1.1k-12.el8_9	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49
python3-pip-wheel	CVE-2018-20225	低危	9.0.3-20.el8		python-pip: when --extra-index-url option is used and package does not already exist in the public index, the installation of malicious package with arbitrary version number is possible. 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20225 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2020-05-08 18:15 修改: 2026-06-17 01:52
openssl	CVE-2024-0727	低危	1:1.1.1k-4.el8		openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54
openssl	CVE-2024-13176	低危	1:1.1.1k-4.el8		openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
openssl	CVE-2024-2511	低危	1:1.1.1k-4.el8		openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24
openssl	CVE-2024-41996	低危	1:1.1.1k-4.el8		openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-08-26 06:15 修改: 2026-06-17 07:48
openssl	CVE-2024-4741	低危	1:1.1.1k-4.el8	1:1.1.1k-16.el8_6	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02
openssl	CVE-2024-5535	低危	1:1.1.1k-4.el8	1:1.1.1k-14.el8_6	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16
openssl	CVE-2025-15468	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
openssl	CVE-2025-15469	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
openssl	CVE-2025-68160	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
openssl	CVE-2025-69418	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2025-69420	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2025-69421	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2026-22795	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
openssl	CVE-2026-22796	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
shadow-utils	CVE-2023-4641	低危	2:4.6-14.el8	2:4.6-19.el8	shadow-utils: possible password leak during passwd(1) change 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-27 16:15 修改: 2026-06-17 06:38
shadow-utils	CVE-2024-56433	低危	2:4.6-14.el8		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
openssl	CVE-2026-28387	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-28388	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-28389	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-31789	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
openssl	CVE-2026-34180	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
sqlite-libs	CVE-2019-19244	低危	3.26.0-15.el8		sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain ORDER BY usage 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19244 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-11-25 20:15 修改: 2026-06-17 02:26
sqlite-libs	CVE-2019-9936	低危	3.26.0-15.el8		sqlite: heap-based buffer over-read in function fts5HashEntrySort in sqlite3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9936 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-03-22 08:29 修改: 2026-06-17 02:44
sqlite-libs	CVE-2019-9937	低危	3.26.0-15.el8		sqlite: null-pointer dereference in function fts5ChunkIterate in sqlite3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9937 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-03-22 08:29 修改: 2026-06-17 02:44
sqlite-libs	CVE-2020-35525	低危	3.26.0-15.el8	3.26.0-16.el8_6	sqlite: Null pointer derreference in src/select.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35525 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-01 18:15 修改: 2026-06-17 03:13
sqlite-libs	CVE-2024-0232	低危	3.26.0-15.el8		sqlite: use-after-free bug in jsonParseAddNodeArray 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0232 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-01-16 14:15 修改: 2026-06-17 06:53
sqlite-libs	CVE-2025-70873	低危	3.26.0-15.el8		sqlite: SQLite: Information Disclosure via Crafted ZIP File 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-70873 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-12 19:16 修改: 2026-06-17 10:03
openssl	CVE-2026-34181	低危	1:1.1.1k-4.el8		openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
openssl	CVE-2026-42766	低危	1:1.1.1k-4.el8		openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl	CVE-2026-42767	低危	1:1.1.1k-4.el8		openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl	CVE-2026-42768	低危	1:1.1.1k-4.el8		openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl	CVE-2026-42769	低危	1:1.1.1k-4.el8		openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl	CVE-2026-42770	低危	1:1.1.1k-4.el8		openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl	CVE-2026-45446	低危	1:1.1.1k-4.el8		openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
openssl	CVE-2026-7383	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
openssl	CVE-2026-9076	低危	1:1.1.1k-4.el8		openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
systemd	CVE-2021-3997	低危	239-51.el8		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-23 20:15 修改: 2026-06-17 04:06
expat	CVE-2026-41080	低危	2.2.5-4.el8		libexpat: expat: libexpat: Denial of Service via hash flooding with crafted XML 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41080 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-16 17:16 修改: 2026-06-17 10:46
glib2	CVE-2023-29499	低危	2.56.4-156.el8		glib: GVariant offset table entry size is not checked in is_normal() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29499 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-14 20:15 修改: 2026-06-17 05:50
glib2	CVE-2023-32611	低危	2.56.4-156.el8		glib: g_variant_byteswap() can take a long time with some non-normal inputs 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32611 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-14 20:15 修改: 2026-06-23 18:17
glib2	CVE-2023-32636	低危	2.56.4-156.el8		glib: Timeout in fuzz_variant_text 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32636 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-14 20:15 修改: 2026-06-17 05:59
glib2	CVE-2023-32665	低危	2.56.4-156.el8		glib: GVariant deserialisation does not match spec for non-normal data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32665 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-14 20:15 修改: 2026-06-17 05:59
glib2	CVE-2025-3360	低危	2.56.4-156.el8		glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601(). 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3360 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-04-07 13:15 修改: 2026-06-25 07:16
glib2	CVE-2025-7039	低危	2.56.4-156.el8		glib: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7039 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-09-03 02:15 修改: 2026-06-17 10:04
glib2	CVE-2026-0988	低危	2.56.4-156.el8		glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0988 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-21 12:15 修改: 2026-06-17 10:11
glib2	CVE-2026-1485	低危	2.56.4-156.el8		Glib: Glib: Local denial of service via buffer underflow in content type parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1485 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-27 14:15 修改: 2026-06-17 10:15
systemd-libs	CVE-2021-3997	低危	239-51.el8		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-23 20:15 修改: 2026-06-17 04:06
krb5-libs	CVE-2024-26458	低危	1.18.2-14.el8	1.18.2-27.el8_10	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
krb5-libs	CVE-2024-26461	低危	1.18.2-14.el8	1.18.2-27.el8_10	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
curl	CVE-2024-7264	低危	7.61.1-22.el8		curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19
file-libs	CVE-2019-8906	低危	5.33-20.el8		file: out-of-bounds read in do_core_note in readelf.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8906 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2019-02-18 17:29 修改: 2026-06-17 02:42
gawk	CVE-2023-4156	低危	4.2.1-2.el8		gawk: heap out of bound read in builtin.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4156 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2023-09-25 18:15 修改: 2026-06-17 06:37
dbus-tools	CVE-2020-35512	低危	1:1.12.8-14.el8		dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35512 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-02-15 17:15 修改: 2026-06-17 03:13
elfutils-default-yama-scope	CVE-2024-25260	低危	0.185-1.el8		elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-02-20 18:15 修改: 2026-06-17 07:15
elfutils-libelf	CVE-2024-25260	低危	0.185-1.el8		elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25260 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-02-20 18:15 修改: 2026-06-17 07:15
openssl-libs	CVE-2023-0464	低危	1:1.1.1k-4.el8		openssl: Denial of service by excessive resource usage in verifying X509 policy constraints 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-22 17:15 修改: 2026-06-17 05:25
systemd-pam	CVE-2021-3997	低危	239-51.el8		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-23 20:15 修改: 2026-06-17 04:06
openssl-libs	CVE-2023-0465	低危	1:1.1.1k-4.el8		openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-28 15:15 修改: 2026-06-17 05:25
openssl-libs	CVE-2023-2650	低危	1:1.1.1k-4.el8		openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-30 14:15 修改: 2026-06-17 05:53
openssl-libs	CVE-2023-3446	低危	1:1.1.1k-4.el8	1:1.1.1k-12.el8_9	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-07-19 12:15 修改: 2026-06-17 06:14
openssl-libs	CVE-2023-3817	低危	1:1.1.1k-4.el8	1:1.1.1k-12.el8_9	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-07-31 16:15 修改: 2026-06-17 06:14
openssl-libs	CVE-2023-5678	低危	1:1.1.1k-4.el8	1:1.1.1k-12.el8_9	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49
openssl-libs	CVE-2024-0727	低危	1:1.1.1k-4.el8		openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54
zlib	CVE-2026-27171	低危	1.2.11-17.el8		zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171 镜像层: sha256:744c86b543903d171c69633d70aef72a25ce73da0a3be609e46db08e72978810 发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26

opt/bin/minio (gobinary)

低危漏洞:5

中危漏洞:83

高危漏洞:94

严重漏洞:7

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
github.com/emicklei/go-restful	CVE-2022-1996	严重	v2.9.5+incompatible	2.16.0	go-restful: Authorization Bypass Through User-Controlled Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1996 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-08 13:15 修改: 2026-06-17 04:23
google.golang.org/grpc	CVE-2026-33186	严重	v1.41.0	1.79.3	google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-20 23:16 修改: 2026-06-17 10:37
stdlib	CVE-2022-23806	严重	v1.17.3	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-02-11 01:15 修改: 2026-06-17 04:30
stdlib	CVE-2023-24538	严重	v1.17.3	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-04-06 16:15 修改: 2026-06-17 05:39
stdlib	CVE-2023-24540	严重	v1.17.3	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-11 16:15 修改: 2026-06-17 05:39
stdlib	CVE-2024-24790	严重	v1.17.3	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-05 16:15 修改: 2026-06-17 07:14
stdlib	CVE-2025-68121	严重	v1.17.3	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58
github.com/coredns/coredns	CVE-2026-32936	高危	v1.4.0	1.14.3	github.com/coredns/coredns: CoreDNS: Denial of Service via oversized DNS-over-HTTPS GET requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32936 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-05 20:16 修改: 2026-06-17 10:36
github.com/coredns/coredns	CVE-2026-33190	高危	v1.4.0	1.14.3	github.com/coredns/coredns: CoreDNS: Authentication bypass via flawed TSIG plugin verification on non-plain-DNS transports 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33190 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-05 20:16 修改: 2026-06-17 10:37
github.com/coredns/coredns	CVE-2026-33489	高危	v1.4.0	1.14.3	CoreDNS: github.com/coredns/coredns: CoreDNS: Information disclosure via incorrect ACL stanza selection in transfer plugin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33489 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-05 20:16 修改: 2026-06-17 10:37
github.com/coredns/coredns	CVE-2026-35579	高危	v1.4.0	1.14.3	github.com/coredns/coredns: CoreDNS: Authentication bypass allows unauthorized access to TSIG-protected functionalities 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35579 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-05 21:16 修改: 2026-06-17 10:40
github.com/apache/thrift	CVE-2026-41602	高危	v0.15.0	0.23.0	github.com/apache/thrift: Apache Thrift: Integer Overflow in TFramedTransport Go implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41602 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-28 10:16 修改: 2026-06-17 10:46
github.com/golang-jwt/jwt	CVE-2025-30204	高危	v3.2.2+incompatible		golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30204 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-03-21 22:15 修改: 2026-06-17 09:08
github.com/golang-jwt/jwt/v4	CVE-2025-30204	高危	v4.1.0	4.5.2	golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30204 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-03-21 22:15 修改: 2026-06-17 09:08
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.11.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-02-15 16:15 修改: 2026-06-17 04:26
golang.org/x/crypto	CVE-2021-43565	高危	v0.0.0-20210921155107-089bfa567519	0.0.0-20211202192323-5770296d904e	golang.org/x/crypto: empty plaintext packet causes panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43565 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-06 18:15 修改: 2026-06-17 04:11
golang.org/x/crypto	CVE-2022-27191	高危	v0.0.0-20210921155107-089bfa567519	0.0.0-20220314234659-1baeb1ce4c0b	golang: crash in a golang.org/x/crypto/ssh server 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27191 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-03-18 07:15 修改: 2026-06-17 04:36
golang.org/x/crypto	CVE-2024-45337	高危	v0.0.0-20210921155107-089bfa567519	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-12-12 02:02 修改: 2026-06-17 07:54
golang.org/x/crypto	CVE-2025-22869	高危	v0.0.0-20210921155107-089bfa567519	0.35.0	golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22869 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-02-26 08:14 修改: 2026-06-17 08:50
golang.org/x/crypto	CVE-2025-47913	高危	v0.0.0-20210921155107-089bfa567519	0.43.0	golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47913 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-11-13 22:15 修改: 2026-06-17 09:28
golang.org/x/crypto	CVE-2026-39827	高危	v0.0.0-20210921155107-089bfa567519	0.52.0	An authenticated SSH client that repeatedly opened channels which were ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39827 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39828	高危	v0.0.0-20210921155107-089bfa567519	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39828 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39829	高危	v0.0.0-20210921155107-089bfa567519	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39829 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39830	高危	v0.0.0-20210921155107-089bfa567519	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39830 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39835	高危	v0.0.0-20210921155107-089bfa567519	0.52.0	SSH servers which use CertChecker as a public key callback without set ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39835 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-42508	高危	v0.0.0-20210921155107-089bfa567519	0.52.0	golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42508 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:47
golang.org/x/crypto	CVE-2026-46595	高危	v0.0.0-20210921155107-089bfa567519	0.52.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46595 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
golang.org/x/crypto	CVE-2026-46597	高危	v0.0.0-20210921155107-089bfa567519	0.52.0	An incorrectly placed cast from bytes to int allowed for server-side p ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46597 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
golang.org/x/net	CVE-2021-44716	高危	v0.0.0-20211020060615-d418f374d309	0.0.0-20211209124913-491a49abca63	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-01 05:15 修改: 2026-06-17 04:12
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20211020060615-d418f374d309	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-06 18:15 修改: 2026-06-17 04:37
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20211020060615-d418f374d309	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-28 18:15 修改: 2026-06-17 05:03
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20211020060615-d418f374d309	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-11 22:15 修改: 2026-06-17 06:12
golang.org/x/net	CVE-2023-45288	高危	v0.0.0-20211020060615-d418f374d309	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-04-04 21:15 修改: 2026-06-17 06:28
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20211020060615-d418f374d309	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-12-18 21:15 修改: 2026-06-17 07:54
golang.org/x/net	CVE-2026-25680	高危	v0.0.0-20211020060615-d418f374d309	0.55.0	Parsing arbitrary HTML can consume excessive CPU time, possibly leadin ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25
golang.org/x/net	CVE-2026-25681	高危	v0.0.0-20211020060615-d418f374d309	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25
golang.org/x/net	CVE-2026-27136	高危	v0.0.0-20211020060615-d418f374d309	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26
golang.org/x/net	CVE-2026-33814	高危	v0.0.0-20211020060615-d418f374d309	0.53.0	net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
golang.org/x/net	CVE-2026-39821	高危	v0.0.0-20211020060615-d418f374d309	0.55.0	golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:42
golang.org/x/net	CVE-2026-42502	高危	v0.0.0-20211020060615-d418f374d309	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47
golang.org/x/net	CVE-2026-42506	高危	v0.0.0-20211020060615-d418f374d309	0.55.0	Parsing arbitrary HTML which is then rendered using Render can result ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47
golang.org/x/oauth2	CVE-2025-22868	高危	v0.0.0-20210819190943-2bc19b11175f	0.27.0	golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22868 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-02-26 08:14 修改: 2026-06-17 08:50
golang.org/x/text	CVE-2022-32149	高危	v0.3.7	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-14 15:15 修改: 2026-06-17 04:46
github.com/coredns/coredns	CVE-2023-28452	高危	v1.4.0	1.11.0	CoreDNS vulnerable to TuDoor Attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28452 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-09-18 15:15 修改: 2026-06-17 05:47
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.41.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-25 21:17 修改: 2024-07-19 16:32
gopkg.in/yaml.v3	CVE-2022-28948	高危	v3.0.0-20210107192922-496545a6307b	3.0.1	golang-gopkg-yaml: crash when attempting to deserialize invalid input 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28948 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-05-19 20:15 修改: 2026-06-17 04:39
github.com/coredns/coredns	CVE-2025-47950	高危	v1.4.0	1.12.2	coredns: CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47950 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-06 18:15 修改: 2026-06-17 09:28
github.com/coredns/coredns	CVE-2025-58063	高危	v1.4.0	1.12.4	github.com/coredns/coredns: CoreDNS Lease ID Confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58063 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-09-09 20:15 修改: 2026-06-17 09:43
github.com/coredns/coredns	CVE-2026-26017	高危	v1.4.0	1.14.2	github.com/coredns/coredns: CoreDNS: DNS access control bypass due to plugin execution order flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26017 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-06 16:16 修改: 2026-06-17 10:25
github.com/coredns/coredns	CVE-2026-26018	高危	v1.4.0	1.14.2	github.com/coredns/coredns: CoreDNS: Denial of Service vulnerability due to predictable pseudo-random number generation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26018 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-06 16:16 修改: 2026-06-17 10:25
github.com/coredns/coredns	CVE-2026-32934	高危	v1.4.0	1.14.3	coredns: github.com/coredns/coredns: CoreDNS: Denial of Service due to unbounded resource growth in DNS-over-QUIC (DoQ) stream handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32934 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-05 20:16 修改: 2026-06-17 10:36
stdlib	CVE-2021-44716	高危	v1.17.3	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-01 05:15 修改: 2026-06-17 04:12
stdlib	CVE-2022-23772	高危	v1.17.3	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-02-11 01:15 修改: 2026-06-17 04:30
stdlib	CVE-2022-24675	高危	v1.17.3	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-04-20 10:15 修改: 2026-06-17 04:32
stdlib	CVE-2022-24921	高危	v1.17.3	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-03-05 20:15 修改: 2026-06-17 04:32
stdlib	CVE-2022-27664	高危	v1.17.3	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-09-06 18:15 修改: 2026-06-17 04:37
stdlib	CVE-2022-28131	高危	v1.17.3	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:38
stdlib	CVE-2022-28327	高危	v1.17.3	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-04-20 10:15 修改: 2026-06-17 04:38
stdlib	CVE-2022-2879	高危	v1.17.3	1.18.7, 1.19.2	golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-14 15:15 修改: 2026-06-17 04:42
stdlib	CVE-2022-2880	高危	v1.17.3	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-14 15:15 修改: 2026-06-17 04:42
stdlib	CVE-2022-29804	高危	v1.17.3	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:40
stdlib	CVE-2022-30580	高危	v1.17.3	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:43
stdlib	CVE-2022-30630	高危	v1.17.3	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:43
stdlib	CVE-2022-30631	高危	v1.17.3	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:43
stdlib	CVE-2022-30632	高危	v1.17.3	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:43
stdlib	CVE-2022-30633	高危	v1.17.3	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:43
stdlib	CVE-2022-30634	高危	v1.17.3	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-07-15 20:15 修改: 2026-06-17 04:43
stdlib	CVE-2022-30635	高危	v1.17.3	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:43
stdlib	CVE-2022-32189	高危	v1.17.3	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:46
stdlib	CVE-2022-41715	高危	v1.17.3	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-10-14 15:16 修改: 2026-06-17 05:03
stdlib	CVE-2022-41716	高危	v1.17.3	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-11-02 16:15 修改: 2026-06-17 05:03
stdlib	CVE-2022-41720	高危	v1.17.3	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-12-07 17:15 修改: 2026-06-17 05:03
stdlib	CVE-2022-41722	高危	v1.17.3	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-28 18:15 修改: 2026-06-17 05:03
stdlib	CVE-2022-41723	高危	v1.17.3	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-28 18:15 修改: 2026-06-17 05:03
stdlib	CVE-2022-41724	高危	v1.17.3	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-28 18:15 修改: 2026-06-17 05:03
stdlib	CVE-2022-41725	高危	v1.17.3	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-02-28 18:15 修改: 2026-06-17 05:03
stdlib	CVE-2023-24534	高危	v1.17.3	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-04-06 16:15 修改: 2026-06-17 05:39
stdlib	CVE-2023-24536	高危	v1.17.3	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-04-06 16:15 修改: 2026-06-17 05:39
stdlib	CVE-2023-24537	高危	v1.17.3	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-04-06 16:15 修改: 2026-06-17 05:39
stdlib	CVE-2023-24539	高危	v1.17.3	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-11 16:15 修改: 2026-06-17 05:39
stdlib	CVE-2023-29400	高危	v1.17.3	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-11 16:15 修改: 2026-06-17 05:49
stdlib	CVE-2023-29403	高危	v1.17.3	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-06-08 21:15 修改: 2026-06-17 05:49
stdlib	CVE-2023-39325	高危	v1.17.3	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-10-11 22:15 修改: 2026-06-17 06:12
stdlib	CVE-2023-45283	高危	v1.17.3	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-11-09 17:15 修改: 2026-06-17 06:28
stdlib	CVE-2023-45287	高危	v1.17.3	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-05 17:15 修改: 2026-06-17 06:28
stdlib	CVE-2023-45288	高危	v1.17.3	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-04-04 21:15 修改: 2026-06-17 06:28
stdlib	CVE-2024-34156	高危	v1.17.3	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-09-06 21:15 修改: 2026-06-17 07:33
stdlib	CVE-2025-61726	高危	v1.17.3	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61729	高危	v1.17.3	1.24.11, 1.25.5	crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50
stdlib	CVE-2026-25679	高危	v1.17.3	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:25
stdlib	CVE-2026-27145	高危	v1.17.3	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:26
stdlib	CVE-2026-32280	高危	v1.17.3	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32281	高危	v1.17.3	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32283	高危	v1.17.3	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-33811	高危	v1.17.3	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
stdlib	CVE-2026-33814	高危	v1.17.3	1.25.10, 1.26.3	net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
stdlib	CVE-2026-39820	高危	v1.17.3	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39823	高危	v1.17.3	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39836	高危	v1.17.3	1.25.10, 1.26.3	ELSA-2026-22121: golang security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-42499	高危	v1.17.3	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:47
stdlib	CVE-2026-42504	高危	v1.17.3	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
golang.org/x/net	CVE-2025-22870	中危	v0.0.0-20211020060615-d418f374d309	0.36.0	golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22870 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-03-12 19:15 修改: 2026-06-17 08:50
golang.org/x/net	CVE-2025-22872	中危	v0.0.0-20211020060615-d418f374d309	0.38.0	golang.org/x/net/html: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22872 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-04-16 18:16 修改: 2026-06-17 08:50
golang.org/x/net	CVE-2025-47911	中危	v0.0.0-20211020060615-d418f374d309	0.45.0	golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47911 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:28
golang.org/x/net	CVE-2025-58190	中危	v0.0.0-20211020060615-d418f374d309	0.45.0	golang.org/x/net/html: Infinite parsing loop in golang.org/x/net 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58190 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:44
github.com/lestrrat-go/jwx	CVE-2024-21664	中危	v1.2.7	1.2.28	jwx: parsing JSON serialized payload without protected field can lead to panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21664 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-01-09 20:15 修改: 2026-06-17 07:09
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20211020174200-9d6173849985	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-23 17:15 修改: 2026-06-17 04:40
github.com/lestrrat-go/jwx	CVE-2024-28122	中危	v1.2.7	1.2.29	jwx: denial of service attack using compressed JWE message 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28122 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-09 01:15 修改: 2026-06-17 07:21
github.com/lestrrat-go/jwx	GHSA-rm8v-mxj3-5rmq	中危	v1.2.7	1.2.26	github.com/lestrrat-go/jwx vulnerable to Potential Padding Oracle Attack 漏洞详情: https://github.com/advisories/GHSA-rm8v-mxj3-5rmq 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-06-14 17:24 修改: 2023-06-14 17:24
github.com/minio/console	CVE-2023-33955	中危	v0.12.5	0.28.0	Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33955 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-05-30 07:15 修改: 2026-06-17 06:02
google.golang.org/protobuf	CVE-2024-24786	中危	v1.27.1	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-05 23:15 修改: 2026-06-17 07:14
golang.org/x/crypto	CVE-2023-48795	中危	v0.0.0-20210921155107-089bfa567519	0.17.0	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-18 16:15 修改: 2026-06-17 06:34
golang.org/x/crypto	CVE-2025-47914	中危	v0.0.0-20210921155107-089bfa567519	0.45.0	golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47914 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-11-19 21:15 修改: 2026-06-17 09:28
golang.org/x/crypto	CVE-2025-58181	中危	v0.0.0-20210921155107-089bfa567519	0.45.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58181 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-11-19 21:15 修改: 2026-06-17 09:44
golang.org/x/crypto	CVE-2026-39831	中危	v0.0.0-20210921155107-089bfa567519	0.52.0	The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nis ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39831 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39832	中危	v0.0.0-20210921155107-089bfa567519	0.52.0	When adding a key to a remote agent constraint extensions such as rest ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39832 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39833	中危	v0.0.0-20210921155107-089bfa567519	0.52.0	The in-memory keyring returned by NewKeyring() silently accepted keys ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39833 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-39834	中危	v0.0.0-20210921155107-089bfa567519	0.52.0	When writing data larger than 4GB in a single Write call on an SSH cha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39834 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
golang.org/x/crypto	CVE-2026-46598	中危	v0.0.0-20210921155107-089bfa567519	0.52.0	golang.org/x/crypto/ssh/agent: golang: golang.org/x/crypto/ssh/agent: Denial of Service via malformed input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46598 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
github.com/minio/operator	CVE-2025-32963	中危	v0.0.0-20211011212245-31460bbbc4b7	7.1.0	Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32963 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-04-22 18:16 修改: 2026-06-17 09:12
github.com/coredns/coredns	CVE-2023-30464	中危	v1.4.0		CoreDNS Cache Poisoning via a birthday attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-30464 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-09-18 21:15 修改: 2026-06-17 05:54
go.mongodb.org/mongo-driver	CVE-2021-20329	中危	v1.4.6	1.5.1	mongo-go-driver: specific cstrings input may not be properly validated 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20329 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2021-06-10 17:15 修改: 2026-06-17 03:33
go.mongodb.org/mongo-driver	CVE-2026-2303	中危	v1.4.6	1.17.7	CVE-2026-2303 affecting package telegraf for versions less than 1.29.4-21 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2303 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-02-10 20:17 修改: 2026-06-17 10:30
github.com/coredns/coredns	CVE-2024-0874	中危	v1.4.0	1.11.2	coredns: CD bit response is cached and served later 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0874 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-04-25 17:15 修改: 2026-06-17 06:54
github.com/coredns/coredns	CVE-2025-68151	中危	v1.4.0	1.14.0	github.com/coredns/coredns/core/dnsserver: CoreDNS DoS via unbounded connections and oversized messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68151 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-08 16:15 修改: 2026-06-17 09:58
github.com/coredns/coredns	GHSA-gv9j-4w24-q7vx	中危	v1.4.0	1.6.6	Improper random number generation in github.com/coredns/coredns 漏洞详情: https://github.com/advisories/GHSA-gv9j-4w24-q7vx 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-03-01 21:03 修改: 2022-03-01 21:03
github.com/eclipse/paho.mqtt.golang	CVE-2025-10543	中危	v1.3.0	1.5.1	paho.mqtt.golang: paho.mqtt.golang: Integer Overflow in UTF-8 String Encoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10543 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-02 09:15 修改: 2026-06-17 08:28
github.com/Azure/go-ntlmssp	CVE-2026-32952	中危	v0.0.0-20200615164410-66371956d46c	0.1.1	go-ntlmssp: go-ntlmssp: Denial of Service via malicious NTLM challenge 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32952 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-24 03:16 修改: 2026-06-17 10:36
github.com/coredns/coredns	CVE-2022-2835	中危	v1.4.0		coreDNS: DNS Redirection of Internal Services 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2835 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-03 16:15 修改: 2026-06-17 04:42
github.com/coredns/coredns	CVE-2022-2837	中危	v1.4.0		coreDNS: DNS Redirection of Top-Level Domains 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2837 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-03 16:15 修改: 2026-06-17 04:42
github.com/golang/glog	CVE-2024-45339	中危	v0.0.0-20160126235308-23def4e6c14b	1.2.4	github.com/golang/glog: Vulnerability when creating log files in github.com/golang/glog 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45339 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-28 02:15 修改: 2026-06-17 07:54
github.com/lestrrat-go/jwx	CVE-2023-49290	中危	v1.2.7	1.2.27	jwx: Malicious parameters in JWE can cause denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49290 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-05 00:15 修改: 2026-06-17 06:35
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20211020060615-d418f374d309	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-12-08 20:15 修改: 2026-06-17 05:03
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20211020060615-d418f374d309	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-02 20:15 修改: 2026-06-17 06:15
stdlib	CVE-2021-44717	中危	v1.17.3	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-01-01 05:15 修改: 2026-06-17 04:12
stdlib	CVE-2022-1705	中危	v1.17.3	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:22
stdlib	CVE-2022-1962	中危	v1.17.3	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:23
stdlib	CVE-2022-29526	中危	v1.17.3	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-06-23 17:15 修改: 2026-06-17 04:40
stdlib	CVE-2022-32148	中危	v1.17.3	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:46
stdlib	CVE-2022-41717	中危	v1.17.3	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-12-08 20:15 修改: 2026-06-17 05:03
stdlib	CVE-2023-24532	中危	v1.17.3	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-03-08 20:15 修改: 2026-06-17 05:39
stdlib	CVE-2023-29406	中危	v1.17.3	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-07-11 20:15 修改: 2026-06-17 05:49
stdlib	CVE-2023-29409	中危	v1.17.3	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-08-02 20:15 修改: 2026-06-17 05:49
stdlib	CVE-2023-39318	中危	v1.17.3	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-08 17:15 修改: 2026-06-17 06:12
stdlib	CVE-2023-39319	中危	v1.17.3	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-09-08 17:15 修改: 2026-06-17 06:12
stdlib	CVE-2023-39326	中危	v1.17.3	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-12-06 17:15 修改: 2026-06-17 06:12
stdlib	CVE-2023-45284	中危	v1.17.3	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2023-11-09 17:15 修改: 2026-06-17 06:28
stdlib	CVE-2023-45289	中危	v1.17.3	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-05 23:15 修改: 2026-06-17 06:28
stdlib	CVE-2023-45290	中危	v1.17.3	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-05 23:15 修改: 2026-06-17 06:28
stdlib	CVE-2024-24783	中危	v1.17.3	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-05 23:15 修改: 2026-06-17 07:14
stdlib	CVE-2024-24784	中危	v1.17.3	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-05 23:15 修改: 2026-06-17 07:14
stdlib	CVE-2024-24785	中危	v1.17.3	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-03-05 23:15 修改: 2026-06-17 07:14
stdlib	CVE-2024-24789	中危	v1.17.3	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-06-05 16:15 修改: 2026-06-17 07:14
stdlib	CVE-2024-24791	中危	v1.17.3	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-07-02 22:15 修改: 2026-06-17 07:14
stdlib	CVE-2024-34155	中危	v1.17.3	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-09-06 21:15 修改: 2026-06-17 07:33
stdlib	CVE-2024-34158	中危	v1.17.3	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-09-06 21:15 修改: 2026-06-17 07:33
stdlib	CVE-2024-45336	中危	v1.17.3	1.22.11, 1.23.5, 1.24.0-rc.2	golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45336 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-28 02:15 修改: 2026-06-17 07:54
stdlib	CVE-2025-0913	中危	v1.17.3	1.23.10, 1.24.4	Inconsistent handling of O_CREATE\|O_EXCL on Unix and Windows in os in syscall 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0913 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-11 18:15 修改: 2026-06-17 08:27
stdlib	CVE-2025-22866	中危	v1.17.3	1.22.12, 1.23.6, 1.24.0-rc.3	crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22866 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-02-06 17:15 修改: 2026-06-17 08:50
stdlib	CVE-2025-22870	中危	v1.17.3	1.23.7, 1.24.1	golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22870 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-03-12 19:15 修改: 2026-06-17 08:50
stdlib	CVE-2025-22871	中危	v1.17.3	1.23.8, 1.24.2	net/http: Request smuggling due to acceptance of invalid chunked data in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22871 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-04-08 20:15 修改: 2026-06-17 08:50
stdlib	CVE-2025-22873	中危	v1.17.3	1.23.9, 1.24.3	os: os: Information disclosure via path traversal using specially crafted filenames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22873 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-02-04 23:15 修改: 2026-06-17 08:50
stdlib	CVE-2025-4673	中危	v1.17.3	1.23.10, 1.24.4	net/http: Sensitive headers not cleared on cross-origin redirect in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4673 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-06-11 17:15 修改: 2026-06-17 09:33
stdlib	CVE-2025-47906	中危	v1.17.3	1.23.12, 1.24.6	os/exec: Unexpected paths returned from LookPath in os/exec 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47906 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-09-18 19:15 修改: 2026-06-17 09:28
stdlib	CVE-2025-47907	中危	v1.17.3	1.23.12, 1.24.6	database/sql: Postgres Scan Race Condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47907 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-08-07 16:15 修改: 2026-06-17 09:28
stdlib	CVE-2025-47912	中危	v1.17.3	1.24.8, 1.25.2	net/url: Insufficient validation of bracketed IPv6 hostnames in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28
stdlib	CVE-2025-58183	中危	v1.17.3	1.24.8, 1.25.2	golang: archive/tar: Unbounded allocation when parsing GNU sparse map 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58185	中危	v1.17.3	1.24.8, 1.25.2	encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58187	中危	v1.17.3	1.24.9, 1.25.3	crypto/x509: Quadratic complexity when checking name constraints in crypto/x509 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58188	中危	v1.17.3	1.24.8, 1.25.2	crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-58189	中危	v1.17.3	1.24.8, 1.25.2	crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2025-61723	中危	v1.17.3	1.24.8, 1.25.2	encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61724	中危	v1.17.3	1.24.8, 1.25.2	net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61725	中危	v1.17.3	1.24.8, 1.25.2	net/mail: Excessive CPU consumption in ParseAddress in net/mail 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61727	中危	v1.17.3	1.24.11, 1.25.5	golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61728	中危	v1.17.3	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2025-61730	中危	v1.17.3	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
stdlib	CVE-2026-27142	中危	v1.17.3	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26
stdlib	CVE-2026-32282	中危	v1.17.3	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32288	中危	v1.17.3	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-32289	中危	v1.17.3	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-04-08 02:16 修改: 2026-06-17 10:35
stdlib	CVE-2026-39825	中危	v1.17.3	1.25.10, 1.26.3	net/http/httputil: golang: net/http/httputil: ReverseProxy forwards hidden query parameters, potentially bypassing security controls 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-39826	中危	v1.17.3	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
stdlib	CVE-2026-42507	中危	v1.17.3	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
github.com/golang-jwt/jwt/v4	CVE-2024-51744	低危	v4.1.0	4.5.1	golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-11-04 22:15 修改: 2026-06-17 08:06
stdlib	CVE-2022-30629	低危	v1.17.3	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2022-08-10 20:15 修改: 2026-06-17 04:43
stdlib	CVE-2024-45341	低危	v1.17.3	1.22.11, 1.23.5, 1.24.0-rc.2	golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45341 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-01-28 02:15 修改: 2026-06-17 07:54
stdlib	CVE-2025-58186	低危	v1.17.3	1.24.8, 1.25.2	golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
stdlib	CVE-2026-27139	低危	v1.17.3	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26
golang.org/x/crypto	CVE-2022-30636	未知	v0.0.0-20210921155107-089bfa567519	0.0.0-20220525230936-793ad666bf5e	httpTokenCacheKey uses path.Base to extract the expected HTTP-01 token ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30636 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2024-07-02 20:15 修改: 2026-06-17 04:43
golang.org/x/sys	CVE-2026-39824	未知	v0.0.0-20211020174200-9d6173849985	0.44.0	Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824 镜像层: sha256:cc21ddd9a573921836f1135c5d3bd43a3801c7aa60d34f747376135faf6d4d8d 发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42