docker.io/mongodb/mongodb-community-server:4.4.31-ubuntu2204 linux/amd64

docker.io/mongodb/mongodb-community-server:4.4.31-ubuntu2204 - Trivy安全扫描结果扫描时间: 2026-06-19 23:30

全部漏洞信息

低危漏洞:81

中危漏洞:230

高危漏洞:112

严重漏洞:8

系统OS: ubuntu 22.04 扫描引擎: Trivy 扫描时间: 2026-06-19 23:30

docker.io/mongodb/mongodb-community-server:4.4.31-ubuntu2204 (ubuntu 22.04) (ubuntu)

低危漏洞:73

中危漏洞:150

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libssl1.1	CVE-2021-3449	高危	1.1.1f-1ubuntu2.24	1.1.1j-1ubuntu3	openssl: NULL pointer dereference in signature_algorithms processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3449 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-03-25 15:15 修改: 2024-11-21 06:21
libssl1.1	CVE-2021-3711	高危	1.1.1f-1ubuntu2.24	1.1.1l-1ubuntu1	openssl: SM2 Decryption Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3711 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-08-24 15:15 修改: 2024-11-21 06:22
libssl1.1	CVE-2022-0778	高危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-03-15 17:15 修改: 2026-04-14 10:16
libssl1.1	CVE-2022-3602	高危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.7	OpenSSL: X.509 Email Address Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3602 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-01 18:15 修改: 2026-04-14 10:16
libssl1.1	CVE-2022-3786	高危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.7	OpenSSL: X.509 Email Address Variable Length Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3786 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-01 18:15 修改: 2026-04-14 10:16
libssl1.1	CVE-2023-0286	高危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.8	openssl: X.400 address type confusion in X.509 GeneralName 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2026-45447	高危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.25	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libssl3	CVE-2026-45447	高危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libc-bin	CVE-2026-4046	中危	2.35-0ubuntu3.13		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-bin	CVE-2026-5435	中危	2.35-0ubuntu3.13		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc-bin	CVE-2026-6238	中危	2.35-0ubuntu3.13		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libc6	CVE-2026-4046	中危	2.35-0ubuntu3.13		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc6	CVE-2026-5435	中危	2.35-0ubuntu3.13		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc6	CVE-2026-6238	中危	2.35-0ubuntu3.13		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libexpat1	CVE-2025-66382	中危	2.4.7-1ubuntu0.7		libexpat: libexpat: Denial of service via crafted file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2025-11-28 07:15 修改: 2026-06-02 14:16
libgcrypt20	CVE-2026-41989	中危	1.9.4-3ubuntu3	1.9.4-3ubuntu3.2	Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
libgnutls30	CVE-2026-33845	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-33846	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-3832	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-30 18:16 修改: 2026-06-02 17:16
libgnutls30	CVE-2026-3833	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42009	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-18 13:16 修改: 2026-06-08 17:16
libgnutls30	CVE-2026-42010	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-07 12:16 修改: 2026-06-10 16:17
libgnutls30	CVE-2026-42011	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42012	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42013	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42014	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-16 02:16 修改: 2026-06-16 15:26
libgnutls30	CVE-2026-42015	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-5260	中危	3.7.3-4ubuntu1.8	3.7.3-4ubuntu1.9	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgssapi3-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-26 05:15 修改: 2025-04-14 16:15
libgssapi3-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-3ubuntu1		CVE-2022-3116 affecting package samba for versions less than 4.18.3-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-27 22:15 修改: 2025-02-24 19:15
libgssapi3-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-3ubuntu1		samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-01-12 15:15 修改: 2024-11-21 07:19
libgssapi3-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-3ubuntu1		Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-15 23:15 修改: 2024-11-21 07:24
libgssapi3-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-3ubuntu1		krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libgssapi3-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 05:15 修改: 2025-04-15 14:15
libhcrypto4-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-26 05:15 修改: 2025-04-14 16:15
libhcrypto4-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-3ubuntu1		CVE-2022-3116 affecting package samba for versions less than 4.18.3-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-27 22:15 修改: 2025-02-24 19:15
libhcrypto4-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-3ubuntu1		samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-01-12 15:15 修改: 2024-11-21 07:19
libhcrypto4-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-3ubuntu1		Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-15 23:15 修改: 2024-11-21 07:24
libhcrypto4-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-3ubuntu1		krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libhcrypto4-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 05:15 修改: 2025-04-15 14:15
libheimbase1-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-26 05:15 修改: 2025-04-14 16:15
libheimbase1-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-3ubuntu1		CVE-2022-3116 affecting package samba for versions less than 4.18.3-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-27 22:15 修改: 2025-02-24 19:15
libheimbase1-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-3ubuntu1		samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-01-12 15:15 修改: 2024-11-21 07:19
libheimbase1-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-3ubuntu1		Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-15 23:15 修改: 2024-11-21 07:24
libheimbase1-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-3ubuntu1		krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libheimbase1-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 05:15 修改: 2025-04-15 14:15
libheimntlm0-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-26 05:15 修改: 2025-04-14 16:15
libheimntlm0-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-3ubuntu1		CVE-2022-3116 affecting package samba for versions less than 4.18.3-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-27 22:15 修改: 2025-02-24 19:15
libheimntlm0-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-3ubuntu1		samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-01-12 15:15 修改: 2024-11-21 07:19
libheimntlm0-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-3ubuntu1		Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-15 23:15 修改: 2024-11-21 07:24
libheimntlm0-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-3ubuntu1		krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libheimntlm0-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 05:15 修改: 2025-04-15 14:15
libhx509-5-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-26 05:15 修改: 2025-04-14 16:15
libhx509-5-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-3ubuntu1		CVE-2022-3116 affecting package samba for versions less than 4.18.3-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-27 22:15 修改: 2025-02-24 19:15
libhx509-5-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-3ubuntu1		samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-01-12 15:15 修改: 2024-11-21 07:19
libhx509-5-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-3ubuntu1		Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-15 23:15 修改: 2024-11-21 07:24
libhx509-5-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-3ubuntu1		krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libhx509-5-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 05:15 修改: 2025-04-15 14:15
libkrb5-26-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-26 05:15 修改: 2025-04-14 16:15
libkrb5-26-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-3ubuntu1		CVE-2022-3116 affecting package samba for versions less than 4.18.3-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-27 22:15 修改: 2025-02-24 19:15
libkrb5-26-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-3ubuntu1		samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-01-12 15:15 修改: 2024-11-21 07:19
libkrb5-26-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-3ubuntu1		Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-15 23:15 修改: 2024-11-21 07:24
libkrb5-26-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-3ubuntu1		krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libkrb5-26-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 05:15 修改: 2025-04-15 14:15
libldap-2.4-2	CVE-2020-36221	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36221 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-01-26 18:15 修改: 2024-11-21 05:29
libldap-2.4-2	CVE-2020-36222	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Assertion failure in slapd in the saslAuthzTo validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36222 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-01-26 18:15 修改: 2024-11-21 05:29
libldap-2.4-2	CVE-2020-36223	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Out-of-bounds read in Values Return Filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36223 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-01-26 18:15 修改: 2024-11-21 05:29
libldap-2.4-2	CVE-2020-36224	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Invalid pointer free in the saslAuthzTo processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36224 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-01-26 18:15 修改: 2024-11-21 05:29
libldap-2.4-2	CVE-2020-36225	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Double free in the saslAuthzTo processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36225 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-01-26 18:15 修改: 2024-11-21 05:29
libldap-2.4-2	CVE-2020-36226	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Denial of service via length miscalculation in slap_parse_user 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36226 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-01-26 18:15 修改: 2024-11-21 05:29
libldap-2.4-2	CVE-2020-36227	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Infinite loop in slapd with the cancel_extop Cancel operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36227 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-01-26 18:15 修改: 2024-11-21 05:29
libldap-2.4-2	CVE-2020-36228	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36228 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-01-26 18:15 修改: 2024-11-21 05:29
libldap-2.4-2	CVE-2020-36229	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Type confusion in ad_keystring in ad.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36229 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-01-26 18:15 修改: 2024-11-21 05:29
libldap-2.4-2	CVE-2020-36230	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Assertion failure in ber_next_element in decode.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36230 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-01-26 18:15 修改: 2024-11-21 05:29
libldap-2.4-2	CVE-2021-27212	中危	2.4.49+dfsg-2ubuntu1.10	2.4.57+dfsg-2ubuntu1	openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27212 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-02-14 03:15 修改: 2024-11-21 05:57
libldap-2.4-2	CVE-2022-29155	中危	2.4.49+dfsg-2ubuntu1.10	2.5.11+dfsg-1~exp1ubuntu3.1	openldap: OpenLDAP SQL injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29155 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-05-04 20:15 修改: 2024-11-21 06:58
libmount1	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libperl5.30	CVE-2020-16156	中危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.1	perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-12-13 18:15 修改: 2025-11-03 22:15
libperl5.30	CVE-2021-36770	中危	5.30.0-9ubuntu0.5	5.32.1-3ubuntu3	perl-Encode: bug in local configuration loading allows arbitrary Perl code execution placed under the current working directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36770 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-08-11 23:15 修改: 2025-11-03 22:15
libperl5.30	CVE-2023-31484	中危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.2	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-04-29 00:15 修改: 2025-11-03 22:16
libperl5.30	CVE-2023-47038	中危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.3	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
libperl5.30	CVE-2024-56406	中危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.4	perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56406 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2025-04-13 14:15 修改: 2025-10-16 14:15
libperl5.30	CVE-2025-40909	中危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.5	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
libpython3.10-minimal	CVE-2026-2297	中危	3.10.12-1~22.04.15		cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
libpython3.10-stdlib	CVE-2026-2297	中危	3.10.12-1~22.04.15		cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
libroken18-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-26 05:15 修改: 2025-04-14 16:15
libroken18-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-3ubuntu1		CVE-2022-3116 affecting package samba for versions less than 4.18.3-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-27 22:15 修改: 2025-02-24 19:15
libroken18-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-3ubuntu1		samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-01-12 15:15 修改: 2024-11-21 07:19
libroken18-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-3ubuntu1		Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-15 23:15 修改: 2024-11-21 07:24
libroken18-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-3ubuntu1		krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libroken18-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 05:15 修改: 2025-04-15 14:15
libsmartcols1	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libsnmp35	CVE-2022-24805	中危	5.8+dfsg-2ubuntu2.6	5.9.1+dfsg-1ubuntu2.2	net-snmp: A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24805 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-04-16 20:15 修改: 2025-01-17 16:04
libsnmp35	CVE-2022-24806	中危	5.8+dfsg-2ubuntu2.6	5.9.1+dfsg-1ubuntu2.2	net-snmp: Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24806 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-04-16 20:15 修改: 2025-01-17 16:09
libsnmp35	CVE-2022-24807	中危	5.8+dfsg-2ubuntu2.6	5.9.1+dfsg-1ubuntu2.2	net-snmp: A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24807 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-04-16 20:15 修改: 2025-01-17 16:15
libsnmp35	CVE-2022-24808	中危	5.8+dfsg-2ubuntu2.6	5.9.1+dfsg-1ubuntu2.2	net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24808 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-04-16 20:15 修改: 2025-01-17 16:16
libsnmp35	CVE-2022-24809	中危	5.8+dfsg-2ubuntu2.6	5.9.1+dfsg-1ubuntu2.2	net-snmp: A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24809 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-04-16 20:15 修改: 2025-01-17 16:17
libsnmp35	CVE-2022-24810	中危	5.8+dfsg-2ubuntu2.6	5.9.1+dfsg-1ubuntu2.2	net-snmp: A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24810 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-04-16 20:15 修改: 2025-02-11 21:56
libsnmp35	CVE-2022-44792	中危	5.8+dfsg-2ubuntu2.6	5.9.1+dfsg-1ubuntu2.4	net-snmp: NULL Pointer Exception when handling ipDefaultTTL 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44792 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-07 03:15 修改: 2025-05-05 16:15
libsnmp35	CVE-2022-44793	中危	5.8+dfsg-2ubuntu2.6	5.9.1+dfsg-1ubuntu2.4	net-snmp: NULL Pointer Exception when handling pv6IpForwarding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44793 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-07 03:15 修改: 2025-05-05 16:15
libsnmp35	CVE-2025-68615	中危	5.8+dfsg-2ubuntu2.6	5.9.1+dfsg-1ubuntu2.9	net-snmp: buffer overflow via a specially crafted packet can cause a crash in snmptrapd 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68615 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2025-12-23 00:15 修改: 2026-02-19 16:09
bsdutils	CVE-2026-27456	中危	1:2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libasn1-8-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-26 05:15 修改: 2025-04-14 16:15
libasn1-8-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-3ubuntu1		CVE-2022-3116 affecting package samba for versions less than 4.18.3-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-27 22:15 修改: 2025-02-24 19:15
libasn1-8-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-3ubuntu1		samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-01-12 15:15 修改: 2024-11-21 07:19
libasn1-8-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-3ubuntu1		Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-15 23:15 修改: 2024-11-21 07:24
libasn1-8-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-3ubuntu1		krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libasn1-8-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 05:15 修改: 2025-04-15 14:15
libssl1.1	CVE-2021-3712	中危	1.1.1f-1ubuntu2.24	1.1.1l-1ubuntu1	openssl: Read buffer overruns processing ASN.1 strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-08-24 15:15 修改: 2026-04-16 15:16
libssl1.1	CVE-2021-4044	中危	1.1.1f-1ubuntu2.24	3.0.1-0ubuntu1	openssl: invalid handling of X509_verify_cert() internal errors in libssl 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4044 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-12-14 19:15 修改: 2024-11-21 06:36
libssl1.1	CVE-2022-1292	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.1	openssl: c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-05-03 16:15 修改: 2025-08-13 14:15
libssl1.1	CVE-2022-1343	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.1	openssl: Signer certificate verification returns inaccurate response when using OCSP_NOCHECKS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1343 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-05-03 16:15 修改: 2025-05-05 17:17
libssl1.1	CVE-2022-2068	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.5	openssl: the c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2068 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-06-21 15:15 修改: 2025-11-03 22:15
libssl1.1	CVE-2022-2097	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.6	openssl: AES OCB fails to encrypt some bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-07-05 11:15 修改: 2024-11-21 07:00
libssl1.1	CVE-2022-40735	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.16	漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40735 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-14 23:15 修改: 2024-11-21 07:21
libssl1.1	CVE-2022-4203	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.8	openssl: read buffer overflow in X.509 certificate verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4203 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-02-24 15:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2022-4304	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.8	openssl: timing attack in RSA Decryption implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2022-4450	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.8	openssl: double free after calling PEM_read_bio_ex 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2023-0215	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.8	openssl: use-after-free following BIO_new_NDEF 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2023-0216	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.8	openssl: invalid pointer dereference in d2i_PKCS7 functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0216 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2023-0217	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.8	openssl: NULL dereference validating DSA public key 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0217 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2023-0401	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.8	openssl: NULL dereference during PKCS7 data verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0401 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2023-2650	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.10	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-05-30 14:15 修改: 2025-03-19 16:15
libssl1.1	CVE-2023-5363	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.12	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-10-25 18:17 修改: 2026-05-12 11:16
libssl1.1	CVE-2024-6119	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.18	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-09-03 16:15 修改: 2026-05-12 12:17
libssl1.1	CVE-2025-15467	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.21	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-01-27 16:16 修改: 2026-06-09 10:16
libssl1.1	CVE-2025-9230	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.20	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
libssl1.1	CVE-2026-31790	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.23	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-34182	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.25	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl1.1	CVE-2026-45445	中危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.25	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libblkid1	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libssl3	CVE-2026-34182	中危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-45445	中危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libsystemd0	CVE-2026-40226	中危	249.11-0ubuntu3.20	249.11-0ubuntu3.21	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libudev1	CVE-2026-40226	中危	249.11-0ubuntu3.20	249.11-0ubuntu3.21	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libuuid1	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libwind0-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-26 05:15 修改: 2025-04-14 16:15
libwind0-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-3ubuntu1		CVE-2022-3116 affecting package samba for versions less than 4.18.3-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-27 22:15 修改: 2025-02-24 19:15
libwind0-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-3ubuntu1		samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-01-12 15:15 修改: 2024-11-21 07:19
libwind0-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-3ubuntu1		Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-11-15 23:15 修改: 2024-11-21 07:24
libwind0-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-3ubuntu1		krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libwind0-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-3ubuntu1		Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-25 05:15 修改: 2025-04-15 14:15
mount	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
perl-modules-5.30	CVE-2020-16156	中危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.1	perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-12-13 18:15 修改: 2025-11-03 22:15
perl-modules-5.30	CVE-2021-36770	中危	5.30.0-9ubuntu0.5	5.32.1-3ubuntu3	perl-Encode: bug in local configuration loading allows arbitrary Perl code execution placed under the current working directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36770 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-08-11 23:15 修改: 2025-11-03 22:15
perl-modules-5.30	CVE-2023-31484	中危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.2	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-04-29 00:15 修改: 2025-11-03 22:16
perl-modules-5.30	CVE-2023-47038	中危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.3	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-modules-5.30	CVE-2024-56406	中危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.4	perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56406 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2025-04-13 14:15 修改: 2025-10-16 14:15
perl-modules-5.30	CVE-2025-40909	中危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.5	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
python3-pip	CVE-2024-35195	中危	22.0.2+dfsg-1ubuntu0.7		requests: subsequent requests to the same host ignore cert verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35195 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2024-05-20 21:15 修改: 2026-04-15 00:35
python3-pip	CVE-2025-66418	中危	22.0.2+dfsg-1ubuntu0.7		urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66418 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2025-12-05 16:15 修改: 2025-12-10 16:08
python3-pip	CVE-2025-66471	中危	22.0.2+dfsg-1ubuntu0.7		urllib3: urllib3 Streaming API improperly handles highly compressed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66471 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2025-12-05 17:16 修改: 2025-12-10 16:10
python3-pip	CVE-2026-21441	中危	22.0.2+dfsg-1ubuntu0.7		urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21441 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2026-01-07 22:15 修改: 2026-01-23 09:15
python3.10	CVE-2026-2297	中危	3.10.12-1~22.04.15		cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
python3.10-minimal	CVE-2026-2297	中危	3.10.12-1~22.04.15		cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
tar	CVE-2025-45582	中危	1.34+dfsg-1ubuntu0.1.22.04.2		tar: Tar path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
util-linux	CVE-2026-27456	中危	2.37.2-4ubuntu3.5		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
wget	CVE-2021-31879	中危	1.21.2-2ubuntu1.1		wget: authorization header disclosure on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2021-04-29 05:15 修改: 2024-11-21 06:06
libssl1.1	CVE-2024-4603	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.17	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-05-16 16:15 修改: 2026-04-15 00:35
libssl1.1	CVE-2024-4741	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.17	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-11-13 11:15 修改: 2026-04-15 00:35
libssl1.1	CVE-2024-5535	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.17	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
libssl1.1	CVE-2024-9143	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.19	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-10-16 17:15 修改: 2026-05-12 12:17
libssl1.1	CVE-2025-68160	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2025-69418	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.21	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2025-69419	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.21	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2025-69420	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2025-69421	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-22795	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-22796	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-28387	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.23	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-28388	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.23	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-28389	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.23	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-28390	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.23	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-31789	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.23	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-34180	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.25	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl1.1	CVE-2026-42766	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.25	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl1.1	CVE-2026-42767	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.25	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl1.1	CVE-2026-42770	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.25	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl1.1	CVE-2026-45446	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.25	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libssl1.1	CVE-2026-7383	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.25	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
libssl1.1	CVE-2026-9076	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.25	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libgcc-s1	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04.3		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
libncurses6	CVE-2023-50495	低危	6.3-2ubuntu0.1		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libperl5.30	CVE-2022-48522	低危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.3	perl: stack-based crash in S_find_uninit_var() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48522 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-08-22 19:16 修改: 2024-11-21 07:33
libssl3	CVE-2026-34180	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-42766	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl3	CVE-2026-42767	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3	CVE-2026-42770	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3	CVE-2026-45446	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libssl3	CVE-2026-7383	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
libssl3	CVE-2026-9076	低危	3.0.2-0ubuntu1.23	3.0.2-0ubuntu1.25	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libstdc++6	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04.3		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
libncursesw6	CVE-2023-50495	低危	6.3-2ubuntu0.1		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libsystemd0	CVE-2023-7008	低危	249.11-0ubuntu3.20	249.11-0ubuntu3.21	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
libsystemd0	CVE-2026-40228	低危	249.11-0ubuntu3.20		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libtinfo6	CVE-2023-50495	低危	6.3-2ubuntu0.1		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libpcre2-8-0	CVE-2022-41409	低危	10.39-3ubuntu0.1		pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-07-18 14:15 修改: 2024-11-21 07:23
libudev1	CVE-2023-7008	低危	249.11-0ubuntu3.20	249.11-0ubuntu3.21	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
libudev1	CVE-2026-40228	低危	249.11-0ubuntu3.20		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libpcre3	CVE-2017-11164	低危	2:8.39-13ubuntu0.22.04.1		pcre: OP_KETRMAX feature in the match function in pcre_exec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2017-07-11 03:29 修改: 2025-04-20 01:37
gcc-12-base	CVE-2022-27943	低危	12.3.0-1ubuntu1~22.04.3		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
libgcrypt20	CVE-2024-2236	低危	1.9.4-3ubuntu3		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
libldap-2.4-2	CVE-2023-2953	低危	2.4.49+dfsg-2ubuntu1.10	2.5.16+dfsg-0ubuntu0.22.04.2	openldap: null pointer dereference in ber_memalloc_x function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-05-30 22:15 修改: 2025-01-10 22:15
liblzma5	CVE-2026-34743	低危	5.2.5-2ubuntu1	5.2.5-2ubuntu1.1	xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libssl1.1	CVE-2021-23840	低危	1.1.1f-1ubuntu2.24	1.1.1j-1ubuntu1	openssl: integer overflow in CipherUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2021-02-16 17:15 修改: 2026-04-16 15:16
libssl1.1	CVE-2022-1434	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.1	openssl: Incorrect MAC key used in the RC4-MD5 ciphersuite 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1434 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-05-03 16:15 修改: 2024-11-21 06:40
libzstd1	CVE-2022-4899	低危	1.4.8+dfsg-3build1		zstd: mysql: buffer overrun in util.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-03-31 20:15 修改: 2025-02-18 18:15
login	CVE-2023-29383	低危	1:4.8.1-2ubuntu2.2		shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
login	CVE-2024-56433	低危	1:4.8.1-2ubuntu2.2		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libssl1.1	CVE-2022-1473	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.1	openssl: OPENSSL_LH_flush() breaks reuse of memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1473 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-05-03 16:15 修改: 2025-05-05 17:17
ncurses-base	CVE-2023-50495	低危	6.3-2ubuntu0.1		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
ncurses-bin	CVE-2023-50495	低危	6.3-2ubuntu0.1		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
passwd	CVE-2023-29383	低危	1:4.8.1-2ubuntu2.2		shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
passwd	CVE-2024-56433	低危	1:4.8.1-2ubuntu2.2		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:8bba68e7621928237aa6d6e2c680cb9572c942ee23c2adabd22016bb67cb938d 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libssl1.1	CVE-2022-3358	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.7	openssl: Using a Custom Cipher with NID_undef may lead to NULL encryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3358 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-10-11 15:15 修改: 2024-11-21 07:19
libssl1.1	CVE-2022-3996	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.9	openssl: double locking leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3996 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2022-12-13 16:15 修改: 2024-11-21 07:20
libssl1.1	CVE-2023-0464	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.9	openssl: Denial of service by excessive resource usage in verifying X509 policy constraints 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-22 17:15 修改: 2025-05-05 16:15
libssl1.1	CVE-2023-0465	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.9	openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-28 15:15 修改: 2025-02-18 21:15
libssl1.1	CVE-2023-0466	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.9	openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-03-28 15:15 修改: 2025-02-19 18:15
libssl1.1	CVE-2023-1255	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.10	openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1255 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-04-20 17:15 修改: 2025-02-04 22:15
perl-modules-5.30	CVE-2022-48522	低危	5.30.0-9ubuntu0.5	5.34.0-3ubuntu1.3	perl: stack-based crash in S_find_uninit_var() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48522 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-08-22 19:16 修改: 2024-11-21 07:33
libssl1.1	CVE-2023-2975	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.12	openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2975 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-07-14 12:15 修改: 2025-04-23 17:16
libssl1.1	CVE-2023-3446	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.12	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-07-19 12:15 修改: 2025-04-23 17:16
libssl1.1	CVE-2023-3817	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.12	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-07-31 16:15 修改: 2025-05-05 16:15
libssl1.1	CVE-2023-5678	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.14	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2023-11-06 16:15 修改: 2026-05-12 11:16
python3-pip	CVE-2026-1703	低危	22.0.2+dfsg-1ubuntu0.7		pip: pip: Information disclosure via path traversal when installing crafted wheel archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703 镜像层: sha256:634bc9ddc42b76ee2c878ce58d23e4d04eaa2a4f8e7a950abc729c844824161f 发布日期: 2026-02-02 15:16 修改: 2026-04-15 00:35
libssl1.1	CVE-2023-6129	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.14	openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-01-09 17:15 修改: 2026-05-12 11:16
libssl1.1	CVE-2023-6237	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.14	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-04-25 07:15 修改: 2026-05-12 11:16
libssl1.1	CVE-2024-0727	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.14	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-01-26 09:15 修改: 2026-05-12 12:16
libssl1.1	CVE-2024-13176	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.19	openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
libssl1.1	CVE-2024-2511	低危	1.1.1f-1ubuntu2.24	3.0.2-0ubuntu1.17	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:3b8f36f552adfb144f686527a09b377b7a4ad52861e9cee17732d2029b1d9f48 发布日期: 2024-04-08 14:15 修改: 2026-05-12 12:16

Python (python-pkg)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/bin/bsondump (gobinary)

低危漏洞:1

中危漏洞:10

高危漏洞:13

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.25.5	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
stdlib	CVE-2025-61726	高危	v1.25.5	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2026-25679	高危	v1.25.5	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.5	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.5	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.5	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.5	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.5	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.5	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.5	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.5	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.5	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
go.mongodb.org/mongo-driver	CVE-2026-2303	中危	v1.17.3	1.17.7	CVE-2026-2303 affecting package telegraf for versions less than 1.29.4-21 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2303 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-10 20:17 修改: 2026-04-15 00:35
stdlib	CVE-2025-61728	中危	v1.25.5	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.5	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.5	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.5	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.5	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.5	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.5	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.5	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.5	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.5	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32

usr/bin/mongodump (gobinary)

低危漏洞:1

中危漏洞:10

高危漏洞:13

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.25.5	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
stdlib	CVE-2025-61726	高危	v1.25.5	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2026-25679	高危	v1.25.5	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.5	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.5	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.5	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.5	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.5	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.5	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.5	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.5	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.5	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
go.mongodb.org/mongo-driver	CVE-2026-2303	中危	v1.17.3	1.17.7	CVE-2026-2303 affecting package telegraf for versions less than 1.29.4-21 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2303 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-10 20:17 修改: 2026-04-15 00:35
stdlib	CVE-2025-61728	中危	v1.25.5	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.5	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.5	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.5	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.5	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.5	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.5	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.5	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.5	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.5	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32

usr/bin/mongoexport (gobinary)

低危漏洞:1

中危漏洞:10

高危漏洞:13

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.25.5	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
stdlib	CVE-2025-61726	高危	v1.25.5	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2026-25679	高危	v1.25.5	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.5	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.5	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.5	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.5	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.5	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.5	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.5	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.5	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.5	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
go.mongodb.org/mongo-driver	CVE-2026-2303	中危	v1.17.3	1.17.7	CVE-2026-2303 affecting package telegraf for versions less than 1.29.4-21 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2303 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-10 20:17 修改: 2026-04-15 00:35
stdlib	CVE-2025-61728	中危	v1.25.5	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.5	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.5	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.5	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.5	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.5	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.5	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.5	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.5	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.5	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32

usr/bin/mongofiles (gobinary)

低危漏洞:1

中危漏洞:10

高危漏洞:13

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.25.5	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
stdlib	CVE-2025-61726	高危	v1.25.5	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2026-25679	高危	v1.25.5	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.5	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.5	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.5	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.5	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.5	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.5	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.5	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.5	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.5	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
go.mongodb.org/mongo-driver	CVE-2026-2303	中危	v1.17.3	1.17.7	CVE-2026-2303 affecting package telegraf for versions less than 1.29.4-21 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2303 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-10 20:17 修改: 2026-04-15 00:35
stdlib	CVE-2025-61728	中危	v1.25.5	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.5	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.5	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.5	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.5	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.5	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.5	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.5	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.5	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.5	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32

usr/bin/mongoimport (gobinary)

低危漏洞:1

中危漏洞:10

高危漏洞:13

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.25.5	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
stdlib	CVE-2025-61726	高危	v1.25.5	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2026-25679	高危	v1.25.5	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.5	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.5	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.5	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.5	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.5	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.5	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.5	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.5	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.5	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
go.mongodb.org/mongo-driver	CVE-2026-2303	中危	v1.17.3	1.17.7	CVE-2026-2303 affecting package telegraf for versions less than 1.29.4-21 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2303 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-10 20:17 修改: 2026-04-15 00:35
stdlib	CVE-2025-61728	中危	v1.25.5	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.5	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.5	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.5	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.5	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.5	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.5	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.5	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.5	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.5	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32

usr/bin/mongorestore (gobinary)

低危漏洞:1

中危漏洞:10

高危漏洞:13

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.25.5	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
stdlib	CVE-2025-61726	高危	v1.25.5	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2026-25679	高危	v1.25.5	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.5	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.5	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.5	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.5	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.5	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.5	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.5	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.5	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.5	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
go.mongodb.org/mongo-driver	CVE-2026-2303	中危	v1.17.3	1.17.7	CVE-2026-2303 affecting package telegraf for versions less than 1.29.4-21 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2303 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-10 20:17 修改: 2026-04-15 00:35
stdlib	CVE-2025-61728	中危	v1.25.5	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.5	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.5	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.5	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.5	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.5	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.5	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.5	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.5	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.5	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32

usr/bin/mongostat (gobinary)

低危漏洞:1

中危漏洞:10

高危漏洞:13

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.25.5	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
stdlib	CVE-2025-61726	高危	v1.25.5	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2026-25679	高危	v1.25.5	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.5	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.5	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.5	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.5	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.5	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.5	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.5	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.5	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.5	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
go.mongodb.org/mongo-driver	CVE-2026-2303	中危	v1.17.3	1.17.7	CVE-2026-2303 affecting package telegraf for versions less than 1.29.4-21 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2303 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-10 20:17 修改: 2026-04-15 00:35
stdlib	CVE-2025-61728	中危	v1.25.5	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.5	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.5	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.5	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.5	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.5	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.5	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.5	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.5	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.5	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32

usr/bin/mongotop (gobinary)

低危漏洞:1

中危漏洞:10

高危漏洞:13

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.25.5	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
stdlib	CVE-2025-61726	高危	v1.25.5	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2026-25679	高危	v1.25.5	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.5	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.5	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.5	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.5	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.5	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.5	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.5	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.5	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.5	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.5	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
go.mongodb.org/mongo-driver	CVE-2026-2303	中危	v1.17.3	1.17.7	CVE-2026-2303 affecting package telegraf for versions less than 1.29.4-21 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2303 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-02-10 20:17 修改: 2026-04-15 00:35
stdlib	CVE-2025-61728	中危	v1.25.5	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.5	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.5	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.5	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.5	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.5	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.5	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.5	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.5	1.25.11, 1.26.4	net/textproto: golang: Golang net/textproto: Misleading error messages via input injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.5	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:b5ecdf5cf3e0b65f7084cc46174ef9f788fc56188870fc211a8593350d07d18e 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32