docker.io/mysql/mysql-server:5.7.40 linux/amd64

docker.io/mysql/mysql-server:5.7.40 - Trivy安全扫描结果 扫描时间: 2026-06-28 09:54
全部漏洞信息
低危漏洞:11 中危漏洞:31 高危漏洞:46 严重漏洞:0

系统OS: oracle 7.9 扫描引擎: Trivy 扫描时间: 2026-06-28 09:54

docker.io/mysql/mysql-server:5.7.40 (oracle 7.9) (oracle)
低危漏洞:3 中危漏洞:21 高危漏洞:37 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
glibc CVE-2024-2961 高危 2.17-326.0.1.el7_9 2.17-326.0.9.el7_9.3 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25
glibc CVE-2024-33599 高危 2.17-326.0.1.el7_9 2.17-326.0.9.el7_9.3 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc CVE-2024-33600 高危 2.17-326.0.1.el7_9 2.17-326.0.9.el7_9.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc CVE-2024-33601 高危 2.17-326.0.1.el7_9 2.17-326.0.9.el7_9.3 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc CVE-2024-33602 高危 2.17-326.0.1.el7_9 2.17-326.0.9.el7_9.3 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-common CVE-2024-2961 高危 2.17-326.0.1.el7_9 2.17-326.0.9.el7_9.3 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25
glibc-common CVE-2024-33599 高危 2.17-326.0.1.el7_9 2.17-326.0.9.el7_9.3 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-common CVE-2024-33600 高危 2.17-326.0.1.el7_9 2.17-326.0.9.el7_9.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-common CVE-2024-33601 高危 2.17-326.0.1.el7_9 2.17-326.0.9.el7_9.3 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
glibc-common CVE-2024-33602 高危 2.17-326.0.1.el7_9 2.17-326.0.9.el7_9.3 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
gnupg2 CVE-2025-68973 高危 2.0.22-5.el7_5 2.0.22-5.0.1.el7_5 GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-12-28 17:16 修改: 2026-06-17 09:59
krb5-libs CVE-2022-42898 高危 1.15.1-54.0.1.el7_9 1.15.1-55.0.1.el7_9 krb5: integer overflow vulnerabilities in PAC parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2022-12-25 06:15 修改: 2026-06-17 05:05
krb5-libs CVE-2024-3596 高危 1.15.1-54.0.1.el7_9 1.15.1-55.0.7.el7_9 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
krb5-libs CVE-2024-37371 高危 1.15.1-54.0.1.el7_9 1.15.1-55.0.3.el7_9 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
libxml2 CVE-2024-56171 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.5.el7_9.6 libxml2: Use-After-Free in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56171

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-02-18 22:15 修改: 2026-06-17 08:11
libxml2 CVE-2025-24928 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.5.el7_9.6 libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24928

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-02-18 23:15 修改: 2026-06-17 08:59
libxml2 CVE-2025-49794 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.7.el7_9.6 libxml: Heap use after free (UAF) leads to Denial of service (DoS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49794

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-06-16 16:15 修改: 2026-06-25 03:16
libxml2 CVE-2025-49796 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.7.el7_9.6 libxml: Type confusion leads to Denial of service (DoS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49796

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-06-16 16:15 修改: 2026-06-25 03:16
libxml2 CVE-2025-6021 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.7.el7_9.6 libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6021

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-06-12 13:15 修改: 2026-06-25 05:16
libxml2 CVE-2025-7425 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.9.el7_9.6 libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-07-10 14:15 修改: 2026-06-25 03:16
libxml2-python CVE-2024-56171 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.5.el7_9.6 libxml2: Use-After-Free in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56171

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-02-18 22:15 修改: 2026-06-17 08:11
libxml2-python CVE-2025-24928 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.5.el7_9.6 libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24928

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-02-18 23:15 修改: 2026-06-17 08:59
libxml2-python CVE-2025-49794 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.7.el7_9.6 libxml: Heap use after free (UAF) leads to Denial of service (DoS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49794

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-06-16 16:15 修改: 2026-06-25 03:16
libxml2-python CVE-2025-49796 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.7.el7_9.6 libxml: Type confusion leads to Denial of service (DoS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49796

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-06-16 16:15 修改: 2026-06-25 03:16
libxml2-python CVE-2025-6021 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.7.el7_9.6 libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6021

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-06-12 13:15 修改: 2026-06-25 05:16
libxml2-python CVE-2025-7425 高危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.9.el7_9.6 libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-07-10 14:15 修改: 2026-06-25 03:16
nss CVE-2023-0767 高危 3.79.0-4.el7_9 3.79.0-5.el7_9 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-06-02 17:15 修改: 2026-06-17 05:26
nss-sysinit CVE-2023-0767 高危 3.79.0-4.el7_9 3.79.0-5.el7_9 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-06-02 17:15 修改: 2026-06-17 05:26
nss-tools CVE-2023-0767 高危 3.79.0-4.el7_9 3.79.0-5.el7_9 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-06-02 17:15 修改: 2026-06-17 05:26
openssl-libs CVE-2023-0286 高危 1:1.0.2k-25.el7_9 1:1.0.2k-26.el7_9 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:25
python CVE-2023-24329 高危 2.7.5-92.0.1.el7_9 2.7.5-93.0.1.el7_9 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-02-17 15:15 修改: 2026-06-17 05:39
python CVE-2023-40217 高危 2.7.5-92.0.1.el7_9 2.7.5-94.0.1.el7_9 python: TLS handshake bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-08-25 01:15 修改: 2026-06-17 06:16
python CVE-2026-4519 高危 2.7.5-92.0.1.el7_9 2.7.5-94.0.7.el7_9 python: Python: Command-line option injection in webbrowser.open() via crafted URLs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2026-03-20 15:16 修改: 2026-06-17 10:56
python-libs CVE-2023-24329 高危 2.7.5-92.0.1.el7_9 2.7.5-93.0.1.el7_9 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-02-17 15:15 修改: 2026-06-17 05:39
python-libs CVE-2023-40217 高危 2.7.5-92.0.1.el7_9 2.7.5-94.0.1.el7_9 python: TLS handshake bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-08-25 01:15 修改: 2026-06-17 06:16
python-libs CVE-2026-4519 高危 2.7.5-92.0.1.el7_9 2.7.5-94.0.7.el7_9 python: Python: Command-line option injection in webbrowser.open() via crafted URLs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2026-03-20 15:16 修改: 2026-06-17 10:56
sqlite CVE-2025-6965 高危 3.7.17-8.el7_7.1 3.7.17-8.0.1.el7_9.1 sqlite: Integer Truncation in SQLite

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6965

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-07-15 14:15 修改: 2026-06-26 16:36
libxml2-python CVE-2025-32414 中危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.7.el7_9.6 libxml2: Out-of-Bounds Read in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-04-08 03:15 修改: 2026-06-17 09:11
libxml2-python CVE-2025-32415 中危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.11.el7_9.6 libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-04-17 17:15 修改: 2026-06-17 09:11
krb5-libs CVE-2024-37370 中危 1.15.1-54.0.1.el7_9 1.15.1-55.0.3.el7_9 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
krb5-libs CVE-2025-24528 中危 1.15.1-54.0.1.el7_9 1.15.1-55.0.9.el7_9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
libcom_err CVE-2022-1304 中危 1.42.9-19.0.1.el7 1.45.4-3.0.7.el7 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2022-04-14 21:15 修改: 2026-06-17 04:22
libxml2 CVE-2025-32414 中危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.7.el7_9.6 libxml2: Out-of-Bounds Read in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-04-08 03:15 修改: 2026-06-17 09:11
openssl-libs CVE-2025-9230 中危 1:1.0.2k-25.el7_9 1:1.0.2k-26.0.1.el7_9 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
libxml2 CVE-2025-32415 中危 2.9.1-6.0.3.el7_9.6 2.9.1-6.0.11.el7_9.6 libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-04-17 17:15 修改: 2026-06-17 09:11
libgcc CVE-2020-11023 中危 4.8.5-44.0.3.el7 4.8.5-45.0.1.el7_9 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2020-04-29 21:15 修改: 2026-06-17 02:48
libssh2 CVE-2020-22218 中危 1.8.0-4.el7 1.8.0-4.el7_9.1 libssh2: use-of-uninitialized-value in _libssh2_transport_read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-22218

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-08-22 19:16 修改: 2026-06-17 03:04
python CVE-2025-12084 中危 2.7.5-92.0.1.el7_9 2.7.5-94.0.3.el7_9 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
python CVE-2025-15366 中危 2.7.5-92.0.1.el7_9 2.7.5-94.0.5.el7_9 cpython: IMAP command injection in user-controlled commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
python CVE-2025-15367 中危 2.7.5-92.0.1.el7_9 2.7.5-94.0.5.el7_9 cpython: POP3 command injection in user-controlled commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
libstdc++ CVE-2020-11023 中危 4.8.5-44.0.3.el7 4.8.5-45.0.1.el7_9 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2020-04-29 21:15 修改: 2026-06-17 02:48
glib2 CVE-2025-13601 中危 2.56.1-9.el7_9 2.56.1-9.0.3.el7_9 glib: Integer overflow in in g_escape_uri_string()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13601

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-11-26 15:15 修改: 2026-06-25 04:17
glibc-common CVE-2025-4802 中危 2.17-326.0.1.el7_9 2.17-326.0.11.el7_9.3 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
python-libs CVE-2025-12084 中危 2.7.5-92.0.1.el7_9 2.7.5-94.0.3.el7_9 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
python-libs CVE-2025-15366 中危 2.7.5-92.0.1.el7_9 2.7.5-94.0.5.el7_9 cpython: IMAP command injection in user-controlled commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
python-libs CVE-2025-15367 中危 2.7.5-92.0.1.el7_9 2.7.5-94.0.5.el7_9 cpython: POP3 command injection in user-controlled commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
glibc CVE-2025-4802 中危 2.17-326.0.1.el7_9 2.17-326.0.11.el7_9.3 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
zlib CVE-2022-37434 中危 1.2.7-20.el7_9 1.2.7-21.el7_9 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2022-08-05 07:15 修改: 2026-06-17 04:55
curl CVE-2022-43552 低危 7.29.0-59.0.3.el7_9.1 7.29.0-59.0.3.el7_9.2 curl: Use-after-free triggered by an HTTP proxy deny response

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-02-09 20:15 修改: 2026-06-17 05:06
libcurl CVE-2022-43552 低危 7.29.0-59.0.3.el7_9.1 7.29.0-59.0.3.el7_9.2 curl: Use-after-free triggered by an HTTP proxy deny response

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2023-02-09 20:15 修改: 2026-06-17 05:06
zlib CVE-2016-9840 低危 1.2.7-20.el7_9 1.2.7-21.0.1.el7_9 zlib: Out-of-bound pointer arithmetic in inftrees.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-9840

镜像层: sha256:94ed4b3256a9d220fd33f19fa8df172497281108954c1e370e759ede3d748748

发布日期: 2017-05-23 04:29 修改: 2026-06-17 00:56
Python (python-pkg)
低危漏洞:8 中危漏洞:10 高危漏洞:9 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
certifi CVE-2023-37920 高危 2022.6.15 2023.7.22 python-certifi: Removal of e-Tugra root certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37920

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2023-07-25 21:15 修改: 2026-06-17 06:08
cryptography CVE-2020-36242 高危 3.2.1 3.3.2 python-cryptography: Large inputs for symmetric encryption can trigger integer overflow leading to buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36242

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2021-02-07 20:15 修改: 2026-06-17 03:15
cryptography CVE-2023-0286 高危 3.2.1 39.0.1 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2023-02-08 20:15 修改: 2026-06-17 05:25
cryptography CVE-2023-50782 高危 3.2.1 42.0.0 python-cryptography: Bleichenbacher timing oracle attack against RSA decryption - incomplete fix for CVE-2020-25659

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50782

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2024-02-05 21:15 修改: 2026-06-17 06:39
cryptography CVE-2026-26007 高危 3.2.1 46.0.5 cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26007

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2026-02-10 22:17 修改: 2026-06-17 10:25
cryptography GHSA-537c-gmf6-5ccf 高危 3.2.1 48.0.1 Vulnerable OpenSSL included in cryptography wheels

漏洞详情: https://github.com/advisories/GHSA-537c-gmf6-5ccf

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2026-06-15 20:12 修改: 2026-06-15 20:12
setuptools CVE-2022-40897 高危 56.0.0 65.5.1 pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2022-12-23 00:15 修改: 2026-06-17 05:02
setuptools CVE-2024-6345 高危 56.0.0 70.0.0 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2024-07-15 01:15 修改: 2026-06-17 08:17
setuptools CVE-2025-47273 高危 56.0.0 78.1.1 setuptools: Path Traversal Vulnerability in setuptools PackageIndex

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47273

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2025-05-17 16:15 修改: 2026-06-17 09:27
cryptography CVE-2023-49083 中危 3.2.1 41.0.6 python-cryptography: NULL-dereference when loading PKCS7 certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49083

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2023-11-29 19:15 修改: 2026-06-17 06:35
cryptography CVE-2024-0727 中危 3.2.1 42.0.2 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54
paramiko CVE-2023-48795 中危 2.11.0 3.4.0 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2023-12-18 16:15 修改: 2026-06-17 06:34
pip CVE-2023-5752 中危 21.1.1 23.3 pip: Mercurial configuration injectable in repo revision when installing via pip

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5752

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2023-10-25 18:17 修改: 2026-06-17 06:49
pip CVE-2025-8869 中危 21.1.1 25.3 pip: pip missing checks on symbolic link extraction

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8869

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2025-09-24 15:15 修改: 2026-06-17 10:07
pip CVE-2026-3219 中危 21.1.1 26.1 pip: pip: Incorrect file installation due to improper archive handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2026-04-20 16:16 修改: 2026-06-17 10:43
pip CVE-2026-6357 中危 21.1.1 26.1 pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2026-04-27 15:16 修改: 2026-06-17 11:00
certifi CVE-2022-23491 中危 2022.6.15 2022.12.07 python-certifi: untrusted root certificates

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23491

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2022-12-07 22:15 修改: 2026-06-17 04:30
PyNaCl CVE-2025-69277 中危 1.4.0 1.6.2 libsodium: pynacl: libsodium: Improper validation of elliptic curve points could lead to data integrity or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69277

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2025-12-31 06:15 修改: 2026-06-17 10:00
cryptography CVE-2023-23931 中危 3.2.1 39.0.1 python-cryptography: memory corruption via immutable objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23931

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2023-02-07 21:15 修改: 2026-06-17 05:38
cryptography GHSA-5cpq-8wj7-hf2v 低危 3.2.1 41.0.0 Vulnerable OpenSSL included in cryptography wheels

漏洞详情: https://github.com/advisories/GHSA-5cpq-8wj7-hf2v

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2023-06-02 17:13 修改: 2023-06-02 17:13
cryptography GHSA-jm77-qphf-c4w8 低危 3.2.1 41.0.3 pyca/cryptography's wheels include vulnerable OpenSSL

漏洞详情: https://github.com/advisories/GHSA-jm77-qphf-c4w8

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2023-08-01 22:34 修改: 2023-08-01 22:34
cryptography GHSA-v8gr-m533-ghj9 低危 3.2.1 41.0.4 Vulnerable OpenSSL included in cryptography wheels

漏洞详情: https://github.com/advisories/GHSA-v8gr-m533-ghj9

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2023-09-21 17:07 修改: 2023-09-21 17:07
pip CVE-2026-1703 低危 21.1.1 26.0 pip: pip: Information disclosure via path traversal when installing crafted wheel archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2026-02-02 15:16 修改: 2026-06-17 10:16
pyOpenSSL CVE-2026-27448 低危 19.1.0 26.0.0 pyOpenSSL: TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27448

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2026-03-18 00:16 修改: 2026-06-17 10:27
certifi CVE-2024-39689 低危 2022.6.15 2024.7.4 python-certifi: Remove root certificates from `GLOBALTRUST` from the root store

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39689

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2024-07-05 19:15 修改: 2026-06-17 07:42
paramiko CVE-2026-44405 低危 2.11.0 paramiko: Paramiko: Data integrity could be compromised due to SHA-1 algorithm use

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44405

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2026-05-06 00:16 修改: 2026-06-17 10:50
cryptography CVE-2026-34073 低危 3.2.1 46.0.6 python-cryptography: Cryptography: Security bypass due to improper DNS name constraint validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34073

镜像层: sha256:b2aaf228eda982c4870c7baa846a054c7b4337388a3bff6741358a1c3baaafe7

发布日期: 2026-03-31 03:15 修改: 2026-06-17 10:38
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×