docker.io/nacos/nacos-server:v3.2.2-slim linux/amd64

docker.io/nacos/nacos-server:v3.2.2-slim - Trivy安全扫描结果 扫描时间: 2026-06-22 10:54
全部漏洞信息
低危漏洞:44 中危漏洞:105 高危漏洞:21 严重漏洞:4

系统OS: ubuntu 26.04 扫描引擎: Trivy 扫描时间: 2026-06-22 10:54

docker.io/nacos/nacos-server:v3.2.2-slim (ubuntu 26.04) (ubuntu)
低危漏洞:35 中危漏洞:89 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libssl3t64 CVE-2026-45447 高危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
openssl CVE-2026-45447 高危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
openssl-provider-legacy CVE-2026-45447 高危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libblkid1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
libc-bin CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-bin CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc-bin CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libc-bin CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc-bin CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libc-gconv-modules-extra CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-gconv-modules-extra CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc-gconv-modules-extra CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libc-gconv-modules-extra CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc-gconv-modules-extra CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libc6 CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc6 CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc6 CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libc6 CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc6 CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libexpat1 CVE-2025-66382 中危 2.7.4-1 libexpat: libexpat: Denial of service via crafted file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2025-11-28 07:15 修改: 2026-06-02 14:16
libgcrypt20 CVE-2026-41989 中危 1.12.0-2 1.12.0-2ubuntu0.1 Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
libgcrypt20 CVE-2026-41990 中危 1.12.0-2 1.12.0-2ubuntu0.1 Libgcrypt: Libgcrypt: Denial of Service or data integrity issues from missing bounds check during Dilithium signing.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41990

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
libmount1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libmount1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
libsmartcols1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libsmartcols1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
bsdutils CVE-2026-27456 中危 1:2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libssl3t64 CVE-2026-34182 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3t64 CVE-2026-34183 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
libssl3t64 CVE-2026-42764 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl3t64 CVE-2026-45445 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libuuid1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libuuid1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
login CVE-2026-27456 中危 1:4.16.0-2+really2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
login CVE-2026-3184 中危 1:4.16.0-2+really2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
mount CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
mount CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
bsdutils CVE-2026-3184 中危 1:2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
openssl CVE-2026-34182 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl CVE-2026-34183 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
openssl CVE-2026-42764 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl CVE-2026-45445 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libblkid1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
openssl-provider-legacy CVE-2026-34182 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl-provider-legacy CVE-2026-34183 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
openssl-provider-legacy CVE-2026-42764 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl-provider-legacy CVE-2026-45445 中危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
rust-coreutils CVE-2026-35341 中危 0.8.0-0ubuntu3 A vulnerability in uutils coreutils mkfifo allows for the unauthorized ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35341

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:05
rust-coreutils CVE-2026-35344 中危 0.8.0-0ubuntu3 The dd utility in uutils coreutils suppresses errors during file trunc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35344

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-05-04 20:09
rust-coreutils CVE-2026-35345 中危 0.8.0-0ubuntu3 A vulnerability in the tail utility of uutils coreutils allows for the ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35345

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-05-04 20:04
rust-coreutils CVE-2026-35348 中危 0.8.0-0ubuntu3 The sort utility in uutils coreutils is vulnerable to a process panic ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35348

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 18:57
rust-coreutils CVE-2026-35350 中危 0.8.0-0ubuntu3 The cp utility in uutils coreutils fails to properly handle setuid and ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35350

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:04
rust-coreutils CVE-2026-35351 中危 0.8.0-0ubuntu3 The mv utility in uutils coreutils fails to preserve file ownership du ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35351

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-27 12:28
rust-coreutils CVE-2026-35352 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the m ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35352

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-05-04 18:16
rust-coreutils CVE-2026-35354 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35354

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:04
rust-coreutils CVE-2026-35357 中危 0.8.0-0ubuntu3 The cp utility in uutils coreutils is vulnerable to an information dis ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35357

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:02
rust-coreutils CVE-2026-35359 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in the cp utilit ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35359

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:02
rust-coreutils CVE-2026-35360 中危 0.8.0-0ubuntu3 The touch utility in uutils coreutils is vulnerable to a Time-of-Check ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35360

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:02
rust-coreutils CVE-2026-35363 中危 0.8.0-0ubuntu3 A vulnerability in the rm utility of uutils coreutils allows the bypas ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35363

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:02
rust-coreutils CVE-2026-35364 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the m ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35364

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:19
rust-coreutils CVE-2026-35367 中危 0.8.0-0ubuntu3 The nohup utility in uutils coreutils creates its default output file, ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35367

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:19
rust-coreutils CVE-2026-35368 中危 0.8.0-0ubuntu3 A vulnerability exists in the chroot utility of uutils coreutils when ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35368

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:18
rust-coreutils CVE-2026-35370 中危 0.8.0-0ubuntu3 The id utility in uutils coreutils miscalculates the groups= section o ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35370

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-05-04 20:02
rust-coreutils CVE-2026-35371 中危 0.8.0-0ubuntu3 The id utility in uutils coreutils exhibits incorrect behavior in its ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35371

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-05-04 20:02
rust-coreutils CVE-2026-35373 中危 0.8.0-0ubuntu3 A logic error in the ln utility of uutils coreutils causes the program ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35373

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-05-04 20:01
rust-coreutils CVE-2026-35374 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the sp ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35374

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-05-04 19:22
rust-coreutils CVE-2026-35377 中危 0.8.0-0ubuntu3 A logic error in the env utility of uutils coreutils causes a failure ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35377

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:06
sed CVE-2026-5958 中危 4.9-2build3 4.9-2ubuntu1 sed: GNU sed TOCTOU race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-20 12:16 修改: 2026-05-19 15:17
tar CVE-2025-45582 中危 1.35+dfsg-4 tar: Tar path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
util-linux CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
util-linux CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
vim CVE-2026-43961 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43961

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
vim CVE-2026-46483 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.3 vim: command injection when decompressing .tgz archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46483

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-05-15 15:16 修改: 2026-05-19 12:27
vim CVE-2026-47162 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 Vim is an open source, command line text editor. Prior to version 9.2. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47162

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-13 01:04
vim CVE-2026-47167 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 Vim is an open source, command line text editor. Prior to version 9.2. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47167

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:32
vim CVE-2026-52858 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 Vim is an open source, command line text editor. Prior to version 9.2. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-52858

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:32
vim CVE-2026-52859 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 vim: Vim: Denial of Service via out-of-bounds write in terminal handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-52859

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:12
vim CVE-2026-52860 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 vim: Vim: Arbitrary code execution through Python omni-completion.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-52860

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:24
vim-common CVE-2026-43961 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43961

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
vim-common CVE-2026-46483 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.3 vim: command injection when decompressing .tgz archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46483

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-05-15 15:16 修改: 2026-05-19 12:27
vim-common CVE-2026-47162 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 Vim is an open source, command line text editor. Prior to version 9.2. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47162

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-13 01:04
vim-common CVE-2026-47167 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 Vim is an open source, command line text editor. Prior to version 9.2. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47167

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:32
vim-common CVE-2026-52858 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 Vim is an open source, command line text editor. Prior to version 9.2. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-52858

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:32
vim-common CVE-2026-52859 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 vim: Vim: Denial of Service via out-of-bounds write in terminal handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-52859

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:12
vim-common CVE-2026-52860 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 vim: Vim: Arbitrary code execution through Python omni-completion.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-52860

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:24
vim-runtime CVE-2026-43961 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43961

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
vim-runtime CVE-2026-46483 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.3 vim: command injection when decompressing .tgz archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46483

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-05-15 15:16 修改: 2026-05-19 12:27
vim-runtime CVE-2026-47162 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 Vim is an open source, command line text editor. Prior to version 9.2. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47162

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-13 01:04
vim-runtime CVE-2026-47167 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 Vim is an open source, command line text editor. Prior to version 9.2. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47167

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:32
vim-runtime CVE-2026-52858 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 Vim is an open source, command line text editor. Prior to version 9.2. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-52858

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:32
vim-runtime CVE-2026-52859 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 vim: Vim: Denial of Service via out-of-bounds write in terminal handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-52859

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:12
vim-runtime CVE-2026-52860 中危 2:9.1.2141-1ubuntu4.2 2:9.1.2141-1ubuntu4.5 vim: Vim: Arbitrary code execution through Python omni-completion.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-52860

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:24
openssl CVE-2026-34181 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl CVE-2026-42766 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl CVE-2026-42767 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl CVE-2026-42768 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl CVE-2026-42769 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
openssl CVE-2026-42770 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl CVE-2026-45446 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
openssl CVE-2026-7383 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
openssl CVE-2026-9076 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libsystemd0 CVE-2026-40228 低危 259.5-0ubuntu3 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libudev1 CVE-2026-40228 低危 259.5-0ubuntu3 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libgcrypt20 CVE-2024-2236 低危 1.12.0-2 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
libssl3t64 CVE-2026-34180 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3t64 CVE-2026-34181 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl-provider-legacy CVE-2026-34180 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl-provider-legacy CVE-2026-34181 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl-provider-legacy CVE-2026-42766 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl-provider-legacy CVE-2026-42767 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl-provider-legacy CVE-2026-42768 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl-provider-legacy CVE-2026-42769 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
openssl-provider-legacy CVE-2026-42770 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl-provider-legacy CVE-2026-45446 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
openssl-provider-legacy CVE-2026-7383 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
openssl-provider-legacy CVE-2026-9076 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
passwd CVE-2024-56433 低危 1:4.17.4-2ubuntu3 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libssl3t64 CVE-2026-42766 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
login.defs CVE-2024-56433 低危 1:4.17.4-2ubuntu3 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libssl3t64 CVE-2026-42767 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3t64 CVE-2026-42768 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3t64 CVE-2026-42769 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
libssl3t64 CVE-2026-42770 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3t64 CVE-2026-45446 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libssl3t64 CVE-2026-7383 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
libssl3t64 CVE-2026-9076 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
openssl CVE-2026-34180 低危 3.5.5-1ubuntu3 3.5.5-1ubuntu3.2 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:8c85e0a9f29d1b451cc8749dc737ad8549c415ebfc310ed09c90c6c496c969df

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
Java (jar)
低危漏洞:1 中危漏洞:6 高危漏洞:7 严重漏洞:4
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
org.apache.derby:derby CVE-2022-46337 严重 10.14.2.0 10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0 A cleverly devised username might bypass LDAP authentication checks. I ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46337

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2023-11-20 09:15 修改: 2025-06-10 14:15
org.apache.tomcat.embed:tomcat-embed-core CVE-2026-41293 严重 10.1.54 9.0.118, 10.1.55, 11.0.22 tomcat-coyote: Apache Tomcat: HTTP/2 request headers not validated

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41293

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:57
org.apache.tomcat.embed:tomcat-embed-core CVE-2026-43512 严重 10.1.54 9.0.118, 10.1.55, 11.0.22 tomcat-coyote: Apache Tomcat: Authentication bypass via digest authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43512

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:54
org.apache.tomcat.embed:tomcat-embed-core CVE-2026-43515 严重 10.1.54 9.0.118, 10.1.55, 11.0.22 tomcat-coyote: tomcat: Improper Authorization allows security bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43515

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:52
com.alipay.sofa:hessian CVE-2024-46983 高危 3.3.6 3.5.5 SOFA Hessian Remote Command Execution (RCE) Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-46983

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2024-09-19 23:15 修改: 2024-09-25 17:46
io.modelcontextprotocol.sdk:mcp-core CVE-2026-35568 高危 0.18.2 1.0.0 Java-SDK has a DNS Rebinding Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35568

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-04-07 22:16 修改: 2026-04-14 19:31
org.apache.tomcat.embed:tomcat-embed-core CVE-2026-41284 高危 10.1.54 9.0.118, 10.1.55, 11.0.22 Allocation of Resources Without Limits or Throttling vulnerability in ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41284

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-05-12 16:16 修改: 2026-05-14 18:59
org.apache.tomcat.embed:tomcat-embed-core CVE-2026-42498 高危 10.1.54 9.0.118, 10.1.55, 11.0.22 tomcat-coyote: Apache Tomcat: Information disclosure due to HTTP Authentication Header exposure during WebSocket authentication.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42498

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-05-12 16:16 修改: 2026-05-14 18:51
org.apache.tomcat.embed:tomcat-embed-core CVE-2026-43513 高危 10.1.54 9.0.118, 10.1.55, 11.0.22 Improper Handling of Case Sensitivity vulnerability in LockOutRealm in ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43513

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:53
org.json:json CVE-2022-45688 高危 20090211 20230227 json stack overflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45688

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2022-12-13 15:15 修改: 2025-09-19 18:54
org.json:json CVE-2023-5072 高危 20090211 20231013 JSON-java: parser confusion leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2023-10-12 17:15 修改: 2025-09-19 18:54
io.modelcontextprotocol.sdk:mcp-core CVE-2026-34237 中危 0.18.2 1.0.1, 1.1.1, 0.18.3 MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34237

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-03-31 16:16 修改: 2026-06-09 20:16
io.opentelemetry:opentelemetry-api CVE-2026-45292 中危 1.49.0 1.62.0 opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45292

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-05-28 17:16 修改: 2026-05-29 15:42
org.bouncycastle:bcpkix-jdk18on CVE-2026-5588 中危 1.79 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcprov-jdk18on CVE-2026-0636 中危 1.79 1.84 bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.apache.commons:commons-lang3 CVE-2025-48924 中危 3.17.0 3.18.0 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2025-07-11 15:15 修改: 2025-11-04 22:16
commons-lang:commons-lang CVE-2025-48924 中危 2.6 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2025-07-11 15:15 修改: 2025-11-04 22:16
org.apache.tomcat.embed:tomcat-embed-core CVE-2026-43514 低危 10.1.54 9.0.118, 10.1.55, 11.0.22 tomcat-coyote: Apache Tomcat: Information disclosure via AJP secret timing discrepancy

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43514

镜像层: sha256:3955c18caba714390e551453b505538571fd9a8144357f3868ebaaba7901f847

发布日期: 2026-05-12 16:16 修改: 2026-05-14 18:46
Python (python-pkg)
低危漏洞:8 中危漏洞:7 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
cryptography GHSA-537c-gmf6-5ccf 高危 48.0.0 48.0.1 Vulnerable OpenSSL included in cryptography wheels

漏洞详情: https://github.com/advisories/GHSA-537c-gmf6-5ccf

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 2026-06-15 20:12 修改: 2026-06-15 20:12
python-multipart CVE-2026-53539 高危 0.0.29 0.0.30 python-multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53539

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
starlette CVE-2026-54283 高危 1.2.0 1.3.1 Starlette: request.form() limits silently ignored for application/x-www-form-urlencoded enable DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54283

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
aiohttp CVE-2026-54274 中危 3.13.5 3.14.1 aiohttp: Incomplete websocket frame payloads bypass memory limits

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54274

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
aiohttp CVE-2026-54276 中危 3.13.5 3.14.1 aiohttp: DigestAuthMiddleware Applies Credentials to Cross-Origin Redirect Challenges

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54276

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
aiohttp CVE-2026-54277 中危 3.13.5 3.14.1 aiohttp: C HTTP Parser Bypasses max_line_size for Fragmented Lines

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54277

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
aiohttp CVE-2026-54278 中危 3.13.5 3.14.1 aiohttp: Unread Compressed Request Bodies Bypass client_max_size During Cleanup

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54278

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
aiohttp CVE-2026-34993 中危 3.13.5 3.14.0 aiohttp: AIOHTTP: Arbitrary code execution via untrusted input to CookieJar.load()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34993

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 2026-06-02 20:16 修改: 2026-06-05 13:44
aiohttp CVE-2026-47265 中危 3.13.5 3.14.0 python-aiohttp: AIOHTTP: Information disclosure via improper handling of cookies during cross-origin redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47265

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 2026-06-02 20:16 修改: 2026-06-05 13:39
aiohttp CVE-2026-54273 中危 3.13.5 3.14.1 aiohttp: HTTP/1 Pipelined Requests Queue Without Limit

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54273

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
aiohttp CVE-2026-54280 低危 3.13.5 3.14.1 aiohttp: Payload Response Resources Are Not Closed After Mid-Body Disconnect

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54280

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
aiohttp CVE-2026-50269 低危 3.13.5 3.14.0 aiohttp: CRLF injection in multipart headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50269

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
aiohttp CVE-2026-54275 低危 3.13.5 3.14.1 aiohttp: TLS Server Hostname Override Is Ignored When Reusing HTTPS Connections

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54275

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
python-multipart CVE-2026-53537 低危 0.0.29 0.0.30 python-multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53537

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
python-multipart CVE-2026-53538 低危 0.0.29 0.0.30 python-multipart: Semicolon treated as querystring field separator enables parameter smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53538

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
python-multipart CVE-2026-53540 低危 0.0.29 0.0.31 python-multipart: Negative Content-Length in parse_form buffers the entire body in memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53540

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
aiohttp CVE-2026-54279 低危 3.13.5 3.14.1 aiohttp: Host-Only Cookies Become Domain Cookies After CookieJar Persistence

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54279

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
starlette CVE-2026-54282 低危 1.2.0 1.3.0 Starlette: Unvalidated request path concatenated into authority poisons request.url.hostname

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54282

镜像层: sha256:b4c0f4954a0c280cadaed6795ec00dbab8cc5ce4ae6e86787b464f1b07722911

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
root/.local/bin/uv (rustbinary)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
root/.local/bin/uvx (rustbinary)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
usr/bin/pebble (gobinary)
低危漏洞:0 中危漏洞:3 高危漏洞:8 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2026-33811 高危 v1.26.2 1.25.10, 1.26.3 net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib CVE-2026-33814 高危 v1.26.2 1.25.10, 1.26.3 When processing HTTP/2 SETTINGS frames, transport will enter an infini ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib CVE-2026-39820 高危 v1.26.2 1.25.10, 1.26.3 Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib CVE-2026-39823 高危 v1.26.2 1.25.10, 1.26.3 CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib CVE-2026-39825 高危 v1.26.2 1.25.10, 1.26.3 ReverseProxy can forward queries containing parameters not visible to ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib CVE-2026-39836 高危 v1.26.2 1.25.10, 1.26.3 ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib CVE-2026-42499 高危 v1.26.2 1.25.10, 1.26.3 Pathological inputs could cause DoS through consumePhrase when parsing ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib CVE-2026-42504 高危 v1.26.2 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib CVE-2026-27145 中危 v1.26.2 1.25.11, 1.26.4 *x509.Certificate).VerifyHostname previously called matchHostnames in ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib CVE-2026-39826 中危 v1.26.2 1.25.10, 1.26.3 html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib CVE-2026-42507 中危 v1.26.2 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:0c3db79307ab91dad11fad2b136a2b56df6efeeb567c4c99e6e316b63885c9f6

发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
/home/nacos/.venv/lib/python3.10/site-packages/skill_scanner/data/default_policy.yaml ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/home/nacos/.venv/lib/python3.10/site-packages/skill_scanner/data/permissive_policy.yaml ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×