docker.io/nicolargo/glances:4.5.4-full linux/arm64

docker.io/nicolargo/glances:4.5.4-full - Trivy安全扫描结果扫描时间: 2026-06-13 14:49 温馨提示: 这是一个 linux/arm64 系统架构镜像

全部漏洞信息

低危漏洞:28

中危漏洞:37

高危漏洞:15

严重漏洞:4

系统OS: alpine 3.23.4 扫描引擎: Trivy 扫描时间: 2026-06-13 14:49

docker.io/nicolargo/glances:4.5.4-full (alpine 3.23.4) (alpine)

低危漏洞:28

中危漏洞:31

高危漏洞:11

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
gnutls	CVE-2026-33845	严重	3.8.12-r0	3.8.13-r0	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42010	严重	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-07 12:16 修改: 2026-06-10 16:17
gnutls-utils	CVE-2026-33845	严重	3.8.12-r0	3.8.13-r0	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
gnutls-utils	CVE-2026-42010	严重	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-07 12:16 修改: 2026-06-10 16:17
gnutls	CVE-2026-42009	高危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-18 13:16 修改: 2026-06-08 17:16
gnutls	CVE-2026-33846	高危	3.8.12-r0	3.8.13-r0	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
gnutls	CVE-2026-3833	高危	3.8.12-r0	3.8.13-r0	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
gnutls-utils	CVE-2026-33846	高危	3.8.12-r0	3.8.13-r0	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
gnutls-utils	CVE-2026-3833	高危	3.8.12-r0	3.8.13-r0	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
gnutls-utils	CVE-2026-42009	高危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-18 13:16 修改: 2026-06-08 17:16
libcrypto3	CVE-2026-45447	高危	3.5.6-r0	3.5.7-r0	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 15:16
libssh2	CVE-2026-7598	高危	1.11.1-r1	1.11.1-r2	libssh2: integer overflow via large username or password arguments 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7598 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-01 22:16 修改: 2026-05-07 01:47
libssl3	CVE-2026-45447	高危	3.5.6-r0	3.5.7-r0	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 15:16
libxml2	CVE-2026-6732	高危	2.13.9-r0	2.13.9-r1	libxml2: libxml2: Denial of Service via crafted XSD-validated document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6732 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-04-23 23:16 修改: 2026-05-15 14:36
nghttp2-libs	CVE-2026-27135	高危	1.68.0-r0	1.68.1	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-03-18 18:16 修改: 2026-05-13 22:16
gnutls	CVE-2026-5260	中危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
curl	CVE-2025-14017	中危	8.17.0-r1	8.19.0-r0	curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
curl	CVE-2026-1965	中危	8.17.0-r1	8.19.0-r0	curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-03-11 11:15 修改: 2026-03-12 14:11
curl	CVE-2026-3783	中危	8.17.0-r1	8.19.0-r0	curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:10
curl	CVE-2026-3784	中危	8.17.0-r1	8.19.0-r0	curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-03-11 11:16 修改: 2026-06-02 14:16
curl	CVE-2026-3805	中危	8.17.0-r1	8.19.0-r0	curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:08
gnutls-utils	CVE-2026-42011	中危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
gnutls-utils	CVE-2026-42012	中危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls-utils	CVE-2026-42013	中危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls-utils	CVE-2026-42014	中危	3.8.12-r0	3.8.13-r0	gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gnutls-utils	CVE-2026-42015	中危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls-utils	CVE-2026-5260	中危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42011	中危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
libcrypto3	CVE-2026-34182	中危	3.5.6-r0	3.5.7-r0	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libcrypto3	CVE-2026-34183	中危	3.5.6-r0	3.5.7-r0	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 16:17
libcrypto3	CVE-2026-42764	中危	3.5.6-r0	3.5.7-r0	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-45445	中危	3.5.6-r0	3.5.7-r0	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcurl	CVE-2025-14017	中危	8.17.0-r1	8.19.0-r0	curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
libcurl	CVE-2026-1965	中危	8.17.0-r1	8.19.0-r0	curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-03-11 11:15 修改: 2026-03-12 14:11
libcurl	CVE-2026-3783	中危	8.17.0-r1	8.19.0-r0	curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:10
libcurl	CVE-2026-3784	中危	8.17.0-r1	8.19.0-r0	curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-03-11 11:16 修改: 2026-06-02 14:16
libcurl	CVE-2026-3805	中危	8.17.0-r1	8.19.0-r0	curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:08
gnutls	CVE-2026-42012	中危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42013	中危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libssl3	CVE-2026-34182	中危	3.5.6-r0	3.5.7-r0	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libssl3	CVE-2026-34183	中危	3.5.6-r0	3.5.7-r0	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 16:17
libssl3	CVE-2026-42764	中危	3.5.6-r0	3.5.7-r0	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-45445	中危	3.5.6-r0	3.5.7-r0	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
gnutls	CVE-2026-42014	中危	3.8.12-r0	3.8.13-r0	gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gnutls	CVE-2026-42015	中危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
xz-libs	CVE-2026-34743	中危	5.8.2-r0	5.8.3-r0	xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libcrypto3	CVE-2026-7383	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-9076	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
gnutls-utils	CVE-2026-5419	低危	3.8.12-r0	3.8.13-r0	guntls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-06-01 21:16 修改: 2026-06-02 17:16
gnutls	CVE-2026-5419	低危	3.8.12-r0	3.8.13-r0	guntls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-06-01 21:16 修改: 2026-06-02 17:16
curl	CVE-2025-14819	低危	8.17.0-r1	8.19.0-r0	curl: libcurl: Improper certificate validation due to cached TLS settings reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:51
curl	CVE-2025-14524	低危	8.17.0-r1	8.19.0-r0	curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
gnutls	CVE-2026-3832	低危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-04-30 18:16 修改: 2026-06-02 17:16
libcurl	CVE-2025-14524	低危	8.17.0-r1	8.19.0-r0	curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
libcurl	CVE-2025-14819	低危	8.17.0-r1	8.19.0-r0	curl: libcurl: Improper certificate validation due to cached TLS settings reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819 镜像层: sha256:e67b8a32d7aca2a481d02e5780686d5f8847e49c24965ed34b9bb41d6d9959a2 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:51
gnutls-utils	CVE-2026-3832	低危	3.8.12-r0	3.8.13-r0	gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832 镜像层: sha256:18bc412156e7143a2dedebf9b52bd0aa7afd22349440ec53e8c68cd7f0b40445 发布日期: 2026-04-30 18:16 修改: 2026-06-02 17:16
libcrypto3	CVE-2026-34180	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-34181	低危	3.5.6-r0	3.5.7-r0	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libcrypto3	CVE-2026-42766	低危	3.5.6-r0	3.5.7-r0	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42767	低危	3.5.6-r0	3.5.7-r0	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42768	低危	3.5.6-r0	3.5.7-r0	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-34180	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-34181	低危	3.5.6-r0	3.5.7-r0	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libssl3	CVE-2026-42766	低危	3.5.6-r0	3.5.7-r0	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42767	低危	3.5.6-r0	3.5.7-r0	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42768	低危	3.5.6-r0	3.5.7-r0	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42769	低危	3.5.6-r0	3.5.7-r0	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-42770	低危	3.5.6-r0	3.5.7-r0	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-45446	低危	3.5.6-r0	3.5.7-r0	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-7383	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3	CVE-2026-9076	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42769	低危	3.5.6-r0	3.5.7-r0	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-42770	低危	3.5.6-r0	3.5.7-r0	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libcrypto3	CVE-2026-45446	低危	3.5.6-r0	3.5.7-r0	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:a8d26d037006414043b277ecb95287692d0960219289d9e27b0bcea0ce233b02 发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16

Python (python-pkg)

低危漏洞:0

中危漏洞:6

高危漏洞:4

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
ecdsa	CVE-2024-23342	高危	0.19.2		python-ecdsa: vulnerable to the Minerva attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23342 镜像层: sha256:dfcb704028255af5b88a5fe35ea4740fc92d63cdd984862cf7fb4e9087e5b174 发布日期: 2024-01-23 00:15 修改: 2025-08-26 21:33
python-multipart	CVE-2026-42561	高危	0.0.26	0.0.27	Python-Multipart is a streaming multipart parser for Python. Prior to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42561 镜像层: sha256:dfcb704028255af5b88a5fe35ea4740fc92d63cdd984862cf7fb4e9087e5b174 发布日期: 2026-05-13 21:16 修改: 2026-05-14 17:00
urllib3	CVE-2026-44431	高危	2.6.3	2.7.0	urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44431 镜像层: sha256:dfcb704028255af5b88a5fe35ea4740fc92d63cdd984862cf7fb4e9087e5b174 发布日期: 2026-05-13 16:16 修改: 2026-05-14 13:56
urllib3	CVE-2026-44432	高危	2.6.3	2.7.0	urllib3: urllib3: Denial of Service due to excessive HTTP response decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44432 镜像层: sha256:dfcb704028255af5b88a5fe35ea4740fc92d63cdd984862cf7fb4e9087e5b174 发布日期: 2026-05-13 16:16 修改: 2026-05-14 13:49
idna	CVE-2026-45409	中危	3.11	3.15	Internationalized Domain Names in Applications (IDNA) for Python provi ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45409 镜像层: sha256:dfcb704028255af5b88a5fe35ea4740fc92d63cdd984862cf7fb4e9087e5b174 发布日期: 2026-06-05 23:16 修改: 2026-06-08 15:02
starlette	CVE-2026-48710	中危	1.0.0	1.0.1	starlette: Starlette: Security restriction bypass via malformed HTTP Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48710 镜像层: sha256:dfcb704028255af5b88a5fe35ea4740fc92d63cdd984862cf7fb4e9087e5b174 发布日期: 2026-05-26 22:16 修改: 2026-06-03 02:14
zeroconf	CVE-2026-47180	中危	0.148.0	0.149.5	zeroconf has unbounded recursion in DNS compression-pointer decoder that allows LAN-local denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47180 镜像层: sha256:dfcb704028255af5b88a5fe35ea4740fc92d63cdd984862cf7fb4e9087e5b174 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
zeroconf	CVE-2026-47183	中危	0.148.0	0.149.6	zeroconf: Unbounded exception-dedup state retains packet buffers via traceback frame locals, enabling LAN-local memory exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47183 镜像层: sha256:dfcb704028255af5b88a5fe35ea4740fc92d63cdd984862cf7fb4e9087e5b174 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
zeroconf	CVE-2026-47184	中危	0.148.0	0.149.7	zeroconf has unbounded DNS record cache that allows LAN-local memory exhaustion via multicast flood 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47184 镜像层: sha256:dfcb704028255af5b88a5fe35ea4740fc92d63cdd984862cf7fb4e9087e5b174 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
zeroconf	CVE-2026-48045	中危	0.148.0	0.149.12	python-zeroconf: Unbounded TC-deferred queue allows LAN-local memory exhaustion via spoofed-source flood 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48045 镜像层: sha256:dfcb704028255af5b88a5fe35ea4740fc92d63cdd984862cf7fb4e9087e5b174 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00