docker.io/oceanbase/seekdb:1.2.0.0-100000232026041319 linux/amd64

docker.io/oceanbase/seekdb:1.2.0.0-100000232026041319 - Trivy安全扫描结果 扫描时间: 2026-05-19 14:04
全部漏洞信息
低危漏洞:6 中危漏洞:122 高危漏洞:76 严重漏洞:2

系统OS: rocky 9.4 扫描引擎: Trivy 扫描时间: 2026-05-19 14:04

docker.io/oceanbase/seekdb:1.2.0.0-100000232026041319 (rocky 9.4) (rocky)
低危漏洞:5 中危漏洞:95 高危漏洞:59 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
expat CVE-2025-59375 高危 2.5.0-2.el9_4 2.5.0-5.el9_7.1 firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-09-15 03:15 修改: 2026-05-12 13:17
glibc CVE-2024-2961 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-04-17 18:15 修改: 2026-05-12 12:16
glibc CVE-2024-33599 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc CVE-2024-33600 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc CVE-2024-33601 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc CVE-2024-33602 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc-common CVE-2024-2961 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-04-17 18:15 修改: 2026-05-12 12:16
glibc-common CVE-2024-33599 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc-common CVE-2024-33600 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc-common CVE-2024-33601 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc-common CVE-2024-33602 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc-minimal-langpack CVE-2024-2961 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-04-17 18:15 修改: 2026-05-12 12:16
glibc-minimal-langpack CVE-2024-33599 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc-minimal-langpack CVE-2024-33600 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc-minimal-langpack CVE-2024-33601 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
glibc-minimal-langpack CVE-2024-33602 高危 2.34-100.el9 2.34-100.el9_4.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
gnupg2 CVE-2025-68973 高危 2.3.3-4.el9 2.3.3-5.el9_7 GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
krb5-libs CVE-2024-3596 高危 1.21.1-1.el9 1.21.1-4.el9_5 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-07-09 12:15 修改: 2026-05-12 12:16
less CVE-2024-32487 高危 590-3.el9_3 590-4.el9_4 less: OS command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32487

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-04-13 15:15 修改: 2025-06-17 20:58
libarchive CVE-2025-5914 高危 3.5.3-4.el9.0.1 3.5.3-6.el9_6 libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5914

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-09 20:15 修改: 2026-02-05 20:15
libarchive CVE-2026-4111 高危 3.5.3-4.el9.0.1 3.5.3-7.el9_7 libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4111

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-03-13 19:55 修改: 2026-05-12 10:16
libarchive CVE-2026-4424 高危 3.5.3-4.el9.0.1 3.5.3-9.el9_7 libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4424

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-03-19 15:16 修改: 2026-05-12 10:16
libarchive CVE-2026-5121 高危 3.5.3-4.el9.0.1 3.5.3-9.el9_7 libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5121

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-03-30 08:16 修改: 2026-05-12 10:16
libcap CVE-2026-4878 高危 2.48-9.el9_2 2.48-10.el9_7.1 libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-04-09 16:16 修改: 2026-05-07 22:16
libnghttp2 CVE-2026-27135 高危 1.43.0-5.el9_3.1 1.43.0-6.el9_7.1 nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-03-18 18:16 修改: 2026-03-23 17:51
libxml2 CVE-2024-56171 高危 2.9.13-6.el9_4 2.9.13-6.el9_5.2 libxml2: Use-After-Free in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56171

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-02-18 22:15 修改: 2025-11-03 21:17
libxml2 CVE-2025-24928 高危 2.9.13-6.el9_4 2.9.13-6.el9_5.2 libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24928

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-02-18 23:15 修改: 2025-11-03 22:18
libxml2 CVE-2025-49794 高危 2.9.13-6.el9_4 2.9.13-10.el9_6 libxml: Heap use after free (UAF) leads to Denial of service (DoS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49794

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-16 16:15 修改: 2026-05-12 13:17
libxml2 CVE-2025-49796 高危 2.9.13-6.el9_4 2.9.13-10.el9_6 libxml: Type confusion leads to Denial of service (DoS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49796

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-16 16:15 修改: 2026-05-12 13:17
libxml2 CVE-2025-6021 高危 2.9.13-6.el9_4 2.9.13-10.el9_6 libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6021

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-12 13:15 修改: 2026-05-12 13:17
libxml2 CVE-2025-7425 高危 2.9.13-6.el9_4 2.9.13-11.el9_6 libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-10 14:15 修改: 2026-05-12 13:17
pam CVE-2024-10963 高危 1.5.1-19.el9 1.5.1-22.el9_5 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-11-07 16:15 修改: 2026-04-15 00:35
pam CVE-2025-6020 高危 1.5.1-19.el9 1.5.1-26.el9_6 linux-pam: Linux-pam directory Traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
pam CVE-2025-8941 高危 1.5.1-19.el9 1.5.1-26.el9_6 linux-pam: Incomplete fix for CVE-2025-6020

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8941

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-08-13 15:15 修改: 2026-04-15 00:35
python3 CVE-2023-6597 高危 3.9.18-3.el9 3.9.18-3.el9_4.1 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
python3 CVE-2024-0450 高危 3.9.18-3.el9 3.9.18-3.el9_4.1 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
python3 CVE-2024-12718 高危 3.9.18-3.el9 3.9.21-2.el9_6.1 cpython: python: Bypass extraction filter to modify file metadata outside extraction directory

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3 CVE-2025-4138 高危 3.9.18-3.el9 3.9.21-2.el9_6.1 cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3 CVE-2025-4330 高危 3.9.18-3.el9 3.9.21-2.el9_6.1 cpython: python: Extraction filter bypass for linking outside extraction directory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3 CVE-2025-4435 高危 3.9.18-3.el9 3.9.21-2.el9_6.1 cpython: Tarfile extracts filtered members when errorlevel=0

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3 CVE-2025-4517 高危 3.9.18-3.el9 3.9.21-2.el9_6.1 python: cpython: Arbitrary writes via tarfile realpath overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3 CVE-2026-4519 高危 3.9.18-3.el9 3.9.25-3.el9_7.2 python: Python: Command-line option injection in webbrowser.open() via crafted URLs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-03-20 15:16 修改: 2026-04-16 14:53
python3 CVE-2026-4786 高危 3.9.18-3.el9 3.9.25-3.el9_7.3 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-04-13 22:16 修改: 2026-04-29 16:16
python3 CVE-2026-6100 高危 3.9.18-3.el9 3.9.25-3.el9_7.3 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-04-13 18:16 修改: 2026-04-17 15:18
python3-libs CVE-2023-6597 高危 3.9.18-3.el9 3.9.18-3.el9_4.1 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
python3-libs CVE-2024-0450 高危 3.9.18-3.el9 3.9.18-3.el9_4.1 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
python3-libs CVE-2024-12718 高危 3.9.18-3.el9 3.9.21-2.el9_6.1 cpython: python: Bypass extraction filter to modify file metadata outside extraction directory

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3-libs CVE-2025-4138 高危 3.9.18-3.el9 3.9.21-2.el9_6.1 cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3-libs CVE-2025-4330 高危 3.9.18-3.el9 3.9.21-2.el9_6.1 cpython: python: Extraction filter bypass for linking outside extraction directory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3-libs CVE-2025-4435 高危 3.9.18-3.el9 3.9.21-2.el9_6.1 cpython: Tarfile extracts filtered members when errorlevel=0

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3-libs CVE-2025-4517 高危 3.9.18-3.el9 3.9.21-2.el9_6.1 python: cpython: Arbitrary writes via tarfile realpath overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3-libs CVE-2026-4519 高危 3.9.18-3.el9 3.9.25-3.el9_7.2 python: Python: Command-line option injection in webbrowser.open() via crafted URLs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-03-20 15:16 修改: 2026-04-16 14:53
python3-libs CVE-2026-4786 高危 3.9.18-3.el9 3.9.25-3.el9_7.3 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-04-13 22:16 修改: 2026-04-29 16:16
python3-libs CVE-2026-6100 高危 3.9.18-3.el9 3.9.25-3.el9_7.3 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-04-13 18:16 修改: 2026-04-17 15:18
sqlite-libs CVE-2025-6965 高危 3.34.1-7.el9_3 3.34.1-9.el9_7 sqlite: Integer Truncation in SQLite

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6965

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-15 14:15 修改: 2026-04-14 10:16
vim-minimal CVE-2026-28417 高危 2:8.2.2637-20.el9_1 2:8.2.2637-23.el9_7.2 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28417

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-02-27 22:16 修改: 2026-03-03 17:50
vim-minimal CVE-2026-28421 高危 2:8.2.2637-20.el9_1 2:8.2.2637-23.el9_7.2 vim: Vim: Denial of service and information disclosure via crafted swap file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28421

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-02-27 22:16 修改: 2026-03-04 20:47
vim-minimal CVE-2026-33412 高危 2:8.2.2637-20.el9_1 2:8.2.2637-23.el9_7.2 vim: Vim: Arbitrary code execution via command injection in glob() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33412

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-03-24 20:16 修改: 2026-03-25 21:59
vim-minimal CVE-2026-34982 高危 2:8.2.2637-20.el9_1 2:8.2.2637-23.el9_7.3 vim: arbitrary command execution via modeline sandbox bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34982

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:10
expat CVE-2024-45490 中危 2.5.0-2.el9_4 2.5.0-2.el9_4.1 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
krb5-libs CVE-2025-24528 中危 1.21.1-1.el9 1.21.1-6.el9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
krb5-libs CVE-2025-3576 中危 1.21.1-1.el9 1.21.1-8.el9_6 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
glibc CVE-2025-0395 中危 2.34-100.el9 2.34-125.el9_5.8 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
glibc CVE-2025-15281 中危 2.34-100.el9 2.34-231.el9_7.10 glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
glibc CVE-2025-4802 中危 2.34-100.el9 2.34-168.el9_6.19 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
glibc CVE-2025-5702 中危 2.34-100.el9 2.34-168.el9_6.20 glibc: Vector register overwrite bug in glibc

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5702

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-05 19:15 修改: 2025-10-01 15:37
glibc CVE-2025-8058 中危 2.34-100.el9 2.34-168.el9_6.23 glibc: Double free in glibc

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
libarchive CVE-2025-25724 中危 3.5.3-4.el9.0.1 3.5.3-5.el9_6 libarchive: Buffer Overflow vulnerability in libarchive

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25724

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-03-02 02:15 修改: 2025-07-17 15:56
libblkid CVE-2025-14104 中危 2.37.4-18.el9 2.37.4-21.el9 util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
glibc CVE-2026-0861 中危 2.34-100.el9 2.34-231.el9_7.10 glibc: Integer overflow in memalign leads to heap corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
libcurl-minimal CVE-2025-9086 中危 7.76.1-29.el9_4 7.76.1-35.el9_7.3 curl: libcurl: Curl out of bounds read for cookie path

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-09-12 06:15 修改: 2026-01-20 14:58
libfdisk CVE-2025-14104 中危 2.37.4-18.el9 2.37.4-21.el9 util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
libgcc CVE-2020-11023 中危 11.4.1-3.el9 11.5.0-5.el9_5 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2020-04-29 21:15 修改: 2025-11-07 19:32
libgcrypt CVE-2024-2236 中危 1.10.0-10.el9_2 1.10.0-11.el9 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
libgomp CVE-2020-11023 中危 11.4.1-3.el9 11.5.0-5.el9_5 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2020-04-29 21:15 修改: 2025-11-07 19:32
libmount CVE-2025-14104 中危 2.37.4-18.el9 2.37.4-21.el9 util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
glibc CVE-2026-0915 中危 2.34-100.el9 2.34-231.el9_7.10 glibc: glibc: Information disclosure via zero-valued network query

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
libnghttp2 CVE-2024-28182 中危 1.43.0-5.el9_3.1 1.43.0-5.el9_4.3 nghttp2: CONTINUATION frames DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-04-04 15:15 修改: 2025-11-04 19:17
libsmartcols CVE-2025-14104 中危 2.37.4-18.el9 2.37.4-21.el9 util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
libstdc++ CVE-2020-11023 中危 11.4.1-3.el9 11.5.0-5.el9_5 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2020-04-29 21:15 修改: 2025-11-07 19:32
libtasn1 CVE-2024-12133 中危 4.16.0-8.el9_1 4.16.0-9.el9 libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-02-10 16:15 修改: 2026-05-12 12:16
libuuid CVE-2025-14104 中危 2.37.4-18.el9 2.37.4-21.el9 util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
expat CVE-2024-45491 中危 2.5.0-2.el9_4 2.5.0-2.el9_4.1 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
expat CVE-2024-45492 中危 2.5.0-2.el9_4 2.5.0-2.el9_4.1 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
expat CVE-2024-8176 中危 2.5.0-2.el9_4 2.5.0-5.el9_6 libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8176

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-03-14 09:15 修改: 2026-04-15 00:35
glib2 CVE-2024-34397 中危 2.68.4-14.el9 2.68.4-14.el9_4.1 glib2: Signal subscription vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-05-07 18:15 修改: 2026-05-12 12:16
glib2 CVE-2024-52533 中危 2.68.4-14.el9 2.68.4-16.el9_6.2 glib: buffer overflow in set_connect_msg()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52533

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-11-11 23:15 修改: 2025-06-17 01:23
glibc-common CVE-2025-0395 中危 2.34-100.el9 2.34-125.el9_5.8 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
libxml2 CVE-2025-32414 中危 2.9.13-6.el9_4 2.9.13-12.el9_6 libxml2: Out-of-Bounds Read in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-04-08 03:15 修改: 2025-11-03 20:18
libxml2 CVE-2025-32415 中危 2.9.13-6.el9_4 2.9.13-12.el9_6 libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-04-17 17:15 修改: 2025-11-03 20:18
libxml2 CVE-2025-9714 中危 2.9.13-6.el9_4 2.9.13-14.el9_7 libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9714

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-09-10 19:15 修改: 2026-05-12 13:17
glibc-common CVE-2025-15281 中危 2.34-100.el9 2.34-231.el9_7.10 glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
glibc-common CVE-2025-4802 中危 2.34-100.el9 2.34-168.el9_6.19 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
glibc-common CVE-2025-5702 中危 2.34-100.el9 2.34-168.el9_6.20 glibc: Vector register overwrite bug in glibc

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5702

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-05 19:15 修改: 2025-10-01 15:37
glibc-common CVE-2025-8058 中危 2.34-100.el9 2.34-168.el9_6.23 glibc: Double free in glibc

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
glibc-common CVE-2026-0861 中危 2.34-100.el9 2.34-231.el9_7.10 glibc: Integer overflow in memalign leads to heap corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
glibc-common CVE-2026-0915 中危 2.34-100.el9 2.34-231.el9_7.10 glibc: glibc: Information disclosure via zero-valued network query

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
glib2 CVE-2025-13601 中危 2.68.4-14.el9 2.68.4-18.el9_7.1 glib: Integer overflow in in g_escape_uri_string()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13601

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-11-26 15:15 修改: 2026-04-19 20:16
glib2 CVE-2025-4373 中危 2.68.4-14.el9 2.68.4-16.el9_6.2 glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4373

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-05-06 15:16 修改: 2026-05-12 13:17
binutils-gold CVE-2025-11083 中危 2.35.2-43.el9 2.35.2-67.el9_7.1 binutils: GNU Binutils Linker heap-based overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11083

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-09-27 23:15 修改: 2026-05-12 13:16
bzip2-libs CVE-2019-12900 中危 1.0.8-8.el9 1.0.8-10.el9_5 bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2019-06-19 23:15 修改: 2025-06-09 16:15
curl-minimal CVE-2025-9086 中危 7.76.1-29.el9_4 7.76.1-35.el9_7.3 curl: libcurl: Curl out of bounds read for cookie path

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-09-12 06:15 修改: 2026-01-20 14:58
glibc-minimal-langpack CVE-2025-0395 中危 2.34-100.el9 2.34-125.el9_5.8 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
glibc-minimal-langpack CVE-2025-15281 中危 2.34-100.el9 2.34-231.el9_7.10 glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
python3 CVE-2024-11168 中危 3.9.18-3.el9 3.9.21-1.el9_5 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-11-12 22:15 修改: 2026-04-15 00:35
python3 CVE-2024-5642 中危 3.9.18-3.el9 3.9.25-2.el9_7 python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-06-27 21:15 修改: 2026-04-15 00:35
python3 CVE-2024-6232 中危 3.9.18-3.el9 3.9.18-3.el9_4.6 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-09-03 13:15 修改: 2025-11-03 23:17
python3 CVE-2024-9287 中危 3.9.18-3.el9 3.9.21-1.el9_5 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-10-22 17:15 修改: 2025-11-03 23:17
python3 CVE-2025-0938 中危 3.9.18-3.el9 3.9.21-2.el9 python: cpython: URL parser allowed square brackets in domain names

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-01-31 18:15 修改: 2026-04-15 00:35
python3 CVE-2025-12084 中危 3.9.18-3.el9 3.9.25-3.el9_7 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
python3 CVE-2025-15366 中危 3.9.18-3.el9 3.9.25-3.el9_7.1 cpython: IMAP command injection in user-controlled commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3 CVE-2025-15367 中危 3.9.18-3.el9 3.9.25-3.el9_7.1 cpython: POP3 command injection in user-controlled commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3 CVE-2025-6069 中危 3.9.18-3.el9 3.9.25-2.el9_7 cpython: Python HTMLParser quadratic complexity

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-17 14:15 修改: 2026-04-15 00:35
python3 CVE-2025-6075 中危 3.9.18-3.el9 3.9.25-2.el9_7 python: Quadratic complexity in os.path.expandvars() with user-controlled template

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-10-31 17:15 修改: 2026-02-04 19:05
python3 CVE-2025-8194 中危 3.9.18-3.el9 3.9.21-2.el9_6.2 cpython: Cpython infinite loop when parsing a tarfile

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-28 19:15 修改: 2026-04-15 00:35
python3 CVE-2025-8291 中危 3.9.18-3.el9 3.9.25-2.el9_7 cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-10-07 18:16 修改: 2026-04-15 00:35
python3 CVE-2026-0865 中危 3.9.18-3.el9 3.9.25-3.el9_7.1 cpython: wsgiref.headers.Headers allows header newline injection in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3 CVE-2026-1299 中危 3.9.18-3.el9 3.9.25-3.el9_7.1 cpython: email header injection due to unquoted newlines

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-23 17:16 修改: 2026-04-15 00:35
glibc-minimal-langpack CVE-2025-4802 中危 2.34-100.el9 2.34-168.el9_6.19 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
glibc-minimal-langpack CVE-2025-5702 中危 2.34-100.el9 2.34-168.el9_6.20 glibc: Vector register overwrite bug in glibc

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5702

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-05 19:15 修改: 2025-10-01 15:37
glibc-minimal-langpack CVE-2025-8058 中危 2.34-100.el9 2.34-168.el9_6.23 glibc: Double free in glibc

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
glibc-minimal-langpack CVE-2026-0861 中危 2.34-100.el9 2.34-231.el9_7.10 glibc: Integer overflow in memalign leads to heap corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
glibc-minimal-langpack CVE-2026-0915 中危 2.34-100.el9 2.34-231.el9_7.10 glibc: glibc: Information disclosure via zero-valued network query

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
binutils CVE-2025-11083 中危 2.35.2-43.el9 2.35.2-67.el9_7.1 binutils: GNU Binutils Linker heap-based overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11083

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-09-27 23:15 修改: 2026-05-12 13:16
gnutls CVE-2024-12243 中危 3.8.3-4.el9_4 3.8.3-6.el9 gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12243

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-02-10 16:15 修改: 2026-05-12 12:16
gnutls CVE-2025-14831 中危 3.8.3-4.el9_4 3.8.3-10.el9_7 gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-02-09 15:16 修改: 2026-05-12 13:16
gnutls CVE-2025-32988 中危 3.8.3-4.el9_4 3.8.3-6.el9_6.2 gnutls: Vulnerability in GnuTLS otherName SAN export

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32988

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-10 08:15 修改: 2026-05-12 13:16
gnutls CVE-2025-32989 中危 3.8.3-4.el9_4 3.8.3-6.el9_6.2 gnutls: Vulnerability in GnuTLS SCT extension parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32989

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-10 08:15 修改: 2026-05-12 13:16
python3-libs CVE-2024-11168 中危 3.9.18-3.el9 3.9.21-1.el9_5 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-11-12 22:15 修改: 2026-04-15 00:35
python3-libs CVE-2024-5642 中危 3.9.18-3.el9 3.9.25-2.el9_7 python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-06-27 21:15 修改: 2026-04-15 00:35
python3-libs CVE-2024-6232 中危 3.9.18-3.el9 3.9.18-3.el9_4.6 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-09-03 13:15 修改: 2025-11-03 23:17
python3-libs CVE-2024-9287 中危 3.9.18-3.el9 3.9.21-1.el9_5 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-10-22 17:15 修改: 2025-11-03 23:17
python3-libs CVE-2025-0938 中危 3.9.18-3.el9 3.9.21-2.el9 python: cpython: URL parser allowed square brackets in domain names

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-01-31 18:15 修改: 2026-04-15 00:35
python3-libs CVE-2025-12084 中危 3.9.18-3.el9 3.9.25-3.el9_7 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
python3-libs CVE-2025-15366 中危 3.9.18-3.el9 3.9.25-3.el9_7.1 cpython: IMAP command injection in user-controlled commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3-libs CVE-2025-15367 中危 3.9.18-3.el9 3.9.25-3.el9_7.1 cpython: POP3 command injection in user-controlled commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3-libs CVE-2025-6069 中危 3.9.18-3.el9 3.9.25-2.el9_7 cpython: Python HTMLParser quadratic complexity

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-06-17 14:15 修改: 2026-04-15 00:35
python3-libs CVE-2025-6075 中危 3.9.18-3.el9 3.9.25-2.el9_7 python: Quadratic complexity in os.path.expandvars() with user-controlled template

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-10-31 17:15 修改: 2026-02-04 19:05
python3-libs CVE-2025-8194 中危 3.9.18-3.el9 3.9.21-2.el9_6.2 cpython: Cpython infinite loop when parsing a tarfile

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-28 19:15 修改: 2026-04-15 00:35
python3-libs CVE-2025-8291 中危 3.9.18-3.el9 3.9.25-2.el9_7 cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-10-07 18:16 修改: 2026-04-15 00:35
python3-libs CVE-2026-0865 中危 3.9.18-3.el9 3.9.25-3.el9_7.1 cpython: wsgiref.headers.Headers allows header newline injection in Python

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3-libs CVE-2026-1299 中危 3.9.18-3.el9 3.9.25-3.el9_7.1 cpython: email header injection due to unquoted newlines

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-23 17:16 修改: 2026-04-15 00:35
python3-setuptools-wheel CVE-2025-47273 中危 53.0.0-12.el9 53.0.0-13.el9_6.1 setuptools: Path Traversal Vulnerability in setuptools PackageIndex

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47273

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-05-17 16:15 修改: 2025-06-12 16:29
gnutls CVE-2025-32990 中危 3.8.3-4.el9_4 3.8.3-6.el9_6.2 gnutls: Vulnerability in GnuTLS certtool template parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32990

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-10 10:15 修改: 2026-04-20 22:16
tar CVE-2025-45582 中危 2:1.34-6.el9_1 2:1.34-9.el9_7 tar: Tar path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
util-linux CVE-2025-14104 中危 2.37.4-18.el9 2.37.4-21.el9 util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
util-linux-core CVE-2025-14104 中危 2.37.4-18.el9 2.37.4-21.el9 util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
gnutls CVE-2025-6395 中危 3.8.3-4.el9_4 3.8.3-6.el9_6.2 gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6395

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-10 16:15 修改: 2026-05-12 13:17
gnutls CVE-2025-9820 中危 3.8.3-4.el9_4 3.8.3-10.el9_7 gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-01-26 20:16 修改: 2026-05-12 13:17
iputils CVE-2025-47268 中危 20210202-9.el9 20210202-11.el9_6.1 iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47268

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-05-05 14:15 修改: 2026-04-06 14:12
iputils CVE-2025-48964 中危 20210202-9.el9 20210202-11.el9_6.3 iputils: iputils integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48964

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-22 18:15 修改: 2026-04-15 00:35
vim-minimal CVE-2025-53905 中危 2:8.2.2637-20.el9_1 2:8.2.2637-23.el9_7 vim: Vim path traversial

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53905

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-15 21:15 修改: 2025-11-04 22:16
vim-minimal CVE-2025-53906 中危 2:8.2.2637-20.el9_1 2:8.2.2637-23.el9_7 vim: Vim path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53906

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2025-07-15 21:15 修改: 2026-04-01 19:16
vim-minimal CVE-2026-25749 中危 2:8.2.2637-20.el9_1 2:8.2.2637-23.el9_7.1 vim: Vim: Arbitrary code execution via 'helpfile' option processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25749

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2026-02-06 23:15 修改: 2026-02-20 15:45
shadow-utils CVE-2024-56433 低危 2:4.9-8.el9 2:4.9-15.el9 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
ncurses-base CVE-2022-29458 低危 6.2-10.20210508.el9 6.2-10.20210508.el9_6.2 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
ncurses-libs CVE-2022-29458 低危 6.2-10.20210508.el9 6.2-10.20210508.el9_6.2 ncurses: segfaulting OOB read

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
vim-minimal CVE-2021-3903 低危 2:8.2.2637-20.el9_1 2:8.2.2637-21.el9 vim: heap-based buffer overflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3903

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2021-10-27 21:15 修改: 2024-11-21 06:22
vim-minimal CVE-2023-4752 低危 2:8.2.2637-20.el9_1 2:8.2.2637-22.el9_6 vim: use-after-free in function ins_compl_get_exp in vim/vim

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4752

镜像层: sha256:fec7c6b4fbb04c2752aa8d1306e39addbe9347d2e1a74ee1bb16bd7909f900b4

发布日期: 2023-09-04 14:15 修改: 2025-11-03 21:16
usr/bin/obshell (gobinary)
低危漏洞:1 中危漏洞:27 高危漏洞:17 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
google.golang.org/grpc CVE-2026-33186 严重 v1.63.2 1.79.3 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-03-20 23:16 修改: 2026-04-10 20:49
stdlib CVE-2025-68121 严重 v1.24.1 1.24.13, 1.25.7, 1.26.0-rc.3 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
github.com/prometheus/prometheus CVE-2026-42151 高危 v0.52.0 0.311.3 Prometheus is an open-source monitoring system and time series databas ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42151

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-04 19:16 修改: 2026-05-11 17:22
github.com/prometheus/prometheus CVE-2026-42154 高危 v0.52.0 0.311.3 Prometheus is an open-source monitoring system and time series databas ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42154

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-04 19:16 修改: 2026-05-11 17:22
stdlib CVE-2025-22874 高危 v1.24.1 1.24.4 crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22874

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-06-11 17:15 修改: 2026-04-15 00:35
stdlib CVE-2025-47907 高危 v1.24.1 1.23.12, 1.24.6 database/sql: Postgres Scan Race Condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47907

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-08-07 16:15 修改: 2026-01-29 19:11
stdlib CVE-2025-58183 高危 v1.24.1 1.24.8, 1.25.2 golang: archive/tar: Unbounded allocation when parsing GNU sparse map

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-10-29 23:16 修改: 2026-04-15 00:35
stdlib CVE-2025-61726 高危 v1.24.1 1.24.12, 1.25.6 golang: net/url: Memory exhaustion in query parameter parsing in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib CVE-2025-61728 高危 v1.24.1 1.24.12, 1.25.6 golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib CVE-2025-61729 高危 v1.24.1 1.24.11, 1.25.5 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-12-02 19:15 修改: 2025-12-19 18:25
stdlib CVE-2026-25679 高危 v1.24.1 1.25.8, 1.26.1 net/url: Incorrect parsing of IPv6 host literals in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib CVE-2026-32280 高危 v1.24.1 1.25.9, 1.26.2 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib CVE-2026-32281 高危 v1.24.1 1.25.9, 1.26.2 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib CVE-2026-32283 高危 v1.24.1 1.25.9, 1.26.2 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib CVE-2026-33811 高危 v1.24.1 1.25.10, 1.26.3 When using LookupCNAME with the cgo DNS resolver, a very long CNAME re ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib CVE-2026-33814 高危 v1.24.1 1.25.10, 1.26.3 When processing HTTP/2 SETTINGS frames, transport will enter an infini ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-07 20:16 修改: 2026-05-08 19:16
stdlib CVE-2026-39820 高危 v1.24.1 1.25.10, 1.26.3 Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16
stdlib CVE-2026-39836 高危 v1.24.1 1.25.10, 1.26.3 Panic in Dial and LookupPort when handling NUL byte on Windows in net

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
stdlib CVE-2026-42499 高危 v1.24.1 1.25.10, 1.26.3 Pathological inputs could cause DoS through consumePhrase when parsing ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
github.com/prometheus/prometheus GHSA-fw8g-cg8f-9j28 中危 v0.52.0 0.311.3 Prometheus vulnerable to stored XSS via crafted histogram bucket label values in the old web UI heatmap display

漏洞详情: https://github.com/advisories/GHSA-fw8g-cg8f-9j28

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-05 21:53 修改: 2026-05-08 16:52
golang.org/x/crypto CVE-2025-47914 中危 v0.36.0 0.45.0 golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47914

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:36
golang.org/x/crypto CVE-2025-58181 中危 v0.36.0 0.45.0 golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58181

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:29
github.com/prometheus/prometheus CVE-2026-40179 中危 v0.52.0 0.311.2-0.20260410083055-07c6232d159b Prometheus has Stored XSS via metric names and label values in Prometheus web UI tooltips and metrics explorer

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40179

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-04-15 23:16 修改: 2026-04-22 20:04
stdlib CVE-2025-0913 中危 v1.24.1 1.23.10, 1.24.4 Inconsistent handling of O_CREATE|O_EXCL on Unix and Windows in os in syscall

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0913

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-06-11 18:15 修改: 2025-08-08 14:53
stdlib CVE-2025-22871 中危 v1.24.1 1.23.8, 1.24.2 net/http: Request smuggling due to acceptance of invalid chunked data in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22871

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-04-08 20:15 修改: 2026-05-12 13:16
stdlib CVE-2025-22873 中危 v1.24.1 1.23.9, 1.24.3 os: os: Information disclosure via path traversal using specially crafted filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22873

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-02-04 23:15 修改: 2026-02-10 15:16
stdlib CVE-2025-4673 中危 v1.24.1 1.23.10, 1.24.4 net/http: Sensitive headers not cleared on cross-origin redirect in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4673

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-06-11 17:15 修改: 2026-04-15 00:35
stdlib CVE-2025-47906 中危 v1.24.1 1.23.12, 1.24.6 os/exec: Unexpected paths returned from LookPath in os/exec

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47906

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-09-18 19:15 修改: 2026-01-27 19:56
stdlib CVE-2025-47912 中危 v1.24.1 1.24.8, 1.25.2 net/url: Insufficient validation of bracketed IPv6 hostnames in net/url

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-10-29 23:16 修改: 2026-01-29 13:57
stdlib CVE-2025-58185 中危 v1.24.1 1.24.8, 1.25.2 encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-10-29 23:16 修改: 2026-02-06 20:26
stdlib CVE-2025-58186 中危 v1.24.1 1.24.8, 1.25.2 golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-10-29 23:16 修改: 2026-04-15 00:35
stdlib CVE-2025-58187 中危 v1.24.1 1.24.9, 1.25.3 crypto/x509: Quadratic complexity when checking name constraints in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-10-29 23:16 修改: 2026-01-29 16:02
stdlib CVE-2025-58188 中危 v1.24.1 1.24.8, 1.25.2 crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-10-29 23:16 修改: 2026-01-29 15:55
stdlib CVE-2025-58189 中危 v1.24.1 1.24.8, 1.25.2 crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-10-29 23:16 修改: 2026-01-29 15:49
stdlib CVE-2025-61723 中危 v1.24.1 1.24.8, 1.25.2 encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-10-29 23:16 修改: 2026-01-29 15:49
stdlib CVE-2025-61724 中危 v1.24.1 1.24.8, 1.25.2 net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-10-29 23:16 修改: 2026-01-29 15:30
stdlib CVE-2025-61725 中危 v1.24.1 1.24.8, 1.25.2 net/mail: Excessive CPU consumption in ParseAddress in net/mail

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-10-29 23:16 修改: 2026-04-15 00:35
stdlib CVE-2025-61727 中危 v1.24.1 1.24.11, 1.25.5 golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2025-12-03 20:16 修改: 2025-12-18 20:15
stdlib CVE-2025-61730 中危 v1.24.1 1.24.12, 1.25.6 During the TLS 1.3 handshake if multiple messages are sent in records ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib CVE-2026-27142 中危 v1.24.1 1.25.8, 1.26.1 html/template: URLs in meta content attribute actions are not escaped in html/template

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib CVE-2026-32282 中危 v1.24.1 1.25.9, 1.26.2 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib CVE-2026-32288 中危 v1.24.1 1.25.9, 1.26.2 archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib CVE-2026-32289 中危 v1.24.1 1.25.9, 1.26.2 html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib CVE-2026-39823 中危 v1.24.1 1.25.10, 1.26.3 CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16
stdlib CVE-2026-39825 中危 v1.24.1 1.25.10, 1.26.3 ReverseProxy can forward queries containing parameters not visible to ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-07 20:16 修改: 2026-05-08 22:16
stdlib CVE-2026-39826 中危 v1.24.1 1.25.10, 1.26.3 If a trusted template author were to write a <script> tag containing a ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-05-07 20:16 修改: 2026-05-08 15:16
stdlib CVE-2026-27139 低危 v1.24.1 1.25.8, 1.26.1 os: FileInfo can escape from a Root in golang os module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139

镜像层: sha256:4e4ee7e51e346589f5003396204c41db6ee34e4e68a933abd061f4d877f6e9ea

发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32