| bsdutils |
CVE-2026-27456 |
中危 |
1:2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libblkid1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libc-bin |
CVE-2026-4046 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| libc-bin |
CVE-2026-4437 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
|
| libc-bin |
CVE-2026-4438 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
|
| libc-bin |
CVE-2026-5435 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
|
| libc-bin |
CVE-2026-6238 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
|
| libc6 |
CVE-2026-4046 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| libc6 |
CVE-2026-4437 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
|
| libc6 |
CVE-2026-4438 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
|
| libc6 |
CVE-2026-5435 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
|
| libc6 |
CVE-2026-6238 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
|
| libexpat1 |
CVE-2025-66382 |
中危 |
2.6.1-2ubuntu0.4 |
|
libexpat: libexpat: Denial of service via crafted file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2025-11-28 07:15 修改: 2026-06-02 14:16
|
| libgcrypt20 |
CVE-2026-41989 |
中危 |
1.10.3-2build1 |
1.10.3-2ubuntu0.1 |
Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
|
| libgnutls30t64 |
CVE-2026-33845 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-33846 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-3832 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-30 18:16 修改: 2026-06-02 17:16
|
| libgnutls30t64 |
CVE-2026-3833 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-42009 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-18 13:16 修改: 2026-06-08 17:16
|
| libgnutls30t64 |
CVE-2026-42010 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Authentication Bypass via NUL Character in Username
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-07 12:16 修改: 2026-06-10 16:17
|
| libgnutls30t64 |
CVE-2026-42011 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Security bypass due to incorrect name constraint handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-42012 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-42013 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-42014 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-06-16 02:16 修改: 2026-06-16 15:26
|
| libgnutls30t64 |
CVE-2026-42015 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-5260 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-5419 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
guntls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-06-01 21:16 修改: 2026-06-02 17:16
|
| libmount1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libnode-dev |
CVE-2024-22018 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: fs.lstat bypasses permission model
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22018
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-07-10 02:15 修改: 2026-04-15 00:35
|
| libnode-dev |
CVE-2024-22020 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: Bypass network import restriction via data URL
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22020
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-07-09 02:15 修改: 2026-04-15 00:35
|
| libnode-dev |
CVE-2024-27982 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: HTTP Request Smuggling via Content Length Obfuscation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27982
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-05-07 17:15 修改: 2026-04-15 00:35
|
| libnode-dev |
CVE-2024-27983 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: CONTINUATION frames DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27983
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-04-09 01:15 修改: 2026-04-15 00:35
|
| libnode-dev |
CVE-2025-23085 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23085
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2025-02-07 07:15 修改: 2026-04-15 00:35
|
| libnode-dev |
CVE-2025-23166 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23166
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2025-05-19 02:15 修改: 2026-04-15 00:35
|
| libnode109 |
CVE-2024-22018 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: fs.lstat bypasses permission model
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22018
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-07-10 02:15 修改: 2026-04-15 00:35
|
| libnode109 |
CVE-2024-22020 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: Bypass network import restriction via data URL
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22020
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-07-09 02:15 修改: 2026-04-15 00:35
|
| libnode109 |
CVE-2024-27982 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: HTTP Request Smuggling via Content Length Obfuscation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27982
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-05-07 17:15 修改: 2026-04-15 00:35
|
| libnode109 |
CVE-2024-27983 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: CONTINUATION frames DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27983
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-04-09 01:15 修改: 2026-04-15 00:35
|
| libnode109 |
CVE-2025-23085 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23085
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2025-02-07 07:15 修改: 2026-04-15 00:35
|
| libnode109 |
CVE-2025-23166 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23166
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2025-05-19 02:15 修改: 2026-04-15 00:35
|
| libopenjp2-7 |
CVE-2023-39328 |
中危 |
2.5.0-2ubuntu0.5 |
|
openjpeg: denail of service via crafted image file
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39328
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-07-09 14:15 修改: 2025-08-18 16:45
|
| libopenjp2-7 |
CVE-2023-39329 |
中危 |
2.5.0-2ubuntu0.5 |
|
openjpeg: Resource exhaustion will occur in the opj_t1_decode_cblks function in the tcd.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39329
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-07-13 03:15 修改: 2026-03-09 19:15
|
| libpixman-1-0 |
CVE-2023-37769 |
中危 |
0.42.2-1build1 |
|
stress-test master commit e4c878 was discovered to contain a FPE vulne ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37769
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2023-07-17 20:15 修改: 2024-11-21 08:12
|
| libpython3.12-minimal |
CVE-2025-13462 |
中危 |
3.12.3-1ubuntu0.13 |
|
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
|
| libpython3.12-minimal |
CVE-2026-2297 |
中危 |
3.12.3-1ubuntu0.13 |
|
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
|
| libpython3.12-stdlib |
CVE-2025-13462 |
中危 |
3.12.3-1ubuntu0.13 |
|
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
|
| libpython3.12-stdlib |
CVE-2026-2297 |
中危 |
3.12.3-1ubuntu0.13 |
|
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
|
| libsass1 |
CVE-2017-11555 |
中危 |
3.6.5+20231221-3 |
|
There is an illegal address access in the Eval::operator function in e ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11555
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2017-07-23 03:29 修改: 2025-04-20 01:37
|
| libsass1 |
CVE-2017-11556 |
中危 |
3.6.5+20231221-3 |
|
There is a stack consumption vulnerability in the Parser::advanceToNex ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11556
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2017-07-23 03:29 修改: 2025-04-20 01:37
|
| libsass1 |
CVE-2017-11605 |
中危 |
3.6.5+20231221-3 |
|
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11605
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2017-07-24 07:29 修改: 2025-04-20 01:37
|
| libsmartcols1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libsystemd0 |
CVE-2026-40226 |
中危 |
255.4-1ubuntu8.15 |
255.4-1ubuntu8.16 |
systemd: systemd nspawn: Escape-to-host action via crafted config file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
|
| libudev1 |
CVE-2026-40226 |
中危 |
255.4-1ubuntu8.15 |
255.4-1ubuntu8.16 |
systemd: systemd nspawn: Escape-to-host action via crafted config file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
|
| libuuid1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libxml2 |
CVE-2026-6653 |
中危 |
2.9.14+dfsg-1.3ubuntu3.8 |
|
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6653
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libxslt1.1 |
CVE-2025-10911 |
中危 |
1.1.39-0exp1ubuntu0.24.04.3 |
|
libxslt: use-after-free with key data stored cross-RVT
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10911
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2025-09-25 16:15 修改: 2026-06-16 17:16
|
| libxslt1.1 |
CVE-2025-7425 |
中危 |
1.1.39-0exp1ubuntu0.24.04.3 |
|
libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2025-07-10 14:15 修改: 2026-05-12 13:17
|
| mount |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| node-ini |
CVE-2020-7788 |
中危 |
3.0.1-2 |
|
nodejs-ini: Prototype pollution via malicious INI file
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7788
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2020-12-11 11:15 修改: 2024-11-21 05:37
|
| node-lodash |
CVE-2025-13465 |
中危 |
4.17.21+dfsg+~cs8.31.198.20210220-9 |
|
lodash: prototype pollution in _.unset and _.omit functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13465
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-01-21 20:16 修改: 2026-06-02 14:16
|
| node-lodash |
CVE-2026-2950 |
中危 |
4.17.21+dfsg+~cs8.31.198.20210220-9 |
|
lodash: Lodash: Prototype pollution allows deletion of built-in prototype properties via array path bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2950
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-31 20:16 修改: 2026-04-07 16:12
|
| node-lodash |
CVE-2026-4800 |
中危 |
4.17.21+dfsg+~cs8.31.198.20210220-9 |
|
lodash: lodash: Arbitrary code execution via untrusted input in template imports
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4800
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-31 20:16 修改: 2026-05-01 18:09
|
| node-lodash-packages |
CVE-2025-13465 |
中危 |
4.17.21+dfsg+~cs8.31.198.20210220-9 |
|
lodash: prototype pollution in _.unset and _.omit functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13465
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-01-21 20:16 修改: 2026-06-02 14:16
|
| node-lodash-packages |
CVE-2026-2950 |
中危 |
4.17.21+dfsg+~cs8.31.198.20210220-9 |
|
lodash: Lodash: Prototype pollution allows deletion of built-in prototype properties via array path bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2950
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-31 20:16 修改: 2026-04-07 16:12
|
| node-lodash-packages |
CVE-2026-4800 |
中危 |
4.17.21+dfsg+~cs8.31.198.20210220-9 |
|
lodash: lodash: Arbitrary code execution via untrusted input in template imports
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4800
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-31 20:16 修改: 2026-05-01 18:09
|
| nodejs |
CVE-2024-22018 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: fs.lstat bypasses permission model
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22018
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-07-10 02:15 修改: 2026-04-15 00:35
|
| nodejs |
CVE-2024-22020 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: Bypass network import restriction via data URL
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22020
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-07-09 02:15 修改: 2026-04-15 00:35
|
| nodejs |
CVE-2024-27982 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: HTTP Request Smuggling via Content Length Obfuscation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27982
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-05-07 17:15 修改: 2026-04-15 00:35
|
| nodejs |
CVE-2024-27983 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: CONTINUATION frames DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27983
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-04-09 01:15 修改: 2026-04-15 00:35
|
| nodejs |
CVE-2025-23085 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23085
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2025-02-07 07:15 修改: 2026-04-15 00:35
|
| nodejs |
CVE-2025-23166 |
中危 |
18.19.1+dfsg-6ubuntu5 |
|
nodejs: Remote Crash via SignTraits::DeriveBits() in Node.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23166
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2025-05-19 02:15 修改: 2026-04-15 00:35
|
| npm |
CVE-2021-43616 |
中危 |
9.2.0~ds1-2 |
|
npm: npm ci succeeds when package-lock.json doesn't match package.json
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43616
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2021-11-13 18:15 修改: 2024-11-21 06:29
|
| odoo |
CVE-2020-29396 |
中危 |
19.0.20260619 |
|
CVE-2020-29396 affecting package python3 3.7.9-3
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29396
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2020-12-22 17:15 修改: 2024-11-21 05:23
|
| python3-pip |
CVE-2024-35195 |
中危 |
24.0+dfsg-1ubuntu1.3 |
|
requests: subsequent requests to the same host ignore cert verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35195
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2024-05-20 21:15 修改: 2026-04-15 00:35
|
| python3-pip |
CVE-2025-66418 |
中危 |
24.0+dfsg-1ubuntu1.3 |
|
urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66418
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2025-12-05 16:15 修改: 2025-12-10 16:08
|
| python3-pip |
CVE-2025-66471 |
中危 |
24.0+dfsg-1ubuntu1.3 |
|
urllib3: urllib3 Streaming API improperly handles highly compressed data
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66471
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2025-12-05 17:16 修改: 2025-12-10 16:10
|
| python3-pip |
CVE-2026-21441 |
中危 |
24.0+dfsg-1ubuntu1.3 |
|
urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21441
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-01-07 22:15 修改: 2026-01-23 09:15
|
| python3-wheel |
CVE-2026-24049 |
中危 |
0.42.0-2 |
|
wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24049
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-01-22 05:16 修改: 2026-02-18 14:56
|
| python3.12 |
CVE-2025-13462 |
中危 |
3.12.3-1ubuntu0.13 |
|
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
|
| python3.12 |
CVE-2026-2297 |
中危 |
3.12.3-1ubuntu0.13 |
|
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
|
| python3.12-minimal |
CVE-2025-13462 |
中危 |
3.12.3-1ubuntu0.13 |
|
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
|
| python3.12-minimal |
CVE-2026-2297 |
中危 |
3.12.3-1ubuntu0.13 |
|
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
|
| tar |
CVE-2025-45582 |
中危 |
1.35+dfsg-3build1 |
|
tar: Tar path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
|
| util-linux |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libgcrypt20 |
CVE-2024-2236 |
低危 |
1.10.3-2build1 |
|
libgcrypt: vulnerable to Marvin Attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
|
| libsass1 |
CVE-2017-10687 |
低危 |
3.6.5+20231221-3 |
|
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-10687
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2017-06-29 23:29 修改: 2026-05-13 00:24
|
| login |
CVE-2024-56433 |
低危 |
1:4.13+dfsg1-4ubuntu3.2 |
|
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
|
| libsass1 |
CVE-2017-11341 |
低危 |
3.6.5+20231221-3 |
|
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11341
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2017-07-17 13:18 修改: 2025-04-20 01:37
|
| passwd |
CVE-2024-56433 |
低危 |
1:4.13+dfsg1-4ubuntu3.2 |
|
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
|
| libsass1 |
CVE-2017-11342 |
低危 |
3.6.5+20231221-3 |
|
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11342
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2017-07-17 13:18 修改: 2025-04-20 01:37
|
| libsass1 |
CVE-2017-12962 |
低危 |
3.6.5+20231221-3 |
|
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12962
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2017-08-18 21:29 修改: 2026-05-13 00:24
|
| libsass1 |
CVE-2017-12963 |
低危 |
3.6.5+20231221-3 |
|
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12963
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2017-08-18 21:29 修改: 2026-05-13 00:24
|
| libsass1 |
CVE-2017-12964 |
低危 |
3.6.5+20231221-3 |
|
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12964
镜像层: sha256:58330e9e622203564879362569c1a549956a0e33d265a4d3f64018fd3b561326
发布日期: 2017-08-18 21:29 修改: 2026-05-13 00:24
|
| python3-pip |
CVE-2026-1703 |
低危 |
24.0+dfsg-1ubuntu1.3 |
|
pip: pip: Information disclosure via path traversal when installing crafted wheel archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-02-02 15:16 修改: 2026-04-15 00:35
|
| libcairo2 |
CVE-2017-7475 |
低危 |
1.18.0-3build1 |
|
cairo: NULL pointer dereference with a crafted font file
漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7475
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2017-05-19 20:29 修改: 2026-05-13 00:24
|
| libharfbuzz0b |
CVE-2026-22693 |
低危 |
8.3.0-2build2 |
|
harfbuzz: Null Pointer Dereference in harfbuzz
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22693
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2026-01-10 06:15 修改: 2026-02-18 17:49
|
| libsystemd0 |
CVE-2026-40228 |
低危 |
255.4-1ubuntu8.15 |
|
systemd: systemd-journald: Unintended output to user terminals via logger command
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
|
| libicu74 |
CVE-2025-5222 |
低危 |
74.2-1ubuntu3.1 |
|
icu: Stack buffer overflow in the SRBRoot::addTag function
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5222
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2025-05-27 21:15 修改: 2026-04-23 00:16
|
| libudev1 |
CVE-2026-40228 |
低危 |
255.4-1ubuntu8.15 |
|
systemd: systemd-journald: Unintended output to user terminals via logger command
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
|
| libopenjp2-7 |
CVE-2019-6988 |
低危 |
2.5.0-2ubuntu0.5 |
|
openjpeg: DoS via memory exhaustion in opj_decompress
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6988
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2019-01-28 16:29 修改: 2024-11-21 04:47
|
| libcairo2 |
CVE-2018-18064 |
低危 |
1.18.0-3build1 |
|
cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18064
镜像层: sha256:4e158a922fbc2103293024fa82e8dd8966482fcca7d084affdba3746a88cd6f2
发布日期: 2018-10-08 18:29 修改: 2024-11-21 03:55
|