| bsdutils |
CVE-2026-27456 |
中危 |
1:2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libblkid1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libc-bin |
CVE-2026-4046 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| libc-bin |
CVE-2026-4437 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
|
| libc-bin |
CVE-2026-4438 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
|
| libc-bin |
CVE-2026-5435 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
|
| libc-bin |
CVE-2026-6238 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
|
| libc6 |
CVE-2026-4046 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
|
| libc6 |
CVE-2026-4437 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
|
| libc6 |
CVE-2026-4438 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
|
| libc6 |
CVE-2026-5435 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
|
| libc6 |
CVE-2026-6238 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
|
| libexpat1 |
CVE-2025-66382 |
中危 |
2.6.1-2ubuntu0.4 |
|
libexpat: libexpat: Denial of service via crafted file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382
镜像层: sha256:6536145e8205957b8ec5b68bf3da6494ec99c882f4b12cfa1b0a15185b6ca08e
发布日期: 2025-11-28 07:15 修改: 2026-06-02 14:16
|
| libgcrypt20 |
CVE-2026-41989 |
中危 |
1.10.3-2build1 |
1.10.3-2ubuntu0.1 |
Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
|
| libgnutls30t64 |
CVE-2026-33845 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-33846 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-3832 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-30 18:16 修改: 2026-06-02 17:16
|
| libgnutls30t64 |
CVE-2026-3833 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-42009 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-18 13:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-42010 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Authentication Bypass via NUL Character in Username
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-07 12:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-42011 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Security bypass due to incorrect name constraint handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-42012 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-42013 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-42014 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libgnutls30t64 |
CVE-2026-42015 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-5260 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
|
| libgnutls30t64 |
CVE-2026-5419 |
中危 |
3.8.3-1.1ubuntu3.5 |
3.8.3-1.1ubuntu3.6 |
guntls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-06-01 21:16 修改: 2026-06-02 17:16
|
| libmount1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libsmartcols1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libuuid1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| mount |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| tar |
CVE-2025-45582 |
中危 |
1.35+dfsg-3build1 |
|
tar: Tar path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
|
| tar |
CVE-2026-5704 |
中危 |
1.35+dfsg-3build1 |
|
tar: tar: Hidden file injection via crafted archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:08
|
| util-linux |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
|
| libsystemd0 |
CVE-2026-40228 |
低危 |
255.4-1ubuntu8.15 |
|
systemd: systemd-journald: Unintended output to user terminals via logger command
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
|
| libudev1 |
CVE-2026-40228 |
低危 |
255.4-1ubuntu8.15 |
|
systemd: systemd-journald: Unintended output to user terminals via logger command
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
|
| libelf1t64 |
CVE-2025-1352 |
低危 |
0.190-1.1ubuntu0.1 |
|
elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352
镜像层: sha256:6536145e8205957b8ec5b68bf3da6494ec99c882f4b12cfa1b0a15185b6ca08e
发布日期: 2025-02-16 15:15 修改: 2026-06-02 14:16
|
| login |
CVE-2024-56433 |
低危 |
1:4.13+dfsg1-4ubuntu3.2 |
|
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
|
| libicu74 |
CVE-2025-5222 |
低危 |
74.2-1ubuntu3.1 |
|
icu: Stack buffer overflow in the SRBRoot::addTag function
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5222
镜像层: sha256:6536145e8205957b8ec5b68bf3da6494ec99c882f4b12cfa1b0a15185b6ca08e
发布日期: 2025-05-27 21:15 修改: 2026-04-23 00:16
|
| passwd |
CVE-2024-56433 |
低危 |
1:4.13+dfsg1-4ubuntu3.2 |
|
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
|
| liblzma5 |
CVE-2026-34743 |
低危 |
5.6.1+really5.4.5-1ubuntu0.2 |
5.6.1+really5.4.5-1ubuntu0.3 |
xz: XZ Utils: Denial of Service via buffer overflow in index decoding
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
|
| libelf1t64 |
CVE-2025-1376 |
低危 |
0.190-1.1ubuntu0.1 |
|
elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1376
镜像层: sha256:6536145e8205957b8ec5b68bf3da6494ec99c882f4b12cfa1b0a15185b6ca08e
发布日期: 2025-02-17 05:15 修改: 2026-06-02 14:16
|
| libgcrypt20 |
CVE-2024-2236 |
低危 |
1.10.3-2build1 |
|
libgcrypt: vulnerable to Marvin Attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
|