| github.com/jackc/pgx/v5 |
CVE-2026-33815 |
严重 |
v5.5.5 |
5.9.0 |
github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33815
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-04-07 16:16 修改: 2026-06-30 03:18
|
| github.com/jackc/pgx/v5 |
CVE-2026-33816 |
严重 |
v5.5.5 |
5.9.0 |
github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33816
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-04-07 16:16 修改: 2026-06-30 03:18
|
| github.com/rclone/rclone |
CVE-2026-41176 |
严重 |
v1.70.3 |
1.73.5 |
github.com/rclone/rclone: Rclone: Unauthorized access to administrative functions through unauthenticated Remote Control endpoint.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41176
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-04-23 00:16 修改: 2026-06-30 03:19
|
| github.com/rclone/rclone |
CVE-2026-41179 |
严重 |
v1.70.3 |
1.73.5 |
github.com/rclone/rclone: Rclone: Unauthenticated local command execution via exposed RC endpoint
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41179
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-04-23 00:16 修改: 2026-06-30 03:19
|
| github.com/rclone/rclone |
CVE-2026-49980 |
严重 |
v1.70.3 |
1.74.3 |
github.com/rclone/rclone: Rclone: Remote Code Execution via unauthenticated requests when `rcd --rc-serve` is enabled
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-49980
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-06-24 19:17 修改: 2026-06-29 16:11
|
| google.golang.org/grpc |
CVE-2026-33186 |
严重 |
v1.78.0 |
1.79.3 |
google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-03-20 23:16 修改: 2026-07-01 13:17
|
| golang.org/x/crypto |
CVE-2026-39828 |
高危 |
v0.50.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39828
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-07-01 13:17
|
| golang.org/x/crypto |
CVE-2026-39829 |
高危 |
v0.50.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39829
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-07-01 13:17
|
| golang.org/x/crypto |
CVE-2026-39830 |
高危 |
v0.50.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39830
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:19
|
| golang.org/x/crypto |
CVE-2026-39832 |
高危 |
v0.50.0 |
0.52.0 |
golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39832
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-06-30 03:19
|
| golang.org/x/crypto |
CVE-2026-39835 |
高危 |
v0.50.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39835
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-07-01 13:17
|
| golang.org/x/crypto |
CVE-2026-42508 |
高危 |
v0.50.0 |
0.52.0 |
golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42508
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-07-01 13:17
|
| golang.org/x/crypto |
CVE-2026-46595 |
高危 |
v0.50.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46595
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-07-01 13:17
|
| golang.org/x/crypto |
CVE-2026-46597 |
高危 |
v0.50.0 |
0.52.0 |
An incorrectly placed cast from bytes to int allowed for server-side p ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46597
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
|
| golang.org/x/net |
CVE-2026-25681 |
高危 |
v0.53.0 |
0.55.0 |
golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25
|
| golang.org/x/net |
CVE-2026-27136 |
高危 |
v0.53.0 |
0.55.0 |
Parsing arbitrary HTML which is then rendered using Render can result ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26
|
| golang.org/x/net |
CVE-2026-39821 |
高危 |
v0.53.0 |
0.55.0 |
golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 16:16 修改: 2026-07-01 13:17
|
| golang.org/x/net |
CVE-2026-42502 |
高危 |
v0.53.0 |
0.55.0 |
Parsing arbitrary HTML which is then rendered using Render can result ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47
|
| golang.org/x/crypto |
CVE-2026-39827 |
高危 |
v0.50.0 |
0.52.0 |
An authenticated SSH client that repeatedly opened channels which were ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39827
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-46598 |
中危 |
v0.50.0 |
0.52.0 |
golang.org/x/crypto/ssh/agent: golang: golang.org/x/crypto/ssh/agent: Denial of Service via malformed input
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46598
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
|
| golang.org/x/image |
CVE-2026-33809 |
中危 |
v0.29.0 |
0.38.0 |
golang: golang.org/x/image/tiff: golang.org/x/image/tiff: Denial of Service via maliciously crafted TIFF file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33809
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-03-25 19:16 修改: 2026-06-17 10:38
|
| golang.org/x/image |
CVE-2026-33812 |
中危 |
v0.29.0 |
0.39.0 |
golang.org/x/image: golang: golang.org/x/image: Denial of Service due to excessive memory allocation when parsing malicious font files
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33812
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-04-21 20:16 修改: 2026-06-17 10:38
|
| golang.org/x/image |
CVE-2026-33813 |
中危 |
v0.29.0 |
0.42.0 |
golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33813
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-04-21 20:16 修改: 2026-06-25 20:17
|
| golang.org/x/image |
CVE-2026-46599 |
中危 |
v0.29.0 |
0.41.0 |
golang.org/x/image/tiff: golang.org/x/image/tiff: Denial of Service via crafted PackBits-compressed data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46599
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:53
|
| golang.org/x/image |
CVE-2026-46601 |
中危 |
v0.29.0 |
0.43.0 |
golang.org/x/image/webp: golang.org/x/image/webp: Denial of Service via malformed VP8 chunk in WebP images
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46601
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-06-25 20:17 修改: 2026-06-26 17:16
|
| github.com/go-chi/chi/v5 |
CVE-2025-69725 |
中危 |
v5.2.2 |
5.2.4 |
go-chi/chi: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69725
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-02-19 17:24 修改: 2026-06-17 10:00
|
| github.com/quic-go/quic-go |
CVE-2026-40898 |
中危 |
v0.59.0 |
0.59.1 |
quic-go is an implementation of the QUIC protocol in Go. Prior to vers ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40898
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-06-04 19:16 修改: 2026-06-17 10:45
|
| golang.org/x/crypto |
CVE-2026-39831 |
中危 |
v0.50.0 |
0.52.0 |
The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nis ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39831
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39833 |
中危 |
v0.50.0 |
0.52.0 |
golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39833
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/net |
CVE-2026-25680 |
中危 |
v0.53.0 |
0.55.0 |
golang.org/x/net/html: golang.org/x/net/html: Denial of Service due to excessive HTML parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25
|
| golang.org/x/net |
CVE-2026-42506 |
中危 |
v0.53.0 |
0.55.0 |
golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47
|
| golang.org/x/crypto |
CVE-2026-39834 |
中危 |
v0.50.0 |
0.52.0 |
When writing data larger than 4GB in a single Write call on an SSH cha ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39834
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| github.com/jackc/pgx/v5 |
CVE-2026-41889 |
低危 |
v5.5.5 |
5.9.2 |
github.com/jackc/pgx: golang: pgx: SQL injection via specific SQL query conditions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41889
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-08 17:16 修改: 2026-06-17 10:47
|
| github.com/disintegration/imaging |
CVE-2023-36308 |
低危 |
v1.6.2 |
|
disintegration Imaging 1.6.2 allows attackers to cause a panic (becaus ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36308
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2023-09-05 04:15 修改: 2026-06-17 06:06
|
| github.com/cloudflare/circl |
CVE-2026-1229 |
低危 |
v1.6.1 |
1.6.3 |
CIRCL has an incorrect calculation in secp384r1 CombinedMult
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1229
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-02-24 08:16 修改: 2026-06-17 10:15
|
| golang.org/x/image |
CVE-2026-46602 |
未知 |
v0.29.0 |
0.43.0 |
The TIFF decoder does not set a limit on the size of tiles in tiled im ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46602
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-06-25 20:17 修改: 2026-06-26 17:16
|
| golang.org/x/image |
CVE-2026-46604 |
未知 |
v0.29.0 |
0.43.0 |
The TIFF decoder can panic when decoding an invalid image with an out- ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46604
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-06-26 21:16 修改: 2026-07-01 14:07
|
| golang.org/x/sys |
CVE-2026-39824 |
未知 |
v0.43.0 |
0.44.0 |
Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42
|
| golang.org/x/image |
CVE-2026-42500 |
未知 |
v0.29.0 |
0.41.0 |
Decoding a paletted BMP file with an out-of-range palette index result ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42500
镜像层: sha256:4b25609a010793391ba4cf0ce4757547047a42fd9ac80718b92fc30d101a579b
发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:47
|