docker.io/openresty/openresty:1.27.1.1-rocky linux/amd64

docker.io/openresty/openresty:1.27.1.1-rocky - Trivy安全扫描结果 扫描时间: 2025-02-11 11:03
全部漏洞信息
低危漏洞:4 中危漏洞:111 高危漏洞:28 严重漏洞:3

系统OS: rocky 8.5 扫描引擎: Trivy 扫描时间: 2025-02-11 11:03

docker.io/openresty/openresty:1.27.1.1-rocky (rocky 8.5) (rocky)
低危漏洞:4 中危漏洞:111 高危漏洞:28 严重漏洞:3
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
systemd CVE-2022-2526 严重 239-51.el8 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17
systemd-libs CVE-2022-2526 严重 239-51.el8 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17
systemd-pam CVE-2022-2526 严重 239-51.el8 239-58.el8_6.4 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17
cyrus-sasl-lib CVE-2022-24407 高危 2.1.27-5.el8 2.1.27-6.el8_5 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44
expat CVE-2022-40674 高危 2.2.5-4.el8 2.2.5-8.el8_6.3 expat: a use-after-free in the doContent function in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40674

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-09-14 11:15 修改: 2023-11-07 03:52
gzip CVE-2022-1271 高危 1.9-12.el8 1.9-13.el8_5 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
krb5-libs CVE-2022-42898 高危 1.18.2-14.el8 1.18.2-22.el8_7 krb5: integer overflow vulnerabilities in PAC parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
krb5-libs CVE-2024-3596 高危 1.18.2-14.el8 1.18.2-30.el8_10 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-07-09 12:15 修改: 2024-12-30 19:23
libcurl-minimal CVE-2022-22576 高危 7.61.1-22.el8 7.61.1-22.el8_6.3 curl: OAUTH2 bearer bypass in connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-05-26 17:15 修改: 2024-03-27 15:02
libcurl-minimal CVE-2022-27782 高危 7.61.1-22.el8 7.61.1-22.el8_6.3 curl: TLS and SSH connection too eager reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01
libcurl-minimal CVE-2023-38546 高危 7.61.1-22.el8 7.61.1-33.el8_9.5 curl: cookie injection with none file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15
libksba CVE-2022-3515 高危 1.3.5-7.el8 1.3.5-8.el8_6 libksba: integer overflow may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3515

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-01-12 15:15 修改: 2023-07-06 19:15
libksba CVE-2022-47629 高危 1.3.5-7.el8 1.3.5-9.el8_7 libksba: integer overflow to code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47629

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-12-20 23:15 修改: 2023-11-07 03:56
pam CVE-2024-10041 高危 1.3.1-15.el8 1.3.1-36.el8_10 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
pam CVE-2024-10963 高危 1.3.1-15.el8 1.3.1-36.el8_10 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
platform-python CVE-2023-24329 高危 3.6.8-41.el8.rocky.0 3.6.8-51.el8_8.1.rocky.0 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
platform-python CVE-2023-6597 高危 3.6.8-41.el8.rocky.0 3.6.8-62.el8_10.rocky.0 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
platform-python CVE-2024-0450 高危 3.6.8-41.el8.rocky.0 3.6.8-62.el8_10.rocky.0 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
platform-python-setuptools CVE-2024-6345 高危 39.2.0-6.el8 39.2.0-8.el8_10 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
python3-libs CVE-2023-24329 高危 3.6.8-41.el8.rocky.0 3.6.8-51.el8_8.1.rocky.0 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
python3-libs CVE-2023-6597 高危 3.6.8-41.el8.rocky.0 3.6.8-62.el8_10.rocky.0 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3-libs CVE-2024-0450 高危 3.6.8-41.el8.rocky.0 3.6.8-62.el8_10.rocky.0 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3-setuptools-wheel CVE-2024-6345 高危 39.2.0-6.el8 39.2.0-8.el8_10 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
curl CVE-2022-22576 高危 7.61.1-22.el8 7.61.1-22.el8_6.3 curl: OAUTH2 bearer bypass in connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-05-26 17:15 修改: 2024-03-27 15:02
curl CVE-2022-27782 高危 7.61.1-22.el8 7.61.1-22.el8_6.3 curl: TLS and SSH connection too eager reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01
curl CVE-2023-38546 高危 7.61.1-22.el8 7.61.1-33.el8_9.5 curl: cookie injection with none file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15
vim-minimal CVE-2022-1154 高危 2:8.0.1763-16.el8 2:8.0.1763-16.el8_5.13 vim: use after free in utf_ptr2char

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1154

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-03-30 12:15 修改: 2023-11-07 03:41
vim-minimal CVE-2022-1621 高危 2:8.0.1763-16.el8 2:8.0.1763-19.el8_6.2 vim: heap buffer overflow in vim_strncpy

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1621

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-05-10 14:15 修改: 2023-11-07 03:42
vim-minimal CVE-2022-1629 高危 2:8.0.1763-16.el8 2:8.0.1763-19.el8_6.2 vim: buffer over-read in function find_next_quote

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1629

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-05-10 14:15 修改: 2023-11-07 03:42
xz-libs CVE-2022-1271 高危 5.2.4-3.el8.1 5.2.4-4.el8_6 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
zlib CVE-2018-25032 高危 1.2.11-17.el8 1.2.11-18.el8_5 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56
dbus-tools CVE-2022-42010 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
dbus-tools CVE-2022-42011 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
dbus-tools CVE-2022-42012 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
dbus-tools CVE-2023-34969 中危 1:1.12.8-14.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36
curl CVE-2022-27774 中危 7.61.1-22.el8 7.61.1-22.el8_6.3 curl: credential leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
expat CVE-2022-43680 中危 2.2.5-4.el8 2.2.5-10.el8_7.1 expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43680

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-24 14:15 修改: 2024-01-21 02:08
expat CVE-2023-52425 中危 2.2.5-4.el8 2.2.5-11.el8_9.1 expat: parsing large tokens can trigger a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35
expat CVE-2024-45490 中危 2.2.5-4.el8 2.2.5-15.el8_10 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
expat CVE-2024-45491 中危 2.2.5-4.el8 2.2.5-15.el8_10 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
expat CVE-2024-45492 中危 2.2.5-4.el8 2.2.5-15.el8_10 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
expat CVE-2024-50602 中危 2.2.5-4.el8 2.2.5-16.el8_10 libexpat: expat: DoS via XML_ResumeParser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
gnupg2 CVE-2022-34903 中危 2.2.20-2.el8 2.2.20-3.el8_6 gpg: Signature spoofing via status line injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gnutls CVE-2022-2509 中危 3.6.16-4.el8 3.6.16-5.el8_6 gnutls: Double free during gnutls_pkcs7_verify

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2509

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-01 14:15 修改: 2023-11-07 03:46
gnutls CVE-2023-0361 中危 3.6.16-4.el8 3.6.16-6.el8_7 gnutls: timing side-channel in the TLS RSA key exchange code

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0361

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-02-15 18:15 修改: 2023-11-07 04:00
gnutls CVE-2023-5981 中危 3.6.16-4.el8 3.6.16-8.el8_9 gnutls: timing side-channel in the RSA-PSK authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5981

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-11-28 12:15 修改: 2024-09-16 13:15
gnutls CVE-2024-28834 中危 3.6.16-4.el8 3.6.16-8.el8_9.3 gnutls: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-03-21 14:15 修改: 2024-11-21 21:15
curl CVE-2022-27776 中危 7.61.1-22.el8 7.61.1-22.el8_6.3 curl: auth/cookie leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
curl CVE-2022-32206 中危 7.61.1-22.el8 7.61.1-22.el8_6.4 curl: HTTP compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00
curl CVE-2022-32208 中危 7.61.1-22.el8 7.61.1-22.el8_6.4 curl: FTP-KRB bad message verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00
less CVE-2022-48624 中危 530-1.el8 530-2.el8_9 less: missing quoting of shell metacharacters in LESSCLOSE handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48624

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-02-19 01:15 修改: 2024-06-10 18:15
libcap CVE-2023-2602 中危 2.26-5.el8 2.48-5.el8_8 libcap: Memory Leak on pthread_create() Error

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2602

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-06-06 20:15 修改: 2023-11-30 05:15
libcap CVE-2023-2603 中危 2.26-5.el8 2.48-5.el8_8 libcap: Integer Overflow in _libcap_strdup()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2603

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-06-06 20:15 修改: 2024-10-10 16:32
libcom_err CVE-2022-1304 中危 1.45.6-2.el8 1.45.6-5.el8 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
curl CVE-2023-23916 中危 7.61.1-22.el8 7.61.1-25.el8_7.3 curl: HTTP multi-header compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-02-23 20:15 修改: 2024-03-27 14:54
curl CVE-2023-27535 中危 7.61.1-22.el8 7.61.1-30.el8_8.2 curl: FTP too eager connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:47
curl CVE-2023-27536 中危 7.61.1-22.el8 7.61.1-30.el8_8.3 curl: GSS delegation too eager connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46
libcurl-minimal CVE-2022-27774 中危 7.61.1-22.el8 7.61.1-22.el8_6.3 curl: credential leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
libcurl-minimal CVE-2022-27776 中危 7.61.1-22.el8 7.61.1-22.el8_6.3 curl: auth/cookie leak on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
libcurl-minimal CVE-2022-32206 中危 7.61.1-22.el8 7.61.1-22.el8_6.4 curl: HTTP compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00
libcurl-minimal CVE-2022-32208 中危 7.61.1-22.el8 7.61.1-22.el8_6.4 curl: FTP-KRB bad message verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00
libcurl-minimal CVE-2023-23916 中危 7.61.1-22.el8 7.61.1-25.el8_7.3 curl: HTTP multi-header compression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-02-23 20:15 修改: 2024-03-27 14:54
libcurl-minimal CVE-2023-27535 中危 7.61.1-22.el8 7.61.1-30.el8_8.2 curl: FTP too eager connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:47
libcurl-minimal CVE-2023-27536 中危 7.61.1-22.el8 7.61.1-30.el8_8.3 curl: GSS delegation too eager connection re-use

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46
libcurl-minimal CVE-2023-28321 中危 7.61.1-22.el8 7.61.1-30.el8_8.3 curl: IDN wildcard match may lead to Improper Cerificate Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libcurl-minimal CVE-2023-28322 中危 7.61.1-22.el8 7.61.1-33.el8_9.5 curl: more POST-after-PUT confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15
libcurl-minimal CVE-2023-46218 中危 7.61.1-22.el8 7.61.1-33.el8_9.5 curl: information disclosure by exploiting a mixed case flaw

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15
libgcrypt CVE-2021-40528 中危 1.8.5-6.el8 1.8.5-7.el8_6 libgcrypt: ElGamal implementation allows plaintext recovery

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40528

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2021-09-06 19:15 修改: 2023-11-07 03:38
curl CVE-2023-28321 中危 7.61.1-22.el8 7.61.1-30.el8_8.3 curl: IDN wildcard match may lead to Improper Cerificate Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
curl CVE-2023-28322 中危 7.61.1-22.el8 7.61.1-33.el8_9.5 curl: more POST-after-PUT confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15
libtasn1 CVE-2021-46848 中危 4.13-3.el8 4.13-4.el8_7 libtasn1: Out-of-bound access in ETYPE_OK

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46848

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-24 14:15 修改: 2023-11-07 03:40
libxml2 CVE-2016-3709 中危 2.9.7-11.el8 2.9.7-15.el8 libxml2: Incorrect server side include parsing can lead to XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3709

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-07-28 17:15 修改: 2022-12-07 16:39
libxml2 CVE-2022-40303 中危 2.9.7-11.el8 2.9.7-15.el8_7.1 libxml2: integer overflows with XML_PARSE_HUGE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40303

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-11-23 00:15 修改: 2023-11-07 03:52
libxml2 CVE-2022-40304 中危 2.9.7-11.el8 2.9.7-15.el8_7.1 libxml2: dict corruption caused by entity reference cycles

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40304

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-11-23 18:15 修改: 2023-11-07 03:52
libxml2 CVE-2023-28484 中危 2.9.7-11.el8 2.9.7-16.el8_8.1 libxml2: NULL dereference in xmlSchemaFixupComplexType

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28484

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-04-24 21:15 修改: 2024-02-01 17:15
libxml2 CVE-2023-29469 中危 2.9.7-11.el8 2.9.7-16.el8_8.1 libxml2: Hashing of empty dict strings isn't deterministic

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29469

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-04-24 21:15 修改: 2023-06-01 14:15
libxml2 CVE-2024-25062 中危 2.9.7-11.el8 2.9.7-18.el8_10.1 libxml2: use-after-free in XMLReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-02-04 16:15 修改: 2024-02-13 00:40
curl CVE-2023-46218 中危 7.61.1-22.el8 7.61.1-33.el8_9.5 curl: information disclosure by exploiting a mixed case flaw

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15
cryptsetup-libs CVE-2021-4122 中危 2.3.3-4.el8 2.3.3-4.el8_5.1 cryptsetup: disable encryption via header rewrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4122

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-24 16:15 修改: 2022-08-29 14:28
pam CVE-2024-22365 中危 1.3.1-15.el8 1.3.1-33.el8 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27
pcre2 CVE-2022-1586 中危 10.32-2.el8 10.32-3.el8_6 pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1586

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-05-16 21:15 修改: 2023-11-07 03:42
dbus CVE-2022-42010 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
dbus CVE-2022-42011 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
dbus CVE-2022-42012 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
platform-python CVE-2020-10735 中危 3.6.8-41.el8.rocky.0 3.6.8-48.el8_7.1.rocky.0 python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-09-09 14:15 修改: 2023-06-30 23:15
platform-python CVE-2021-28861 中危 3.6.8-41.el8.rocky.0 3.6.8-48.el8_7.1.rocky.0 python: open redirection vulnerability in lib/http/server.py may lead to information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-23 01:15 修改: 2024-08-03 22:15
platform-python CVE-2021-3737 中危 3.6.8-41.el8.rocky.0 3.6.8-45.el8.rocky.0 python: urllib: HTTP client possible infinite loop on a 100 Continue response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-03-04 19:15 修改: 2023-11-07 03:38
platform-python CVE-2021-4189 中危 3.6.8-41.el8.rocky.0 3.6.8-45.el8.rocky.0 python: ftplib should not use the host from the PASV response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-24 16:15 修改: 2023-06-30 23:15
platform-python CVE-2022-45061 中危 3.6.8-41.el8.rocky.0 3.6.8-48.el8_7.1.rocky.0 python: CPU denial of service via inefficient IDNA decoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-11-09 07:15 修改: 2023-11-07 03:54
platform-python CVE-2023-27043 中危 3.6.8-41.el8.rocky.0 3.6.8-56.el8_9.3.rocky.0 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
platform-python CVE-2024-11168 中危 3.6.8-41.el8.rocky.0 3.6.8-69.el8_10.rocky.0 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
platform-python CVE-2024-4032 中危 3.6.8-41.el8.rocky.0 3.6.8-67.el8_10.rocky.0 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
platform-python CVE-2024-6232 中危 3.6.8-41.el8.rocky.0 3.6.8-67.el8_10.rocky.0 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
platform-python CVE-2024-6923 中危 3.6.8-41.el8.rocky.0 3.6.8-67.el8_10.rocky.0 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
platform-python CVE-2024-9287 中危 3.6.8-41.el8.rocky.0 3.6.8-69.el8_10.rocky.0 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
dbus CVE-2023-34969 中危 1:1.12.8-14.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36
platform-python-setuptools CVE-2022-40897 中危 39.2.0-6.el8 39.2.0-6.el8_7.1 pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-12-23 00:15 修改: 2024-10-29 15:35
dbus-common CVE-2022-42010 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
dbus-common CVE-2022-42011 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
dbus-common CVE-2022-42012 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
python3-libs CVE-2020-10735 中危 3.6.8-41.el8.rocky.0 3.6.8-48.el8_7.1.rocky.0 python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-09-09 14:15 修改: 2023-06-30 23:15
python3-libs CVE-2021-28861 中危 3.6.8-41.el8.rocky.0 3.6.8-48.el8_7.1.rocky.0 python: open redirection vulnerability in lib/http/server.py may lead to information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-23 01:15 修改: 2024-08-03 22:15
python3-libs CVE-2021-3737 中危 3.6.8-41.el8.rocky.0 3.6.8-45.el8.rocky.0 python: urllib: HTTP client possible infinite loop on a 100 Continue response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-03-04 19:15 修改: 2023-11-07 03:38
python3-libs CVE-2021-4189 中危 3.6.8-41.el8.rocky.0 3.6.8-45.el8.rocky.0 python: ftplib should not use the host from the PASV response

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-24 16:15 修改: 2023-06-30 23:15
python3-libs CVE-2022-45061 中危 3.6.8-41.el8.rocky.0 3.6.8-48.el8_7.1.rocky.0 python: CPU denial of service via inefficient IDNA decoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-11-09 07:15 修改: 2023-11-07 03:54
python3-libs CVE-2023-27043 中危 3.6.8-41.el8.rocky.0 3.6.8-56.el8_9.3.rocky.0 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3-libs CVE-2024-11168 中危 3.6.8-41.el8.rocky.0 3.6.8-69.el8_10.rocky.0 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
python3-libs CVE-2024-4032 中危 3.6.8-41.el8.rocky.0 3.6.8-67.el8_10.rocky.0 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3-libs CVE-2024-6232 中危 3.6.8-41.el8.rocky.0 3.6.8-67.el8_10.rocky.0 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3-libs CVE-2024-6923 中危 3.6.8-41.el8.rocky.0 3.6.8-67.el8_10.rocky.0 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
python3-libs CVE-2024-9287 中危 3.6.8-41.el8.rocky.0 3.6.8-69.el8_10.rocky.0 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
python3-rpm CVE-2021-3521 中危 4.14.3-19.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41
dbus-common CVE-2023-34969 中危 1:1.12.8-14.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36
python3-setuptools-wheel CVE-2022-40897 中危 39.2.0-6.el8 39.2.0-6.el8_7.1 pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-12-23 00:15 修改: 2024-10-29 15:35
rpm CVE-2021-3521 中危 4.14.3-19.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41
rpm-build-libs CVE-2021-3521 中危 4.14.3-19.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41
rpm-libs CVE-2021-3521 中危 4.14.3-19.el8 4.14.3-19.el8_5.2 rpm: RPM does not require subkeys to have a valid binding signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3521

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-22 15:15 修改: 2023-02-12 23:41
sqlite-libs CVE-2020-24736 中危 3.26.0-15.el8 3.26.0-18.el8_8 sqlite: Crash due to misuse of window functions.

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24736

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-04-11 18:15 修改: 2023-05-26 20:15
sqlite-libs CVE-2020-35525 中危 3.26.0-15.el8 3.26.0-16.el8_6 sqlite: Null pointer derreference in src/select.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35525

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-09-01 18:15 修改: 2023-07-06 19:15
sqlite-libs CVE-2020-35527 中危 3.26.0-15.el8 3.26.0-16.el8_6 sqlite: Out of bounds access during table rename

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35527

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-09-01 18:15 修改: 2022-12-08 22:29
sqlite-libs CVE-2022-35737 中危 3.26.0-15.el8 3.26.0-17.el8_7 sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35737

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-03 06:15 修改: 2024-03-27 16:05
sqlite-libs CVE-2023-7104 中危 3.26.0-15.el8 3.26.0-19.el8_9 sqlite: heap-buffer-overflow at sessionfuzz

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-12-29 10:15 修改: 2024-05-17 02:34
dbus-daemon CVE-2022-42010 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
systemd CVE-2022-4415 中危 239-51.el8 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19
systemd CVE-2023-26604 中危 239-51.el8 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
dbus-daemon CVE-2022-42011 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
systemd-libs CVE-2022-4415 中危 239-51.el8 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19
systemd-libs CVE-2023-26604 中危 239-51.el8 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
dbus-daemon CVE-2022-42012 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
systemd-pam CVE-2022-4415 中危 239-51.el8 239-68.el8_7.4 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19
systemd-pam CVE-2023-26604 中危 239-51.el8 239-74.el8_8.2 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
dbus-daemon CVE-2023-34969 中危 1:1.12.8-14.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36
dbus-libs CVE-2022-42010 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42010

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
dbus-libs CVE-2022-42011 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42011

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
vim-minimal CVE-2021-3984 中危 2:8.0.1763-16.el8 2:8.0.1763-16.el8_5.4 vim: illegal memory access in find_start_brace() in cindent.c when C-indenting

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3984

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2021-12-01 11:15 修改: 2023-11-07 03:38
vim-minimal CVE-2021-4019 中危 2:8.0.1763-16.el8 2:8.0.1763-16.el8_5.4 vim: heap-based buffer overflow in find_help_tags() in help.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4019

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2021-12-01 10:15 修改: 2023-11-07 03:40
vim-minimal CVE-2022-1785 中危 2:8.0.1763-16.el8 2:8.0.1763-19.el8_6.4 vim: Out-of-bounds Write

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1785

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-05-19 13:15 修改: 2023-05-03 12:15
vim-minimal CVE-2022-1897 中危 2:8.0.1763-16.el8 2:8.0.1763-19.el8_6.4 vim: out-of-bounds write in vim_regsub_both() in regexp.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1897

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-05-27 15:15 修改: 2023-11-07 03:42
vim-minimal CVE-2022-1927 中危 2:8.0.1763-16.el8 2:8.0.1763-19.el8_6.4 vim: buffer over-read in utf_ptr2char() in mbyte.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1927

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-05-29 14:15 修改: 2023-11-07 03:42
dbus-libs CVE-2022-42012 中危 1:1.12.8-14.el8 1:1.12.8-23.el8_7.1 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42012

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-10-10 00:15 修改: 2023-12-27 16:49
dbus-libs CVE-2023-34969 中危 1:1.12.8-14.el8 1:1.12.8-24.el8_8.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36
zlib CVE-2022-37434 中危 1.2.11-17.el8 1.2.11-19.el8_6 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2022-08-05 07:15 修改: 2023-07-19 00:56
binutils CVE-2018-12699 低危 2.30-108.el8 2.30-125.el8_10 binutils: heap-based buffer overflow in finish_stab in stabs.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12699

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2018-06-23 23:29 修改: 2019-08-03 13:15
bzip2-libs CVE-2019-12900 低危 1.0.6-26.el8 1.0.6-27.el8_10 bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2019-06-19 23:15 修改: 2023-11-07 03:03
krb5-libs CVE-2024-26458 低危 1.18.2-14.el8 1.18.2-27.el8_10 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
krb5-libs CVE-2024-26461 低危 1.18.2-14.el8 1.18.2-27.el8_10 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:65dbea0a4b39709e0a2cc8624fd99478e9f302c0a5661d7676d6d3bd3cb6d181

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35