docker.io/owasp/dependency-check:12.2.2 - Trivy镜像安全扫描结果

全部漏洞信息

低危漏洞:22

中危漏洞:45

高危漏洞:82

严重漏洞:0

系统OS: alpine 3.23.4 扫描引擎: Trivy 扫描时间: 2026-06-17 17:40

docker.io/owasp/dependency-check:12.2.2 (alpine 3.23.4) (alpine)

低危漏洞:22

中危漏洞:13

高危漏洞:2

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libcrypto3	CVE-2026-45447	高危	3.5.6-r0	3.5.7-r0	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libssl3	CVE-2026-45447	高危	3.5.6-r0	3.5.7-r0	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libcrypto3	CVE-2026-34183	中危	3.5.6-r0	3.5.7-r0	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
libcrypto3	CVE-2026-42764	中危	3.5.6-r0	3.5.7-r0	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libcrypto3	CVE-2026-45445	中危	3.5.6-r0	3.5.7-r0	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libcurl	CVE-2025-14017	中危	8.17.0-r1	8.19.0-r0	curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:387d89c59cfeafffa917b2423f8ae5466e342f6b04ba149797a7a03916370f2d 发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
libcurl	CVE-2026-1965	中危	8.17.0-r1	8.19.0-r0	curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:387d89c59cfeafffa917b2423f8ae5466e342f6b04ba149797a7a03916370f2d 发布日期: 2026-03-11 11:15 修改: 2026-03-12 14:11
libcurl	CVE-2026-3783	中危	8.17.0-r1	8.19.0-r0	curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:387d89c59cfeafffa917b2423f8ae5466e342f6b04ba149797a7a03916370f2d 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:10
libcurl	CVE-2026-3784	中危	8.17.0-r1	8.19.0-r0	curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:387d89c59cfeafffa917b2423f8ae5466e342f6b04ba149797a7a03916370f2d 发布日期: 2026-03-11 11:16 修改: 2026-06-02 14:16
libcurl	CVE-2026-3805	中危	8.17.0-r1	8.19.0-r0	curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805 镜像层: sha256:387d89c59cfeafffa917b2423f8ae5466e342f6b04ba149797a7a03916370f2d 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:08
libcrypto3	CVE-2026-34182	中危	3.5.6-r0	3.5.7-r0	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-34182	中危	3.5.6-r0	3.5.7-r0	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-34183	中危	3.5.6-r0	3.5.7-r0	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
libssl3	CVE-2026-42764	中危	3.5.6-r0	3.5.7-r0	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl3	CVE-2026-45445	中危	3.5.6-r0	3.5.7-r0	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libcrypto3	CVE-2026-34180	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libcrypto3	CVE-2026-34181	低危	3.5.6-r0	3.5.7-r0	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libcrypto3	CVE-2026-42766	低危	3.5.6-r0	3.5.7-r0	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libcrypto3	CVE-2026-42767	低危	3.5.6-r0	3.5.7-r0	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libcrypto3	CVE-2026-42768	低危	3.5.6-r0	3.5.7-r0	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libcurl	CVE-2025-14524	低危	8.17.0-r1	8.19.0-r0	curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:387d89c59cfeafffa917b2423f8ae5466e342f6b04ba149797a7a03916370f2d 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
libcurl	CVE-2025-14819	低危	8.17.0-r1	8.19.0-r0	curl: libcurl: Improper certificate validation due to cached TLS settings reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819 镜像层: sha256:387d89c59cfeafffa917b2423f8ae5466e342f6b04ba149797a7a03916370f2d 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:51
libcrypto3	CVE-2026-42769	低危	3.5.6-r0	3.5.7-r0	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
libcrypto3	CVE-2026-42770	低危	3.5.6-r0	3.5.7-r0	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libcrypto3	CVE-2026-45446	低危	3.5.6-r0	3.5.7-r0	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libcrypto3	CVE-2026-7383	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
libcrypto3	CVE-2026-9076	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libssl3	CVE-2026-34180	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-34181	低危	3.5.6-r0	3.5.7-r0	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3	CVE-2026-42766	低危	3.5.6-r0	3.5.7-r0	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl3	CVE-2026-42767	低危	3.5.6-r0	3.5.7-r0	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3	CVE-2026-42768	低危	3.5.6-r0	3.5.7-r0	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3	CVE-2026-42769	低危	3.5.6-r0	3.5.7-r0	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
libssl3	CVE-2026-42770	低危	3.5.6-r0	3.5.7-r0	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3	CVE-2026-45446	低危	3.5.6-r0	3.5.7-r0	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libssl3	CVE-2026-7383	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
libssl3	CVE-2026-9076	低危	3.5.6-r0	3.5.7-r0	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:29df493baa13de438d6d2ece3a8333032e0b7b9b9d8cce4ee82194da255f61e1 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45

Java (jar)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

Node.js (node-pkg)

低危漏洞:0

中危漏洞:2

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
ip-address	CVE-2026-42338	中危	10.1.0	10.1.1	ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338 镜像层: sha256:9e10afb740c57af68506347d7b930fda1ff63b8f76f06d9e558f2c4985ca6fdc 发布日期: 2026-05-12 20:16 修改: 2026-05-19 20:04
tar	CVE-2026-53655	中危	7.5.13	7.5.16	node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655 镜像层: sha256:9e10afb740c57af68506347d7b930fda1ff63b8f76f06d9e558f2c4985ca6fdc 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

软件包

漏洞

安全状态

安装版本

修复版本

漏洞信息

ip-address

CVE-2026-42338

中危

10.1.0

10.1.1

ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:9e10afb740c57af68506347d7b930fda1ff63b8f76f06d9e558f2c4985ca6fdc

发布日期: 2026-05-12 20:16 修改: 2026-05-19 20:04

tar

CVE-2026-53655

中危

7.5.13

7.5.16

node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:9e10afb740c57af68506347d7b930fda1ff63b8f76f06d9e558f2c4985ca6fdc

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

Ruby (gemspec)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

usr/local/go/bin/go (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15

usr/local/go/bin/gofmt (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15

usr/local/go/pkg/tool/linux_amd64/asm (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15

usr/local/go/pkg/tool/linux_amd64/cgo (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15

usr/local/go/pkg/tool/linux_amd64/compile (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15

usr/local/go/pkg/tool/linux_amd64/cover (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15

usr/local/go/pkg/tool/linux_amd64/fix (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15

usr/local/go/pkg/tool/linux_amd64/link (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15

usr/local/go/pkg/tool/linux_amd64/preprofile (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15

usr/local/go/pkg/tool/linux_amd64/vet (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:d5615b49b4931dedc599d7acd034e90c45389a68ca6a01c6dd40eb0804f0705a 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15

usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.26/Microsoft.NETCore.App.deps.json (dotnet-core)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

docker.io/owasp/dependency-check:12.2.2 linux/amd64

全部漏洞信息

docker.io/owasp/dependency-check:12.2.2 (alpine 3.23.4) (alpine)

Java (jar)

Node.js (node-pkg)

Ruby (gemspec)

usr/local/go/bin/go (gobinary)

usr/local/go/bin/gofmt (gobinary)

usr/local/go/pkg/tool/linux_amd64/asm (gobinary)

usr/local/go/pkg/tool/linux_amd64/cgo (gobinary)

usr/local/go/pkg/tool/linux_amd64/compile (gobinary)

usr/local/go/pkg/tool/linux_amd64/cover (gobinary)

usr/local/go/pkg/tool/linux_amd64/fix (gobinary)

usr/local/go/pkg/tool/linux_amd64/link (gobinary)

usr/local/go/pkg/tool/linux_amd64/preprofile (gobinary)

usr/local/go/pkg/tool/linux_amd64/vet (gobinary)

usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.26/Microsoft.NETCore.App.deps.json (dotnet-core)