docker.io/percona/percona-backup-mongodb:2.12.0 linux/amd64

docker.io/percona/percona-backup-mongodb:2.12.0 - Trivy安全扫描结果扫描时间: 2026-06-18 21:17

全部漏洞信息

低危漏洞:205

中危漏洞:193

高危漏洞:83

严重漏洞:7

系统OS: redhat 9.7 扫描引擎: Trivy 扫描时间: 2026-06-18 21:17

docker.io/percona/percona-backup-mongodb:2.12.0 (redhat 9.7) (redhat)

低危漏洞:201

中危漏洞:141

高危漏洞:15

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
expat	CVE-2026-45186	高危	2.5.0-5.el9_7.1	2.5.0-6.el9_8.1	libexpat: denial of service via crafted XML input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-10 07:16 修改: 2026-05-14 17:20
gnutls	CVE-2026-33845	高危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-33846	高危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
gnutls	CVE-2026-42009	高危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-18 13:16 修改: 2026-06-08 17:16
gnutls	CVE-2026-42010	高危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-07 12:16 修改: 2026-06-10 16:17
jq	CVE-2026-39979	高危	1.6-19.el9	1.6-19.el9_8.2	jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39979 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-13 23:16 修改: 2026-04-23 16:50
jq	CVE-2026-40164	高危	1.6-19.el9	1.6-19.el9_8.2	jq: jq: Denial of Service via crafted JSON object causing hash collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40164 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-14 00:16 修改: 2026-04-28 21:15
libarchive	CVE-2026-4111	高危	3.5.3-6.el9_6	3.5.3-7.el9_7	libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4111 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-13 19:55 修改: 2026-06-10 18:17
libarchive	CVE-2026-4424	高危	3.5.3-6.el9_6	3.5.3-9.el9_7	libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4424 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-19 15:16 修改: 2026-06-10 18:17
libcap	CVE-2026-4878	高危	2.48-10.el9	2.48-10.el9_8.1	libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-09 16:16 修改: 2026-06-11 10:16
libnghttp2	CVE-2026-27135	高危	1.43.0-6.el9	1.43.0-6.el9_7.1	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-18 18:16 修改: 2026-05-13 22:16
openssl	CVE-2026-45447	高危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
openssl-libs	CVE-2026-45447	高危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
vim-minimal	CVE-2026-33412	高危	2:8.2.2637-23.el9_7	2:8.2.2637-23.el9_7.2	vim: Vim: Arbitrary code execution via command injection in glob() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33412 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-24 20:16 修改: 2026-03-25 21:59
vim-minimal	CVE-2026-34982	高危	2:8.2.2637-23.el9_7	2:8.2.2637-26.el9_8.4	vim: arbitrary command execution via modeline sandbox bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34982 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:10
expat	CVE-2026-32776	中危	2.5.0-5.el9_7.1		libexpat: libexpat: Denial of Service due to NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32776 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
expat	CVE-2026-32777	中危	2.5.0-5.el9_7.1		libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32777 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
expat	CVE-2026-32778	中危	2.5.0-5.el9_7.1		libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32778 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
expat	CVE-2026-50219	中危	2.5.0-5.el9_7.1		expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50219 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-04 06:16 修改: 2026-06-04 18:39
glib2	CVE-2025-14087	中危	2.68.4-18.el9_7.1	2.68.4-19.el9_8.1	glib: GLib: Buffer underflow in GVariant parser leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14087 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-12-10 09:15 修改: 2026-06-10 18:16
glib2	CVE-2025-14512	中危	2.68.4-18.el9_7.1	2.68.4-19.el9_8.1	glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14512 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-12-11 07:16 修改: 2026-06-10 18:16
glib2	CVE-2026-1484	中危	2.68.4-18.el9_7.1		Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1484 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-27 14:15 修改: 2026-06-02 14:16
glib2	CVE-2026-1489	中危	2.68.4-18.el9_7.1		Glib: GLib: Memory corruption via integer overflow in Unicode case conversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1489 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-27 15:15 修改: 2026-06-02 14:16
glibc	CVE-2026-4046	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
glibc	CVE-2026-4437	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
glibc	CVE-2026-5435	中危	2.34-231.el9_7.10		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
glibc	CVE-2026-5450	中危	2.34-231.el9_7.10		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc	CVE-2026-5928	中危	2.34-231.el9_7.10		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc	CVE-2026-6238	中危	2.34-231.el9_7.10		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
glibc-common	CVE-2026-4046	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
glibc-common	CVE-2026-4437	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
glibc-common	CVE-2026-5435	中危	2.34-231.el9_7.10		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
glibc-common	CVE-2026-5450	中危	2.34-231.el9_7.10		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc-common	CVE-2026-5928	中危	2.34-231.el9_7.10		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc-common	CVE-2026-6238	中危	2.34-231.el9_7.10		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
glibc-minimal-langpack	CVE-2026-4046	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
glibc-minimal-langpack	CVE-2026-4437	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
glibc-minimal-langpack	CVE-2026-5435	中危	2.34-231.el9_7.10		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
glibc-minimal-langpack	CVE-2026-5450	中危	2.34-231.el9_7.10		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc-minimal-langpack	CVE-2026-5928	中危	2.34-231.el9_7.10		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc-minimal-langpack	CVE-2026-6238	中危	2.34-231.el9_7.10		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
gnupg2	CVE-2025-68972	中危	2.3.3-5.el9_7		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
coreutils-single	CVE-2025-5278	中危	8.32-39.el9		coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-05-27 21:15 修改: 2026-05-19 17:16
curl-minimal	CVE-2025-13034	中危	7.76.1-35.el9_7.3		curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:54
curl-minimal	CVE-2025-14017	中危	7.76.1-35.el9_7.3		curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
curl-minimal	CVE-2026-1965	中危	7.76.1-35.el9_7.3		curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-11 11:15 修改: 2026-03-12 14:11
gnutls	CVE-2025-14831	中危	3.8.3-9.el9	3.8.3-10.el9_7	gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-02-09 15:16 修改: 2026-06-10 18:16
gnutls	CVE-2026-3833	中危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42011	中危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42012	中危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42013	中危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42014	中危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-16 02:16 修改: 2026-06-16 15:26
gnutls	CVE-2026-42015	中危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-5260	中危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
curl-minimal	CVE-2026-3783	中危	7.76.1-35.el9_7.3		curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:10
curl-minimal	CVE-2026-3784	中危	7.76.1-35.el9_7.3		curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-11 11:16 修改: 2026-06-02 14:16
jq	CVE-2026-32316	中危	1.6-19.el9		jq: jq: Denial of Service or potential arbitrary code execution due to integer overflow and heap-based buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32316 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-13 18:16 修改: 2026-04-22 16:29
jq	CVE-2026-33947	中危	1.6-19.el9		jq: unbounded Recursion in jv_setpath() / jv_getpath() / delpaths_sorted() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33947 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-13 22:16 修改: 2026-04-21 23:57
jq	CVE-2026-39956	中危	1.6-19.el9		jq: missing runtime type checks for _strindices lead to crash and limited memory disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39956 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-13 23:16 修改: 2026-04-21 23:54
jq	CVE-2026-40612	中危	1.6-19.el9		jq: stack overflow via unbounded recursion in jv_contains 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40612 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-11 18:16 修改: 2026-05-13 17:00
jq	CVE-2026-41256	中危	1.6-19.el9		jq: embedded NUL truncates top-level jq programs loaded with -f 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41256 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-11 18:16 修改: 2026-05-13 17:00
jq	CVE-2026-41257	中危	1.6-19.el9		jq: signed-int overflow in stack_reallocate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41257 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-11 18:16 修改: 2026-05-13 17:01
jq	CVE-2026-43894	中危	1.6-19.el9		jq: jq: Arbitrary Code Execution or Denial of Service via Signed Integer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43894 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-11 18:16 修改: 2026-05-13 17:01
jq	CVE-2026-43895	中危	1.6-19.el9		jq: embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43895 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-11 18:16 修改: 2026-05-13 17:02
jq	CVE-2026-43896	中危	1.6-19.el9		jq: stack overflow in recursive object merge 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43896 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-11 18:16 修改: 2026-05-13 22:34
jq	CVE-2026-44777	中危	1.6-19.el9		jq: stack overflow in module loading on mutual include 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44777 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-11 18:16 修改: 2026-05-13 17:05
krb5-libs	CVE-2026-11850	中危	1.21.1-8.el9_6		krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-11 10:16 修改: 2026-06-12 15:16
krb5-libs	CVE-2026-40355	中危	1.21.1-8.el9_6	1.21.1-10.el9_8	krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-28 06:16 修改: 2026-04-28 20:11
krb5-libs	CVE-2026-40356	中危	1.21.1-8.el9_6	1.21.1-10.el9_8	krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-28 07:16 修改: 2026-04-28 20:11
curl-minimal	CVE-2026-3805	中危	7.76.1-35.el9_7.3		curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:08
curl-minimal	CVE-2026-4873	中危	7.76.1-35.el9_7.3		curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:45
libarchive	CVE-2023-30571	中危	3.5.3-6.el9_6		libarchive: Race condition in multi-threaded use of archive_write_disk_header() on posix based systems 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-30571 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2023-05-29 20:15 修改: 2025-01-14 17:15
libarchive	CVE-2025-60753	中危	3.5.3-6.el9_6		libarchive: bsdtar hangs and OOMs with zero-length pattern matches 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-60753 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-11-05 16:15 修改: 2026-02-04 21:19
libarchive	CVE-2026-4426	中危	3.5.3-6.el9_6		libarchive: libarchive: Denial of Service via malformed ISO file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4426 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-19 15:16 修改: 2026-05-03 21:16
libarchive	CVE-2026-5121	中危	3.5.3-6.el9_6	3.5.3-9.el9_7	libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5121 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-30 08:16 修改: 2026-06-10 18:17
libarchive	CVE-2026-5745	中危	3.5.3-6.el9_6		libarchive: A NULL pointer dereference vulnerability exists in the ACL parser of libarchive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5745 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-07 16:16 修改: 2026-05-03 15:15
libblkid	CVE-2026-27456	中危	2.37.4-21.el9_7		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
curl-minimal	CVE-2026-5545	中危	7.76.1-35.el9_7.3		curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:31
libcurl-minimal	CVE-2025-13034	中危	7.76.1-35.el9_7.3		curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:54
libcurl-minimal	CVE-2025-14017	中危	7.76.1-35.el9_7.3		curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
libcurl-minimal	CVE-2026-1965	中危	7.76.1-35.el9_7.3		curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-11 11:15 修改: 2026-03-12 14:11
libcurl-minimal	CVE-2026-3783	中危	7.76.1-35.el9_7.3		curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:10
libcurl-minimal	CVE-2026-3784	中危	7.76.1-35.el9_7.3		curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-11 11:16 修改: 2026-06-02 14:16
libcurl-minimal	CVE-2026-3805	中危	7.76.1-35.el9_7.3		curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:08
libcurl-minimal	CVE-2026-4873	中危	7.76.1-35.el9_7.3		curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:45
libcurl-minimal	CVE-2026-5545	中危	7.76.1-35.el9_7.3		curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:31
libcurl-minimal	CVE-2026-5773	中危	7.76.1-35.el9_7.3		curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:13
libcurl-minimal	CVE-2026-6253	中危	7.76.1-35.el9_7.3		curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:40
libcurl-minimal	CVE-2026-6429	中危	7.76.1-35.el9_7.3		curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:18
libcurl-minimal	CVE-2026-7168	中危	7.76.1-35.el9_7.3		curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:12
libfdisk	CVE-2026-27456	中危	2.37.4-21.el9_7		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libgcrypt	CVE-2026-41989	中危	1.10.0-11.el9		Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
libmount	CVE-2026-27456	中危	2.37.4-21.el9_7		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
curl-minimal	CVE-2026-5773	中危	7.76.1-35.el9_7.3		curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:13
libsmartcols	CVE-2026-27456	中危	2.37.4-21.el9_7		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libsolv	CVE-2026-48864	中危	0.7.24-3.el9		libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48864 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-26 17:16 修改: 2026-05-28 19:22
libsolv	CVE-2026-9149	中危	0.7.24-3.el9		libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9149 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-21 00:16 修改: 2026-06-02 01:21
libsolv	CVE-2026-9150	中危	0.7.24-3.el9		libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9150 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-20 23:16 修改: 2026-06-02 18:57
libuuid	CVE-2026-27456	中危	2.37.4-21.el9_7		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libxml2	CVE-2026-0990	中危	2.9.13-14.el9_7		libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0990 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-15 15:15 修改: 2026-04-22 10:16
libxml2	CVE-2026-1757	中危	2.9.13-14.el9_7		libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1757 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-02-02 13:15 修改: 2026-04-22 10:16
libxml2	CVE-2026-6732	中危	2.9.13-14.el9_7		libxml2: libxml2: Denial of Service via crafted XSD-validated document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6732 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-23 23:16 修改: 2026-05-15 14:36
openldap	CVE-2026-22185	中危	2.6.8-4.el9		OpenLDAP: OpenLDAP LMDB: Denial of Service and Information Disclosure via Heap Buffer Underflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22185 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-07 21:16 修改: 2026-04-15 00:35
curl-minimal	CVE-2026-6253	中危	7.76.1-35.el9_7.3		curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:40
openssl	CVE-2026-2673	中危	1:3.5.1-7.el9_7		openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-13 19:54 修改: 2026-06-05 19:48
openssl	CVE-2026-28390	中危	1:3.5.1-7.el9_7	1:3.5.5-3.el9_8	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-31790	中危	1:3.5.1-7.el9_7	1:3.5.5-2.el9_8	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-34182	中危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl	CVE-2026-34183	中危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
openssl	CVE-2026-42764	中危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl	CVE-2026-45445	中危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
openssl-fips-provider	CVE-2026-2673	中危	3.0.7-8.el9		openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-13 19:54 修改: 2026-06-05 19:48
openssl-fips-provider	CVE-2026-31790	中危	3.0.7-8.el9		openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl-fips-provider-so	CVE-2026-2673	中危	3.0.7-8.el9		openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-13 19:54 修改: 2026-06-05 19:48
openssl-fips-provider-so	CVE-2026-31790	中危	3.0.7-8.el9		openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
curl-minimal	CVE-2026-6429	中危	7.76.1-35.el9_7.3		curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:18
openssl-libs	CVE-2026-2673	中危	1:3.5.1-7.el9_7		openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-13 19:54 修改: 2026-06-05 19:48
openssl-libs	CVE-2026-28390	中危	1:3.5.1-7.el9_7	1:3.5.5-3.el9_8	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl-libs	CVE-2026-31790	中危	1:3.5.1-7.el9_7	1:3.5.5-2.el9_8	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl-libs	CVE-2026-34182	中危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl-libs	CVE-2026-34183	中危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
openssl-libs	CVE-2026-42764	中危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl-libs	CVE-2026-45445	中危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
p11-kit	CVE-2026-2100	中危	0.25.3-3.el9_5	0.26.2-1.el9	p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2100 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-26 21:17 修改: 2026-06-02 20:16
p11-kit-trust	CVE-2026-2100	中危	0.25.3-3.el9_5	0.26.2-1.el9	p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2100 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-26 21:17 修改: 2026-06-02 20:16
pam	CVE-2026-54411	中危	1.5.1-26.el9_6		linux-pam: From CVEorg collector 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54411 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-14 18:17 修改: 2026-06-16 15:36
rpm	CVE-2026-44604	中危	4.16.1.3-39.el9		rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44604 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-28 08:16 修改: 2026-05-28 13:44
rpm-libs	CVE-2026-44604	中危	4.16.1.3-39.el9		rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44604 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-28 08:16 修改: 2026-05-28 13:44
sed	CVE-2026-5958	中危	4.8-9.el9		sed: GNU sed TOCTOU race condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-20 12:16 修改: 2026-05-19 15:17
systemd	CVE-2026-29111	中危	252-55.el9_7.7	252-67.el9_8.2	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
systemd	CVE-2026-4105	中危	252-55.el9_7.7		systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-13 19:55 修改: 2026-04-30 17:16
systemd-libs	CVE-2026-29111	中危	252-55.el9_7.7	252-67.el9_8.2	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
systemd-libs	CVE-2026-4105	中危	252-55.el9_7.7		systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-13 19:55 修改: 2026-04-30 17:16
systemd-pam	CVE-2026-29111	中危	252-55.el9_7.7	252-67.el9_8.2	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
systemd-pam	CVE-2026-4105	中危	252-55.el9_7.7		systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-13 19:55 修改: 2026-04-30 17:16
systemd-rpm-macros	CVE-2026-29111	中危	252-55.el9_7.7	252-67.el9_8.2	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
systemd-rpm-macros	CVE-2026-4105	中危	252-55.el9_7.7		systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-13 19:55 修改: 2026-04-30 17:16
util-linux	CVE-2026-27456	中危	2.37.4-21.el9_7		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
util-linux-core	CVE-2026-27456	中危	2.37.4-21.el9_7		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
curl-minimal	CVE-2026-7168	中危	7.76.1-35.el9_7.3		curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:12
bzip2-libs	CVE-2026-42250	中危	1.0.8-10.el9_5		bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42250 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-28 14:16 修改: 2026-06-05 08:16
vim-minimal	CVE-2025-29768	中危	2:8.2.2637-23.el9_7		vim: Vim vulnerable to potential data loss with zip.vim and special crafted zip files 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29768 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-03-13 17:15 修改: 2025-08-18 14:14
vim-minimal	CVE-2026-25749	中危	2:8.2.2637-23.el9_7	2:8.2.2637-23.el9_7.1	vim: Vim: Arbitrary code execution via 'helpfile' option processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25749 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-06 23:15 修改: 2026-06-09 18:28
vim-minimal	CVE-2026-28417	中危	2:8.2.2637-23.el9_7	2:8.2.2637-23.el9_7.2	vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28417 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-27 22:16 修改: 2026-03-03 17:50
vim-minimal	CVE-2026-28418	中危	2:8.2.2637-23.el9_7		vim: Vim: Information disclosure via heap-based buffer overflow in Emacs-style tags file parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28418 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-27 22:16 修改: 2026-03-03 17:49
vim-minimal	CVE-2026-28419	中危	2:8.2.2637-23.el9_7		vim: Vim: Information disclosure and denial of service via malformed tags file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28419 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-27 22:16 修改: 2026-03-04 21:22
vim-minimal	CVE-2026-28420	中危	2:8.2.2637-23.el9_7		vim: Vim: Information disclosure and denial of service via crafted Unicode characters in terminal emulator 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28420 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-27 22:16 修改: 2026-03-04 20:47
vim-minimal	CVE-2026-28421	中危	2:8.2.2637-23.el9_7	2:8.2.2637-23.el9_7.2	vim: Vim: Denial of service and information disclosure via crafted swap file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28421 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-27 22:16 修改: 2026-03-04 20:47
vim-minimal	CVE-2026-39881	中危	2:8.2.2637-23.el9_7		vim: Vim: Arbitrary code execution via command injection in NetBeans interface 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39881 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 21:17 修改: 2026-04-22 16:50
vim-minimal	CVE-2026-41411	中危	2:8.2.2637-23.el9_7		vim: Vim: Command injection allows arbitrary code execution via malicious tag files 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41411 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-24 17:16 修改: 2026-04-27 13:39
vim-minimal	CVE-2026-42307	中危	2:8.2.2637-23.el9_7		Vim: Vim: Arbitrary code execution via OS command injection in netrw plugin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42307 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-08 23:16 修改: 2026-05-14 13:55
vim-minimal	CVE-2026-44656	中危	2:8.2.2637-23.el9_7		vim: Vim: Arbitrary command execution via :find command-line completion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44656 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-08 23:16 修改: 2026-05-14 13:59
vim-minimal	CVE-2026-45130	中危	2:8.2.2637-23.el9_7		vim: Vim: Heap buffer overflow allows arbitrary code execution or denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45130 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-08 23:16 修改: 2026-06-09 18:28
vim-minimal	CVE-2026-46483	中危	2:8.2.2637-23.el9_7		vim: command injection when decompressing .tgz archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46483 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-15 15:16 修改: 2026-05-19 12:27
vim-minimal	CVE-2026-52859	中危	2:8.2.2637-23.el9_7		vim: Vim: Denial of Service via out-of-bounds write in terminal handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-52859 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-11 19:16 修改: 2026-06-15 13:12
xz-libs	CVE-2026-34743	中危	5.2.5-8.el9_0		xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libarchive	CVE-2025-1632	低危	3.5.3-6.el9_6		libarchive: null pointer dereference in bsdunzip.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1632 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-02-24 14:15 修改: 2025-03-25 15:41
libarchive	CVE-2025-5915	低危	3.5.3-6.el9_6		libarchive: Heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5915 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-06-09 20:15 修改: 2026-01-08 04:15
libarchive	CVE-2025-5916	低危	3.5.3-6.el9_6		libarchive: Integer overflow while reading warc files at archive_read_support_format_warc.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5916 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-06-09 20:15 修改: 2025-12-12 01:15
libarchive	CVE-2025-5917	低危	3.5.3-6.el9_6		libarchive: Off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5917 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-06-09 20:15 修改: 2025-12-12 01:15
libarchive	CVE-2025-5918	低危	3.5.3-6.el9_6		libarchive: Reading past EOF may be triggered for piped file streams 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5918 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-06-09 20:15 修改: 2025-08-15 18:35
gnutls	CVE-2025-9820	低危	3.8.3-9.el9	3.8.3-10.el9_7	gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-26 20:16 修改: 2026-05-12 13:17
gnutls	CVE-2026-3832	低危	3.8.3-9.el9	3.8.10-4.el9_8	gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-30 18:16 修改: 2026-06-02 17:16
gnutls	CVE-2026-5419	低危	3.8.3-9.el9	3.8.10-4.el9_8	guntls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-01 21:16 修改: 2026-06-02 17:16
openssl	CVE-2024-13176	低危	1:3.5.1-7.el9_7		openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
openssl	CVE-2024-41996	低危	1:3.5.1-7.el9_7		openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2024-08-26 06:15 修改: 2026-05-12 12:17
openssl	CVE-2025-9232	低危	1:3.5.1-7.el9_7		openssl: Out-of-bounds read in HTTP client no_proxy handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
openssl	CVE-2026-28387	低危	1:3.5.1-7.el9_7		openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28388	低危	1:3.5.1-7.el9_7		openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28389	低危	1:3.5.1-7.el9_7		openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-31789	低危	1:3.5.1-7.el9_7		openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-34180	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl	CVE-2026-34181	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl	CVE-2026-42766	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl	CVE-2026-42767	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl	CVE-2026-42768	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl	CVE-2026-42769	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
openssl	CVE-2026-42770	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl	CVE-2026-45446	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
openssl	CVE-2026-7383	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
openssl	CVE-2026-9076	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
glib2	CVE-2025-7039	低危	2.68.4-18.el9_7.1		glib: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7039 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-09-03 02:15 修改: 2026-06-02 14:16
glib2	CVE-2026-0988	低危	2.68.4-18.el9_7.1		glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0988 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-21 12:15 修改: 2026-04-24 21:16
glib2	CVE-2026-1485	低危	2.68.4-18.el9_7.1		Glib: Glib: Local denial of service via buffer underflow in content type parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1485 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-27 14:15 修改: 2026-04-15 00:35
curl-minimal	CVE-2024-9681	低危	7.76.1-35.el9_7.3		curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2024-11-06 08:15 修改: 2025-11-03 21:18
curl-minimal	CVE-2025-14524	低危	7.76.1-35.el9_7.3		curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
glibc-minimal-langpack	CVE-2026-4438	低危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
curl-minimal	CVE-2025-15079	低危	7.76.1-35.el9_7.3		curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:50
gnupg2	CVE-2022-3219	低危	2.3.3-5.el9_7		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
gnupg2	CVE-2025-30258	低危	2.3.3-5.el9_7		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
gnupg2	CVE-2026-24883	低危	2.3.3-5.el9_7		GnuPG: GnuPG: Denial of service due to specially crafted signature packet 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24883 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-27 19:16 修改: 2026-02-06 18:06
expat	CVE-2025-66382	低危	2.5.0-5.el9_7.1		libexpat: libexpat: Denial of service via crafted file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-11-28 07:15 修改: 2026-06-02 14:16
libcurl-minimal	CVE-2024-11053	低危	7.76.1-35.el9_7.3		curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2024-12-11 08:15 修改: 2025-11-03 21:16
openssl-libs	CVE-2024-13176	低危	1:3.5.1-7.el9_7		openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
openssl-libs	CVE-2024-41996	低危	1:3.5.1-7.el9_7		openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2024-08-26 06:15 修改: 2026-05-12 12:17
openssl-libs	CVE-2025-9232	低危	1:3.5.1-7.el9_7		openssl: Out-of-bounds read in HTTP client no_proxy handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
openssl-libs	CVE-2026-28387	低危	1:3.5.1-7.el9_7		openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl-libs	CVE-2026-28388	低危	1:3.5.1-7.el9_7		openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl-libs	CVE-2026-28389	低危	1:3.5.1-7.el9_7		openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl-libs	CVE-2026-31789	低危	1:3.5.1-7.el9_7		openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl-libs	CVE-2026-34180	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl-libs	CVE-2026-34181	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl-libs	CVE-2026-42766	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl-libs	CVE-2026-42767	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl-libs	CVE-2026-42768	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl-libs	CVE-2026-42769	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
openssl-libs	CVE-2026-42770	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl-libs	CVE-2026-45446	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
openssl-libs	CVE-2026-7383	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
openssl-libs	CVE-2026-9076	低危	1:3.5.1-7.el9_7	1:3.5.5-4.el9_8	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libcurl-minimal	CVE-2024-7264	低危	7.76.1-35.el9_7.3		curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2024-07-31 08:15 修改: 2025-11-03 23:17
libcurl-minimal	CVE-2024-9681	低危	7.76.1-35.el9_7.3		curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2024-11-06 08:15 修改: 2025-11-03 21:18
libcurl-minimal	CVE-2025-14524	低危	7.76.1-35.el9_7.3		curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
pcre2	CVE-2022-41409	低危	10.40-6.el9		pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2023-07-18 14:15 修改: 2024-11-21 07:23
pcre2-syntax	CVE-2022-41409	低危	10.40-6.el9		pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2023-07-18 14:15 修改: 2024-11-21 07:23
libcurl-minimal	CVE-2025-15079	低危	7.76.1-35.el9_7.3		curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:50
libcurl-minimal	CVE-2025-15224	低危	7.76.1-35.el9_7.3		curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:47
libcurl-minimal	CVE-2026-6276	低危	7.76.1-35.el9_7.3		curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:21
sqlite-libs	CVE-2024-0232	低危	3.34.1-9.el9_7		sqlite: use-after-free bug in jsonParseAddNodeArray 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0232 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2024-01-16 14:15 修改: 2024-11-21 08:46
sqlite-libs	CVE-2025-70873	低危	3.34.1-9.el9_7		sqlite: SQLite: Information Disclosure via Crafted ZIP File 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-70873 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-12 19:16 修改: 2026-04-16 21:15
expat	CVE-2026-24515	低危	2.5.0-5.el9_7.1		libexpat: libexpat null pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-23 08:16 修改: 2026-06-02 14:16
libgcc	CVE-2021-46195	低危	11.5.0-11.el9		gcc: uncontrolled recursion in libiberty/rust-demangle.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46195 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2022-01-14 20:15 修改: 2024-11-21 06:33
libgcc	CVE-2022-27943	低危	11.5.0-11.el9		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
jq	CVE-2025-9403	低危	1.6-19.el9		jq: assertion failure in run_jq_tests() of the file jq_test.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9403 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-08-25 03:15 修改: 2026-04-29 01:00
libgcrypt	CVE-2026-41990	低危	1.10.0-11.el9		Libgcrypt: Libgcrypt: Denial of Service or data integrity issues from missing bounds check during Dilithium signing. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41990 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
jq	CVE-2026-33948	低危	1.6-19.el9		jq: jq: Input validation bypass via embedded NUL bytes allows parser differential attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33948 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-14 00:16 修改: 2026-04-21 23:48
expat	CVE-2026-41080	低危	2.5.0-5.el9_7.1		libexpat: expat: libexpat: Denial of Service via hash flooding with crafted XML 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41080 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-16 17:16 修改: 2026-06-12 18:43
glibc	CVE-2026-4438	低危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
gawk	CVE-2023-4156	低危	5.1.0-6.el9		gawk: heap out of bound read in builtin.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4156 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2023-09-25 18:15 修改: 2024-11-21 08:34
curl-minimal	CVE-2025-15224	低危	7.76.1-35.el9_7.3		curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:47
curl-minimal	CVE-2026-6276	低危	7.76.1-35.el9_7.3		curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:21
libstdc++	CVE-2021-46195	低危	11.5.0-11.el9		gcc: uncontrolled recursion in libiberty/rust-demangle.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46195 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2022-01-14 20:15 修改: 2024-11-21 06:33
libstdc++	CVE-2022-27943	低危	11.5.0-11.el9		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
libtasn1	CVE-2025-13151	低危	4.16.0-9.el9		libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-07 22:15 修改: 2026-02-02 19:27
curl-minimal	CVE-2024-11053	低危	7.76.1-35.el9_7.3		curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2024-12-11 08:15 修改: 2025-11-03 21:16
curl-minimal	CVE-2024-7264	低危	7.76.1-35.el9_7.3		curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2024-07-31 08:15 修改: 2025-11-03 23:17
glib2	CVE-2023-32636	低危	2.68.4-18.el9_7.1		glib: Timeout in fuzz_variant_text 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32636 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2023-09-14 20:15 修改: 2024-11-21 08:03
glibc-common	CVE-2026-4438	低危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libxml2	CVE-2023-45322	低危	2.9.13-14.el9_7		libxml2: use-after-free in xmlUnlinkNode() in tree.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45322 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2023-10-06 22:15 修改: 2025-11-03 21:16
libxml2	CVE-2024-34459	低危	2.9.13-14.el9_7		libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2024-05-14 15:39 修改: 2025-11-04 22:16
libxml2	CVE-2025-27113	低危	2.9.13-14.el9_7		libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27113 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-02-18 23:15 修改: 2025-11-03 22:18
libxml2	CVE-2025-6170	低危	2.9.13-14.el9_7		libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6170 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-06-16 16:15 修改: 2026-06-02 14:16
libxml2	CVE-2026-0989	低危	2.9.13-14.el9_7		libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0989 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-15 15:15 修改: 2026-04-22 10:16
libxml2	CVE-2026-0992	低危	2.9.13-14.el9_7		libxml2: libxml2: Denial of Service via crafted XML catalogs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0992 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-01-15 15:15 修改: 2026-04-22 10:16
ncurses-base	CVE-2023-50495	低危	6.2-12.20210508.el9		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
ncurses-libs	CVE-2023-50495	低危	6.2-12.20210508.el9		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
vim-minimal	CVE-2021-3927	低危	2:8.2.2637-23.el9_7		vim: heap-based buffer overflow in gchar_cursor() in misc1.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3927 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2021-11-05 15:15 修改: 2024-11-21 06:22
vim-minimal	CVE-2021-3928	低危	2:8.2.2637-23.el9_7		vim: stack-based buffer overflow in spell_iswordp() in spell.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3928 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2021-11-05 15:15 修改: 2024-11-21 06:22
vim-minimal	CVE-2021-3968	低危	2:8.2.2637-23.el9_7		vim: Heap use-after-free in ml_append_int function 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3968 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2021-11-19 12:15 修改: 2024-11-21 06:23
vim-minimal	CVE-2021-3973	低危	2:8.2.2637-23.el9_7		vim: Heap based buffer overflow in findfile.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3973 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2021-11-19 12:15 修改: 2024-11-21 06:23
vim-minimal	CVE-2021-3974	低危	2:8.2.2637-23.el9_7		vim: Use after free in regexp_nfa.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3974 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2021-11-19 11:15 修改: 2024-11-21 06:23
vim-minimal	CVE-2021-4136	低危	2:8.2.2637-23.el9_7		vim: heap-based buffer overflow in eval_lambda() in src/eval.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4136 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2021-12-19 17:15 修改: 2024-11-21 06:36
vim-minimal	CVE-2021-4166	低危	2:8.2.2637-23.el9_7		vim: out-of-bounds read in do_arg_all() in src/arglist.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4166 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2021-12-25 19:15 修改: 2024-11-21 06:37
vim-minimal	CVE-2021-4173	低危	2:8.2.2637-23.el9_7		vim: use-after-free with nested :def function 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4173 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2021-12-27 13:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2021-4187	低危	2:8.2.2637-23.el9_7		vim: use-after-free vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4187 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2021-12-29 17:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2022-0213	低危	2:8.2.2637-23.el9_7		vim: vim is vulnerable to out of bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0213 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-01-14 13:15 修改: 2024-11-21 06:38
vim-minimal	CVE-2022-0351	低危	2:8.2.2637-23.el9_7		vim: access of memory location before start of buffer 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0351 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-01-25 18:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2022-1616	低危	2:8.2.2637-23.el9_7		vim: heap-buffer-overflow in append_command of src/ex_docmd.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1616 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-05-07 19:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2022-1619	低危	2:8.2.2637-23.el9_7		vim: heap-buffer-overflow in cmdline_erase_chars of ex_getln.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1619 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-05-08 10:15 修改: 2024-11-21 06:41
vim-minimal	CVE-2022-1620	低危	2:8.2.2637-23.el9_7		vim: NULL Pointer Dereference in vim_regexec_string() of regexp.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1620 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-05-08 11:15 修改: 2024-11-21 06:41
vim-minimal	CVE-2022-1674	低危	2:8.2.2637-23.el9_7		vim: NULL pointer dereference in vim_regexec_string() of regexp.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1674 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-05-12 11:15 修改: 2024-11-21 06:41
vim-minimal	CVE-2022-1720	低危	2:8.2.2637-23.el9_7		vim: buffer over-read in grab_file_name() in findfile.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1720 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-20 15:15 修改: 2024-11-21 06:41
vim-minimal	CVE-2022-1725	低危	2:8.2.2637-23.el9_7		vim: null pointer dereference in vim_regexec_string() at regexp.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1725 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-29 03:15 修改: 2024-11-21 06:41
vim-minimal	CVE-2022-2042	低危	2:8.2.2637-23.el9_7		vim: use after free in skipwhite may lead to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2042 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-10 19:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2124	低危	2:8.2.2637-23.el9_7		vim: out of bounds read in current_quote() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2124 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-19 10:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2125	低危	2:8.2.2637-23.el9_7		vim: Heap-based Buffer Overflow in get_lisp_indent() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2125 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-19 12:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2126	低危	2:8.2.2637-23.el9_7		vim: out of bounds read in suggest_trie_walk() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2126 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-19 13:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2129	低危	2:8.2.2637-23.el9_7		vim: out of bounds write in vim_regsub_both() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2129 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-19 19:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2022-2175	低危	2:8.2.2637-23.el9_7		vim: buffer over-read in put_on_cmdline() at ex_getln.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2175 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-23 13:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2182	低危	2:8.2.2637-23.el9_7		vim: heap-based buffer overflow through parse_cmd_address() in function utf_ptr2char 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2182 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-23 18:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2183	低危	2:8.2.2637-23.el9_7		vim: out-of-bounds read through get_lisp_indent() in function get_lisp_indent 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2183 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-23 19:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2206	低危	2:8.2.2637-23.el9_7		vim: out-of-bound read in function msg_outtrans_attr 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2206 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-26 19:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2207	低危	2:8.2.2637-23.el9_7		vim: heap-based buffer overflow in function ins_bs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2207 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-27 12:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2208	低危	2:8.2.2637-23.el9_7		vim: null pointer dereference in function diff_check 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2208 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-27 13:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2210	低危	2:8.2.2637-23.el9_7		vim: out-of-bound write in function ml_append_int 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2210 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-27 16:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2257	低危	2:8.2.2637-23.el9_7		vim: an out-of-bound read in function msg_outtrans_special 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2257 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-06-30 21:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2284	低危	2:8.2.2637-23.el9_7		vim: out of bounds read in utfc_ptr2len() at mbyte.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2284 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-07-02 15:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2285	低危	2:8.2.2637-23.el9_7		vim: integer overflow in del_typebuf() at getchar.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2285 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-07-02 16:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2286	低危	2:8.2.2637-23.el9_7		vim: out of bounds read in ins_bytes() at change.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2286 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-07-02 19:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2287	低危	2:8.2.2637-23.el9_7		vim: out of bounds read in suggest_trie_walk() at spellsuggest.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2287 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-07-02 22:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2304	低危	2:8.2.2637-23.el9_7		vim: stack buffer overflow in spell_dump_compl() at spell.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2304 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-07-05 13:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2022-2343	低危	2:8.2.2637-23.el9_7		vim: heap-based buffer overflow in ins_compl_add() in insexpand.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2343 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-07-08 18:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2344	低危	2:8.2.2637-23.el9_7		vim: heap-based buffer overflow in ins_compl_add() in insexpand.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2344 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-07-08 19:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2345	低危	2:8.2.2637-23.el9_7		vim: use-after-free in skipwhite() in charset.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2345 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-07-08 22:15 修改: 2024-11-21 07:00
vim-minimal	CVE-2022-2522	低危	2:8.2.2637-23.el9_7		vim: heap-based buffer overflow in ins_compl_infercase_gettext() at src/insexpand.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2522 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-07-25 14:15 修改: 2024-11-21 07:01
vim-minimal	CVE-2022-2817	低危	2:8.2.2637-23.el9_7		vim: heap use-after-free in string_quote() at src/strings.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2817 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-15 23:15 修改: 2024-11-21 07:01
vim-minimal	CVE-2022-2819	低危	2:8.2.2637-23.el9_7		vim: heap buffer overflow in compile_lock_unlock() at src/vim9cmds.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2819 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-15 11:21 修改: 2024-11-21 07:01
vim-minimal	CVE-2022-2845	低危	2:8.2.2637-23.el9_7		vim: Buffer Under-read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2845 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-17 15:15 修改: 2026-02-25 15:19
vim-minimal	CVE-2022-2849	低危	2:8.2.2637-23.el9_7		vim: heap-based buffer overflow in latin_ptr2len() at src/mbyte.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2849 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-17 18:15 修改: 2024-11-21 07:01
vim-minimal	CVE-2022-2862	低危	2:8.2.2637-23.el9_7		vim: heap use-after-free in generate_PCALL() at src/vim9instr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2862 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-17 20:15 修改: 2024-11-21 07:01
vim-minimal	CVE-2022-2874	低危	2:8.2.2637-23.el9_7		vim: NULL pointer dereference in generate_loadvar() in vim9compile.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2874 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-18 16:15 修改: 2024-11-21 07:01
vim-minimal	CVE-2022-2889	低危	2:8.2.2637-23.el9_7		vim: use-after-free in find_var_also_in_script() in evalvars.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2889 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-19 13:15 修改: 2024-11-21 07:01
vim-minimal	CVE-2022-2923	低危	2:8.2.2637-23.el9_7		vim: null pointer dereference in function sug_filltree 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2923 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-22 21:15 修改: 2024-11-21 07:01
vim-minimal	CVE-2022-2946	低危	2:8.2.2637-23.el9_7		vim: use after free in function vim_vsnprintf_typval 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2946 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-23 17:15 修改: 2024-11-21 07:01
vim-minimal	CVE-2022-2980	低危	2:8.2.2637-23.el9_7		vim: null pointer dereference in do_mouse() at src/mouse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2980 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-25 20:15 修改: 2024-11-21 07:02
vim-minimal	CVE-2022-2982	低危	2:8.2.2637-23.el9_7		vim: use after free in qf_fill_buffer() at src/quickfix.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2982 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-25 20:15 修改: 2024-11-21 07:02
vim-minimal	CVE-2022-3016	低危	2:8.2.2637-23.el9_7		vim: use-after-free in get_next_valid_entry() at src/quickfix.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3016 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-28 12:15 修改: 2024-11-21 07:18
vim-minimal	CVE-2022-3037	低危	2:8.2.2637-23.el9_7		vim: use after free in function qf_buf_add_line( ) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3037 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-08-30 21:15 修改: 2024-11-21 07:18
vim-minimal	CVE-2022-3099	低危	2:8.2.2637-23.el9_7		vim: Use After Free in do_cmdline() in ex_docmd.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3099 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-03 16:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2022-3134	低危	2:8.2.2637-23.el9_7		vim: heap use-after-free in do_tag() at src/tag.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3134 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-06 20:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2022-3153	低危	2:8.2.2637-23.el9_7		vim: null pointer dereference in vim_regcomp() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3153 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-08 15:15 修改: 2024-11-21 07:18
vim-minimal	CVE-2022-3234	低危	2:8.2.2637-23.el9_7		vim: Heap-based Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3234 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-17 22:15 修改: 2024-11-21 07:19
vim-minimal	CVE-2022-3235	低危	2:8.2.2637-23.el9_7		vim: Use After Free 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3235 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-18 20:15 修改: 2024-11-21 07:19
vim-minimal	CVE-2022-3256	低危	2:8.2.2637-23.el9_7		vim: use-after-free in movemark() at mark.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3256 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-22 13:15 修改: 2024-11-21 07:19
vim-minimal	CVE-2022-3278	低危	2:8.2.2637-23.el9_7		vim: null pointer dereference in eval_next_non_blank() in eval.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3278 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-23 22:15 修改: 2024-11-21 07:19
vim-minimal	CVE-2022-3296	低危	2:8.2.2637-23.el9_7		vim: stack buffer overflow in ex_finally() in ex_eval.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3296 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-25 17:15 修改: 2024-11-21 07:19
vim-minimal	CVE-2022-3297	低危	2:8.2.2637-23.el9_7		vim: use-after-free in process_next_cpt_value() at insexpand.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3297 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-25 19:15 修改: 2024-11-21 07:19
vim-minimal	CVE-2022-3324	低危	2:8.2.2637-23.el9_7		vim: stack buffer overflow in win_redr_ruler() at drawscreen.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3324 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-27 23:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2022-3352	低危	2:8.2.2637-23.el9_7		vim: use after free 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3352 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-09-29 12:15 修改: 2024-11-21 07:19
vim-minimal	CVE-2022-3705	低危	2:8.2.2637-23.el9_7		vim: a use after free in the function qf_update_buffer 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3705 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-10-26 20:15 修改: 2024-11-21 07:20
vim-minimal	CVE-2022-4141	低危	2:8.2.2637-23.el9_7		vim: invalid memory access in substitute with function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4141 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-11-25 14:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2022-4292	低危	2:8.2.2637-23.el9_7		vim: use-after-free in did_set_spelllang() in src/spell.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4292 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-12-05 19:15 修改: 2024-11-21 07:34
vim-minimal	CVE-2022-4293	低危	2:8.2.2637-23.el9_7		vim: floating point exception in num_divide() in src/eval.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4293 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2022-12-05 19:15 修改: 2024-11-21 07:34
vim-minimal	CVE-2023-0049	低危	2:8.2.2637-23.el9_7		vim: out-of-bounds read in function build_stl_str_hl 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0049 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-01-04 16:15 修改: 2025-01-17 20:15
vim-minimal	CVE-2023-0051	低危	2:8.2.2637-23.el9_7		vim: heap-based buffer overflow in msg_puts_printf() in message.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0051 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-01-04 18:15 修改: 2024-11-21 07:36
vim-minimal	CVE-2023-0054	低危	2:8.2.2637-23.el9_7		vim: out-of-bounds write in do_string_sub() in eval.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0054 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-01-04 19:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2023-0288	低危	2:8.2.2637-23.el9_7		vim: a heap-based buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0288 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-01-13 16:15 修改: 2024-11-21 07:36
vim-minimal	CVE-2023-0433	低危	2:8.2.2637-23.el9_7		vim: reading past the end of a line when formatting text 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0433 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-01-21 15:15 修改: 2024-11-21 07:37
vim-minimal	CVE-2023-0512	低危	2:8.2.2637-23.el9_7		vim: divide by zero in adjust_skipcol() at move.ca 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0512 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-01-30 16:15 修改: 2024-11-21 07:37
vim-minimal	CVE-2023-1127	低危	2:8.2.2637-23.el9_7		vim: Divide By Zero in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1127 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-03-01 19:15 修改: 2024-11-21 07:38
vim-minimal	CVE-2023-1170	低危	2:8.2.2637-23.el9_7		vim: Heap-based Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1170 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-03-03 23:15 修改: 2024-11-21 07:38
vim-minimal	CVE-2023-1175	低危	2:8.2.2637-23.el9_7		vim: Incorrect Calculation of Buffer Size 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1175 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-03-04 16:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2023-1264	低危	2:8.2.2637-23.el9_7		vim: NULL pointer dereference issue in utfc_ptr2len 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1264 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-03-07 22:15 修改: 2024-11-21 07:38
vim-minimal	CVE-2023-2609	低危	2:8.2.2637-23.el9_7		vim: NULL Pointer Dereference in get_register() at register.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2609 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-05-09 18:15 修改: 2024-11-21 07:58
vim-minimal	CVE-2023-2610	低危	2:8.2.2637-23.el9_7		vim: integer overflow vulnerability in vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2610 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-05-09 22:15 修改: 2025-11-03 21:15
vim-minimal	CVE-2023-46246	低危	2:8.2.2637-23.el9_7		vim: Integer Overflow in :history command 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46246 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-10-27 19:15 修改: 2025-02-13 18:15
vim-minimal	CVE-2023-4734	低危	2:8.2.2637-23.el9_7		vim: segmentation fault in function f_fullcommand in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4734 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-09-02 18:15 修改: 2024-11-21 08:35
vim-minimal	CVE-2023-4735	低危	2:8.2.2637-23.el9_7		vim: OOB Write ops.c in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4735 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-09-02 18:15 修改: 2024-11-21 08:35
vim-minimal	CVE-2023-4738	低危	2:8.2.2637-23.el9_7		vim: heap-buffer-overflow in vim_regsub_both in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4738 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-09-02 20:15 修改: 2025-11-03 21:16
vim-minimal	CVE-2023-4751	低危	2:8.2.2637-23.el9_7		vim: heap-buffer-overflow in function utfc_ptr2len in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4751 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-09-03 19:15 修改: 2024-11-21 08:35
vim-minimal	CVE-2023-4781	低危	2:8.2.2637-23.el9_7		vim: heap-buffer-overflow in function vim_regsub_both in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4781 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-09-05 19:15 修改: 2025-11-03 21:16
vim-minimal	CVE-2023-48231	低危	2:8.2.2637-23.el9_7		vim: use after free in win_close() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48231 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-11-16 23:15 修改: 2024-11-21 08:31
vim-minimal	CVE-2023-48232	低危	2:8.2.2637-23.el9_7		vim: floating point exception in adjust_plines_for_skipcol() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48232 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-11-16 23:15 修改: 2024-11-21 08:31
vim-minimal	CVE-2023-48233	低危	2:8.2.2637-23.el9_7		vim: overflow with count for :s command 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48233 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-11-16 23:15 修改: 2024-11-21 08:31
vim-minimal	CVE-2023-48234	低危	2:8.2.2637-23.el9_7		vim: overflow in nv_z_get_count 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48234 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-11-16 23:15 修改: 2024-11-21 08:31
vim-minimal	CVE-2023-48235	低危	2:8.2.2637-23.el9_7		vim: overflow in ex address parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48235 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-11-16 23:15 修改: 2024-11-21 08:31
vim-minimal	CVE-2023-48236	低危	2:8.2.2637-23.el9_7		vim: overflow in get_number 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48236 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-11-16 23:15 修改: 2024-11-21 08:31
vim-minimal	CVE-2023-48237	低危	2:8.2.2637-23.el9_7		vim: buffer overflow in shift_line 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48237 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-11-16 23:15 修改: 2024-11-21 08:31
vim-minimal	CVE-2023-48706	低危	2:8.2.2637-23.el9_7		vim: use-after-free in ex_substitute in Vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48706 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-11-22 22:15 修改: 2024-11-21 08:32
vim-minimal	CVE-2023-5344	低危	2:8.2.2637-23.el9_7		vim: Heap-based Buffer Overflow in trunc_string() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5344 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-10-02 20:15 修改: 2025-11-03 21:16
vim-minimal	CVE-2023-5441	低危	2:8.2.2637-23.el9_7		vim: NULL pointer dereference in screen_line() in src/screen.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5441 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-10-05 21:15 修改: 2024-11-21 08:41
vim-minimal	CVE-2023-5535	低危	2:8.2.2637-23.el9_7		vim: use after free 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5535 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2023-10-11 20:15 修改: 2024-11-21 08:41
vim-minimal	CVE-2024-22667	低危	2:8.2.2637-23.el9_7		vim: Stack buffer over flow in did_set_langmap function in map.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22667 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2024-02-05 08:15 修改: 2025-11-04 22:15
vim-minimal	CVE-2024-41957	低危	2:8.2.2637-23.el9_7		vim: Double-free/use-after-free vulnerability with Vim editor 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41957 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2024-08-01 22:15 修改: 2025-11-04 17:16
vim-minimal	CVE-2024-41965	低危	2:8.2.2637-23.el9_7		vim: Double-Free Vulnerability in Vim Could Cause Application Crashes 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41965 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2024-08-01 22:15 修改: 2024-11-21 09:33
vim-minimal	CVE-2024-43374	低危	2:8.2.2637-23.el9_7		vim: use-after-free in alist_add() in src/arglist.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43374 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2024-08-16 02:15 修改: 2026-06-09 18:28
vim-minimal	CVE-2024-43802	低危	2:8.2.2637-23.el9_7		vim: Heap Buffer Overflow in Vim's Typeahead Buffer Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43802 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2024-08-26 19:15 修改: 2026-04-15 00:35
vim-minimal	CVE-2024-45306	低危	2:8.2.2637-23.el9_7		vim: heap-buffer-overflow in Vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45306 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2024-09-02 18:15 修改: 2024-11-21 09:37
vim-minimal	CVE-2024-47814	低危	2:8.2.2637-23.el9_7		vim: use-after-free when closing buffers in Vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47814 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2024-10-07 22:15 修改: 2025-11-03 21:16
vim-minimal	CVE-2025-1215	低危	2:8.2.2637-23.el9_7		vim: vim main.c memory corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1215 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-02-12 19:15 修改: 2025-08-13 17:28
vim-minimal	CVE-2025-22134	低危	2:8.2.2637-23.el9_7		vim: heap-buffer-overflow with visual mode in Vim < 9.1.1003 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22134 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-01-13 21:15 修改: 2026-06-09 18:28
vim-minimal	CVE-2025-24014	低危	2:8.2.2637-23.el9_7		vim: segmentation fault in win_line() in Vim < 9.1.1043 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24014 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-01-20 23:15 修改: 2025-08-14 01:40
vim-minimal	CVE-2025-26603	低危	2:8.2.2637-23.el9_7		vim: heap-use-after-free in function str_to_reg in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26603 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-02-18 19:15 修改: 2025-08-18 18:23
vim-minimal	CVE-2026-26269	低危	2:8.2.2637-23.el9_7		vim: Netbeans specialKeys stack buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26269 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-13 20:17 修改: 2026-02-18 21:29
vim-minimal	CVE-2026-28422	低危	2:8.2.2637-23.el9_7		vim: Vim: Integrity impact due to stack-buffer-overflow via wide terminal statusline rendering 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28422 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-27 22:16 修改: 2026-03-04 20:44
glib2	CVE-2025-3360	低危	2.68.4-18.el9_7.1		glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601(). 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3360 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2025-04-07 13:15 修改: 2026-04-15 00:35
zlib	CVE-2026-27171	低危	1.2.11-40.el9		zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171 镜像层: sha256:c7d126a38ec29b4dfaa7477bb233e17cf1e9bfd0d3dd7af6201f8c5547ac3f50 发布日期: 2026-02-18 04:16 修改: 2026-03-25 21:27

usr/bin/pbm (gobinary)

低危漏洞:1

中危漏洞:14

高危漏洞:18

严重漏洞:2

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
google.golang.org/grpc	CVE-2026-33186	严重	v1.75.1	1.79.3	google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-20 23:16 修改: 2026-04-10 20:49
stdlib	CVE-2025-68121	严重	v1.25.3	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
go.opentelemetry.io/otel/sdk	CVE-2026-24051	高危	v1.38.0	1.40.0	OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24051 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-02 23:16 修改: 2026-06-15 17:18
go.opentelemetry.io/otel/sdk	CVE-2026-39883	高危	v1.38.0	1.43.0	github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Arbitrary code execution via PATH hijacking on BSD/Solaris 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39883 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 21:17 修改: 2026-04-10 21:16
github.com/go-jose/go-jose/v4	CVE-2026-34986	高危	v4.1.2	4.1.4	github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34986 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-06 17:17 修改: 2026-05-04 15:20
go.opentelemetry.io/otel	CVE-2026-29181	高危	v1.38.0	1.41.0	github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-07 21:17 修改: 2026-04-14 18:45
stdlib	CVE-2025-61726	高危	v1.25.3	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2025-61729	高危	v1.25.3	1.24.11, 1.25.5	crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-12-02 19:15 修改: 2025-12-19 18:25
stdlib	CVE-2026-25679	高危	v1.25.3	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.3	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.3	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.3	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.3	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.3	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.3	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.3	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.3	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.3	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.3	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.3	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream	GHSA-xmrv-pmrh-hhx2	中危	v1.7.1	1.7.8	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
github.com/aws/aws-sdk-go-v2/service/s3	GHSA-xmrv-pmrh-hhx2	中危	v1.88.1	1.97.3	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
golang.org/x/crypto	CVE-2025-47914	中危	v0.42.0	0.45.0	golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47914 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:36
golang.org/x/crypto	CVE-2025-58181	中危	v0.42.0	0.45.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58181 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:29
stdlib	CVE-2025-61727	中危	v1.25.3	1.24.11, 1.25.5	golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-12-03 20:16 修改: 2025-12-18 20:15
stdlib	CVE-2025-61728	中危	v1.25.3	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.3	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.3	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.3	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.3	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.3	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.3	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.3	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.3	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.3	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32

usr/bin/pbm-agent (gobinary)

低危漏洞:1

中危漏洞:14

高危漏洞:18

严重漏洞:2

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
google.golang.org/grpc	CVE-2026-33186	严重	v1.75.1	1.79.3	google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-20 23:16 修改: 2026-04-10 20:49
stdlib	CVE-2025-68121	严重	v1.25.3	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
go.opentelemetry.io/otel/sdk	CVE-2026-24051	高危	v1.38.0	1.40.0	OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24051 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-02 23:16 修改: 2026-06-15 17:18
go.opentelemetry.io/otel/sdk	CVE-2026-39883	高危	v1.38.0	1.43.0	github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Arbitrary code execution via PATH hijacking on BSD/Solaris 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39883 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 21:17 修改: 2026-04-10 21:16
github.com/go-jose/go-jose/v4	CVE-2026-34986	高危	v4.1.2	4.1.4	github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34986 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-06 17:17 修改: 2026-05-04 15:20
go.opentelemetry.io/otel	CVE-2026-29181	高危	v1.38.0	1.41.0	github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-07 21:17 修改: 2026-04-14 18:45
stdlib	CVE-2025-61726	高危	v1.25.3	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2025-61729	高危	v1.25.3	1.24.11, 1.25.5	crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-12-02 19:15 修改: 2025-12-19 18:25
stdlib	CVE-2026-25679	高危	v1.25.3	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.3	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.3	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.3	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.3	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.3	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.3	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.3	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.3	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.3	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.3	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.3	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream	GHSA-xmrv-pmrh-hhx2	中危	v1.7.1	1.7.8	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
github.com/aws/aws-sdk-go-v2/service/s3	GHSA-xmrv-pmrh-hhx2	中危	v1.88.1	1.97.3	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
golang.org/x/crypto	CVE-2025-47914	中危	v0.42.0	0.45.0	golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47914 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:36
golang.org/x/crypto	CVE-2025-58181	中危	v0.42.0	0.45.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58181 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:29
stdlib	CVE-2025-61727	中危	v1.25.3	1.24.11, 1.25.5	golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-12-03 20:16 修改: 2025-12-18 20:15
stdlib	CVE-2025-61728	中危	v1.25.3	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.3	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.3	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.3	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.3	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.3	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.3	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.3	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.3	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.3	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32

usr/bin/pbm-agent-entrypoint (gobinary)

低危漏洞:1

中危漏洞:10

高危漏洞:14

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2025-68121	严重	v1.25.3	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
stdlib	CVE-2025-61726	高危	v1.25.3	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2025-61729	高危	v1.25.3	1.24.11, 1.25.5	crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-12-02 19:15 修改: 2025-12-19 18:25
stdlib	CVE-2026-25679	高危	v1.25.3	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.3	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.3	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.3	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.3	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.3	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.3	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.3	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.3	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.3	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.3	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.3	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2025-61727	中危	v1.25.3	1.24.11, 1.25.5	golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-12-03 20:16 修改: 2025-12-18 20:15
stdlib	CVE-2025-61728	中危	v1.25.3	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.3	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.3	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.3	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.3	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.3	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.3	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.3	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.3	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.3	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32

usr/bin/pbm-speed-test (gobinary)

低危漏洞:1

中危漏洞:14

高危漏洞:18

严重漏洞:2

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
google.golang.org/grpc	CVE-2026-33186	严重	v1.75.1	1.79.3	google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-20 23:16 修改: 2026-04-10 20:49
stdlib	CVE-2025-68121	严重	v1.25.3	1.24.13, 1.25.7, 1.26.0-rc.3	crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-05 18:16 修改: 2026-04-29 14:16
go.opentelemetry.io/otel/sdk	CVE-2026-24051	高危	v1.38.0	1.40.0	OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24051 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-02-02 23:16 修改: 2026-06-15 17:18
go.opentelemetry.io/otel/sdk	CVE-2026-39883	高危	v1.38.0	1.43.0	github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Arbitrary code execution via PATH hijacking on BSD/Solaris 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39883 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 21:17 修改: 2026-04-10 21:16
github.com/go-jose/go-jose/v4	CVE-2026-34986	高危	v4.1.2	4.1.4	github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34986 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-06 17:17 修改: 2026-05-04 15:20
go.opentelemetry.io/otel	CVE-2026-29181	高危	v1.38.0	1.41.0	github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-07 21:17 修改: 2026-04-14 18:45
stdlib	CVE-2025-61726	高危	v1.25.3	1.24.12, 1.25.6	golang: net/url: Memory exhaustion in query parameter parsing in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:47
stdlib	CVE-2025-61729	高危	v1.25.3	1.24.11, 1.25.5	crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-12-02 19:15 修改: 2025-12-19 18:25
stdlib	CVE-2026-25679	高危	v1.25.3	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-32280	高危	v1.25.3	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.25.3	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.25.3	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33811	高危	v1.25.3	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.25.3	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.25.3	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.25.3	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.25.3	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.25.3	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.25.3	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.25.3	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream	GHSA-xmrv-pmrh-hhx2	中危	v1.7.1	1.7.8	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
github.com/aws/aws-sdk-go-v2/service/s3	GHSA-xmrv-pmrh-hhx2	中危	v1.88.1	1.97.3	Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder 漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
golang.org/x/crypto	CVE-2025-47914	中危	v0.42.0	0.45.0	golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47914 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:36
golang.org/x/crypto	CVE-2025-58181	中危	v0.42.0	0.45.0	golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58181 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:29
stdlib	CVE-2025-61727	中危	v1.25.3	1.24.11, 1.25.5	golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2025-12-03 20:16 修改: 2025-12-18 20:15
stdlib	CVE-2025-61728	中危	v1.25.3	1.24.12, 1.25.6	golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-06 18:45
stdlib	CVE-2025-61730	中危	v1.25.3	1.24.12, 1.25.6	crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-01-28 20:16 修改: 2026-02-03 20:36
stdlib	CVE-2026-27142	中危	v1.25.3	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.25.3	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.25.3	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.25.3	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.25.3	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.25.3	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.25.3	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27139	低危	v1.25.3	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:a064709b7b4a4b5809c21900b25f58e6b4ab3a62685cbbfb244be55838ec7c80 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32