docker.io/percona:5.7 linux/amd64

docker.io/percona:5.7 - Trivy安全扫描结果扫描时间: 2026-06-08 19:01

全部漏洞信息

低危漏洞:1

中危漏洞:141

高危漏洞:93

严重漏洞:0

系统OS: oracle 8.10 扫描引擎: Trivy 扫描时间: 2026-06-08 19:01

docker.io/percona:5.7 (oracle 8.10) (oracle)

低危漏洞:1

中危漏洞:141

高危漏洞:93

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
bind-export-libs	CVE-2024-11187	高危	32:9.11.36-14.el8_10	32:9.11.36-16.el8_10.4	bind: bind9: Many records in the additional section cause CPU exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11187 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-01-29 22:15 修改: 2026-04-15 00:35
bind-export-libs	CVE-2024-1737	高危	32:9.11.36-14.el8_10	32:9.11.36-16.el8_10.2	bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1737 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-07-23 15:15 修改: 2026-04-15 00:35
bind-export-libs	CVE-2024-1975	高危	32:9.11.36-14.el8_10	32:9.11.36-16.el8_10.2	bind9: bind: SIG(0) can be used to exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1975 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-07-23 15:15 修改: 2026-04-15 00:35
bind-export-libs	CVE-2025-40778	高危	32:9.11.36-14.el8_10	32:9.11.36-16.el8_10.6	bind: Cache poisoning attacks with unsolicited RRs 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40778 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-10-22 16:15 修改: 2026-04-15 00:35
bind-export-libs	CVE-2026-1519	高危	32:9.11.36-14.el8_10	32:9.11.36-16.el8_10.7	bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1519 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-25 14:16 修改: 2026-05-21 15:24
brotli	CVE-2025-6176	高危	1.0.6-3.el8	1.0.6-4.el8_10	Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6176 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-10-31 00:15 修改: 2026-04-15 00:35
compat-openssl10	CVE-2023-0286	高危	1:1.0.2o-4.el8_6	1:1.0.2o-4.el8_10.1	openssl: X.400 address type confusion in X.509 GeneralName 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
expat	CVE-2025-59375	高危	2.2.5-13.0.1.el8_10	2.5.0-1.el8_10	firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-09-15 03:15 修改: 2026-05-12 13:17
expat	CVE-2026-45186	高危	2.2.5-13.0.1.el8_10	2.5.0-2.el8_10	libexpat: denial of service via crafted XML input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-05-10 07:16 修改: 2026-05-14 17:20
gnupg2	CVE-2025-68973	高危	2.2.20-3.el8_6	2.2.20-4.el8_10	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
gnutls	CVE-2026-33845	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-33846	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
gnutls	CVE-2026-3833	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42009	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-05-18 13:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42010	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-05-07 12:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42011	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42012	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42013	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-42014	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gnutls	CVE-2026-42015	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gnutls	CVE-2026-5260	高危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.6	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
krb5-devel	CVE-2024-3596	高危	1.18.2-27.0.1.el8_10	1.18.2-30.0.1.el8_10	freeradius: forgery attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2024-07-09 12:15 修改: 2026-05-12 12:16
krb5-devel	CVE-2024-37371	高危	1.18.2-27.0.1.el8_10	1.18.2-29.0.1.el8_10	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
krb5-devel	CVE-2026-40355	高危	1.18.2-27.0.1.el8_10	1.18.2-34.0.1.el8_10	krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2026-04-28 06:16 修改: 2026-04-28 20:11
krb5-devel	CVE-2026-40356	高危	1.18.2-27.0.1.el8_10	1.18.2-34.0.1.el8_10	krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2026-04-28 07:16 修改: 2026-04-28 20:11
krb5-libs	CVE-2024-3596	高危	1.18.2-27.0.1.el8_10	1.18.2-30.0.1.el8_10	freeradius: forgery attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-07-09 12:15 修改: 2026-05-12 12:16
krb5-libs	CVE-2024-37371	高危	1.18.2-27.0.1.el8_10	1.18.2-29.0.1.el8_10	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
krb5-libs	CVE-2026-40355	高危	1.18.2-27.0.1.el8_10	1.18.2-34.0.1.el8_10	krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-28 06:16 修改: 2026-04-28 20:11
krb5-libs	CVE-2026-40356	高危	1.18.2-27.0.1.el8_10	1.18.2-34.0.1.el8_10	krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-28 07:16 修改: 2026-04-28 20:11
libarchive	CVE-2025-5914	高危	3.3.3-5.el8	3.3.3-6.el8_10	libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5914 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-09 20:15 修改: 2026-02-05 20:15
libarchive	CVE-2026-4424	高危	3.3.3-5.el8	3.3.3-7.el8_10	libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4424 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-19 15:16 修改: 2026-06-04 18:16
libarchive	CVE-2026-5121	高危	3.3.3-5.el8	3.3.3-7.el8_10	libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5121 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-30 08:16 修改: 2026-06-04 19:16
libcap	CVE-2026-4878	高危	2.48-6.el8_9	2.48-6.el8_10.1	libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-09 16:16 修改: 2026-06-04 00:17
libkadm5	CVE-2024-3596	高危	1.18.2-27.0.1.el8_10	1.18.2-30.0.1.el8_10	freeradius: forgery attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2024-07-09 12:15 修改: 2026-05-12 12:16
libkadm5	CVE-2024-37371	高危	1.18.2-27.0.1.el8_10	1.18.2-29.0.1.el8_10	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
libkadm5	CVE-2026-40355	高危	1.18.2-27.0.1.el8_10	1.18.2-34.0.1.el8_10	krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2026-04-28 06:16 修改: 2026-04-28 20:11
libkadm5	CVE-2026-40356	高危	1.18.2-27.0.1.el8_10	1.18.2-34.0.1.el8_10	krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2026-04-28 07:16 修改: 2026-04-28 20:11
libnghttp2	CVE-2026-27135	高危	1.33.0-5.el8_9	1.33.0-6.el8_10.2	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-18 18:16 修改: 2026-05-13 22:16
libxml2	CVE-2024-56171	高危	2.9.7-18.el8_10.1	2.9.7-19.el8_10	libxml2: Use-After-Free in libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56171 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-02-18 22:15 修改: 2025-11-03 21:17
libxml2	CVE-2025-24928	高危	2.9.7-18.el8_10.1	2.9.7-19.el8_10	libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24928 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-02-18 23:15 修改: 2025-11-03 22:18
libxml2	CVE-2025-49794	高危	2.9.7-18.el8_10.1	2.9.7-21.el8_10.1	libxml: Heap use after free (UAF) leads to Denial of service (DoS) 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49794 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-16 16:15 修改: 2026-06-02 14:16
libxml2	CVE-2025-49796	高危	2.9.7-18.el8_10.1	2.9.7-21.el8_10.1	libxml: Type confusion leads to Denial of service (DoS) 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49796 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-16 16:15 修改: 2026-06-02 14:16
libxml2	CVE-2025-6021	高危	2.9.7-18.el8_10.1	2.9.7-21.el8_10.1	libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6021 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-12 13:15 修改: 2026-05-12 13:17
libxml2	CVE-2025-7425	高危	2.9.7-18.el8_10.1	2.9.7-21.el8_10.2	libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-10 14:15 修改: 2026-05-12 13:17
openssh	CVE-2026-3497	高危	8.0p1-24.0.1.el8	8.0p1-28.0.1.el8_10	openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3497 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-12 19:16 修改: 2026-06-02 19:43
openssh	CVE-2026-35385	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35385 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:02
openssh	CVE-2026-35386	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35386 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:03
openssh	CVE-2026-35387	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35387 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:05
openssh	CVE-2026-35388	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35388 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:12
openssh	CVE-2026-35414	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35414 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 18:16 修改: 2026-04-10 19:36
openssh-clients	CVE-2026-3497	高危	8.0p1-24.0.1.el8	8.0p1-28.0.1.el8_10	openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3497 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-12 19:16 修改: 2026-06-02 19:43
openssh-clients	CVE-2026-35385	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35385 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:02
openssh-clients	CVE-2026-35386	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35386 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:03
openssh-clients	CVE-2026-35387	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35387 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:05
openssh-clients	CVE-2026-35388	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35388 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:12
openssh-clients	CVE-2026-35414	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35414 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 18:16 修改: 2026-04-10 19:36
openssh-server	CVE-2026-3497	高危	8.0p1-24.0.1.el8	8.0p1-28.0.1.el8_10	openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3497 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-12 19:16 修改: 2026-06-02 19:43
openssh-server	CVE-2026-35385	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35385 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:02
openssh-server	CVE-2026-35386	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35386 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:03
openssh-server	CVE-2026-35387	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35387 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:05
openssh-server	CVE-2026-35388	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35388 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:12
openssh-server	CVE-2026-35414	高危	8.0p1-24.0.1.el8	8.0p1-29.0.1.el8_10	OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35414 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-02 18:16 修改: 2026-04-10 19:36
openssl	CVE-2024-5535	高危	1:1.1.1k-12.el8_9	1:1.1.1k-14.el8_6	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
openssl-devel	CVE-2024-5535	高危	1:1.1.1k-12.el8_9	1:1.1.1k-14.el8_6	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
openssl-libs	CVE-2024-5535	高危	1:1.1.1k-12.el8_9	1:1.1.1k-14.el8_6	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
pam	CVE-2024-10963	高危	1.3.1-33.el8	1.3.1-36.0.1.el8_10	pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-11-07 16:15 修改: 2026-04-15 00:35
pam	CVE-2025-6020	高危	1.3.1-33.el8	1.3.1-38.0.1.el8_10	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
platform-python	CVE-2024-11168	高危	3.6.8-62.0.1.el8_10	3.6.8-69.0.1.el8_10	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-11-12 22:15 修改: 2026-04-15 00:35
platform-python	CVE-2024-12718	高危	3.6.8-62.0.1.el8_10	3.6.8-70.0.1.el8_10	cpython: python: Bypass extraction filter to modify file metadata outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
platform-python	CVE-2024-9287	高危	3.6.8-62.0.1.el8_10	3.6.8-69.0.1.el8_10	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-10-22 17:15 修改: 2025-11-03 23:17
platform-python	CVE-2025-4138	高危	3.6.8-62.0.1.el8_10	3.6.8-70.0.1.el8_10	cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
platform-python	CVE-2025-4330	高危	3.6.8-62.0.1.el8_10	3.6.8-70.0.1.el8_10	cpython: python: Extraction filter bypass for linking outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
platform-python	CVE-2025-4435	高危	3.6.8-62.0.1.el8_10	3.6.8-70.0.1.el8_10	cpython: Tarfile extracts filtered members when errorlevel=0 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
platform-python	CVE-2025-4517	高危	3.6.8-62.0.1.el8_10	3.6.8-70.0.1.el8_10	python: cpython: Arbitrary writes via tarfile realpath overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
platform-python	CVE-2026-4519	高危	3.6.8-62.0.1.el8_10	3.6.8-75.0.1.el8_10	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-20 15:16 修改: 2026-04-16 14:53
platform-python	CVE-2026-4786	高危	3.6.8-62.0.1.el8_10	3.6.8-76.0.1.el8_10	python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-13 22:16 修改: 2026-04-29 16:16
platform-python	CVE-2026-6100	高危	3.6.8-62.0.1.el8_10	3.6.8-76.0.1.el8_10	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-13 18:16 修改: 2026-04-17 15:18
python3-libs	CVE-2024-11168	高危	3.6.8-62.0.1.el8_10	3.6.8-69.0.1.el8_10	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-11-12 22:15 修改: 2026-04-15 00:35
python3-libs	CVE-2024-12718	高危	3.6.8-62.0.1.el8_10	3.6.8-70.0.1.el8_10	cpython: python: Bypass extraction filter to modify file metadata outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3-libs	CVE-2024-9287	高危	3.6.8-62.0.1.el8_10	3.6.8-69.0.1.el8_10	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-10-22 17:15 修改: 2025-11-03 23:17
python3-libs	CVE-2025-4138	高危	3.6.8-62.0.1.el8_10	3.6.8-70.0.1.el8_10	cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3-libs	CVE-2025-4330	高危	3.6.8-62.0.1.el8_10	3.6.8-70.0.1.el8_10	cpython: python: Extraction filter bypass for linking outside extraction directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3-libs	CVE-2025-4435	高危	3.6.8-62.0.1.el8_10	3.6.8-70.0.1.el8_10	cpython: Tarfile extracts filtered members when errorlevel=0 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3-libs	CVE-2025-4517	高危	3.6.8-62.0.1.el8_10	3.6.8-70.0.1.el8_10	python: cpython: Arbitrary writes via tarfile realpath overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-03 13:15 修改: 2026-04-15 00:35
python3-libs	CVE-2026-4519	高危	3.6.8-62.0.1.el8_10	3.6.8-75.0.1.el8_10	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-20 15:16 修改: 2026-04-16 14:53
python3-libs	CVE-2026-4786	高危	3.6.8-62.0.1.el8_10	3.6.8-76.0.1.el8_10	python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-13 22:16 修改: 2026-04-29 16:16
python3-libs	CVE-2026-6100	高危	3.6.8-62.0.1.el8_10	3.6.8-76.0.1.el8_10	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-13 18:16 修改: 2026-04-17 15:18
sqlite-libs	CVE-2025-6965	高危	3.26.0-19.0.1.el8_9	3.26.0-20.el8_10	sqlite: Integer Truncation in SQLite 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6965 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-15 14:15 修改: 2026-04-14 10:16
vim-minimal	CVE-2026-25749	高危	2:8.0.1763-19.0.1.el8_6.4	2:8.0.1763-22.0.1.el8_10	vim: Vim: Arbitrary code execution via 'helpfile' option processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25749 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-02-06 23:15 修改: 2026-02-20 15:45
vim-minimal	CVE-2026-28417	高危	2:8.0.1763-19.0.1.el8_6.4	2:8.0.1763-22.0.1.el8_10.1	vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28417 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-02-27 22:16 修改: 2026-03-03 17:50
vim-minimal	CVE-2026-28421	高危	2:8.0.1763-19.0.1.el8_6.4	2:8.0.1763-22.0.1.el8_10.1	vim: Vim: Denial of service and information disclosure via crafted swap file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28421 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-02-27 22:16 修改: 2026-03-04 20:47
vim-minimal	CVE-2026-33412	高危	2:8.0.1763-19.0.1.el8_6.4	2:8.0.1763-22.0.1.el8_10.1	vim: Vim: Arbitrary code execution via command injection in glob() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33412 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-24 20:16 修改: 2026-03-25 21:59
vim-minimal	CVE-2026-34982	高危	2:8.0.1763-19.0.1.el8_6.4	2:8.0.1763-22.0.1.el8_10.3	vim: arbitrary command execution via modeline sandbox bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34982 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:10
libsmartcols	CVE-2025-14104	中危	2.32.1-46.0.1.el8	2.32.1-48.0.1.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
libssh	CVE-2025-5318	中危	0.9.6-14.el8	0.9.6-15.el8_10	libssh: out-of-bounds read in sftp_handle() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5318 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-06-24 14:15 修改: 2026-02-27 17:16
libssh	CVE-2025-5372	中危	0.9.6-14.el8	0.9.6-16.el8_10	libssh: Incorrect Return Code Handling in ssh_kdf() in libssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5372 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-04 06:15 修改: 2026-05-26 07:16
libstdc++	CVE-2020-11023	中危	8.5.0-22.0.1.el8_10	8.5.0-23.0.1.el8_10	jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2020-04-29 21:15 修改: 2025-11-07 19:32
libtasn1	CVE-2024-12133	中危	4.13-4.el8_7	4.13-5.el8_10	libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-02-10 16:15 修改: 2026-05-12 12:16
libuuid	CVE-2025-14104	中危	2.32.1-46.0.1.el8	2.32.1-48.0.1.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
glibc-langpack-en	CVE-2025-4802	中危	2.28-251.0.2.el8_10.2	2.28-251.0.3.el8_10.22	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
glibc-langpack-en	CVE-2025-8058	中危	2.28-251.0.2.el8_10.2	2.28-251.0.3.el8_10.25	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
glibc-langpack-en	CVE-2026-0915	中危	2.28-251.0.2.el8_10.2	2.28-251.0.4.el8_10.31	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
glibc-langpack-en	CVE-2026-4046	中危	2.28-251.0.2.el8_10.2	2.28-251.0.4.el8_10.37	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
curl	CVE-2024-2398	中危	7.61.1-34.el8	7.61.1-34.el8_10.2	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
curl	CVE-2025-9086	中危	7.61.1-34.el8	7.61.1-34.el8_10.9	curl: libcurl: Curl out of bounds read for cookie path 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-09-12 06:15 修改: 2026-06-02 14:16
libxml2	CVE-2022-49043	中危	2.9.7-18.el8_10.1	2.9.7-18.el8_10.2	libxml: use-after-free in xmlXIncludeAddNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-49043 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-01-26 06:15 修改: 2025-11-03 21:15
libxml2	CVE-2025-32414	中危	2.9.7-18.el8_10.1	2.9.7-20.el8_10	libxml2: Out-of-Bounds Read in libxml2 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-04-08 03:15 修改: 2025-11-03 20:18
libxml2	CVE-2025-32415	中危	2.9.7-18.el8_10.1	2.9.7-21.el8_10.3	libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-04-17 17:15 修改: 2025-11-03 20:18
libxml2	CVE-2025-9714	中危	2.9.7-18.el8_10.1	2.9.7-21.el8_10.4	libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9714 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-09-10 19:15 修改: 2026-05-12 13:17
lz4-libs	CVE-2019-17543	中危	1.8.3-3.el8_4	1.8.3-5.el8_10	lz4: heap-based buffer overflow in LZ4_write32 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17543 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2019-10-14 02:15 修改: 2024-11-21 04:32
bzip2-libs	CVE-2019-12900	中危	1.0.6-26.el8	1.0.6-28.el8_10	bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail). 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2019-06-19 23:15 修改: 2025-06-09 16:15
compat-openssl10	CVE-2026-28390	中危	1:1.0.2o-4.el8_6	1:1.0.2o-4.el8_10.2	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
expat	CVE-2024-45490	中危	2.2.5-13.0.1.el8_10	2.2.5-15.0.1.el8_10	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
expat	CVE-2024-45491	中危	2.2.5-13.0.1.el8_10	2.2.5-15.0.1.el8_10	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
expat	CVE-2024-45492	中危	2.2.5-13.0.1.el8_10	2.2.5-15.0.1.el8_10	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
expat	CVE-2024-50602	中危	2.2.5-13.0.1.el8_10	2.2.5-16.0.1.el8_10	libexpat: expat: DoS via XML_ResumeParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-10-27 05:15 修改: 2025-10-15 17:54
openssh	CVE-2025-26465	中危	8.0p1-24.0.1.el8	8.0p1-26.0.1.el8_10	openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26465 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-02-18 19:15 修改: 2026-05-12 13:16
openssh	CVE-2025-61984	中危	8.0p1-24.0.1.el8	8.0p1-27.0.1.el8_10	openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61984 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-10-06 19:15 修改: 2026-04-15 00:35
openssh	CVE-2025-61985	中危	8.0p1-24.0.1.el8	8.0p1-27.0.1.el8_10	openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61985 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-10-06 19:15 修改: 2026-04-15 00:35
expat	CVE-2024-8176	中危	2.2.5-13.0.1.el8_10	2.2.5-17.0.1.el8_10	libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8176 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-03-14 09:15 修改: 2026-04-15 00:35
glib2	CVE-2024-34397	中危	2.56.4-162.el8	2.56.4-166.el8_10	glib2: Signal subscription vulnerabilities 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-05-07 18:15 修改: 2026-05-12 12:16
glib2	CVE-2024-52533	中危	2.56.4-162.el8	2.56.4-166.el8_10	glib: buffer overflow in set_connect_msg() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52533 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-11-11 23:15 修改: 2025-06-17 01:23
glib2	CVE-2025-13601	中危	2.56.4-162.el8	2.56.4-168.el8_10	glib: Integer overflow in in g_escape_uri_string() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13601 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-11-26 15:15 修改: 2026-06-02 14:16
gnutls	CVE-2024-12243	中危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.3	gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12243 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-02-10 16:15 修改: 2026-05-12 12:16
gnutls	CVE-2025-14831	中危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.5	gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-02-09 15:16 修改: 2026-05-14 23:16
openssh-clients	CVE-2025-26465	中危	8.0p1-24.0.1.el8	8.0p1-26.0.1.el8_10	openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26465 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-02-18 19:15 修改: 2026-05-12 13:16
openssh-clients	CVE-2025-61984	中危	8.0p1-24.0.1.el8	8.0p1-27.0.1.el8_10	openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61984 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-10-06 19:15 修改: 2026-04-15 00:35
openssh-clients	CVE-2025-61985	中危	8.0p1-24.0.1.el8	8.0p1-27.0.1.el8_10	openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61985 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-10-06 19:15 修改: 2026-04-15 00:35
gnutls	CVE-2025-32988	中危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.4	gnutls: Vulnerability in GnuTLS otherName SAN export 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32988 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-10 08:15 修改: 2026-05-12 13:16
gnutls	CVE-2025-32990	中危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.4	gnutls: Vulnerability in GnuTLS certtool template parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32990 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-10 10:15 修改: 2026-04-20 22:16
gnutls	CVE-2025-6395	中危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.4	gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6395 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-10 16:15 修改: 2026-05-12 13:17
gnutls	CVE-2025-9820	中危	3.6.16-8.el8_9.3	3.6.16-8.el8_10.5	gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-26 20:16 修改: 2026-05-12 13:17
glib2	CVE-2025-14087	中危	2.56.4-162.el8	2.56.4-169.el8_10	glib: GLib: Buffer underflow in GVariant parser leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14087 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-10 09:15 修改: 2026-06-02 20:16
glib2	CVE-2025-14512	中危	2.56.4-162.el8	2.56.4-169.el8_10	glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14512 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-11 07:16 修改: 2026-06-02 20:16
openssh-server	CVE-2025-26465	中危	8.0p1-24.0.1.el8	8.0p1-26.0.1.el8_10	openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26465 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-02-18 19:15 修改: 2026-05-12 13:16
openssh-server	CVE-2025-61984	中危	8.0p1-24.0.1.el8	8.0p1-27.0.1.el8_10	openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61984 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-10-06 19:15 修改: 2026-04-15 00:35
openssh-server	CVE-2025-61985	中危	8.0p1-24.0.1.el8	8.0p1-27.0.1.el8_10	openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61985 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-10-06 19:15 修改: 2026-04-15 00:35
glib2	CVE-2025-4373	中危	2.56.4-162.el8	2.56.4-166.el8_10	glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4373 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-05-06 15:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69419	中危	1:1.1.1k-12.el8_9	1:1.1.1k-15.el8_6	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-9230	中危	1:1.1.1k-12.el8_9	1:1.1.1k-14.el8_10	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
glibc	CVE-2025-0395	中危	2.28-251.0.2.el8_10.2	2.28-251.0.3.el8_10.16	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
openssl-devel	CVE-2025-69419	中危	1:1.1.1k-12.el8_9	1:1.1.1k-15.el8_6	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl-devel	CVE-2025-9230	中危	1:1.1.1k-12.el8_9	1:1.1.1k-14.el8_10	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
krb5-devel	CVE-2024-37370	中危	1.18.2-27.0.1.el8_10	1.18.2-29.0.1.el8_10	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
openssl-libs	CVE-2025-69419	中危	1:1.1.1k-12.el8_9	1:1.1.1k-15.el8_6	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl-libs	CVE-2025-9230	中危	1:1.1.1k-12.el8_9	1:1.1.1k-14.el8_10	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
krb5-devel	CVE-2025-24528	中危	1.18.2-27.0.1.el8_10	1.18.2-31.0.1.el8_10	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
krb5-devel	CVE-2025-3576	中危	1.18.2-27.0.1.el8_10	1.18.2-32.0.1.el8_10	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
pam	CVE-2024-10041	中危	1.3.1-33.el8	1.3.1-36.0.1.el8_10	pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
perl-Data-Dumper	CVE-2023-47038	中危	2.167-399.el8	2.174-440.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-Data-Dumper	CVE-2025-40909	中危	2.167-399.el8	2.174-440.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-Digest-MD5	CVE-2023-47038	中危	2.55-396.el8	2.58-1.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-Digest-MD5	CVE-2025-40909	中危	2.55-396.el8	2.58-1.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-Encode	CVE-2023-47038	中危	4:2.97-3.el8	4:3.08-461.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-Encode	CVE-2025-40909	中危	4:2.97-3.el8	4:3.08-461.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-Errno	CVE-2023-47038	中危	1.28-422.el8	1.30-473.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-Errno	CVE-2025-40909	中危	1.28-422.el8	1.30-474.module+el8.10.0+90876+9a50c25b	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-IO	CVE-2023-47038	中危	1.38-422.el8	1.43-473.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-IO	CVE-2025-40909	中危	1.38-422.el8	1.43-474.module+el8.10.0+90876+9a50c25b	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-MIME-Base64	CVE-2023-47038	中危	3.15-396.el8	3.15-1001.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-MIME-Base64	CVE-2025-40909	中危	3.15-396.el8	3.15-1001.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-PathTools	CVE-2023-47038	中危	3.74-1.el8	3.78-439.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-PathTools	CVE-2025-40909	中危	3.74-1.el8	3.78-439.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-Scalar-List-Utils	CVE-2023-47038	中危	3:1.49-2.el8	4:1.55-457.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-Scalar-List-Utils	CVE-2025-40909	中危	3:1.49-2.el8	4:1.55-457.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-Socket	CVE-2023-47038	中危	4:2.027-3.el8	4:2.031-1.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-Socket	CVE-2025-40909	中危	4:2.027-3.el8	4:2.031-1.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-Storable	CVE-2023-47038	中危	1:3.11-3.el8	1:3.21-457.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-Storable	CVE-2025-40909	中危	1:3.11-3.el8	1:3.21-457.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-Unicode-Normalize	CVE-2023-47038	中危	1.25-396.el8	1.27-458.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-Unicode-Normalize	CVE-2025-40909	中危	1.25-396.el8	1.27-458.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-interpreter	CVE-2023-47038	中危	4:5.26.3-422.el8	4:5.32.1-473.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-interpreter	CVE-2025-40909	中危	4:5.26.3-422.el8	4:5.32.1-474.module+el8.10.0+90876+9a50c25b	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-libs	CVE-2023-47038	中危	4:5.26.3-422.el8	4:5.32.1-473.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-libs	CVE-2025-40909	中危	4:5.26.3-422.el8	4:5.32.1-474.module+el8.10.0+90876+9a50c25b	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-macros	CVE-2023-47038	中危	4:5.26.3-422.el8	4:5.32.1-473.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-macros	CVE-2025-40909	中危	4:5.26.3-422.el8	4:5.32.1-474.module+el8.10.0+90876+9a50c25b	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-threads	CVE-2023-47038	中危	1:2.21-2.el8	1:2.25-457.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-threads	CVE-2025-40909	中危	1:2.21-2.el8	1:2.25-457.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-threads-shared	CVE-2023-47038	中危	1.58-2.el8	1.61-457.module+el8.10.0+90267+7012ad3b	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-threads-shared	CVE-2025-40909	中危	1.58-2.el8	1.61-457.module+el8.10.0+90354+a7e78d72	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
glibc	CVE-2025-15281	中危	2.28-251.0.2.el8_10.2	2.28-251.0.4.el8_10.31	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
glibc	CVE-2025-4802	中危	2.28-251.0.2.el8_10.2	2.28-251.0.3.el8_10.22	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
glibc	CVE-2025-8058	中危	2.28-251.0.2.el8_10.2	2.28-251.0.3.el8_10.25	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
glibc	CVE-2026-0915	中危	2.28-251.0.2.el8_10.2	2.28-251.0.4.el8_10.31	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
krb5-libs	CVE-2024-37370	中危	1.18.2-27.0.1.el8_10	1.18.2-29.0.1.el8_10	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
krb5-libs	CVE-2025-24528	中危	1.18.2-27.0.1.el8_10	1.18.2-31.0.1.el8_10	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
krb5-libs	CVE-2025-3576	中危	1.18.2-27.0.1.el8_10	1.18.2-32.0.1.el8_10	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
glibc	CVE-2026-4046	中危	2.28-251.0.2.el8_10.2	2.28-251.0.4.el8_10.37	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
glibc-common	CVE-2025-0395	中危	2.28-251.0.2.el8_10.2	2.28-251.0.3.el8_10.16	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
glibc-common	CVE-2025-15281	中危	2.28-251.0.2.el8_10.2	2.28-251.0.4.el8_10.31	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
platform-python	CVE-2024-4032	中危	3.6.8-62.0.1.el8_10	3.6.8-67.0.1.el8_10	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-06-17 15:15 修改: 2026-04-15 00:35
platform-python	CVE-2024-6232	中危	3.6.8-62.0.1.el8_10	3.6.8-67.0.1.el8_10	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-09-03 13:15 修改: 2025-11-03 23:17
platform-python	CVE-2024-6923	中危	3.6.8-62.0.1.el8_10	3.6.8-67.0.1.el8_10	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-08-01 14:15 修改: 2026-04-15 00:35
platform-python	CVE-2025-0938	中危	3.6.8-62.0.1.el8_10	3.6.8-74.0.1.el8_10	python: cpython: URL parser allowed square brackets in domain names 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-01-31 18:15 修改: 2026-04-15 00:35
platform-python	CVE-2025-12084	中危	3.6.8-62.0.1.el8_10	3.6.8-72.0.1.el8_10	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
platform-python	CVE-2025-15366	中危	3.6.8-62.0.1.el8_10	3.6.8-73.0.1.el8_10	cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
platform-python	CVE-2025-15367	中危	3.6.8-62.0.1.el8_10	3.6.8-73.0.1.el8_10	cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
platform-python	CVE-2025-8194	中危	3.6.8-62.0.1.el8_10	3.6.8-71.0.1.el8_10	cpython: Cpython infinite loop when parsing a tarfile 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-28 19:15 修改: 2026-04-15 00:35
platform-python	CVE-2026-0865	中危	3.6.8-62.0.1.el8_10	3.6.8-73.0.1.el8_10	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
platform-python	CVE-2026-1299	中危	3.6.8-62.0.1.el8_10	3.6.8-73.0.1.el8_10	cpython: email header injection due to unquoted newlines 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-23 17:16 修改: 2026-04-15 00:35
libblkid	CVE-2025-14104	中危	2.32.1-46.0.1.el8	2.32.1-48.0.1.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
glibc-common	CVE-2025-4802	中危	2.28-251.0.2.el8_10.2	2.28-251.0.3.el8_10.22	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
libcurl	CVE-2024-2398	中危	7.61.1-34.el8	7.61.1-34.el8_10.2	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libcurl	CVE-2025-9086	中危	7.61.1-34.el8	7.61.1-34.el8_10.9	curl: libcurl: Curl out of bounds read for cookie path 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-09-12 06:15 修改: 2026-06-02 14:16
libfdisk	CVE-2025-14104	中危	2.32.1-46.0.1.el8	2.32.1-48.0.1.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
libgcc	CVE-2020-11023	中危	8.5.0-22.0.1.el8_10	8.5.0-23.0.1.el8_10	jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2020-04-29 21:15 修改: 2025-11-07 19:32
glibc-common	CVE-2025-8058	中危	2.28-251.0.2.el8_10.2	2.28-251.0.3.el8_10.25	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
glibc-common	CVE-2026-0915	中危	2.28-251.0.2.el8_10.2	2.28-251.0.4.el8_10.31	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
glibc-common	CVE-2026-4046	中危	2.28-251.0.2.el8_10.2	2.28-251.0.4.el8_10.37	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
glibc-langpack-en	CVE-2025-0395	中危	2.28-251.0.2.el8_10.2	2.28-251.0.3.el8_10.16	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
python3-libs	CVE-2024-4032	中危	3.6.8-62.0.1.el8_10	3.6.8-67.0.1.el8_10	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-06-17 15:15 修改: 2026-04-15 00:35
python3-libs	CVE-2024-6232	中危	3.6.8-62.0.1.el8_10	3.6.8-67.0.1.el8_10	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-09-03 13:15 修改: 2025-11-03 23:17
python3-libs	CVE-2024-6923	中危	3.6.8-62.0.1.el8_10	3.6.8-67.0.1.el8_10	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-08-01 14:15 修改: 2026-04-15 00:35
python3-libs	CVE-2025-0938	中危	3.6.8-62.0.1.el8_10	3.6.8-74.0.1.el8_10	python: cpython: URL parser allowed square brackets in domain names 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-01-31 18:15 修改: 2026-04-15 00:35
python3-libs	CVE-2025-12084	中危	3.6.8-62.0.1.el8_10	3.6.8-72.0.1.el8_10	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
python3-libs	CVE-2025-15366	中危	3.6.8-62.0.1.el8_10	3.6.8-73.0.1.el8_10	cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3-libs	CVE-2025-15367	中危	3.6.8-62.0.1.el8_10	3.6.8-73.0.1.el8_10	cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3-libs	CVE-2025-8194	中危	3.6.8-62.0.1.el8_10	3.6.8-71.0.1.el8_10	cpython: Cpython infinite loop when parsing a tarfile 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-28 19:15 修改: 2026-04-15 00:35
python3-libs	CVE-2026-0865	中危	3.6.8-62.0.1.el8_10	3.6.8-73.0.1.el8_10	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3-libs	CVE-2026-1299	中危	3.6.8-62.0.1.el8_10	3.6.8-73.0.1.el8_10	cpython: email header injection due to unquoted newlines 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-23 17:16 修改: 2026-04-15 00:35
libkadm5	CVE-2024-37370	中危	1.18.2-27.0.1.el8_10	1.18.2-29.0.1.el8_10	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
systemd	CVE-2025-4598	中危	239-82.0.1.el8	239-82.0.4.el8_10.5	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-05-30 14:15 修改: 2026-05-19 16:16
systemd-libs	CVE-2025-4598	中危	239-82.0.1.el8	239-82.0.4.el8_10.5	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-05-30 14:15 修改: 2026-05-19 16:16
systemd-pam	CVE-2025-4598	中危	239-82.0.1.el8	239-82.0.4.el8_10.5	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-05-30 14:15 修改: 2026-05-19 16:16
util-linux	CVE-2025-14104	中危	2.32.1-46.0.1.el8	2.32.1-48.0.1.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
libkadm5	CVE-2025-24528	中危	1.18.2-27.0.1.el8_10	1.18.2-31.0.1.el8_10	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
libkadm5	CVE-2025-3576	中危	1.18.2-27.0.1.el8_10	1.18.2-32.0.1.el8_10	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:0e0fd3886d14c578347e27fbc761e31dd7cddfac2d0b0344e8360bc81f77e441 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
libmount	CVE-2025-14104	中危	2.32.1-46.0.1.el8	2.32.1-48.0.1.el8_10	util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
glibc-langpack-en	CVE-2025-15281	中危	2.28-251.0.2.el8_10.2	2.28-251.0.4.el8_10.31	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
libnghttp2	CVE-2024-28182	中危	1.33.0-5.el8_9	1.33.0-6.el8_10.1	nghttp2: CONTINUATION frames DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2024-04-04 15:15 修改: 2025-11-04 19:17
vim-minimal	CVE-2025-53905	中危	2:8.0.1763-19.0.1.el8_6.4	2:8.0.1763-21.0.1.el8_10	vim: Vim path traversial 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53905 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-15 21:15 修改: 2025-11-04 22:16
vim-minimal	CVE-2025-53906	中危	2:8.0.1763-19.0.1.el8_6.4	2:8.0.1763-21.0.1.el8_10	vim: Vim path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53906 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2025-07-15 21:15 修改: 2026-04-01 19:16
vim-minimal	CVE-2026-35177	中危	2:8.0.1763-19.0.1.el8_6.4	2:8.0.1763-23.0.1.el8_10	vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35177 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2026-04-06 18:16 修改: 2026-04-20 18:28
openldap	CVE-2023-2953	低危	2.4.46-18.el8	2.4.46-19.el8_10	openldap: null pointer dereference in ber_memalloc_x function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953 镜像层: sha256:8e2fd143b5b86e076f942285111707725d0826c19b03f1ee6c75e276af3ae0fe 发布日期: 2023-05-30 22:15 修改: 2025-01-10 22:15