docker.io/pgsty/minio:RELEASE.2026-03-14T12-00-00Z linux/amd64

docker.io/pgsty/minio:RELEASE.2026-03-14T12-00-00Z - Trivy安全扫描结果扫描时间: 2026-06-17 10:24

全部漏洞信息

低危漏洞:12

中危漏洞:27

高危漏洞:23

严重漏洞:1

系统OS: redhat 9.7 扫描引擎: Trivy 扫描时间: 2026-06-17 10:24

docker.io/pgsty/minio:RELEASE.2026-03-14T12-00-00Z (redhat 9.7) (redhat)

低危漏洞:9

中危漏洞:16

高危漏洞:1

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libcap	CVE-2026-4878	高危	2.48-10.el9	2.48-10.el9_8.1	libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-04-09 16:16 修改: 2026-06-11 10:16
glibc	CVE-2026-4046	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
glibc	CVE-2026-4437	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
glibc	CVE-2026-5435	中危	2.34-231.el9_7.10		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
glibc	CVE-2026-5450	中危	2.34-231.el9_7.10		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc	CVE-2026-5928	中危	2.34-231.el9_7.10		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc-common	CVE-2026-4046	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
glibc-common	CVE-2026-4437	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
glibc-common	CVE-2026-5435	中危	2.34-231.el9_7.10		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
glibc-common	CVE-2026-5450	中危	2.34-231.el9_7.10		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc-common	CVE-2026-5928	中危	2.34-231.el9_7.10		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc-minimal-langpack	CVE-2026-4046	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
glibc-minimal-langpack	CVE-2026-4437	中危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
glibc-minimal-langpack	CVE-2026-5435	中危	2.34-231.el9_7.10		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
glibc-minimal-langpack	CVE-2026-5450	中危	2.34-231.el9_7.10		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
glibc-minimal-langpack	CVE-2026-5928	中危	2.34-231.el9_7.10		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
coreutils-single	CVE-2025-5278	中危	8.32-39.el9		coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2025-05-27 21:15 修改: 2026-05-19 17:16
glibc	CVE-2026-4438	低危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
glibc-minimal-langpack	CVE-2026-4438	低危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
glibc-common	CVE-2026-4438	低危	2.34-231.el9_7.10	2.34-270.el9_8	glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libgcc	CVE-2021-46195	低危	11.5.0-11.el9		gcc: uncontrolled recursion in libiberty/rust-demangle.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46195 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2022-01-14 20:15 修改: 2024-11-21 06:33
libgcc	CVE-2022-27943	低危	11.5.0-11.el9		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
ncurses-base	CVE-2023-50495	低危	6.2-12.20210508.el9		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
ncurses-libs	CVE-2023-50495	低危	6.2-12.20210508.el9		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
pcre2	CVE-2022-41409	低危	10.40-6.el9		pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2023-07-18 14:15 修改: 2024-11-21 07:23
pcre2-syntax	CVE-2022-41409	低危	10.40-6.el9		pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:219739f857ea4c73e8d74a4aad07662c9bfaa587e424eed4147a6282e2c4b02b 发布日期: 2023-07-18 14:15 修改: 2024-11-21 07:23

usr/bin/minio (gobinary)

低危漏洞:3

中危漏洞:11

高危漏洞:22

严重漏洞:1

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
google.golang.org/grpc	CVE-2026-33186	严重	v1.77.0	1.79.3	google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33186 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-03-20 23:16 修改: 2026-04-10 20:49
github.com/buger/jsonparser	CVE-2026-32285	高危	v1.1.1	1.1.2	github.com/buger/jsonparser: github.com/buger/jsonparser: Denial of Service via malformed JSON input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32285 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-03-26 20:16 修改: 2026-04-21 15:42
github.com/go-jose/go-jose/v4	CVE-2026-34986	高危	v4.1.3	4.1.4	github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34986 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-06 17:17 修改: 2026-05-04 15:20
github.com/prometheus/prometheus	CVE-2026-42151	高危	v0.308.1	0.311.3	github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42151 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-04 19:16 修改: 2026-05-11 17:22
github.com/prometheus/prometheus	CVE-2026-42154	高危	v0.308.1	0.311.3, 0.305.2	github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42154 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-04 19:16 修改: 2026-05-11 17:22
go.opentelemetry.io/otel	CVE-2026-29181	高危	v1.38.0	1.41.0	github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-07 21:17 修改: 2026-04-14 18:45
go.opentelemetry.io/otel/sdk	CVE-2026-24051	高危	v1.38.0	1.40.0	OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24051 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-02-02 23:16 修改: 2026-06-15 17:18
go.opentelemetry.io/otel/sdk	CVE-2026-39883	高危	v1.38.0	1.43.0	github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Arbitrary code execution via PATH hijacking on BSD/Solaris 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39883 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-08 21:17 修改: 2026-04-10 21:16
github.com/apache/thrift	CVE-2026-41602	高危	v0.21.0	0.23.0	github.com/apache/thrift: Apache Thrift: Integer Overflow in TFramedTransport Go implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41602 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-28 10:16 修改: 2026-04-28 18:40
stdlib	CVE-2026-25679	高危	v1.26.0	1.25.8, 1.26.1	net/url: Incorrect parsing of IPv6 host literals in net/url 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:43
stdlib	CVE-2026-27137	高危	v1.26.0	1.26.1	crypto/x509: Incorrect enforcement of email constraints in crypto/x509 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27137 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:40
stdlib	CVE-2026-32280	高危	v1.26.0	1.25.9, 1.26.2	crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32280 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:16
stdlib	CVE-2026-32281	高危	v1.26.0	1.25.9, 1.26.2	crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32281 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32283	高危	v1.26.0	1.25.9, 1.26.2	crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32283 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:12
stdlib	CVE-2026-33810	高危	v1.26.0	1.26.2	crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33810 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-08 02:16 修改: 2026-04-20 18:16
stdlib	CVE-2026-33811	高危	v1.26.0	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.0	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.0	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.0	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.0	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.0	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.0	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.0	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
github.com/prometheus/prometheus	CVE-2026-40179	中危	v0.308.1	0.311.2-0.20260410083055-07c6232d159b	Prometheus has Stored XSS via metric names and label values in Prometheus web UI tooltips and metrics explorer 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40179 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-15 23:16 修改: 2026-04-22 20:04
github.com/prometheus/prometheus	CVE-2026-44903	中危	v0.308.1	0.311.3	Prometheus is an open-source monitoring system and time series databas ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44903 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-26 22:16 修改: 2026-06-05 17:18
github.com/eclipse/paho.mqtt.golang	CVE-2025-10543	中危	v1.5.0	1.5.1	paho.mqtt.golang: paho.mqtt.golang: Integer Overflow in UTF-8 String Encoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10543 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2025-12-02 09:15 修改: 2026-01-16 21:22
github.com/Azure/go-ntlmssp	CVE-2026-32952	中危	v0.1.0	0.1.1	go-ntlmssp: go-ntlmssp: Denial of Service via malicious NTLM challenge 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32952 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-24 03:16 修改: 2026-05-21 18:22
stdlib	CVE-2026-27142	中危	v1.26.0	1.25.8, 1.26.1	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
stdlib	CVE-2026-27145	中危	v1.26.0	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-32282	中危	v1.26.0	1.25.9, 1.26.2	golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32282 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:15
stdlib	CVE-2026-32288	中危	v1.26.0	1.25.9, 1.26.2	archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32288 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:08
stdlib	CVE-2026-32289	中危	v1.26.0	1.25.9, 1.26.2	html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32289 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-04-08 02:16 修改: 2026-04-16 19:06
stdlib	CVE-2026-39826	中危	v1.26.0	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.0	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
filippo.io/edwards25519	CVE-2026-26958	低危	v1.1.0	1.1.1	filippo.io/edwards25519: filippo.io/edwards25519: Cryptographic integrity bypass due to incorrect MultiScalarMult results 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26958 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-02-19 23:16 修改: 2026-04-15 00:35
stdlib	CVE-2026-27138	低危	v1.26.0	1.26.1	crypto/x509: Panic in name constraint checking for malformed certificates in crypto/x509 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27138 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:39
stdlib	CVE-2026-27139	低危	v1.26.0	1.25.8, 1.26.1	os: FileInfo can escape from a Root in golang os module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27139 镜像层: sha256:47bd900c0137b54bffa25b91b236d5f642fb6b61debba294c1db562f1a70bff0 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:32