docker.io/rockylinux/rockylinux:10.2 linux/amd64

docker.io/rockylinux/rockylinux:10.2 - Trivy安全扫描结果 扫描时间: 2026-07-15 13:47
全部漏洞信息
低危漏洞:0 中危漏洞:8 高危漏洞:29 严重漏洞:0

系统OS: rocky 10.2 扫描引擎: Trivy 扫描时间: 2026-07-15 13:47

docker.io/rockylinux/rockylinux:10.2 (rocky 10.2) (rocky)
低危漏洞:0 中危漏洞:8 高危漏洞:29 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
expat CVE-2026-45186 高危 2.7.3-1.el10 2.7.3-1.el10_2.1 libexpat: denial of service via crafted XML input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-05-10 07:16 修改: 2026-06-30 03:20

gnutls CVE-2026-33845 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-04-30 18:16 修改: 2026-07-13 17:17

gnutls CVE-2026-33846 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-05-04 10:15 修改: 2026-07-13 17:17

gnutls CVE-2026-3832 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-04-30 18:16 修改: 2026-07-13 17:17

gnutls CVE-2026-3833 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-04-30 18:16 修改: 2026-07-13 22:16

gnutls CVE-2026-42009 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-05-18 13:16 修改: 2026-07-14 12:17

gnutls CVE-2026-42010 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: gnutls: Authentication Bypass via NUL Character in Username

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-05-07 12:16 修改: 2026-07-14 12:17

gnutls CVE-2026-42011 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: gnutls: Security bypass due to incorrect name constraint handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-05-07 15:16 修改: 2026-07-13 17:17

gnutls CVE-2026-42012 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-05-26 22:16 修改: 2026-07-13 17:17

gnutls CVE-2026-42013 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-05-26 22:16 修改: 2026-07-13 17:17

gnutls CVE-2026-42014 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-16 02:16 修改: 2026-07-13 21:16

gnutls CVE-2026-42015 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-05-26 22:16 修改: 2026-07-13 17:17

gnutls CVE-2026-5260 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-05-26 22:16 修改: 2026-07-13 17:18

gnutls CVE-2026-5419 高危 3.8.10-3.el10_1 3.8.10-4.el10_2 gnutls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-01 21:16 修改: 2026-07-13 22:16

openssl-libs CVE-2026-34180 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl-libs CVE-2026-34181 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl-libs CVE-2026-34182 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl-libs CVE-2026-34183 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38

openssl-libs CVE-2026-42764 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-42766 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-42767 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-42768 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-42769 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-42770 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48

openssl-libs CVE-2026-45445 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

openssl-libs CVE-2026-45446 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52

openssl-libs CVE-2026-45447 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-07-14 12:17

openssl-libs CVE-2026-7383 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02

openssl-libs CVE-2026-9076 高危 1:3.5.5-2.el10_2 1:3.5.5-4.el10_2 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04

coreutils-single CVE-2025-5278 中危 9.5-7.el10 9.5-8.el10_2 coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2025-05-27 21:15 修改: 2026-07-01 11:16

glibc CVE-2026-5450 中危 2.39-121.el10_2 2.39-126.el10_2 glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59

glibc-common CVE-2026-5450 中危 2.39-121.el10_2 2.39-126.el10_2 glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59

glibc-minimal-langpack CVE-2026-5450 中危 2.39-121.el10_2 2.39-126.el10_2 glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59

openssl-libs CVE-2026-28390 中危 1:3.5.5-2.el10_2 1:3.5.5-3.el10_2 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28

vim-data CVE-2026-35177 中危 2:9.1.083-9.el10_2.2 2:9.1.083-9.el10_2.3 vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35177

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-04-06 18:16 修改: 2026-06-17 10:40

vim-data CVE-2026-41411 中危 2:9.1.083-9.el10_2.2 2:9.1.083-9.el10_2.4 vim: Vim: Command injection allows arbitrary code execution via malicious tag files

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41411

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-04-24 17:16 修改: 2026-06-17 10:46

vim-minimal CVE-2026-35177 中危 2:9.1.083-9.el10_2.2 2:9.1.083-9.el10_2.3 vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35177

镜像层: sha256:f0c7ff1acfc99a513a834c43874f79b8584ae074e5e56fa6aafc3dcf4f5ab428

发布日期: 2026-04-06 18:16 修改: 2026-06-17 10:40

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×