docker.io/sameersbn/gitlab:14.2.3 linux/amd64

docker.io/sameersbn/gitlab:14.2.3 - Trivy安全扫描结果扫描时间: 2025-02-14 10:25

全部漏洞信息

低危漏洞:276

中危漏洞:1161

高危漏洞:1040

严重漏洞:100

系统OS: ubuntu 20.04 扫描引擎: Trivy 扫描时间: 2025-02-14 10:25

docker.io/sameersbn/gitlab:14.2.3 (ubuntu 20.04) (ubuntu)

低危漏洞:245

中危漏洞:503

高危漏洞:10

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libexpat1	CVE-2022-25235	高危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25235 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44
libexpat1	CVE-2022-25236	高危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25236 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44
libksba8	CVE-2022-3515	高危	1.3.5-2	1.3.5-2ubuntu0.20.04.1	libksba: integer overflow may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3515 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-01-12 15:15 修改: 2023-07-06 19:15
libnghttp2-14	CVE-2023-44487	高危	1.40.0-1build1	1.40.0-1ubuntu0.2	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
libsasl2-2	CVE-2022-24407	高危	2.1.27+dfsg-2	2.1.27+dfsg-2ubuntu0.1	cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44
libsasl2-modules-db	CVE-2022-24407	高危	2.1.27+dfsg-2	2.1.27+dfsg-2ubuntu0.1	cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44
libssl1.1	CVE-2022-0778	高危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.12	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2023-0286	高危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.17	openssl: X.400 address type confusion in X.509 GeneralName 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
openssl	CVE-2022-0778	高危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.12	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
openssl	CVE-2023-0286	高危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.17	openssl: X.400 address type confusion in X.509 GeneralName 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
curl	CVE-2022-32208	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.12	curl: FTP-KRB bad message verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00
curl	CVE-2022-32221	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.14	curl: POST following PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32221 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-12-05 22:15 修改: 2024-03-27 15:00
curl	CVE-2022-43552	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.15	curl: Use-after-free triggered by an HTTP proxy deny response 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-09 20:15 修改: 2024-10-27 15:35
curl	CVE-2023-23916	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.16	curl: HTTP multi-header compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-23 20:15 修改: 2024-03-27 14:54
curl	CVE-2023-27535	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: FTP too eager connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:47
curl	CVE-2023-46218	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.21	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15
curl	CVE-2024-2398	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.22	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
curl	CVE-2024-7264	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.23	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
curl	CVE-2024-8096	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.24	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-09-11 10:15 修改: 2024-09-11 16:26
dirmngr	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
dpkg	CVE-2022-1664	中危	1.19.7ubuntu3	1.19.7ubuntu3.2	Dpkg::Source::Archive in dpkg, the Debian package management system, b ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1664 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-05-26 14:15 修改: 2022-12-03 02:19
e2fsprogs	CVE-2022-1304	中危	1.45.5-2ubuntu1	1.45.5-2ubuntu1.1	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
fdisk	CVE-2021-3995	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3995 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-01-07 09:15
fdisk	CVE-2021-3996	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of filesystems in libmount 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3996 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-10-15 16:35
fdisk	CVE-2024-28085	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.5	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
gnupg	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gnupg-l10n	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gnupg-utils	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gnupg2	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gpg	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gpg-agent	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gpg-wks-client	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gpg-wks-server	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gpgconf	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gpgsm	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
gpgv	CVE-2022-34903	中危	2.2.19-3ubuntu2.1	2.2.19-3ubuntu2.2	gpg: Signature spoofing via status line injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34903 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-07-01 22:15 修改: 2023-11-07 03:48
graphicsmagick	CVE-2020-12672	中危	1.4+really1.3.35-1	1.4+really1.3.35-1ubuntu0.1	GraphicsMagick through 1.3.35 has a heap-based buffer overflow in Read ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12672 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2020-05-06 03:15 修改: 2022-11-14 18:49
graphicsmagick	CVE-2022-1270	中危	1.4+really1.3.35-1	1.4+really1.3.35-1ubuntu0.1	In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1270 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-09-28 20:15 修改: 2023-02-01 14:11
gzip	CVE-2022-1271	中危	1.10-0ubuntu4	1.10-0ubuntu4.1	gzip: arbitrary-file-write vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
libasn1-8-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-26 05:15 修改: 2023-10-08 09:15
libasn1-8-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	CVE-2022-3116 affecting package heimdal for versions less than 7.7.1-4 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-27 22:15 修改: 2023-05-05 20:15
libasn1-8-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-01-12 15:15 修改: 2024-10-28 19:35
libasn1-8-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.2	Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-11-15 23:15 修改: 2023-10-08 09:15
libasn1-8-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libasn1-8-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 05:15 修改: 2023-10-08 09:15
libasn1-8-heimdal	CVE-2022-45142	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.4	samba: fix introduced a logic inversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45142 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-06 23:15 修改: 2023-10-08 09:15
libblkid1	CVE-2021-3995	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3995 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-01-07 09:15
libblkid1	CVE-2021-3996	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of filesystems in libmount 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3996 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-10-15 16:35
libblkid1	CVE-2024-28085	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.5	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libc-bin	CVE-2021-3999	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Off-by-one buffer overflow/underflow in getcwd() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-24 16:15 修改: 2023-02-12 23:43
libc-bin	CVE-2024-2961	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.15	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
libc-bin	CVE-2024-33599	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin	CVE-2024-33600	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin	CVE-2024-33601	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin	CVE-2024-33602	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6	CVE-2021-3999	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Off-by-one buffer overflow/underflow in getcwd() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-24 16:15 修改: 2023-02-12 23:43
libc6	CVE-2024-2961	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.15	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
libc6	CVE-2024-33599	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6	CVE-2024-33600	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6	CVE-2024-33601	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6	CVE-2024-33602	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libcap2	CVE-2023-2603	中危	1:2.32-1	1:2.32-1ubuntu0.1	libcap: Integer Overflow in _libcap_strdup() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2603 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-06 20:15 修改: 2024-10-10 16:32
libcap2-bin	CVE-2023-2603	中危	1:2.32-1	1:2.32-1ubuntu0.1	libcap: Integer Overflow in _libcap_strdup() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2603 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-06 20:15 修改: 2024-10-10 16:32
libcom-err2	CVE-2022-1304	中危	1.45.5-2ubuntu1	1.45.5-2ubuntu1.1	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
libcurl3-gnutls	CVE-2021-22946	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.7	curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12
libcurl3-gnutls	CVE-2021-22947	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.7	curl: Server responses received before STARTTLS processed after TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03
libcurl3-gnutls	CVE-2022-22576	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: OAUTH2 bearer bypass in connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-05-26 17:15 修改: 2024-03-27 15:02
libcurl3-gnutls	CVE-2022-27774	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: credential leak on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
libcurl3-gnutls	CVE-2022-27782	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.11	curl: TLS and SSH connection too eager reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01
libcurl3-gnutls	CVE-2022-32206	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.12	curl: HTTP compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00
libcurl3-gnutls	CVE-2022-32208	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.12	curl: FTP-KRB bad message verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00
libcurl3-gnutls	CVE-2022-32221	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.14	curl: POST following PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32221 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-12-05 22:15 修改: 2024-03-27 15:00
libcurl3-gnutls	CVE-2022-43552	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.15	curl: Use-after-free triggered by an HTTP proxy deny response 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-09 20:15 修改: 2024-10-27 15:35
libcurl3-gnutls	CVE-2023-23916	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.16	curl: HTTP multi-header compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-23 20:15 修改: 2024-03-27 14:54
libcurl3-gnutls	CVE-2023-27535	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: FTP too eager connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:47
libcurl3-gnutls	CVE-2023-46218	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.21	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15
libcurl3-gnutls	CVE-2024-2398	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.22	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
libcurl3-gnutls	CVE-2024-7264	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.23	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
libcurl3-gnutls	CVE-2024-8096	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.24	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-09-11 10:15 修改: 2024-09-11 16:26
libcurl4	CVE-2021-22946	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.7	curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12
libcurl4	CVE-2021-22947	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.7	curl: Server responses received before STARTTLS processed after TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03
libcurl4	CVE-2022-22576	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: OAUTH2 bearer bypass in connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-05-26 17:15 修改: 2024-03-27 15:02
libcurl4	CVE-2022-27774	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: credential leak on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
libcurl4	CVE-2022-27782	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.11	curl: TLS and SSH connection too eager reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01
libcurl4	CVE-2022-32206	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.12	curl: HTTP compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00
libcurl4	CVE-2022-32208	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.12	curl: FTP-KRB bad message verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32208 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00
libcurl4	CVE-2022-32221	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.14	curl: POST following PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32221 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-12-05 22:15 修改: 2024-03-27 15:00
libcurl4	CVE-2022-43552	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.15	curl: Use-after-free triggered by an HTTP proxy deny response 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-09 20:15 修改: 2024-10-27 15:35
libcurl4	CVE-2023-23916	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.16	curl: HTTP multi-header compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-23 20:15 修改: 2024-03-27 14:54
libcurl4	CVE-2023-27535	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: FTP too eager connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:47
libcurl4	CVE-2023-46218	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.21	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-07 01:15 修改: 2024-01-25 14:15
libcurl4	CVE-2024-2398	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.22	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
libcurl4	CVE-2024-7264	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.23	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
libcurl4	CVE-2024-8096	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.24	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-09-11 10:15 修改: 2024-09-11 16:26
libelf1	CVE-2020-21047	中危	0.176-1.1build1	0.176-1.1ubuntu0.1	The libcpu component which is used by libasm of elfutils version 0.177 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-21047 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-22 19:16 修改: 2023-11-07 03:19
bsdutils	CVE-2021-3995	中危	1:2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3995 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-01-07 09:15
bsdutils	CVE-2021-3996	中危	1:2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of filesystems in libmount 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3996 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-10-15 16:35
libexpat1	CVE-2021-46143	中危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Integer overflow in doProlog in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46143 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-06 04:15 修改: 2022-10-06 19:11
libexpat1	CVE-2022-22822	中危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Integer overflow in addBinding in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22822 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-10 14:12 修改: 2022-10-06 15:29
libexpat1	CVE-2022-22823	中危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Integer overflow in build_model in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22823 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
libexpat1	CVE-2022-22824	中危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Integer overflow in defineAttribute in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22824 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
libexpat1	CVE-2022-22825	中危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Integer overflow in lookup in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22825 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
libexpat1	CVE-2022-22826	中危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Integer overflow in nextScaffoldPart in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22826 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:44
libexpat1	CVE-2022-22827	中危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Integer overflow in storeAtts in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22827 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:52
libexpat1	CVE-2022-23852	中危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Integer overflow in function XML_GetBuffer 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23852 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-24 02:15 修改: 2022-10-29 02:44
libexpat1	CVE-2022-23990	中危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: integer overflow in the doProlog function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23990 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-26 19:15 修改: 2023-11-07 03:44
libexpat1	CVE-2022-25313	中危	2.2.9-1build1	2.2.9-1ubuntu0.4	expat: Stack exhaustion in doctype parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25313 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44
libexpat1	CVE-2022-25314	中危	2.2.9-1build1	2.2.9-1ubuntu0.4	expat: Integer overflow in copyString() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25314 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44
libexpat1	CVE-2022-25315	中危	2.2.9-1build1	2.2.9-1ubuntu0.4	expat: Integer overflow in storeRawNames() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25315 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44
libexpat1	CVE-2022-40674	中危	2.2.9-1build1	2.2.9-1ubuntu0.5	expat: a use-after-free in the doContent function in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40674 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-09-14 11:15 修改: 2023-11-07 03:52
libexpat1	CVE-2022-43680	中危	2.2.9-1build1	2.2.9-1ubuntu0.6	expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43680 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-10-24 14:15 修改: 2024-01-21 02:08
libexpat1	CVE-2024-45490	中危	2.2.9-1build1	2.2.9-1ubuntu0.7	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
libexpat1	CVE-2024-45491	中危	2.2.9-1build1	2.2.9-1ubuntu0.7	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat1	CVE-2024-45492	中危	2.2.9-1build1	2.2.9-1ubuntu0.7	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat1	CVE-2024-50602	中危	2.2.9-1build1	2.2.9-1ubuntu0.8	libexpat: expat: DoS via XML_ResumeParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
libext2fs2	CVE-2022-1304	中危	1.45.5-2ubuntu1	1.45.5-2ubuntu1.1	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
libfdisk1	CVE-2021-3995	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3995 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-01-07 09:15
libfdisk1	CVE-2021-3996	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of filesystems in libmount 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3996 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-10-15 16:35
libfdisk1	CVE-2024-28085	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.5	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libfreetype6	CVE-2022-27404	中危	2.10.1-2ubuntu0.1	2.10.1-2ubuntu0.2	FreeType: Buffer overflow in sfnt_init_face 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27404 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-22 14:15 修改: 2024-02-29 01:34
libfreetype6	CVE-2022-31782	中危	2.10.1-2ubuntu0.1	2.10.1-2ubuntu0.2	ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based bu ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31782 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2022-06-10 18:08
libfreetype6	CVE-2025-23022	中危	2.10.1-2ubuntu0.1		freetype: signed integer overflow in cf2_doFlex 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23022 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2025-01-10 15:15 修改: 2025-01-16 21:12
libgcrypt20	CVE-2021-40528	中危	1.8.5-5ubuntu1	1.8.5-5ubuntu1.1	libgcrypt: ElGamal implementation allows plaintext recovery 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40528 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-09-06 19:15 修改: 2023-11-07 03:38
libgd3	CVE-2021-40145	中危	2.2.5-5.2ubuntu2	2.2.5-5.2ubuntu2.1	gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) throu ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40145 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-08-26 01:15 修改: 2024-08-04 03:15
libgnutls30	CVE-2022-2509	中危	3.6.13-2ubuntu1.6	3.6.13-2ubuntu1.7	gnutls: Double free during gnutls_pkcs7_verify 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2509 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-01 14:15 修改: 2023-11-07 03:46
libgnutls30	CVE-2023-0361	中危	3.6.13-2ubuntu1.6	3.6.13-2ubuntu1.8	gnutls: timing side-channel in the TLS RSA key exchange code 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0361 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-02-15 18:15 修改: 2023-11-07 04:00
libgnutls30	CVE-2023-5981	中危	3.6.13-2ubuntu1.6	3.6.13-2ubuntu1.9	gnutls: timing side-channel in the RSA-PSK authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5981 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-11-28 12:15 修改: 2024-09-16 13:15
libgnutls30	CVE-2024-0553	中危	3.6.13-2ubuntu1.6	3.6.13-2ubuntu1.10	gnutls: incomplete fix for CVE-2023-5981 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-01-16 12:15 修改: 2024-09-16 13:15
libgnutls30	CVE-2024-28834	中危	3.6.13-2ubuntu1.6	3.6.13-2ubuntu1.11	gnutls: vulnerable to Minerva side-channel information leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-21 14:15 修改: 2024-11-21 21:15
libgraphicsmagick-q16-3	CVE-2020-12672	中危	1.4+really1.3.35-1	1.4+really1.3.35-1ubuntu0.1	GraphicsMagick through 1.3.35 has a heap-based buffer overflow in Read ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12672 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2020-05-06 03:15 修改: 2022-11-14 18:49
libgraphicsmagick-q16-3	CVE-2022-1270	中危	1.4+really1.3.35-1	1.4+really1.3.35-1ubuntu0.1	In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1270 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-09-28 20:15 修改: 2023-02-01 14:11
libgssapi-krb5-2	CVE-2021-36222	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.3	krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36222 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-07-22 18:15 修改: 2021-11-28 23:19
libgssapi-krb5-2	CVE-2021-37750	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libgssapi-krb5-2	CVE-2022-42898	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.2	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libgssapi-krb5-2	CVE-2023-36054	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.4	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-07 19:15 修改: 2023-11-15 03:23
libgssapi-krb5-2	CVE-2024-26462	中危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libgssapi-krb5-2	CVE-2024-37370	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.6	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libgssapi-krb5-2	CVE-2024-37371	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.6	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libgssapi3-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-26 05:15 修改: 2023-10-08 09:15
libgssapi3-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	CVE-2022-3116 affecting package heimdal for versions less than 7.7.1-4 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-27 22:15 修改: 2023-05-05 20:15
libgssapi3-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-01-12 15:15 修改: 2024-10-28 19:35
libgssapi3-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.2	Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-11-15 23:15 修改: 2023-10-08 09:15
libgssapi3-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libgssapi3-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 05:15 修改: 2023-10-08 09:15
libgssapi3-heimdal	CVE-2022-45142	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.4	samba: fix introduced a logic inversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45142 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-06 23:15 修改: 2023-10-08 09:15
libhcrypto4-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-26 05:15 修改: 2023-10-08 09:15
libhcrypto4-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	CVE-2022-3116 affecting package heimdal for versions less than 7.7.1-4 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-27 22:15 修改: 2023-05-05 20:15
libhcrypto4-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-01-12 15:15 修改: 2024-10-28 19:35
libhcrypto4-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.2	Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-11-15 23:15 修改: 2023-10-08 09:15
libhcrypto4-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libhcrypto4-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 05:15 修改: 2023-10-08 09:15
libhcrypto4-heimdal	CVE-2022-45142	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.4	samba: fix introduced a logic inversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45142 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-06 23:15 修改: 2023-10-08 09:15
libheimbase1-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-26 05:15 修改: 2023-10-08 09:15
libheimbase1-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	CVE-2022-3116 affecting package heimdal for versions less than 7.7.1-4 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-27 22:15 修改: 2023-05-05 20:15
libheimbase1-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-01-12 15:15 修改: 2024-10-28 19:35
libheimbase1-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.2	Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-11-15 23:15 修改: 2023-10-08 09:15
libheimbase1-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libheimbase1-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 05:15 修改: 2023-10-08 09:15
libheimbase1-heimdal	CVE-2022-45142	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.4	samba: fix introduced a logic inversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45142 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-06 23:15 修改: 2023-10-08 09:15
libheimntlm0-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-26 05:15 修改: 2023-10-08 09:15
libheimntlm0-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	CVE-2022-3116 affecting package heimdal for versions less than 7.7.1-4 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-27 22:15 修改: 2023-05-05 20:15
libheimntlm0-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-01-12 15:15 修改: 2024-10-28 19:35
libheimntlm0-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.2	Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-11-15 23:15 修改: 2023-10-08 09:15
libheimntlm0-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libheimntlm0-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 05:15 修改: 2023-10-08 09:15
libheimntlm0-heimdal	CVE-2022-45142	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.4	samba: fix introduced a logic inversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45142 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-06 23:15 修改: 2023-10-08 09:15
libhx509-5-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-26 05:15 修改: 2023-10-08 09:15
libhx509-5-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	CVE-2022-3116 affecting package heimdal for versions less than 7.7.1-4 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-27 22:15 修改: 2023-05-05 20:15
libhx509-5-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-01-12 15:15 修改: 2024-10-28 19:35
libhx509-5-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.2	Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-11-15 23:15 修改: 2023-10-08 09:15
libhx509-5-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libhx509-5-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 05:15 修改: 2023-10-08 09:15
libhx509-5-heimdal	CVE-2022-45142	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.4	samba: fix introduced a logic inversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45142 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-06 23:15 修改: 2023-10-08 09:15
libicu66	CVE-2021-30535	中危	66.1-2ubuntu2	66.1-2ubuntu2.1	Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a re ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-30535 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-06-07 20:15 修改: 2023-11-07 03:33
libimage-exiftool-perl	CVE-2022-23935	中危	11.88-1ubuntu0.1		lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ / ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23935 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-25 06:15 修改: 2023-08-08 14:21
libjpeg-turbo8	CVE-2020-35538	中危	2.0.3-0ubuntu1.20.04.1	2.0.3-0ubuntu1.20.04.3	libjpeg-turbo: Null pointer dereference in jcopy_sample_rows() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35538 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-31 16:15 修改: 2022-09-20 17:39
libk5crypto3	CVE-2021-36222	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.3	krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36222 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-07-22 18:15 修改: 2021-11-28 23:19
libk5crypto3	CVE-2021-37750	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libk5crypto3	CVE-2022-42898	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.2	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libk5crypto3	CVE-2023-36054	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.4	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-07 19:15 修改: 2023-11-15 03:23
libk5crypto3	CVE-2024-26462	中危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3	CVE-2024-37370	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.6	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libk5crypto3	CVE-2024-37371	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.6	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libkrb5-26-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-26 05:15 修改: 2023-10-08 09:15
libkrb5-26-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	CVE-2022-3116 affecting package heimdal for versions less than 7.7.1-4 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-27 22:15 修改: 2023-05-05 20:15
libkrb5-26-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-01-12 15:15 修改: 2024-10-28 19:35
libkrb5-26-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.2	Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-11-15 23:15 修改: 2023-10-08 09:15
libkrb5-26-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libkrb5-26-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 05:15 修改: 2023-10-08 09:15
libkrb5-26-heimdal	CVE-2022-45142	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.4	samba: fix introduced a logic inversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45142 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-06 23:15 修改: 2023-10-08 09:15
libkrb5-3	CVE-2021-36222	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.3	krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36222 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-07-22 18:15 修改: 2021-11-28 23:19
libkrb5-3	CVE-2021-37750	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libkrb5-3	CVE-2022-42898	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.2	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libkrb5-3	CVE-2023-36054	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.4	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-07 19:15 修改: 2023-11-15 03:23
libkrb5-3	CVE-2024-26462	中危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3	CVE-2024-37370	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.6	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libkrb5-3	CVE-2024-37371	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.6	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libkrb5support0	CVE-2021-36222	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.3	krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36222 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-07-22 18:15 修改: 2021-11-28 23:19
libkrb5support0	CVE-2021-37750	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libkrb5support0	CVE-2022-42898	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.2	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libkrb5support0	CVE-2023-36054	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.4	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-07 19:15 修改: 2023-11-15 03:23
libkrb5support0	CVE-2024-26462	中危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/kdc/ndr.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0	CVE-2024-37370	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.6	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libkrb5support0	CVE-2024-37371	中危	1.17-6ubuntu4.1	1.17-6ubuntu4.6	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
bsdutils	CVE-2024-28085	中危	1:2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.5	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libksba8	CVE-2022-47629	中危	1.3.5-2	1.3.5-2ubuntu0.20.04.2	libksba: integer overflow to code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47629 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-20 23:15 修改: 2023-11-07 03:56
libldap-2.4-2	CVE-2022-29155	中危	2.4.49+dfsg-2ubuntu1.8	2.4.49+dfsg-2ubuntu1.9	openldap: OpenLDAP SQL injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29155 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-05-04 20:15 修改: 2022-10-06 15:56
libldap-common	CVE-2022-29155	中危	2.4.49+dfsg-2ubuntu1.8	2.4.49+dfsg-2ubuntu1.9	openldap: OpenLDAP SQL injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29155 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-05-04 20:15 修改: 2022-10-06 15:56
liblzma5	CVE-2022-1271	中危	5.2.4-1ubuntu1	5.2.4-1ubuntu1.1	gzip: arbitrary-file-write vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
libmount1	CVE-2021-3995	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3995 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-01-07 09:15
libmount1	CVE-2021-3996	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of filesystems in libmount 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3996 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-10-15 16:35
libmount1	CVE-2024-28085	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.5	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libncurses5	CVE-2023-29491	中危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
libncurses6	CVE-2023-29491	中危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
libncursesw6	CVE-2023-29491	中危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
ca-certificates	CVE-2022-23491	中危	20210119~20.04.1	20211016ubuntu0.20.04.1	python-certifi: untrusted root certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23491 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-07 22:15 修改: 2023-03-24 18:12
libnghttp2-14	CVE-2020-11080	中危	1.40.0-1build1	1.40.0-1ubuntu0.1	nghttp2: overly large SETTINGS frames can lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11080 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2020-06-03 23:15 修改: 2023-11-07 03:14
libnghttp2-14	CVE-2024-28182	中危	1.40.0-1build1	1.40.0-1ubuntu0.3	nghttp2: CONTINUATION frames DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-04-04 15:15 修改: 2024-05-01 18:15
libpam-modules	CVE-2024-10041	中危	1.3.1-5ubuntu4.2		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules	CVE-2024-22365	中危	1.3.1-5ubuntu4.2	1.3.1-5ubuntu4.7	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27
libpam-modules-bin	CVE-2024-10041	中危	1.3.1-5ubuntu4.2		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules-bin	CVE-2024-22365	中危	1.3.1-5ubuntu4.2	1.3.1-5ubuntu4.7	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27
libpam-runtime	CVE-2024-10041	中危	1.3.1-5ubuntu4.2		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-runtime	CVE-2024-22365	中危	1.3.1-5ubuntu4.2	1.3.1-5ubuntu4.7	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27
libpam0g	CVE-2024-10041	中危	1.3.1-5ubuntu4.2		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam0g	CVE-2024-22365	中危	1.3.1-5ubuntu4.2	1.3.1-5ubuntu4.7	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-02-06 08:15 修改: 2024-02-14 00:27
libperl5.30	CVE-2020-16156	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.3	perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
libperl5.30	CVE-2023-31484	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.4	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-29 00:15 修改: 2024-08-01 13:43
libperl5.30	CVE-2023-47038	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.5	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 14:15 修改: 2024-09-16 16:15
libpython3.8-minimal	CVE-2021-29921	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.1	python-ipaddress: Improper input validation of octal strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29921 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-05-06 13:15 修改: 2023-05-03 11:15
libpython3.8-minimal	CVE-2021-3737	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.2	python: urllib: HTTP client possible infinite loop on a 100 Continue response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-04 19:15 修改: 2023-11-07 03:38
libpython3.8-minimal	CVE-2022-0391	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.4	python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-09 23:15 修改: 2023-11-07 03:41
libpython3.8-minimal	CVE-2022-37454	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.6	XKCP: buffer overflow in the SHA-3 reference implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37454 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-10-21 06:15 修改: 2023-05-03 11:15
libpython3.8-minimal	CVE-2022-45061	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.6	python: CPU denial of service via inefficient IDNA decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-11-09 07:15 修改: 2023-11-07 03:54
libpython3.8-minimal	CVE-2023-24329	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.8	python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
libpython3.8-minimal	CVE-2023-27043	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
libpython3.8-minimal	CVE-2023-40217	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.9	python: TLS handshake bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-25 01:15 修改: 2023-11-07 04:20
libpython3.8-minimal	CVE-2023-6597	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.10	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
libpython3.8-minimal	CVE-2024-0397	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.11	cpython: python: Memory race condition in ssl.SSLContext certificate store methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-17 16:15 修改: 2024-07-03 01:44
libpython3.8-minimal	CVE-2024-0450	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.10	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
libpython3.8-minimal	CVE-2024-11168	中危	3.8.10-0ubuntu1~20.04		python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
libpython3.8-minimal	CVE-2024-6232	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
libpython3.8-minimal	CVE-2024-6923	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
libpython3.8-minimal	CVE-2024-8088	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
libpython3.8-minimal	CVE-2024-9287	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.13	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
libpython3.8-stdlib	CVE-2021-29921	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.1	python-ipaddress: Improper input validation of octal strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29921 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-05-06 13:15 修改: 2023-05-03 11:15
libpython3.8-stdlib	CVE-2021-3737	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.2	python: urllib: HTTP client possible infinite loop on a 100 Continue response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-04 19:15 修改: 2023-11-07 03:38
libpython3.8-stdlib	CVE-2022-0391	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.4	python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-09 23:15 修改: 2023-11-07 03:41
libpython3.8-stdlib	CVE-2022-37454	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.6	XKCP: buffer overflow in the SHA-3 reference implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37454 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-10-21 06:15 修改: 2023-05-03 11:15
libpython3.8-stdlib	CVE-2022-45061	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.6	python: CPU denial of service via inefficient IDNA decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-11-09 07:15 修改: 2023-11-07 03:54
libpython3.8-stdlib	CVE-2023-24329	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.8	python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
libpython3.8-stdlib	CVE-2023-27043	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
libpython3.8-stdlib	CVE-2023-40217	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.9	python: TLS handshake bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-25 01:15 修改: 2023-11-07 04:20
libpython3.8-stdlib	CVE-2023-6597	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.10	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
libpython3.8-stdlib	CVE-2024-0397	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.11	cpython: python: Memory race condition in ssl.SSLContext certificate store methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-17 16:15 修改: 2024-07-03 01:44
libpython3.8-stdlib	CVE-2024-0450	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.10	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
libpython3.8-stdlib	CVE-2024-11168	中危	3.8.10-0ubuntu1~20.04		python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
libpython3.8-stdlib	CVE-2024-6232	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
libpython3.8-stdlib	CVE-2024-6923	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
libpython3.8-stdlib	CVE-2024-8088	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
libpython3.8-stdlib	CVE-2024-9287	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.13	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
libroken18-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-26 05:15 修改: 2023-10-08 09:15
libroken18-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	CVE-2022-3116 affecting package heimdal for versions less than 7.7.1-4 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-27 22:15 修改: 2023-05-05 20:15
libroken18-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-01-12 15:15 修改: 2024-10-28 19:35
libroken18-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.2	Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-11-15 23:15 修改: 2023-10-08 09:15
libroken18-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libroken18-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 05:15 修改: 2023-10-08 09:15
libroken18-heimdal	CVE-2022-45142	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.4	samba: fix introduced a logic inversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45142 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-06 23:15 修改: 2023-10-08 09:15
curl	CVE-2021-22946	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.7	curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12
curl	CVE-2021-22947	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.7	curl: Server responses received before STARTTLS processed after TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03
libsmartcols1	CVE-2021-3995	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3995 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-01-07 09:15
libsmartcols1	CVE-2021-3996	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of filesystems in libmount 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3996 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-10-15 16:35
libsmartcols1	CVE-2024-28085	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.5	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libsqlite3-0	CVE-2020-35525	中危	3.31.1-4ubuntu0.2	3.31.1-4ubuntu0.4	sqlite: Null pointer derreference in src/select.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35525 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-09-01 18:15 修改: 2023-07-06 19:15
libsqlite3-0	CVE-2020-35527	中危	3.31.1-4ubuntu0.2	3.31.1-4ubuntu0.4	sqlite: Out of bounds access during table rename 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35527 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-09-01 18:15 修改: 2022-12-08 22:29
libsqlite3-0	CVE-2022-35737	中危	3.31.1-4ubuntu0.2	3.31.1-4ubuntu0.5	sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35737 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-08-03 06:15 修改: 2024-03-27 16:05
libsqlite3-0	CVE-2023-7104	中危	3.31.1-4ubuntu0.2	3.31.1-4ubuntu0.6	sqlite: heap-buffer-overflow at sessionfuzz 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-12-29 10:15 修改: 2024-05-17 02:34
libss2	CVE-2022-1304	中危	1.45.5-2ubuntu1	1.45.5-2ubuntu1.1	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
libssh-4	CVE-2023-1667	中危	0.9.3-2ubuntu2.2	0.9.3-2ubuntu2.3	libssh: NULL pointer dereference during rekeying with algorithm guessing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1667 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-26 18:15 修改: 2023-12-22 10:15
libssh-4	CVE-2023-2283	中危	0.9.3-2ubuntu2.2	0.9.3-2ubuntu2.3	libssh: authorization bypass in pki_verify_data_signature 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2283 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-26 18:15 修改: 2024-02-01 17:15
libssh-4	CVE-2023-48795	中危	0.9.3-2ubuntu2.2	0.9.3-2ubuntu2.4	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
libssh-4	CVE-2023-6004	中危	0.9.3-2ubuntu2.2	0.9.3-2ubuntu2.5	libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6004 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-01-03 17:15 修改: 2024-09-16 18:15
libssh-4	CVE-2023-6918	中危	0.9.3-2ubuntu2.2	0.9.3-2ubuntu2.5	libssh: Missing checks for return values for digests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6918 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-19 00:15 修改: 2024-09-16 18:15
curl	CVE-2022-22576	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: OAUTH2 bearer bypass in connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22576 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-05-26 17:15 修改: 2024-03-27 15:02
curl	CVE-2022-27774	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: credential leak on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27774 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
libssl1.1	CVE-2022-1292	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.13	openssl: c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41
libssl1.1	CVE-2022-2068	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.15	openssl: the c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2068 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-06-21 15:15 修改: 2023-11-07 03:46
libssl1.1	CVE-2022-2097	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.16	openssl: AES OCB fails to encrypt some bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-05 11:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2022-4304	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.17	openssl: timing attack in RSA Decryption implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
libssl1.1	CVE-2022-4450	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.17	openssl: double free after calling PEM_read_bio_ex 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
libssl1.1	CVE-2023-0215	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.17	openssl: use-after-free following BIO_new_NDEF 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-08 20:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2023-2650	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.19	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15
libsystemd0	CVE-2021-3997	中危	245.4-4ubuntu3.11	245.4-4ubuntu3.15	systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15
libsystemd0	CVE-2022-3821	中危	245.4-4ubuntu3.11	245.4-4ubuntu3.20	systemd: buffer overrun in format_timespan() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51
libsystemd0	CVE-2022-4415	中危	245.4-4ubuntu3.11	245.4-4ubuntu3.20	systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19
libtiff5	CVE-2020-19143	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.2	libtiff: buffer overflow in TIFFVGetField() in libtiff/tif_dir.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-19143 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-09 15:15 修改: 2021-11-30 19:38
libtiff5	CVE-2022-0865	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.3	libtiff: reachable assertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0865 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-10 17:44 修改: 2023-11-07 03:41
libtiff5	CVE-2022-0891	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.3	libtiff: heap buffer overflow in extractImageSection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0891 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-10 17:44 修改: 2023-11-07 03:41
libtiff5	CVE-2022-0907	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.4	tiff: NULL Pointer Dereference in tiffcrop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0907 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-11 18:15 修改: 2023-11-07 03:41
libtiff5	CVE-2022-0908	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.4	tiff: Null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() in tif_dirread.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0908 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-11 18:15 修改: 2023-11-07 03:41
libtiff5	CVE-2022-0909	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.4	tiff: Divide By Zero error in tiffcrop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0909 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-11 18:15 修改: 2023-11-07 03:41
libtiff5	CVE-2022-0924	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.4	libtiff: Out-of-bounds Read error in tiffcp 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0924 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-11 18:15 修改: 2023-11-07 03:41
libtiff5	CVE-2022-1056	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.3	libtiff: heap-based buffer overflow in _TIFFmemcpy() in tif_unix.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1056 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-28 19:15 修改: 2023-02-22 17:35
libtiff5	CVE-2022-1354	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.5	libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1354 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-31 16:15 修改: 2023-02-23 15:50
libtiff5	CVE-2022-1355	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.5	libtiff: stack-buffer-overflow in tiffcp.c in main() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1355 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-31 16:15 修改: 2023-02-23 15:52
libtiff5	CVE-2022-34266	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.3	Use of Uninitialized Resource 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34266 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-07-19 20:15 修改: 2022-09-23 15:19
libtiff5	CVE-2022-34526	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34526 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-07-29 23:15 修改: 2023-11-07 03:48
libtiff5	CVE-2022-3570	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: heap Buffer overflows in tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3570 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-10-21 16:15 修改: 2023-02-23 16:02
libtiff5	CVE-2022-3598	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3598 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-10-21 16:15 修改: 2023-03-31 16:05
libtiff5	CVE-2022-3599	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3599 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-10-21 16:15 修改: 2023-02-23 16:06
libtiff5	CVE-2022-3970	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.7	libtiff: integer overflow in function TIFFReadRGBATileExt of the file 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3970 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-11-13 08:15 修改: 2023-11-17 19:04
libtiff5	CVE-2022-40090	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.11	libtiff: infinite loop via a crafted TIFF file 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40090 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-22 19:16 修改: 2023-08-26 02:13
libtiff5	CVE-2022-4645	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4645 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-03 16:15 修改: 2023-11-07 03:58
libtiff5	CVE-2022-48281	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.9	libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48281 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-01-23 03:15 修改: 2023-05-30 06:16
libtiff5	CVE-2023-0795	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0795 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-13 23:15 修改: 2023-05-30 06:16
libtiff5	CVE-2023-0796	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0796 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-13 23:15 修改: 2023-05-30 06:16
libtiff5	CVE-2023-0797	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0797 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-13 23:15 修改: 2023-05-30 06:16
libtiff5	CVE-2023-0798	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0798 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-13 23:15 修改: 2023-05-30 06:16
libtiff5	CVE-2023-0799	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0799 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-13 23:15 修改: 2023-05-30 06:16
libtiff5	CVE-2023-0800	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0800 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-13 23:15 修改: 2023-05-30 06:16
libtiff5	CVE-2023-0801	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0801 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-13 23:15 修改: 2023-05-30 06:16
libtiff5	CVE-2023-0802	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0802 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-13 23:15 修改: 2023-05-30 06:16
libtiff5	CVE-2023-0803	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0803 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-13 23:15 修改: 2023-05-30 06:16
libtiff5	CVE-2023-0804	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0804 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-13 23:15 修改: 2023-11-07 04:01
libtiff5	CVE-2023-25433	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.9	libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25433 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-29 20:15 修改: 2023-08-01 02:15
libtiff5	CVE-2023-26966	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.9	libtiff: Buffer Overflow in uv_encode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26966 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-29 20:15 修改: 2023-08-01 02:15
libtiff5	CVE-2023-2908	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.9	libtiff: null pointer dereference in tif_dir.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2908 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-30 22:15 修改: 2023-11-07 04:13
libtiff5	CVE-2023-30774	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-30774 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-19 15:15 修改: 2024-01-09 02:51
libtiff5	CVE-2023-30775	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: Heap buffer overflow in extractContigSamples32bits, tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-30775 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-19 15:15 修改: 2023-07-03 16:15
libtiff5	CVE-2023-3618	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.9	libtiff: segmentation fault in Fax3Encode in libtiff/tif_fax3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3618 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-07-12 15:15 修改: 2024-03-23 11:15
libtiff5	CVE-2023-52356	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.12	libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52356 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-01-25 20:15 修改: 2024-09-16 20:15
libtiff5	CVE-2024-7006	中危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.14	libtiff: NULL pointer dereference in tif_dirinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7006 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-12 13:38 修改: 2024-11-06 10:15
libtinfo5	CVE-2023-29491	中危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
libtinfo6	CVE-2023-29491	中危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
libudev1	CVE-2021-3997	中危	245.4-4ubuntu3.11	245.4-4ubuntu3.15	systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15
libudev1	CVE-2022-3821	中危	245.4-4ubuntu3.11	245.4-4ubuntu3.20	systemd: buffer overrun in format_timespan() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-11-08 22:15 修改: 2023-11-07 03:51
libudev1	CVE-2022-4415	中危	245.4-4ubuntu3.11	245.4-4ubuntu3.20	systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-01-11 15:15 修改: 2023-02-02 16:19
libuuid1	CVE-2021-3995	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3995 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-01-07 09:15
libuuid1	CVE-2021-3996	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of filesystems in libmount 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3996 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-10-15 16:35
libuuid1	CVE-2024-28085	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.5	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libwebp6	CVE-2023-1999	中危	0.6.1-2ubuntu0.20.04.1	0.6.1-2ubuntu0.20.04.2	Mozilla: libwebp: Double-free in libwebp 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1999 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-20 12:15 修改: 2023-09-17 09:15
libwebp6	CVE-2023-4863	中危	0.6.1-2ubuntu0.20.04.1	0.6.1-2ubuntu0.20.04.3	libwebp: Heap buffer overflow in WebP Codec 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4863 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-09-12 15:15 修改: 2024-12-20 19:00
libwebpmux3	CVE-2023-1999	中危	0.6.1-2ubuntu0.20.04.1	0.6.1-2ubuntu0.20.04.2	Mozilla: libwebp: Double-free in libwebp 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1999 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-20 12:15 修改: 2023-09-17 09:15
libwebpmux3	CVE-2023-4863	中危	0.6.1-2ubuntu0.20.04.1	0.6.1-2ubuntu0.20.04.3	libwebp: Heap buffer overflow in WebP Codec 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4863 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-09-12 15:15 修改: 2024-12-20 19:00
libwind0-heimdal	CVE-2021-44758	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44758 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-26 05:15 修改: 2023-10-08 09:15
libwind0-heimdal	CVE-2022-3116	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	CVE-2022-3116 affecting package heimdal for versions less than 7.7.1-4 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3116 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-27 22:15 修改: 2023-05-05 20:15
libwind0-heimdal	CVE-2022-3437	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3437 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-01-12 15:15 修改: 2024-10-28 19:35
libwind0-heimdal	CVE-2022-41916	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.2	Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41916 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-11-15 23:15 修改: 2023-10-08 09:15
libwind0-heimdal	CVE-2022-42898	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
libwind0-heimdal	CVE-2022-44640	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.3	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44640 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-12-25 05:15 修改: 2023-10-08 09:15
libwind0-heimdal	CVE-2022-45142	中危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.4	samba: fix introduced a logic inversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45142 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-06 23:15 修改: 2023-10-08 09:15
libx11-6	CVE-2023-3138	中危	2:1.6.9-2ubuntu1.2	2:1.6.9-2ubuntu1.5	libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3138 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-28 21:15 修改: 2023-12-08 19:15
libx11-6	CVE-2023-43785	中危	2:1.6.9-2ubuntu1.2	2:1.6.9-2ubuntu1.6	libX11: out-of-bounds memory access in _XkbReadKeySyms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43785 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-10 13:15 修改: 2024-09-16 15:15
libx11-6	CVE-2023-43786	中危	2:1.6.9-2ubuntu1.2	2:1.6.9-2ubuntu1.6	libX11: stack exhaustion from infinite recursion in PutSubImage() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43786 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-10 13:15 修改: 2024-09-16 15:15
libx11-6	CVE-2023-43787	中危	2:1.6.9-2ubuntu1.2	2:1.6.9-2ubuntu1.6	libX11: integer overflow in XCreateImage() leading to a heap overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43787 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-10 13:15 修改: 2024-09-16 15:15
libx11-data	CVE-2023-3138	中危	2:1.6.9-2ubuntu1.2	2:1.6.9-2ubuntu1.5	libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3138 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-28 21:15 修改: 2023-12-08 19:15
libx11-data	CVE-2023-43785	中危	2:1.6.9-2ubuntu1.2	2:1.6.9-2ubuntu1.6	libX11: out-of-bounds memory access in _XkbReadKeySyms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43785 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-10 13:15 修改: 2024-09-16 15:15
libx11-data	CVE-2023-43786	中危	2:1.6.9-2ubuntu1.2	2:1.6.9-2ubuntu1.6	libX11: stack exhaustion from infinite recursion in PutSubImage() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43786 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-10 13:15 修改: 2024-09-16 15:15
libx11-data	CVE-2023-43787	中危	2:1.6.9-2ubuntu1.2	2:1.6.9-2ubuntu1.6	libX11: integer overflow in XCreateImage() leading to a heap overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43787 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-10 13:15 修改: 2024-09-16 15:15
libxml2	CVE-2016-3709	中危	2.9.10+dfsg-5ubuntu0.20.04.1	2.9.10+dfsg-5ubuntu0.20.04.4	libxml2: Incorrect server side include parsing can lead to XSS 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3709 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-07-28 17:15 修改: 2022-12-07 16:39
libxml2	CVE-2022-23308	中危	2.9.10+dfsg-5ubuntu0.20.04.1	2.9.10+dfsg-5ubuntu0.20.04.2	libxml2: Use-after-free of ID and IDREF attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23308 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-26 05:15 修改: 2023-11-07 03:44
libxml2	CVE-2022-29824	中危	2.9.10+dfsg-5ubuntu0.20.04.1	2.9.10+dfsg-5ubuntu0.20.04.3	libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29824 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-05-03 03:15 修改: 2023-11-07 03:46
libxml2	CVE-2022-40303	中危	2.9.10+dfsg-5ubuntu0.20.04.1	2.9.10+dfsg-5ubuntu0.20.04.5	libxml2: integer overflows with XML_PARSE_HUGE 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40303 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-11-23 00:15 修改: 2023-11-07 03:52
libxml2	CVE-2022-40304	中危	2.9.10+dfsg-5ubuntu0.20.04.1	2.9.10+dfsg-5ubuntu0.20.04.5	libxml2: dict corruption caused by entity reference cycles 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40304 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-11-23 18:15 修改: 2023-11-07 03:52
libxml2	CVE-2023-28484	中危	2.9.10+dfsg-5ubuntu0.20.04.1	2.9.10+dfsg-5ubuntu0.20.04.6	libxml2: NULL dereference in xmlSchemaFixupComplexType 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28484 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-24 21:15 修改: 2024-02-01 17:15
libxml2	CVE-2023-29469	中危	2.9.10+dfsg-5ubuntu0.20.04.1	2.9.10+dfsg-5ubuntu0.20.04.6	libxml2: Hashing of empty dict strings isn't deterministic 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29469 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-24 21:15 修改: 2023-06-01 14:15
libxml2	CVE-2024-25062	中危	2.9.10+dfsg-5ubuntu0.20.04.1	2.9.10+dfsg-5ubuntu0.20.04.7	libxml2: use-after-free in XMLReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-04 16:15 修改: 2024-02-13 00:40
libxpm4	CVE-2022-44617	中危	1:3.5.12-1	1:3.5.12-1ubuntu0.20.04.1	libXpm: Runaway loop on width of 0 and enormous height 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44617 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-06 23:15 修改: 2023-11-07 03:54
libxpm4	CVE-2022-46285	中危	1:3.5.12-1	1:3.5.12-1ubuntu0.20.04.1	libXpm: Infinite loop on unclosed comments 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46285 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-07 19:15 修改: 2023-10-17 15:55
libxpm4	CVE-2022-4883	中危	1:3.5.12-1	1:3.5.12-1ubuntu0.20.04.1	libXpm: compression commands depend on $PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4883 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-07 19:15 修改: 2023-10-17 15:55
libxpm4	CVE-2023-43786	中危	1:3.5.12-1	1:3.5.12-1ubuntu0.20.04.2	libX11: stack exhaustion from infinite recursion in PutSubImage() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43786 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-10 13:15 修改: 2024-09-16 15:15
libxpm4	CVE-2023-43787	中危	1:3.5.12-1	1:3.5.12-1ubuntu0.20.04.2	libX11: integer overflow in XCreateImage() leading to a heap overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43787 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-10 13:15 修改: 2024-09-16 15:15
libxpm4	CVE-2023-43788	中危	1:3.5.12-1	1:3.5.12-1ubuntu0.20.04.2	libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43788 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-10 13:15 修改: 2024-09-16 15:15
libxpm4	CVE-2023-43789	中危	1:3.5.12-1	1:3.5.12-1ubuntu0.20.04.2	libXpm: out of bounds read on XPM with corrupted colormap 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43789 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-12 12:15 修改: 2024-09-16 15:15
libxslt1.1	CVE-2021-30560	中危	1.1.34-4	1.1.34-4ubuntu0.20.04.1	Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-30560 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-08-03 19:15 修改: 2024-03-27 14:45
locales	CVE-2021-3999	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Off-by-one buffer overflow/underflow in getcwd() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-24 16:15 修改: 2023-02-12 23:43
locales	CVE-2024-2961	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.15	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
locales	CVE-2024-33599	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
locales	CVE-2024-33600	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
locales	CVE-2024-33601	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
locales	CVE-2024-33602	中危	2.31-0ubuntu9.2	2.31-0ubuntu9.16	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
login	CVE-2024-56433	中危	1:4.8.1-1ubuntu5.20.04.1		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-12-26 09:15 修改: 2024-12-26 09:15
logsave	CVE-2022-1304	中危	1.45.5-2ubuntu1	1.45.5-2ubuntu1.1	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
mount	CVE-2021-3995	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3995 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-01-07 09:15
mount	CVE-2021-3996	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of filesystems in libmount 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3996 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-10-15 16:35
mount	CVE-2024-28085	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.5	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
ncurses-base	CVE-2023-29491	中危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
ncurses-bin	CVE-2023-29491	中危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-04-14 01:15 修改: 2024-01-31 03:15
openssh-client	CVE-2023-38408	中危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.8	openssh: Remote code execution in ssh-agent PKCS#11 support 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38408 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-07-20 03:15 修改: 2024-10-15 19:35
openssh-client	CVE-2023-48795	中危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.10	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
openssh-client	CVE-2023-51385	中危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.11	openssh: potential command injection via shell metacharacters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51385 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 19:15 修改: 2024-03-13 21:15
openssh-server	CVE-2023-38408	中危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.8	openssh: Remote code execution in ssh-agent PKCS#11 support 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38408 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-07-20 03:15 修改: 2024-10-15 19:35
openssh-server	CVE-2023-48795	中危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.10	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
openssh-server	CVE-2023-51385	中危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.11	openssh: potential command injection via shell metacharacters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51385 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 19:15 修改: 2024-03-13 21:15
openssh-sftp-server	CVE-2023-38408	中危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.8	openssh: Remote code execution in ssh-agent PKCS#11 support 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38408 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-07-20 03:15 修改: 2024-10-15 19:35
openssh-sftp-server	CVE-2023-48795	中危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.10	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
openssh-sftp-server	CVE-2023-51385	中危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.11	openssh: potential command injection via shell metacharacters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51385 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 19:15 修改: 2024-03-13 21:15
curl	CVE-2022-27782	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.11	curl: TLS and SSH connection too eager reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27782 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01
curl	CVE-2022-32206	中危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.12	curl: HTTP compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32206 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-07-07 13:15 修改: 2024-03-27 15:00
openssl	CVE-2022-1292	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.13	openssl: c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41
openssl	CVE-2022-2068	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.15	openssl: the c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2068 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-06-21 15:15 修改: 2023-11-07 03:46
openssl	CVE-2022-2097	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.16	openssl: AES OCB fails to encrypt some bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2022-07-05 11:15 修改: 2024-06-21 19:15
openssl	CVE-2022-4304	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.17	openssl: timing attack in RSA Decryption implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
openssl	CVE-2022-4450	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.17	openssl: double free after calling PEM_read_bio_ex 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
openssl	CVE-2023-0215	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.17	openssl: use-after-free following BIO_new_NDEF 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-08 20:15 修改: 2024-06-21 19:15
openssl	CVE-2023-2650	中危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.19	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-05-30 14:15 修改: 2024-02-04 09:15
passwd	CVE-2024-56433	中危	1:4.8.1-1ubuntu5.20.04.1		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-12-26 09:15 修改: 2024-12-26 09:15
perl	CVE-2020-16156	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.3	perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
perl	CVE-2023-31484	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.4	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-29 00:15 修改: 2024-08-01 13:43
perl	CVE-2023-47038	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.5	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 14:15 修改: 2024-09-16 16:15
perl-base	CVE-2020-16156	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.3	perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
perl-base	CVE-2023-31484	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.4	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-04-29 00:15 修改: 2024-08-01 13:43
perl-base	CVE-2023-47038	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.5	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-12-18 14:15 修改: 2024-09-16 16:15
perl-modules-5.30	CVE-2020-16156	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.3	perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
perl-modules-5.30	CVE-2023-31484	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.4	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-29 00:15 修改: 2024-08-01 13:43
perl-modules-5.30	CVE-2023-47038	中危	5.30.0-9ubuntu0.2	5.30.0-9ubuntu0.5	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 14:15 修改: 2024-09-16 16:15
postgresql-12	CVE-2021-23214	中危	12.8-1.pgdg20.04+1	12.9-0ubuntu0.20.04.1	postgresql: server processes unencrypted bytes from man-in-the-middle 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23214 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-04 16:15 修改: 2023-11-07 03:30
postgresql-12	CVE-2021-23222	中危	12.8-1.pgdg20.04+1	12.9-0ubuntu0.20.04.1	postgresql: libpq processes unencrypted bytes from man-in-the-middle 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23222 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-02 23:15 修改: 2023-11-07 03:30
postgresql-12	CVE-2022-1552	中危	12.8-1.pgdg20.04+1	12.11-0ubuntu0.20.04.1	postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1552 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-31 16:15 修改: 2023-11-07 03:42
postgresql-12	CVE-2022-2625	中危	12.8-1.pgdg20.04+1	12.12-0ubuntu0.20.04.1	postgresql: Extension scripts replace objects not belonging to the extension. 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2625 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-18 19:15 修改: 2022-12-02 20:14
postgresql-12	CVE-2022-41862	中危	12.8-1.pgdg20.04+1	12.14-0ubuntu0.20.04.1	postgresql: Client memory disclosure when connecting with Kerberos to modified server 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41862 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-03 16:15 修改: 2023-04-27 15:15
postgresql-12	CVE-2023-2454	中危	12.8-1.pgdg20.04+1	12.15-0ubuntu0.20.04.1	postgresql: schema_element defeats protective search_path changes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2454 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-09 19:15 修改: 2025-01-06 18:15
postgresql-12	CVE-2023-2455	中危	12.8-1.pgdg20.04+1	12.15-0ubuntu0.20.04.1	postgresql: row security policies disregard user ID changes after inlining. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2455 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-09 19:15 修改: 2025-01-06 18:15
postgresql-12	CVE-2023-39417	中危	12.8-1.pgdg20.04+1	12.16-0ubuntu0.20.04.1	postgresql: extension script @substitutions@ within quoting allow SQL injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39417 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-11 13:15 修改: 2024-09-09 08:15
postgresql-12	CVE-2023-5868	中危	12.8-1.pgdg20.04+1	12.17-0ubuntu0.20.04.1	postgresql: Memory disclosure in aggregate function calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5868 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-10 18:15 修改: 2024-09-14 00:15
postgresql-12	CVE-2023-5869	中危	12.8-1.pgdg20.04+1	12.17-0ubuntu0.20.04.1	postgresql: Buffer overrun from integer overflow in array modification 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5869 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-10 18:15 修改: 2024-09-14 00:15
postgresql-12	CVE-2023-5870	中危	12.8-1.pgdg20.04+1	12.17-0ubuntu0.20.04.1	postgresql: Role pg_signal_backend can signal certain superuser processes. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5870 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-10 18:15 修改: 2024-09-14 00:15
postgresql-12	CVE-2024-0985	中危	12.8-1.pgdg20.04+1	12.18-0ubuntu0.20.04.1	postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0985 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-08 13:15 修改: 2024-12-20 13:15
postgresql-12	CVE-2024-10976	中危	12.8-1.pgdg20.04+1	12.22-0ubuntu0.20.04.1	postgresql: PostgreSQL row security below e.g. subqueries disregards user ID changes 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10976 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-14 13:15 修改: 2024-11-15 13:58
postgresql-12	CVE-2024-10977	中危	12.8-1.pgdg20.04+1	12.22-0ubuntu0.20.04.1	postgresql: PostgreSQL libpq retains an error message from man-in-the-middle 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10977 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-14 13:15 修改: 2024-11-15 13:58
postgresql-12	CVE-2024-10978	中危	12.8-1.pgdg20.04+1	12.22-0ubuntu0.20.04.1	postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10978 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-14 13:15 修改: 2024-11-21 22:15
postgresql-12	CVE-2024-10979	中危	12.8-1.pgdg20.04+1	12.22-0ubuntu0.20.04.1	postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10979 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-14 13:15 修改: 2025-01-10 13:15
postgresql-12	CVE-2024-7348	中危	12.8-1.pgdg20.04+1	12.20-0ubuntu0.20.04.1	postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7348 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-08 13:15 修改: 2024-08-12 15:54
postgresql-client-12	CVE-2021-23214	中危	12.8-1.pgdg20.04+1	12.9-0ubuntu0.20.04.1	postgresql: server processes unencrypted bytes from man-in-the-middle 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23214 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-04 16:15 修改: 2023-11-07 03:30
postgresql-client-12	CVE-2021-23222	中危	12.8-1.pgdg20.04+1	12.9-0ubuntu0.20.04.1	postgresql: libpq processes unencrypted bytes from man-in-the-middle 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23222 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-02 23:15 修改: 2023-11-07 03:30
postgresql-client-12	CVE-2022-1552	中危	12.8-1.pgdg20.04+1	12.11-0ubuntu0.20.04.1	postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1552 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-31 16:15 修改: 2023-11-07 03:42
postgresql-client-12	CVE-2022-2625	中危	12.8-1.pgdg20.04+1	12.12-0ubuntu0.20.04.1	postgresql: Extension scripts replace objects not belonging to the extension. 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2625 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-18 19:15 修改: 2022-12-02 20:14
postgresql-client-12	CVE-2022-41862	中危	12.8-1.pgdg20.04+1	12.14-0ubuntu0.20.04.1	postgresql: Client memory disclosure when connecting with Kerberos to modified server 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41862 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-03 16:15 修改: 2023-04-27 15:15
postgresql-client-12	CVE-2023-2454	中危	12.8-1.pgdg20.04+1	12.15-0ubuntu0.20.04.1	postgresql: schema_element defeats protective search_path changes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2454 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-09 19:15 修改: 2025-01-06 18:15
postgresql-client-12	CVE-2023-2455	中危	12.8-1.pgdg20.04+1	12.15-0ubuntu0.20.04.1	postgresql: row security policies disregard user ID changes after inlining. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2455 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-09 19:15 修改: 2025-01-06 18:15
postgresql-client-12	CVE-2023-39417	中危	12.8-1.pgdg20.04+1	12.16-0ubuntu0.20.04.1	postgresql: extension script @substitutions@ within quoting allow SQL injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39417 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-11 13:15 修改: 2024-09-09 08:15
postgresql-client-12	CVE-2023-5868	中危	12.8-1.pgdg20.04+1	12.17-0ubuntu0.20.04.1	postgresql: Memory disclosure in aggregate function calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5868 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-10 18:15 修改: 2024-09-14 00:15
postgresql-client-12	CVE-2023-5869	中危	12.8-1.pgdg20.04+1	12.17-0ubuntu0.20.04.1	postgresql: Buffer overrun from integer overflow in array modification 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5869 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-10 18:15 修改: 2024-09-14 00:15
postgresql-client-12	CVE-2023-5870	中危	12.8-1.pgdg20.04+1	12.17-0ubuntu0.20.04.1	postgresql: Role pg_signal_backend can signal certain superuser processes. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5870 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-10 18:15 修改: 2024-09-14 00:15
postgresql-client-12	CVE-2024-0985	中危	12.8-1.pgdg20.04+1	12.18-0ubuntu0.20.04.1	postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0985 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-08 13:15 修改: 2024-12-20 13:15
postgresql-client-12	CVE-2024-10976	中危	12.8-1.pgdg20.04+1	12.22-0ubuntu0.20.04.1	postgresql: PostgreSQL row security below e.g. subqueries disregards user ID changes 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10976 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-14 13:15 修改: 2024-11-15 13:58
postgresql-client-12	CVE-2024-10977	中危	12.8-1.pgdg20.04+1	12.22-0ubuntu0.20.04.1	postgresql: PostgreSQL libpq retains an error message from man-in-the-middle 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10977 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-14 13:15 修改: 2024-11-15 13:58
postgresql-client-12	CVE-2024-10978	中危	12.8-1.pgdg20.04+1	12.22-0ubuntu0.20.04.1	postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10978 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-14 13:15 修改: 2024-11-21 22:15
postgresql-client-12	CVE-2024-10979	中危	12.8-1.pgdg20.04+1	12.22-0ubuntu0.20.04.1	postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10979 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-14 13:15 修改: 2025-01-10 13:15
postgresql-client-12	CVE-2024-7348	中危	12.8-1.pgdg20.04+1	12.20-0ubuntu0.20.04.1	postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7348 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-08 13:15 修改: 2024-08-12 15:54
python3-pkg-resources	CVE-2022-40897	中危	45.2.0-1	45.2.0-1ubuntu0.1	pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40897 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-12-23 00:15 修改: 2024-10-29 15:35
python3-pkg-resources	CVE-2024-6345	中危	45.2.0-1	45.2.0-1ubuntu0.2	pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
python3.8	CVE-2021-29921	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.1	python-ipaddress: Improper input validation of octal strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29921 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-05-06 13:15 修改: 2023-05-03 11:15
python3.8	CVE-2021-3737	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.2	python: urllib: HTTP client possible infinite loop on a 100 Continue response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-04 19:15 修改: 2023-11-07 03:38
python3.8	CVE-2022-0391	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.4	python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-09 23:15 修改: 2023-11-07 03:41
python3.8	CVE-2022-37454	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.6	XKCP: buffer overflow in the SHA-3 reference implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37454 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-10-21 06:15 修改: 2023-05-03 11:15
python3.8	CVE-2022-45061	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.6	python: CPU denial of service via inefficient IDNA decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-11-09 07:15 修改: 2023-11-07 03:54
python3.8	CVE-2023-24329	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.8	python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
python3.8	CVE-2023-27043	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3.8	CVE-2023-40217	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.9	python: TLS handshake bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-25 01:15 修改: 2023-11-07 04:20
python3.8	CVE-2023-6597	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.10	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3.8	CVE-2024-0397	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.11	cpython: python: Memory race condition in ssl.SSLContext certificate store methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-17 16:15 修改: 2024-07-03 01:44
python3.8	CVE-2024-0450	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.10	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3.8	CVE-2024-11168	中危	3.8.10-0ubuntu1~20.04		python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
python3.8	CVE-2024-6232	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3.8	CVE-2024-6923	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
python3.8	CVE-2024-8088	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
python3.8	CVE-2024-9287	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.13	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
python3.8-minimal	CVE-2021-29921	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.1	python-ipaddress: Improper input validation of octal strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29921 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-05-06 13:15 修改: 2023-05-03 11:15
python3.8-minimal	CVE-2021-3737	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.2	python: urllib: HTTP client possible infinite loop on a 100 Continue response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-03-04 19:15 修改: 2023-11-07 03:38
python3.8-minimal	CVE-2022-0391	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.4	python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-09 23:15 修改: 2023-11-07 03:41
python3.8-minimal	CVE-2022-37454	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.6	XKCP: buffer overflow in the SHA-3 reference implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37454 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-10-21 06:15 修改: 2023-05-03 11:15
python3.8-minimal	CVE-2022-45061	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.6	python: CPU denial of service via inefficient IDNA decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-11-09 07:15 修改: 2023-11-07 03:54
python3.8-minimal	CVE-2023-24329	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.8	python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
python3.8-minimal	CVE-2023-27043	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3.8-minimal	CVE-2023-40217	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.9	python: TLS handshake bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-08-25 01:15 修改: 2023-11-07 04:20
python3.8-minimal	CVE-2023-6597	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.10	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3.8-minimal	CVE-2024-0397	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.11	cpython: python: Memory race condition in ssl.SSLContext certificate store methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-17 16:15 修改: 2024-07-03 01:44
python3.8-minimal	CVE-2024-0450	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.10	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3.8-minimal	CVE-2024-11168	中危	3.8.10-0ubuntu1~20.04		python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
python3.8-minimal	CVE-2024-6232	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3.8-minimal	CVE-2024-6923	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
python3.8-minimal	CVE-2024-8088	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
python3.8-minimal	CVE-2024-9287	中危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.13	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
redis-tools	CVE-2020-14147	中危	5:5.0.7-2		redis: integer overflow in the getnum function in lua_struct.c could lead to a DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14147 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2020-06-15 18:15 修改: 2021-07-30 13:59
redis-tools	CVE-2021-32626	中危	5:5.0.7-2		redis: Lua scripts can overflow the heap-based Lua stack 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32626 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-10-04 18:15 修改: 2023-11-07 03:35
redis-tools	CVE-2021-32627	中危	5:5.0.7-2		redis: Integer overflow issue with Streams 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32627 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-10-04 18:15 修改: 2023-11-07 03:35
redis-tools	CVE-2021-32628	中危	5:5.0.7-2		redis: Integer overflow bug in the ziplist data structure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32628 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-10-04 18:15 修改: 2023-11-07 03:35
redis-tools	CVE-2021-32672	中危	5:5.0.7-2		redis: Out of bounds read in lua debugger protocol parser 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32672 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-10-04 18:15 修改: 2023-11-07 03:35
redis-tools	CVE-2021-32675	中危	5:5.0.7-2		redis: Denial of service via Redis Standard Protocol (RESP) request 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32675 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-10-04 18:15 修改: 2023-11-07 03:35
redis-tools	CVE-2021-32687	中危	5:5.0.7-2		redis: Integer overflow issue with intsets 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32687 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-10-04 18:15 修改: 2023-11-07 03:35
redis-tools	CVE-2021-41099	中危	5:5.0.7-2		redis: Integer overflow issue with strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41099 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-10-04 18:15 修改: 2023-11-07 03:38
redis-tools	CVE-2022-0543	中危	5:5.0.7-2	5:5.0.7-2ubuntu0.1	It was discovered, that redis, a persistent key-value database, due to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0543 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-18 20:15 修改: 2023-09-29 15:55
redis-tools	CVE-2022-24736	中危	5:5.0.7-2		redis: Malformed Lua script can crash Redis 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24736 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-27 20:15 修改: 2023-11-07 03:44
redis-tools	CVE-2022-24834	中危	5:5.0.7-2		redis: heap overflow in the lua cjson and cmsgpack libraries 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24834 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-07-13 15:15 修改: 2023-08-14 19:15
redis-tools	CVE-2022-35977	中危	5:5.0.7-2		redis: Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands may result with false OOM panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35977 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-01-20 19:15 修改: 2023-02-02 14:28
redis-tools	CVE-2022-36021	中危	5:5.0.7-2		redis: Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36021 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-01 16:15 修改: 2023-11-07 03:49
redis-tools	CVE-2023-25155	中危	5:5.0.7-2		redis: String matching commands (like SCAN or KEYS) with a specially crafted pattern to trigger a denial-of-service attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25155 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-02 04:15 修改: 2023-03-10 05:02
redis-tools	CVE-2023-28856	中危	5:5.0.7-2		redis: Insufficient validation of HINCRBYFLOAT command 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28856 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-18 21:15 修改: 2023-06-01 14:15
redis-tools	CVE-2023-45145	中危	5:5.0.7-2		redis: possible bypass of Unix socket permissions on startup 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45145 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-18 21:15 修改: 2024-01-21 02:30
sudo	CVE-2023-22809	中危	1.8.31-1ubuntu1.2	1.8.31-1ubuntu1.4	sudo: arbitrary file write with privileges of the RunAs user 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22809 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-01-18 17:15 修改: 2023-11-17 19:32
sudo	CVE-2023-28486	中危	1.8.31-1ubuntu1.2	1.8.31-1ubuntu1.5	sudo: Sudo does not escape control characters in log messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28486 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-16 01:15 修改: 2024-02-03 11:15
sudo	CVE-2023-28487	中危	1.8.31-1ubuntu1.2	1.8.31-1ubuntu1.5	sudo: Sudo does not escape control characters in sudoreplay output 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28487 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-16 01:15 修改: 2024-02-03 11:15
tar	CVE-2022-48303	中危	1.30+dfsg-7ubuntu0.20.04.1	1.30+dfsg-7ubuntu0.20.04.3	tar: heap buffer overflow at from_header() in list.c via specially crafted checksum 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48303 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-01-30 04:15 修改: 2023-05-30 17:16
tar	CVE-2023-39804	中危	1.30+dfsg-7ubuntu0.20.04.1	1.30+dfsg-7ubuntu0.20.04.4	tar: Incorrectly handled extension attributes in PAX archives can lead to a crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39804 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-27 04:15 修改: 2024-11-12 19:35
unzip	CVE-2022-0529	中危	6.0-25ubuntu1	6.0-25ubuntu1.1	unzip: Heap out-of-bound writes and reads during conversion of wide string to local string 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0529 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-09 23:15 修改: 2023-11-09 20:55
util-linux	CVE-2021-3995	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of FUSE filesystems belonging to users with similar uid 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3995 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-01-07 09:15
util-linux	CVE-2021-3996	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.3	util-linux: Unauthorized unmount of filesystems in libmount 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3996 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-23 20:15 修改: 2024-10-15 16:35
util-linux	CVE-2024-28085	中危	2.34-0.1ubuntu9.1	2.34-0.1ubuntu9.5	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
wget	CVE-2021-31879	中危	1.20.3-1ubuntu1		wget: authorization header disclosure on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52
wget	CVE-2024-38428	中危	1.20.3-1ubuntu1	1.20.3-1ubuntu2.1	wget: Misinterpretation of input may lead to improper behavior 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38428 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2024-06-16 03:15 修改: 2024-10-28 21:35
zlib1g	CVE-2018-25032	中危	1:1.2.11.dfsg-2ubuntu1.2	1:1.2.11.dfsg-2ubuntu1.3	zlib: A flaw found in zlib when compressing (not decompressing) certain inputs 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56
zlib1g	CVE-2022-37434	中危	1:1.2.11.dfsg-2ubuntu1.2	1:1.2.11.dfsg-2ubuntu1.5	zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-05 07:15 修改: 2023-07-19 00:56
libtiff5	CVE-2023-6277	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.12	libtiff: Out-of-memory in TIFFOpen via a craft file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6277 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-11-24 19:15 修改: 2024-09-17 01:15
libtiff5	CVE-2024-6716	低危	4.1.0+git191117-2ubuntu0.20.04.1		漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6716 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-07-15 15:15 修改: 2024-09-04 14:15
libncurses6	CVE-2021-39537	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15
libtinfo5	CVE-2021-39537	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15
libtinfo5	CVE-2022-29458	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libtinfo5	CVE-2023-45918	低危	6.2-0ubuntu2		ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libtinfo5	CVE-2023-50495	低危	6.2-0ubuntu2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libncurses6	CVE-2022-29458	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libtinfo6	CVE-2021-39537	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15
libtinfo6	CVE-2022-29458	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libtinfo6	CVE-2023-45918	低危	6.2-0ubuntu2		ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libtinfo6	CVE-2023-50495	低危	6.2-0ubuntu2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libncurses6	CVE-2023-45918	低危	6.2-0ubuntu2		ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libncurses6	CVE-2023-50495	低危	6.2-0ubuntu2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libgd3	CVE-2021-40812	低危	2.2.5-5.2ubuntu2	2.2.5-5.2ubuntu2.4	The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40812 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-08 21:15 修改: 2024-10-29 14:35
libudev1	CVE-2023-26604	低危	245.4-4ubuntu3.11		systemd: privilege escalation via the less pager 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
libudev1	CVE-2023-7008	低危	245.4-4ubuntu3.11		systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-12-23 13:15 修改: 2024-11-22 12:15
libncursesw6	CVE-2021-39537	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15
libncursesw6	CVE-2022-29458	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libncursesw6	CVE-2023-45918	低危	6.2-0ubuntu2		ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libncursesw6	CVE-2023-50495	低危	6.2-0ubuntu2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libgmp10	CVE-2021-43618	低危	2:6.2.0+dfsg-4	2:6.2.0+dfsg-4ubuntu0.1	gmp: Integer overflow and resultant buffer overflow via crafted input 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43618 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-11-15 04:15 修改: 2023-09-29 15:15
graphicsmagick	CVE-2017-13736	低危	1.4+really1.3.35-1		There are lots of memory leaks in the GMCommand function in magick/com ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13736 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2017-08-29 06:29 修改: 2023-11-07 02:38
curl	CVE-2022-27781	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.11	curl: CERTINFO never-ending busy-loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27781 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01
curl	CVE-2022-35252	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.13	curl: Incorrect handling of control code characters in cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-09-23 14:15 修改: 2024-03-27 15:00
git	CVE-2018-1000021	低危	1:2.33.0-0ppa1~ubuntu20.04.1		git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000021 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2018-02-09 23:29 修改: 2024-10-24 17:58
libpam-modules	CVE-2022-28321	低危	1.3.1-5ubuntu4.2	1.3.1-5ubuntu4.4	pam: authentication bypass for SSH logins 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28321 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-09-19 22:15 修改: 2023-08-08 14:21
git-man	CVE-2018-1000021	低危	1:2.33.0-0ppa1~ubuntu20.04.1		git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000021 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2018-02-09 23:29 修改: 2024-10-24 17:58
libgnutls30	CVE-2021-4209	低危	3.6.13-2ubuntu1.6	3.6.13-2ubuntu1.7	GnuTLS: Null pointer dereference in MD_UPDATE 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4209 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-08-24 16:15 修改: 2022-10-27 16:57
libpam-modules-bin	CVE-2022-28321	低危	1.3.1-5ubuntu4.2	1.3.1-5ubuntu4.4	pam: authentication bypass for SSH logins 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28321 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-09-19 22:15 修改: 2023-08-08 14:21
curl	CVE-2023-27533	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: TELNET option IAC injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27533 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:54
libwind0-heimdal	CVE-2021-3671	低危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	samba: Null pointer dereference on missing sname in TGS-REQ 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3671 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-10-12 18:15 修改: 2023-11-07 03:38
gnupg	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libpam-runtime	CVE-2022-28321	低危	1.3.1-5ubuntu4.2	1.3.1-5ubuntu4.4	pam: authentication bypass for SSH logins 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28321 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-09-19 22:15 修改: 2023-08-08 14:21
libgraphicsmagick-q16-3	CVE-2017-13736	低危	1.4+really1.3.35-1		There are lots of memory leaks in the GMCommand function in magick/com ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13736 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2017-08-29 06:29 修改: 2023-11-07 02:38
curl	CVE-2023-27534	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: SFTP path ~ resolving discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:54
libpam0g	CVE-2022-28321	低危	1.3.1-5ubuntu4.2	1.3.1-5ubuntu4.4	pam: authentication bypass for SSH logins 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28321 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-09-19 22:15 修改: 2023-08-08 14:21
libpcre2-8-0	CVE-2022-1586	低危	10.34-7	10.34-7ubuntu0.1	pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1586 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-05-16 21:15 修改: 2023-11-07 03:42
libpcre2-8-0	CVE-2022-1587	低危	10.34-7	10.34-7ubuntu0.1	pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1587 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-05-16 21:15 修改: 2023-11-07 03:42
libpcre2-8-0	CVE-2022-41409	低危	10.34-7		pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46
libpcre3	CVE-2017-11164	低危	2:8.39-12build1		pcre: OP_KETRMAX feature in the match function in pcre_exec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2017-07-11 03:29 修改: 2023-11-07 02:38
libpcre3	CVE-2019-20838	低危	2:8.39-12build1	2:8.39-12ubuntu0.1	pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20838 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:05
libpcre3	CVE-2020-14155	低危	2:8.39-12build1	2:8.39-12ubuntu0.1	pcre: Integer overflow when parsing callout numeric arguments 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14155 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:04
gnupg-l10n	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libasn1-8-heimdal	CVE-2021-3671	低危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	samba: Null pointer dereference on missing sname in TGS-REQ 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3671 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-10-12 18:15 修改: 2023-11-07 03:38
curl	CVE-2023-27536	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: GSS delegation too eager connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46
libprocps8	CVE-2023-4016	低危	2:3.3.16-1ubuntu2.2	2:3.3.16-1ubuntu2.4	procps: ps buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-08-02 05:15 修改: 2023-12-15 18:19
gnupg-utils	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libxml2	CVE-2022-2309	低危	2.9.10+dfsg-5ubuntu0.20.04.1	2.9.10+dfsg-5ubuntu0.20.04.5	lxml: NULL Pointer Dereference in lxml 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2309 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-07-05 10:15 修改: 2023-11-07 03:46
curl	CVE-2023-27538	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: SSH connection too eager reuse still 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27538 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46
libcurl3-gnutls	CVE-2022-27775	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: bad local IPv6 connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27775 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
libgssapi-krb5-2	CVE-2024-26458	低危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libgssapi-krb5-2	CVE-2024-26461	低危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libcurl3-gnutls	CVE-2022-27776	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: auth/cookie leak on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
libcurl3-gnutls	CVE-2022-27781	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.11	curl: CERTINFO never-ending busy-loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27781 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01
libcurl3-gnutls	CVE-2022-35252	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.13	curl: Incorrect handling of control code characters in cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-09-23 14:15 修改: 2024-03-27 15:00
libcurl3-gnutls	CVE-2023-27533	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: TELNET option IAC injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27533 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:54
libcurl3-gnutls	CVE-2023-27534	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: SFTP path ~ resolving discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:54
libcurl3-gnutls	CVE-2023-27536	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: GSS delegation too eager connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46
libcurl3-gnutls	CVE-2023-27538	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: SSH connection too eager reuse still 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27538 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46
libgssapi3-heimdal	CVE-2021-3671	低危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	samba: Null pointer dereference on missing sname in TGS-REQ 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3671 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-10-12 18:15 修改: 2023-11-07 03:38
libcurl3-gnutls	CVE-2023-28321	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.19	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libcurl3-gnutls	CVE-2023-28322	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.19	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15
locales	CVE-2016-10228	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: iconv program can hang when invoked with the -c option 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10228 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2017-03-02 01:59 修改: 2023-11-07 02:29
locales	CVE-2016-20013	低危	2.31-0ubuntu9.2		漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
locales	CVE-2019-25013	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44
locales	CVE-2020-27618	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27618 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-02-26 23:15 修改: 2022-10-28 20:06
locales	CVE-2020-29562	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: assertion failure in iconv when converting invalid UCS4 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29562 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2020-12-04 07:15 修改: 2023-11-07 03:21
locales	CVE-2020-6096	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: signed comparison vulnerability in the ARMv7 memcpy function 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6096 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2020-04-01 22:15 修改: 2023-11-07 03:24
locales	CVE-2021-27645	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27645 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-02-24 15:15 修改: 2023-11-07 03:31
locales	CVE-2021-3326	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3326 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-01-27 20:15 修改: 2023-11-07 03:37
locales	CVE-2021-35942	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Arbitrary read in wordexp() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35942 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-07-22 18:15 修改: 2023-11-07 03:36
locales	CVE-2022-23218	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Stack-based buffer overflow in svcunix_create via long pathnames 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:37
locales	CVE-2022-23219	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:32
locales	CVE-2023-4806	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.14	glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15
locales	CVE-2023-4813	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.14	glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15
libcurl3-gnutls	CVE-2023-38546	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.20	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15
login	CVE-2013-4235	低危	1:4.8.1-1ubuntu5.20.04.1		shadow-utils: TOCTOU race conditions by copying and removing directory trees 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2019-12-03 15:15 修改: 2023-02-13 00:28
login	CVE-2023-29383	低危	1:4.8.1-1ubuntu5.20.04.1		shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
login	CVE-2023-4641	低危	1:4.8.1-1ubuntu5.20.04.1	1:4.8.1-1ubuntu5.20.04.5	shadow-utils: possible password leak during passwd(1) change 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-12-27 16:15 修改: 2024-05-03 16:15
libpython3.8-minimal	CVE-2015-20107	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.5	python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25
libpython3.8-minimal	CVE-2024-4032	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.11	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
libpython3.8-minimal	CVE-2024-7592	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	cpython: python: Uncontrolled CPU resource consumption when in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
libcurl3-gnutls	CVE-2024-11053	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.25	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
gnupg2	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
ncurses-base	CVE-2021-39537	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15
ncurses-base	CVE-2022-29458	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
ncurses-base	CVE-2023-45918	低危	6.2-0ubuntu2		ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
ncurses-base	CVE-2023-50495	低危	6.2-0ubuntu2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
curl	CVE-2023-28321	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.19	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
ncurses-bin	CVE-2021-39537	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15
ncurses-bin	CVE-2022-29458	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
ncurses-bin	CVE-2023-45918	低危	6.2-0ubuntu2		ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
ncurses-bin	CVE-2023-50495	低危	6.2-0ubuntu2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
gpg	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libhcrypto4-heimdal	CVE-2021-3671	低危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	samba: Null pointer dereference on missing sname in TGS-REQ 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3671 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-10-12 18:15 修改: 2023-11-07 03:38
curl	CVE-2023-28322	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.19	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15
openssh-client	CVE-2021-41617	低危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.11	openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41617 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-26 19:15 修改: 2023-12-26 04:15
gpg-agent	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
curl	CVE-2023-38546	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.20	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15
libc-bin	CVE-2016-10228	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: iconv program can hang when invoked with the -c option 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10228 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2017-03-02 01:59 修改: 2023-11-07 02:29
openssh-server	CVE-2021-41617	低危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.11	openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41617 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-26 19:15 修改: 2023-12-26 04:15
libc-bin	CVE-2016-20013	低危	2.31-0ubuntu9.2		漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libc-bin	CVE-2019-25013	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44
libc-bin	CVE-2020-27618	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27618 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-02-26 23:15 修改: 2022-10-28 20:06
openssh-sftp-server	CVE-2021-41617	低危	1:8.2p1-4ubuntu0.3	1:8.2p1-4ubuntu0.11	openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41617 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-26 19:15 修改: 2023-12-26 04:15
libheimbase1-heimdal	CVE-2021-3671	低危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	samba: Null pointer dereference on missing sname in TGS-REQ 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3671 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-10-12 18:15 修改: 2023-11-07 03:38
libc-bin	CVE-2020-29562	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: assertion failure in iconv when converting invalid UCS4 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29562 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2020-12-04 07:15 修改: 2023-11-07 03:21
libc-bin	CVE-2020-6096	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: signed comparison vulnerability in the ARMv7 memcpy function 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6096 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2020-04-01 22:15 修改: 2023-11-07 03:24
libc-bin	CVE-2021-27645	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27645 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-02-24 15:15 修改: 2023-11-07 03:31
libpython3.8-stdlib	CVE-2015-20107	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.5	python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25
libpython3.8-stdlib	CVE-2024-4032	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.11	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
libpython3.8-stdlib	CVE-2024-7592	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	cpython: python: Uncontrolled CPU resource consumption when in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
libc-bin	CVE-2021-3326	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3326 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-01-27 20:15 修改: 2023-11-07 03:37
libc-bin	CVE-2021-35942	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Arbitrary read in wordexp() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35942 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-07-22 18:15 修改: 2023-11-07 03:36
openssl	CVE-2023-0464	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.18	openssl: Denial of service by excessive resource usage in verifying X509 policy constraints 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15
openssl	CVE-2023-0465	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.18	openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
openssl	CVE-2023-0466	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.18	openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
openssl	CVE-2023-3446	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.20	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15
openssl	CVE-2023-3817	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.20	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15
openssl	CVE-2023-5678	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.21	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
openssl	CVE-2024-0727	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.21	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
openssl	CVE-2024-2511	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.23	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
openssl	CVE-2024-4741	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.23	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
openssl	CVE-2024-5535	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.23	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libcurl4	CVE-2022-27775	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: bad local IPv6 connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27775 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
passwd	CVE-2013-4235	低危	1:4.8.1-1ubuntu5.20.04.1		shadow-utils: TOCTOU race conditions by copying and removing directory trees 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2019-12-03 15:15 修改: 2023-02-13 00:28
passwd	CVE-2023-29383	低危	1:4.8.1-1ubuntu5.20.04.1		shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
passwd	CVE-2023-4641	低危	1:4.8.1-1ubuntu5.20.04.1	1:4.8.1-1ubuntu5.20.04.5	shadow-utils: possible password leak during passwd(1) change 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-12-27 16:15 修改: 2024-05-03 16:15
libcurl4	CVE-2022-27776	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: auth/cookie leak on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
libheimntlm0-heimdal	CVE-2021-3671	低危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	samba: Null pointer dereference on missing sname in TGS-REQ 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3671 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-10-12 18:15 修改: 2023-11-07 03:38
libcurl4	CVE-2022-27781	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.11	curl: CERTINFO never-ending busy-loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27781 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:01
libcurl4	CVE-2022-35252	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.13	curl: Incorrect handling of control code characters in cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-09-23 14:15 修改: 2024-03-27 15:00
libroken18-heimdal	CVE-2021-3671	低危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	samba: Null pointer dereference on missing sname in TGS-REQ 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3671 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-10-12 18:15 修改: 2023-11-07 03:38
libcurl4	CVE-2023-27533	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: TELNET option IAC injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27533 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:54
libcurl4	CVE-2023-27534	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: SFTP path ~ resolving discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:54
libsepol1	CVE-2021-36084	低危	3.0-1	3.0-1ubuntu0.1	libsepol: use-after-free in __cil_verify_classperms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36084 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1	CVE-2021-36085	低危	3.0-1	3.0-1ubuntu0.1	libsepol: use-after-free in __cil_verify_classperms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36085 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1	CVE-2021-36086	低危	3.0-1	3.0-1ubuntu0.1	libsepol: use-after-free in cil_reset_classpermission() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36086 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1	CVE-2021-36087	低危	3.0-1	3.0-1ubuntu0.1	libsepol: heap-based buffer overflow in ebitmap_match_any() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36087 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libcurl4	CVE-2023-27536	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: GSS delegation too eager connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46
libcurl4	CVE-2023-27538	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.18	curl: SSH connection too eager reuse still 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27538 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-03-30 20:15 修改: 2024-03-27 14:46
libcurl4	CVE-2023-28321	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.19	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libhx509-5-heimdal	CVE-2021-3671	低危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	samba: Null pointer dereference on missing sname in TGS-REQ 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3671 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-10-12 18:15 修改: 2023-11-07 03:38
libcurl4	CVE-2023-28322	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.19	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-26 21:15 修改: 2023-12-22 16:15
libcurl4	CVE-2023-38546	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.20	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-18 04:15 修改: 2024-07-09 14:15
libjbig0	CVE-2017-9937	低危	2.1-3.1build1	2.1-3.1ubuntu0.20.04.1	libtiff: memory malloc failure in tif_jbig.c could cause DOS. 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-9937 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2017-06-26 12:29 修改: 2023-11-07 02:50
libsqlite3-0	CVE-2021-36690	低危	3.31.1-4ubuntu0.2	3.31.1-4ubuntu0.3	A segmentation fault can occur in the sqlite3.exe command-line compone ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36690 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-08-24 14:15 修改: 2024-08-04 01:15
libjbig0	CVE-2022-1210	低危	2.1-3.1build1	2.1-3.1ubuntu0.20.04.1	tiff: Malicious file leads to a denial of service in TIFF File Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1210 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-03 09:15 修改: 2023-07-24 13:46
libcurl4	CVE-2024-11053	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.25	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
libjpeg-turbo8	CVE-2020-17541	低危	2.0.3-0ubuntu1.20.04.1	2.0.3-0ubuntu1.20.04.3	libjpeg-turbo: Stack-based buffer overflow in the "transform" component 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-17541 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-06-01 15:15 修改: 2022-11-07 14:29
libjpeg-turbo8	CVE-2021-46822	低危	2.0.3-0ubuntu1.20.04.1	2.0.3-0ubuntu1.20.04.3	libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46822 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-18 16:15 修改: 2022-08-15 15:52
libc-bin	CVE-2022-23218	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Stack-based buffer overflow in svcunix_create via long pathnames 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:37
libelf1	CVE-2021-33294	低危	0.176-1.1build1	0.176-1.1ubuntu0.1	elfutils: an infinite loop was found in the function handle_symtab in readelf.c which causes denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33294 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-07-18 14:15 修改: 2023-07-27 15:19
libc-bin	CVE-2022-23219	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:32
libc-bin	CVE-2023-4806	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.14	glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15
libc-bin	CVE-2023-4813	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.14	glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15
gpg-wks-client	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
curl	CVE-2024-11053	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.25	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
libk5crypto3	CVE-2024-26458	低危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libk5crypto3	CVE-2024-26461	低危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
gpg-wks-server	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
coreutils	CVE-2016-2781	低危	8.30-3ubuntu2		coreutils: Non-privileged session can escape to the parent session in chroot 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libssl1.1	CVE-2023-0464	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.18	openssl: Denial of service by excessive resource usage in verifying X509 policy constraints 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-22 17:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2023-0465	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.18	openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
libssl1.1	CVE-2023-0466	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.18	openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-03-28 15:15 修改: 2024-02-04 09:15
libssl1.1	CVE-2023-3446	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.20	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-07-19 12:15 修改: 2024-10-14 15:15
libssl1.1	CVE-2023-3817	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.20	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-07-31 16:15 修改: 2024-10-14 15:15
libssl1.1	CVE-2023-5678	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.21	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
libssl1.1	CVE-2024-0727	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.21	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
libssl1.1	CVE-2024-2511	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.23	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libssl1.1	CVE-2024-4741	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.23	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
procps	CVE-2023-4016	低危	2:3.3.16-1ubuntu2.2	2:3.3.16-1ubuntu2.4	procps: ps buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-08-02 05:15 修改: 2023-12-15 18:19
libssl1.1	CVE-2024-5535	低危	1.1.1f-1ubuntu2.8	1.1.1f-1ubuntu2.23	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
gpgconf	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
dirmngr	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libc6	CVE-2016-10228	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: iconv program can hang when invoked with the -c option 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10228 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2017-03-02 01:59 修改: 2023-11-07 02:29
libsystemd0	CVE-2023-26604	低危	245.4-4ubuntu3.11		systemd: privilege escalation via the less pager 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
libsystemd0	CVE-2023-7008	低危	245.4-4ubuntu3.11		systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-12-23 13:15 修改: 2024-11-22 12:15
libc6	CVE-2016-20013	低危	2.31-0ubuntu9.2		漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libc6	CVE-2019-25013	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44
libkrb5-26-heimdal	CVE-2021-3671	低危	7.7.0+dfsg-1ubuntu1	7.7.0+dfsg-1ubuntu1.1	samba: Null pointer dereference on missing sname in TGS-REQ 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3671 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2021-10-12 18:15 修改: 2023-11-07 03:38
libc6	CVE-2020-27618	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27618 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-02-26 23:15 修改: 2022-10-28 20:06
libc6	CVE-2020-29562	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: assertion failure in iconv when converting invalid UCS4 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29562 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2020-12-04 07:15 修改: 2023-11-07 03:21
libc6	CVE-2020-6096	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: signed comparison vulnerability in the ARMv7 memcpy function 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6096 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2020-04-01 22:15 修改: 2023-11-07 03:24
libc6	CVE-2021-27645	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27645 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-02-24 15:15 修改: 2023-11-07 03:31
libc6	CVE-2021-3326	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3326 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-01-27 20:15 修改: 2023-11-07 03:37
libc6	CVE-2021-35942	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Arbitrary read in wordexp() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35942 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-07-22 18:15 修改: 2023-11-07 03:36
libc6	CVE-2022-23218	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Stack-based buffer overflow in svcunix_create via long pathnames 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23218 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:37
libkrb5-3	CVE-2024-26458	低危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5-3	CVE-2024-26461	低危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
python3.8	CVE-2015-20107	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.5	python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25
python3.8	CVE-2024-4032	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.11	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3.8	CVE-2024-7592	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	cpython: python: Uncontrolled CPU resource consumption when in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
libc6	CVE-2022-23219	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.7	glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23219 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2022-01-14 07:15 修改: 2022-11-08 13:32
libexpat1	CVE-2021-45960	低危	2.2.9-1build1	2.2.9-1ubuntu0.2	expat: Large number of prefixed XML attributes on a single tag can crash libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45960 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-01 19:15 修改: 2022-10-06 19:08
libc6	CVE-2023-4806	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.14	glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-09-18 17:15 修改: 2024-09-16 14:15
libc6	CVE-2023-4813	低危	2.31-0ubuntu9.2	2.31-0ubuntu9.14	glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-09-12 22:15 修改: 2024-09-16 14:15
gpgsm	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libcap2	CVE-2023-2602	低危	1:2.32-1	1:2.32-1ubuntu0.1	libcap: Memory Leak on pthread_create() Error 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2602 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-06 20:15 修改: 2023-11-30 05:15
bash	CVE-2019-18276	低危	5.0-6ubuntu1.1	5.0-6ubuntu1.2	bash: when effective UID is not equal to its real UID the saved UID is not dropped 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-18276 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2019-11-28 01:15 修改: 2023-11-07 03:06
libkrb5support0	CVE-2024-26458	低危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5support0	CVE-2024-26461	低危	1.17-6ubuntu4.1		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libcap2-bin	CVE-2023-2602	低危	1:2.32-1	1:2.32-1ubuntu0.1	libcap: Memory Leak on pthread_create() Error 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2602 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-06 20:15 修改: 2023-11-30 05:15
gpgv	CVE-2022-3219	低危	2.2.19-3ubuntu2.1		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libfreetype6	CVE-2022-27405	低危	2.10.1-2ubuntu0.1	2.10.1-2ubuntu0.2	FreeType: Segmentation violation via FNT_Size_Request 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27405 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-22 14:15 修改: 2024-02-29 01:34
libldap-2.4-2	CVE-2023-2953	低危	2.4.49+dfsg-2ubuntu1.8	2.4.49+dfsg-2ubuntu1.10	openldap: null pointer dereference in ber_memalloc_x function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-05-30 22:15 修改: 2025-01-10 22:15
libfreetype6	CVE-2022-27406	低危	2.10.1-2ubuntu0.1	2.10.1-2ubuntu0.2	Freetype: Segmentation violation via FT_Request_Size 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27406 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-22 14:15 修改: 2024-02-29 01:34
libldap-common	CVE-2023-2953	低危	2.4.49+dfsg-2ubuntu1.8	2.4.49+dfsg-2ubuntu1.10	openldap: null pointer dereference in ber_memalloc_x function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953 镜像层: sha256:2899631fb93bcf9e9101a06af1c012cdfe4b33148f3cf1a15d29a29ad4f29b24 发布日期: 2023-05-30 22:15 修改: 2025-01-10 22:15
curl	CVE-2022-27775	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: bad local IPv6 connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27775 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
python3.8-minimal	CVE-2015-20107	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.5	python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25
python3.8-minimal	CVE-2024-4032	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.11	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3.8-minimal	CVE-2024-7592	低危	3.8.10-0ubuntu1~20.04	3.8.10-0ubuntu1~20.04.12	cpython: python: Uncontrolled CPU resource consumption when in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
libgcrypt20	CVE-2021-33560	低危	1.8.5-5ubuntu1	1.8.5-5ubuntu1.1	libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33560 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-06-08 11:15 修改: 2023-11-07 03:35
libgcrypt20	CVE-2024-2236	低危	1.8.5-5ubuntu1		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
curl	CVE-2022-27776	低危	7.68.0-1ubuntu2.6	7.68.0-1ubuntu2.10	curl: auth/cookie leak on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27776 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-02 14:15 修改: 2024-03-27 15:02
libgd3	CVE-2017-6363	低危	2.2.5-5.2ubuntu2	2.2.5-5.2ubuntu2.1	In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap- ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-6363 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2020-02-27 05:15 修改: 2024-08-05 16:15
libncurses5	CVE-2021-39537	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39537 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-09-20 16:15 修改: 2023-12-03 20:15
libncurses5	CVE-2022-29458	低危	6.2-0ubuntu2	6.2-0ubuntu2.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libncurses5	CVE-2023-45918	低危	6.2-0ubuntu2		ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libncurses5	CVE-2023-50495	低危	6.2-0ubuntu2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libgd3	CVE-2021-38115	低危	2.2.5-5.2ubuntu2	2.2.5-5.2ubuntu2.1	read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) thr ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38115 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-08-04 21:15 修改: 2024-04-07 01:17
libtiff5	CVE-2020-35521	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.3	libtiff: Memory allocation failure in tiff2rgba 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35521 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-03-09 20:15 修改: 2023-11-07 03:21
libtiff5	CVE-2020-35522	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.3	libtiff: Memory allocation failure in tiff2rgba 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35522 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-03-09 20:15 修改: 2023-11-07 03:21
libtiff5	CVE-2022-0561	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.3	libtiff: Denial of Service via crafted TIFF file 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0561 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-11 18:15 修改: 2023-11-07 03:41
libtiff5	CVE-2022-0562	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.3	libtiff: Null source pointer lead to Denial of Service via crafted TIFF file 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0562 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-11 18:15 修改: 2023-11-07 03:41
libtiff5	CVE-2022-2056	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.5	libtiff: division by zero issues in tiffcrop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2056 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-30 16:15 修改: 2023-11-07 03:46
libtiff5	CVE-2022-2057	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.5	libtiff: division by zero issues in tiffcrop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2057 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-30 16:15 修改: 2023-11-07 03:46
libtiff5	CVE-2022-2058	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.5	libtiff: division by zero issues in tiffcrop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2058 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-06-30 16:15 修改: 2023-11-07 03:46
libtiff5	CVE-2022-22844	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.4	libtiff: out-of-bounds read in _TIFFmemcpy() in tif_unix.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22844 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-01-10 14:12 修改: 2022-11-16 19:07
libtiff5	CVE-2022-2867	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2867 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-17 22:15 修改: 2023-11-07 03:47
libtiff5	CVE-2022-2868	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2868 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-17 22:15 修改: 2023-11-07 03:47
libtiff5	CVE-2022-2869	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2869 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-17 22:15 修改: 2023-11-07 03:47
libtiff5	CVE-2023-1916	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.10	libtiff: out-of-bounds read in extractImageSection() in tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1916 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-04-10 22:15 修改: 2023-12-23 07:15
tar	CVE-2021-20193	低危	1.30+dfsg-7ubuntu0.20.04.1	1.30+dfsg-7ubuntu0.20.04.2	tar: Memory leak in read_header() in list.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20193 镜像层: sha256:4942a1abcbfa1c325b1d7ed93d3cf6020f555be706672308a4a4a6b6d631d2e7 发布日期: 2021-03-26 17:15 修改: 2024-10-24 18:15
libtiff5	CVE-2023-25434	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: heap-buffer overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25434 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-14 20:15 修改: 2025-01-06 17:15
unzip	CVE-2021-4217	低危	6.0-25ubuntu1	6.0-25ubuntu1.1	unzip: Null pointer dereference in Unicode strings code 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4217 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-08-24 16:15 修改: 2022-11-29 15:45
unzip	CVE-2022-0530	低危	6.0-25ubuntu1	6.0-25ubuntu1.1	unzip: SIGSEGV during the conversion of an utf-8 string to a local string 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0530 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2022-02-09 23:15 修改: 2023-11-09 20:55
libtiff5	CVE-2023-25435	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.8	libtiff: tiffcrop: heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25435 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-21 20:15 修改: 2024-12-06 20:15
libtiff5	CVE-2023-26965	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.9	libtiff: heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26965 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-14 21:15 修改: 2025-01-06 17:15
libtiff5	CVE-2023-30086	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.6	libtiff: Heap buffer overflow in tiffcp() at tiffcp.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-30086 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-05-09 16:15 修改: 2023-06-16 15:15
libtiff5	CVE-2023-3164	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.13	libtiff: heap-buffer-overflow in extractImageSection() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3164 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-11-02 12:15 修改: 2024-03-08 19:38
libtiff5	CVE-2023-3316	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.9	libtiff: tiffcrop: null pointer dereference in TIFFClose() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3316 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-06-19 12:15 修改: 2023-08-01 02:15
libtiff5	CVE-2023-3576	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.11	libtiff: memory leak in tiffcrop.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3576 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-10-04 19:15 修改: 2024-09-16 13:15
libtiff5	CVE-2023-6228	低危	4.1.0+git191117-2ubuntu0.20.04.1	4.1.0+git191117-2ubuntu0.20.04.12	libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6228 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2023-12-18 14:15 修改: 2024-10-11 16:15

Java (jar)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

Node.js (node-pkg)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

Ruby (gemspec)

低危漏洞:9

中危漏洞:83

高危漏洞:79

严重漏洞:13

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
activerecord	CVE-2022-32224	严重	6.1.3.2	~> 5.2.8, >= 5.2.8.1, ~> 6.0.5, >= 6.0.5.1, ~> 6.1.6, >= 6.1.6.1, >= 7.0.3.1	activerecord: Possible RCE escalation bug with Serialized Columns in Active Record 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32224 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-05 22:15 修改: 2022-12-08 13:20
activestorage	CVE-2022-21831	严重	6.1.3.2	~> 5.2.6, >= 5.2.6.3, ~> 6.0.4, >= 6.0.4.7, ~> 6.1.4, >= 6.1.4.7, >= 7.0.2.3	rubygem-activestorage: Code injection vulnerability in ActiveStorage 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21831 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-26 17:15 修改: 2023-03-14 08:15
asciidoctor-include-ext	CVE-2022-24803	严重	0.3.1	>= 0.4.0	Asciidoctor-include-ext is Asciidoctor\u2019s standard include process ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24803 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-01 00:15 修改: 2022-04-11 20:15
diffy	CVE-2022-33127	严重	3.3.0	>= 3.4.1	rubygem-diffy: remote code execution from user controlled diff file paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33127 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2022-06-29 18:28
git	CVE-2022-25648	严重	1.7.0	>= 1.11.0	ruby-git: package vulnerable to Command Injection via git argument injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25648 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-19 17:15 修改: 2023-11-07 03:44
jmespath	CVE-2022-32511	严重	1.4.0	>= 1.6.1	jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32511 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-06 22:15 修改: 2023-11-07 03:47
omniauth	CVE-2020-36599	严重	1.9.1	~> 1.9.2, >= 2.0.0	lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and before ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36599 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-18 23:15 修改: 2024-06-18 16:15
omniauth-saml	CVE-2024-45409	严重	1.10.0	>= 1.10.5, < 2.0.0, ~> 2.1.2, >= 2.2.1	The Ruby SAML library is for implementing the client side of a SAML au ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-10 19:15 修改: 2024-09-20 14:13
omniauth-saml	GHSA-cvp8-5r8g-fhvq	严重	1.10.0	2.1.2, 1.10.5, 2.2.1	omniauth-saml vulnerable to Improper Verification of Cryptographic Signature 漏洞详情: https://github.com/advisories/GHSA-cvp8-5r8g-fhvq 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
puma	CVE-2022-24790	严重	5.3.2	~> 4.3.12, >= 5.6.4	puma-5.6.4: http request smuggling vulnerabilities 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-30 22:15 修改: 2023-11-07 03:44
rack	CVE-2022-30123	严重	2.2.3	~> 2.0.9, >= 2.0.9.1, ~> 2.1.4, >= 2.1.4.1, >= 2.2.3.1	rubygem-rack: crafted requests can cause shell escape sequences 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30123 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-05 22:15 修改: 2023-12-08 22:15
rack	CVE-2022-30123	严重	2.2.3	~> 2.0.9, >= 2.0.9.1, ~> 2.1.4, >= 2.1.4.1, >= 2.2.3.1	rubygem-rack: crafted requests can cause shell escape sequences 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30123 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-05 22:15 修改: 2023-12-08 22:15
ruby-saml	CVE-2024-45409	严重	1.12.1	~> 1.12.3, >= 1.17.0	The Ruby SAML library is for implementing the client side of a SAML au ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-10 19:15 修改: 2024-09-20 14:13
activerecord	CVE-2023-22794	高危	6.1.3.2	~> 6.0.6, >= 6.0.6.1, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1	rubygem-activerecord: SQL Injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22794 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2024-02-02 14:15
actionpack	CVE-2021-22942	高危	6.1.3.2	~> 6.0.4, >= 6.0.4.1, >= 6.1.4.1	rubygem-actionpack: possible open redirect in the Host Authorization middleware 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22942 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-10-18 13:15 修改: 2024-02-02 14:15
activesupport	CVE-2023-22796	高危	6.1.3.2	~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1	rubygem-activesupport: Regular Expression Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22796 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2024-02-02 14:15
activesupport	CVE-2023-22796	高危	6.1.3.2	~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1	rubygem-activesupport: Regular Expression Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22796 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2024-02-02 14:15
addressable	CVE-2021-32740	高危	2.7.0	>= 2.8.0	rubygem-addressable: ReDoS in templates 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32740 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-07-06 15:15 修改: 2023-11-07 03:35
actionpack	CVE-2021-22942	高危	6.1.3.2	~> 6.0.4, >= 6.0.4.1, >= 6.1.4.1	rubygem-actionpack: possible open redirect in the Host Authorization middleware 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22942 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-10-18 13:15 修改: 2024-02-02 14:15
bundler	CVE-2020-36327	高危	2.1.4	= 2.2.10, >= 2.2.18	rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36327 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-04-29 03:15 修改: 2023-11-07 03:22
commonmarker	CVE-2024-22051	高危	0.21.0	>= 0.23.4	commonmarker: integer overflow in cmark-gfm's table row parsing may lead to heap memory corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22051 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-01-04 21:15 修改: 2024-01-11 17:07
commonmarker	GHSA-48wp-p9qv-4j64	高危	0.21.0	>= 0.23.9	Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of service 漏洞详情: https://github.com/advisories/GHSA-48wp-p9qv-4j64 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
commonmarker	GHSA-fmx4-26r3-wxpf	高危	0.21.0	>= 0.23.4	Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption 漏洞详情: https://github.com/advisories/GHSA-fmx4-26r3-wxpf 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
actionpack	CVE-2022-23633	高危	6.1.3.2	~> 5.2.6, >= 5.2.6.2, ~> 6.0.4, >= 6.0.4.6, ~> 6.1.4, >= 6.1.4.6, >= 7.0.2.2	rubygem-actionpack: information leak between requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 21:15 修改: 2024-01-19 16:15
actionpack	CVE-2022-23633	高危	6.1.3.2	~> 5.2.6, >= 5.2.6.2, ~> 6.0.4, >= 6.0.4.6, ~> 6.1.4, >= 6.1.4.6, >= 7.0.2.2	rubygem-actionpack: information leak between requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 21:15 修改: 2024-01-19 16:15
git	CVE-2022-47318	高危	1.7.0	>= 1.13.0	ruby-git: code injection vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-01-17 10:15 修改: 2023-11-07 03:56
globalid	CVE-2023-22799	高危	0.4.2	>= 1.0.1	rubygem-globalid: ReDoS vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22799 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2023-02-16 20:18
google-protobuf	CVE-2021-22569	高危	3.17.3	>= 3.19.2	protobuf-java: potential DoS in the parsing procedure for binary data 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-10 14:10 修改: 2023-04-18 09:15
google-protobuf	CVE-2021-22569	高危	3.17.3	>= 3.19.2	protobuf-java: potential DoS in the parsing procedure for binary data 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-10 14:10 修改: 2023-04-18 09:15
google-protobuf	CVE-2024-7254	高危	3.17.3	~> 3.25.5, ~> 4.27.5, >= 4.28.2	protobuf: StackOverflow vulnerability in Protocol Buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
google-protobuf	CVE-2024-7254	高危	3.17.3	~> 3.25.5, ~> 4.27.5, >= 4.28.2	protobuf: StackOverflow vulnerability in Protocol Buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
grpc	CVE-2023-1428	高危	1.30.2	>= 1.53.0	gRPC: Reachable Assertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1428 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-09 11:15 修改: 2023-06-15 22:17
grpc	CVE-2023-1428	高危	1.30.2	>= 1.53.0	gRPC: Reachable Assertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1428 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-09 11:15 修改: 2023-06-15 22:17
grpc	CVE-2023-32731	高危	1.30.2	>= 1.53.1	gRPC: sensitive information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32731 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-09 11:15 修改: 2023-06-15 22:18
grpc	CVE-2023-32731	高危	1.30.2	>= 1.53.1	gRPC: sensitive information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32731 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-09 11:15 修改: 2023-06-15 22:18
grpc	CVE-2023-33953	高危	1.30.2	~> 1.53.2, ~> 1.54.3, ~> 1.55.2, >= 1.56.2	gRPC: hpack table accounting errors can lead to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33953 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-09 13:15 修改: 2023-08-17 14:15
grpc	CVE-2023-33953	高危	1.30.2	~> 1.53.2, ~> 1.54.3, ~> 1.55.2, >= 1.56.2	gRPC: hpack table accounting errors can lead to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33953 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-09 13:15 修改: 2023-08-17 14:15
actionpack	CVE-2023-22792	高危	6.1.3.2	~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1	rubygem-actionpack: Denial of Service in Action Dispatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22792 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2024-02-02 14:15
kubeclient	CVE-2022-0759	高危	4.9.2	>= 4.9.3	kubeclient: kubeconfig parsing error can lead to MITM attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0759 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-25 19:15 修改: 2022-04-07 19:13
loofah	CVE-2022-23514	高危	2.10.0	>= 2.19.1	rubygem-loofah: inefficient regular expression leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23514 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 14:15 修改: 2023-09-13 17:15
loofah	CVE-2022-23516	高危	2.10.0	>= 2.19.1	rubygem-loofah: Uncontrolled Recursion leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23516 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 14:15 修改: 2023-09-13 17:15
loofah	CVE-2022-23514	高危	2.11.0	>= 2.19.1	rubygem-loofah: inefficient regular expression leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23514 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 14:15 修改: 2023-09-13 17:15
loofah	CVE-2022-23516	高危	2.11.0	>= 2.19.1	rubygem-loofah: Uncontrolled Recursion leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23516 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 14:15 修改: 2023-09-13 17:15
nokogiri	CVE-2018-25032	高危	1.11.5	>= 1.13.4	zlib: A flaw found in zlib when compressing (not decompressing) certain inputs 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56
nokogiri	CVE-2021-30560	高危	1.11.5	>= 1.13.2	Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-30560 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-08-03 19:15 修改: 2024-03-27 14:45
nokogiri	CVE-2021-41098	高危	1.11.5	>= 1.12.5	rubygem-nokogiri: XEE on JRuby 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41098 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-09-27 20:15 修改: 2021-10-06 20:17
nokogiri	CVE-2022-24836	高危	1.11.5	>= 1.13.4	nokogiri: ReDoS in HTML encoding detection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24836 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-11 22:15 修改: 2023-11-07 03:44
nokogiri	CVE-2022-24839	高危	1.11.5	>= 1.13.4	nokogiri: Uncontrolled Resource Consumption in org.cyberneko.html (nokogiri fork) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24839 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-11 22:15 修改: 2023-02-23 20:19
nokogiri	CVE-2022-29181	高危	1.11.5	>= 1.13.6	rubygem-nokogiri: Improper Handling of Unexpected Data Type in Nokogiri 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29181 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-20 19:15 修改: 2023-02-16 02:31
nokogiri	GHSA-cgx6-hpwq-fhv5	高危	1.11.5	>= 1.13.5	Integer Overflow or Wraparound in libxml2 affects Nokogiri 漏洞详情: https://github.com/advisories/GHSA-cgx6-hpwq-fhv5 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-fq42-c5rg-92c2	高危	1.11.5	1.13.2	Vulnerable dependencies in Nokogiri 漏洞详情: https://github.com/advisories/GHSA-fq42-c5rg-92c2 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-gx8x-g87m-h5q6	高危	1.11.5	1.13.4	Denial of Service (DoS) in Nokogiri on JRuby 漏洞详情: https://github.com/advisories/GHSA-gx8x-g87m-h5q6 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-v6gp-9mmm-c6p5	高危	1.11.5	1.13.4	Out-of-bounds Write in zlib affects Nokogiri 漏洞详情: https://github.com/advisories/GHSA-v6gp-9mmm-c6p5 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	CVE-2018-25032	高危	1.11.7	>= 1.13.4	zlib: A flaw found in zlib when compressing (not decompressing) certain inputs 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56
nokogiri	CVE-2021-30560	高危	1.11.7	>= 1.13.2	Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-30560 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-08-03 19:15 修改: 2024-03-27 14:45
nokogiri	CVE-2021-41098	高危	1.11.7	>= 1.12.5	rubygem-nokogiri: XEE on JRuby 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41098 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-09-27 20:15 修改: 2021-10-06 20:17
nokogiri	CVE-2022-24836	高危	1.11.7	>= 1.13.4	nokogiri: ReDoS in HTML encoding detection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24836 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-11 22:15 修改: 2023-11-07 03:44
nokogiri	CVE-2022-24839	高危	1.11.7	>= 1.13.4	nokogiri: Uncontrolled Resource Consumption in org.cyberneko.html (nokogiri fork) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24839 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-11 22:15 修改: 2023-02-23 20:19
nokogiri	CVE-2022-29181	高危	1.11.7	>= 1.13.6	rubygem-nokogiri: Improper Handling of Unexpected Data Type in Nokogiri 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29181 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-20 19:15 修改: 2023-02-16 02:31
nokogiri	GHSA-cgx6-hpwq-fhv5	高危	1.11.7	>= 1.13.5	Integer Overflow or Wraparound in libxml2 affects Nokogiri 漏洞详情: https://github.com/advisories/GHSA-cgx6-hpwq-fhv5 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-fq42-c5rg-92c2	高危	1.11.7	1.13.2	Vulnerable dependencies in Nokogiri 漏洞详情: https://github.com/advisories/GHSA-fq42-c5rg-92c2 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-gx8x-g87m-h5q6	高危	1.11.7	1.13.4	Denial of Service (DoS) in Nokogiri on JRuby 漏洞详情: https://github.com/advisories/GHSA-gx8x-g87m-h5q6 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-v6gp-9mmm-c6p5	高危	1.11.7	1.13.4	Out-of-bounds Write in zlib affects Nokogiri 漏洞详情: https://github.com/advisories/GHSA-v6gp-9mmm-c6p5 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
actionpack	CVE-2023-22792	高危	6.1.3.2	~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1	rubygem-actionpack: Denial of Service in Action Dispatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22792 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2024-02-02 14:15
omniauth	CVE-2015-9284	高危	1.9.1	>= 2.0.0	rubygem-omniauth: request phase of the OmniAuth Ruby gem is vulnerable to Cross-Site Request Forgery leading to connection without user intent 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-9284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2019-04-26 15:29 修改: 2024-02-14 16:29
actionpack	CVE-2023-22795	高危	6.1.3.2	~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1	rubygem-actionpack: Denial of Service in Action Dispatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22795 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2024-02-02 14:15
actionpack	CVE-2023-22795	高危	6.1.3.2	~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1	rubygem-actionpack: Denial of Service in Action Dispatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22795 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2024-02-02 14:15
actionview	CVE-2023-23913	高危	6.1.3.2	~> 6.1.7.3, >= 7.0.4.3	rails: DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23913 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-09 01:15 修改: 2025-01-09 18:15
puma	CVE-2022-23634	高危	5.3.2	~> 4.3.11, >= 5.6.2	rubygem-puma: rubygem-rails: information leak between requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 22:15 修改: 2023-11-07 03:44
actionview	CVE-2023-23913	高危	6.1.3.2	~> 6.1.7.3, >= 7.0.4.3	rails: DOM Based Cross-site Scripting in rails-ujs for contenteditable HTML Elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23913 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-09 01:15 修改: 2025-01-09 18:15
RedCloth	CVE-2023-31606	高危	4.3.2	4.3.3	RedCloth: Regular expression denial of service in sanitize_html function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31606 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-06 17:15 修改: 2024-01-10 14:15
rack	CVE-2022-30122	高危	2.2.3	~> 2.0.9, >= 2.0.9.1, ~> 2.1.4, >= 2.1.4.1, >= 2.2.3.1	rubygem-rack: crafted multipart POST request may cause a DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30122 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-05 22:15 修改: 2023-12-20 03:02
rack	CVE-2022-30122	高危	2.2.3	~> 2.0.9, >= 2.0.9.1, ~> 2.1.4, >= 2.1.4.1, >= 2.2.3.1	rubygem-rack: crafted multipart POST request may cause a DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30122 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-05 22:15 修改: 2023-12-20 03:02
rack	CVE-2022-44570	高危	2.2.3	~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= 2.2.6.2, >= 3.0.4.1	rubygem-rack: denial of service in Content-Disposition parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44570 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2023-12-08 22:15
rack	CVE-2022-44570	高危	2.2.3	~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= 2.2.6.2, >= 3.0.4.1	rubygem-rack: denial of service in Content-Disposition parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44570 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2023-12-08 22:15
rack	CVE-2022-44571	高危	2.2.3	~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= 2.2.6.1, >= 3.0.4.1	rubygem-rack: denial of service in Content-Disposition parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44571 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2023-12-08 22:15
rack	CVE-2022-44571	高危	2.2.3	~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= 2.2.6.1, >= 3.0.4.1	rubygem-rack: denial of service in Content-Disposition parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44571 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2023-12-08 22:15
rack	CVE-2022-44572	高危	2.2.3	~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= 2.2.6.1, >= 3.0.4.1	rubygem-rack: denial of service in Content-Disposition parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44572 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2023-12-08 22:15
rack	CVE-2022-44572	高危	2.2.3	~> 2.0.9, >= 2.0.9.2, ~> 2.1.4, >= 2.1.4.2, ~> 2.2.6, >= 2.2.6.1, >= 3.0.4.1	rubygem-rack: denial of service in Content-Disposition parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44572 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2023-12-08 22:15
rack	CVE-2023-27530	高危	2.2.3	~> 2.0.9, >= 2.0.9.3, ~> 2.1.4, >= 2.1.4.3, ~> 2.2.6, >= 2.2.6.3, >= 3.0.4.2	rubygem-rack: Denial of service in Multipart MIME parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27530 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-10 22:15 修改: 2024-10-15 19:35
rack	CVE-2023-27530	高危	2.2.3	~> 2.0.9, >= 2.0.9.3, ~> 2.1.4, >= 2.1.4.3, ~> 2.2.6, >= 2.2.6.3, >= 3.0.4.2	rubygem-rack: Denial of service in Multipart MIME parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27530 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-10 22:15 修改: 2024-10-15 19:35
rails-html-sanitizer	CVE-2022-23517	高危	1.3.0	>= 1.4.4	rubygem-rails-html-sanitizer: Inefficient Regular Expression leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23517 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 17:15 修改: 2024-02-01 16:24
rails-html-sanitizer	CVE-2022-23517	高危	1.3.0	>= 1.4.4	rubygem-rails-html-sanitizer: Inefficient Regular Expression leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23517 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 17:15 修改: 2024-02-01 16:24
rexml	CVE-2021-28965	高危	3.2.4	~> 3.1.9.1, ~> 3.2.3.1, >= 3.2.5	ruby: XML round-trip vulnerability in REXML 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28965 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-04-21 07:15 修改: 2023-11-07 03:32
rexml	CVE-2024-49761	高危	3.2.4	>= 3.3.9	rexml: REXML ReDoS vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-49761 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-10-28 15:15 修改: 2024-12-27 16:15
rexml	CVE-2024-49761	高危	3.2.5	>= 3.3.9	rexml: REXML ReDoS vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-49761 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-10-28 15:15 修改: 2024-12-27 16:15
activerecord	CVE-2022-44566	高危	6.1.3.2	~> 5.2.8, >= 5.2.8.15, ~> 6.1.7, >= 6.1.7.1, >= 7.0.4.1	rubygem-activerecord: Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44566 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-09 20:15 修改: 2023-06-23 18:29
sanitize	CVE-2020-4054	高危	4.6.6	>= 5.2.1	In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-4054 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2020-06-16 22:15 修改: 2020-09-28 20:15
sanitize	CVE-2023-36823	高危	4.6.6	>= 6.0.2	Sanitize is an allowlist-based HTML and CSS sanitizer. Using carefully ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36823 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-06 16:15 修改: 2023-12-22 15:15
sanitize	CVE-2023-36823	高危	5.2.1	>= 6.0.2	Sanitize is an allowlist-based HTML and CSS sanitizer. Using carefully ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36823 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-06 16:15 修改: 2023-12-22 15:15
sidekiq	CVE-2022-23837	高危	5.2.9	>= 6.4.0, ~> 5.2.10	sidekiq: WebUI Denial of Service caused by number of days on graph 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23837 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-21 21:15 修改: 2023-03-13 00:15
webrick	CVE-2024-47220	高危	1.6.1	>= 1.8.2	WEBrick: HTTP request smuggling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47220 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-22 01:15 修改: 2025-01-09 18:15
nokogiri	GHSA-pxvg-2qj5-37jq	中危	1.11.5	>= 1.14.3	Update packaged libxml2 to v2.10.4 to resolve multiple CVEs 漏洞详情: https://github.com/advisories/GHSA-pxvg-2qj5-37jq 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-vcc3-rw6f-jv97	中危	1.11.5	1.15.6, 1.16.2	Use-after-free in libxml2 via Nokogiri::XML::Reader 漏洞详情: https://github.com/advisories/GHSA-vcc3-rw6f-jv97 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-xc9x-jj77-9p9j	中危	1.11.5	~> 1.15.6, >= 1.16.2	Use-after-free in libxml2 via Nokogiri::XML::Reader 漏洞详情: https://github.com/advisories/GHSA-xc9x-jj77-9p9j 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-xxx9-3xcr-gjj3	中危	1.11.5	1.13.4	XML Injection in Xerces Java affects Nokogiri 漏洞详情: https://github.com/advisories/GHSA-xxx9-3xcr-gjj3 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
git	CVE-2022-46648	中危	1.7.0	>= 1.13.0	ruby-git: code injection vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46648 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-01-17 10:15 修改: 2023-02-02 18:45
actionpack	CVE-2023-28362	中危	6.1.3.2	~> 6.1.7.4, >= 7.0.5.1	actionpack: Possible XSS via User Supplied Values to redirect_to 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28362 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-09 01:15 修改: 2025-01-09 22:15
activestorage	CVE-2024-26144	中危	6.1.3.2	~> 6.1.7, >= 6.1.7.7, >= 7.0.8.1	rubygem-activestorage: Possible Sensitive Session Information Leak in Active Storage 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26144 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-02-27 16:15 修改: 2024-06-10 16:15
actionpack	CVE-2024-28103	中危	6.1.3.2	~> 6.1.7, >= 6.1.7.8, ~> 7.0.8, >= 7.0.8.4, ~> 7.1.3, >= 7.1.3.4, >= 7.2.0.beta2	rubygem-actionpack: Missing security headers in Action Pack on non-HTML responses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28103 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-04 20:15 修改: 2024-12-06 14:15
actionpack	CVE-2024-28103	中危	6.1.3.2	~> 6.1.7, >= 6.1.7.8, ~> 7.0.8, >= 7.0.8.4, ~> 7.1.3, >= 7.1.3.4, >= 7.2.0.beta2	rubygem-actionpack: Missing security headers in Action Pack on non-HTML responses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28103 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-04 20:15 修改: 2024-12-06 14:15
activesupport	CVE-2023-28120	中危	6.1.3.2	~> 6.1.7, >= 6.1.7.3, >= 7.0.4.3	rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28120 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-09 01:15 修改: 2025-01-09 22:15
google-protobuf	CVE-2022-3171	中危	3.17.3	~> 3.16.3, ~> 3.19.6, ~> 3.20.3, >= 3.21.7	protobuf-java: timeout in parser leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
google-protobuf	CVE-2022-3171	中危	3.17.3	~> 3.16.3, ~> 3.19.6, ~> 3.20.3, >= 3.21.7	protobuf-java: timeout in parser leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
activesupport	CVE-2023-28120	中危	6.1.3.2	~> 6.1.7, >= 6.1.7.3, >= 7.0.4.3	rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28120 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-09 01:15 修改: 2025-01-09 22:15
activesupport	CVE-2023-38037	中危	6.1.3.2	~> 6.1.7, >= 6.1.7.5, >= 7.0.7.1	rubygem-activesupport: File Disclosure of Locally Encrypted Files 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38037 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-09 01:15 修改: 2025-01-09 22:15
nokogiri	CVE-2022-23437	中危	1.11.7	>= 1.13.4	xerces-j2: infinite loop when handling specially crafted XML document payloads 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23437 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 15:15 修改: 2023-08-08 14:22
nokogiri	GHSA-2qc6-mcvw-92cw	中危	1.11.7	>= 1.13.9	Update bundled libxml2 to v2.10.3 to resolve multiple CVEs 漏洞详情: https://github.com/advisories/GHSA-2qc6-mcvw-92cw 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-pxvg-2qj5-37jq	中危	1.11.7	>= 1.14.3	Update packaged libxml2 to v2.10.4 to resolve multiple CVEs 漏洞详情: https://github.com/advisories/GHSA-pxvg-2qj5-37jq 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-vcc3-rw6f-jv97	中危	1.11.7	1.15.6, 1.16.2	Use-after-free in libxml2 via Nokogiri::XML::Reader 漏洞详情: https://github.com/advisories/GHSA-vcc3-rw6f-jv97 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-xc9x-jj77-9p9j	中危	1.11.7	~> 1.15.6, >= 1.16.2	Use-after-free in libxml2 via Nokogiri::XML::Reader 漏洞详情: https://github.com/advisories/GHSA-xc9x-jj77-9p9j 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
nokogiri	GHSA-xxx9-3xcr-gjj3	中危	1.11.7	1.13.4	XML Injection in Xerces Java affects Nokogiri 漏洞详情: https://github.com/advisories/GHSA-xxx9-3xcr-gjj3 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
activesupport	CVE-2023-38037	中危	6.1.3.2	~> 6.1.7, >= 6.1.7.5, >= 7.0.7.1	rubygem-activesupport: File Disclosure of Locally Encrypted Files 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38037 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-09 01:15 修改: 2025-01-09 22:15
actionpack	CVE-2024-54133	中危	6.1.3.2	~> 7.0.8.7, ~> 7.1.5.1, ~> 7.2.2.1, >= 8.0.0.1	actionpack: Possible Content Security Policy bypass in Action Dispatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-54133 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-10 23:15 修改: 2024-12-10 23:15
actionpack	CVE-2024-54133	中危	6.1.3.2	~> 7.0.8.7, ~> 7.1.5.1, ~> 7.2.2.1, >= 8.0.0.1	actionpack: Possible Content Security Policy bypass in Action Dispatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-54133 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-10 23:15 修改: 2024-12-10 23:15
actionpack	CVE-2021-44528	中危	6.1.3.2	~> 6.0.4, >= 6.0.4.2, ~> 6.1.4, >= 6.1.4.2, >= 7.0.0.rc2	rubygem-actionpack: specially crafted "X-Forwarded-Host" headers may lead to open redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44528 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-10 14:10 修改: 2024-02-08 10:15
grpc	CVE-2023-32732	中危	1.30.2	>= 1.53.0	gRPC: denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32732 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-09 11:15 修改: 2023-08-02 16:43
grpc	CVE-2023-32732	中危	1.30.2	>= 1.53.0	gRPC: denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32732 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-09 11:15 修改: 2023-08-02 16:43
puma	CVE-2023-40175	中危	5.3.2	~> 5.6.7, >= 6.3.1	rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40175 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-18 22:15 修改: 2023-08-24 18:48
puma	CVE-2024-21647	中危	5.3.2	~> 5.6.8, >= 6.4.2	rubygem-puma: HTTP request smuggling when parsing chunked Transfer-Encoding Bodies 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21647 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-01-08 14:15 修改: 2024-01-11 17:31
puma	CVE-2024-45614	中危	5.3.2	~> 5.6.9, >= 6.4.3	rubygem-puma: Header normalization allows for client to clobber proxy set headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45614 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-19 23:15 修改: 2024-09-26 13:28
httparty	CVE-2024-22049	中危	0.16.4	>= 0.21.0	httparty before 0.21.0 is vulnerable to an assumed-immutable web param ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22049 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-01-04 21:15 修改: 2024-01-23 19:15
httparty	GHSA-5pq7-52mg-hr42	中危	0.16.4	>= 0.21.0	httparty has multipart/form-data request tampering vulnerability 漏洞详情: https://github.com/advisories/GHSA-5pq7-52mg-hr42 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
bundler	CVE-2021-43809	中危	2.1.4	>= 2.2.33	rubygem-bundler: unexpected code execution in Gemfiles 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43809 镜像层: sha256:570dcf4c33e28ad20c75c6c3dce05459738b56e165e056e5de7ed0e7b5c7007a 发布日期: 2021-12-08 19:15 修改: 2023-11-16 03:04
json-jwt	CVE-2023-51774	中危	1.13.0	~> 1.15.3, >= 1.15.3.1, >= 1.16.6	json-jwt: bypass of identity checks via a sign/encryption confusion attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51774 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-02-29 01:42 修改: 2024-08-26 20:35
carrierwave	CVE-2023-49090	中危	1.3.2	~> 2.2.5, >= 3.0.5	CarrierWave is a solution for file uploads for Rails, Sinatra and othe ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49090 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-29 15:15 修改: 2023-12-05 16:25
carrierwave	CVE-2024-29034	中危	1.3.2	~> 2.2.6, >= 3.0.7	CarrierWave content-Type allowlist bypass vulnerability which possibly leads to XSS remained 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29034 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-24 20:15 修改: 2024-03-25 01:51
actionpack	CVE-2021-44528	中危	6.1.3.2	~> 6.0.4, >= 6.0.4.2, ~> 6.1.4, >= 6.1.4.2, >= 7.0.0.rc2	rubygem-actionpack: specially crafted "X-Forwarded-Host" headers may lead to open redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44528 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-10 14:10 修改: 2024-02-08 10:15
loofah	CVE-2022-23515	中危	2.10.0	>= 2.19.1	rubygem-loofah: Improper neutralization of data URIs leading to Cross Site Scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23515 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 14:15 修改: 2024-02-01 16:11
actionview	CVE-2022-27777	中危	6.1.3.2	~> 5.2.7, >= 5.2.7.1, ~> 6.0.4, >= 6.0.4.8, ~> 6.1.5, >= 6.1.5.1, >= 7.0.2.4	tfm-rubygem-actionview: Possible cross-site scripting vulnerability in Action View tag helpers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27777 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-26 17:15 修改: 2023-03-14 08:15
actionview	CVE-2022-27777	中危	6.1.3.2	~> 5.2.7, >= 5.2.7.1, ~> 6.0.4, >= 6.0.4.8, ~> 6.1.5, >= 6.1.5.1, >= 7.0.2.4	tfm-rubygem-actionview: Possible cross-site scripting vulnerability in Action View tag helpers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27777 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-26 17:15 修改: 2023-03-14 08:15
loofah	CVE-2022-23515	中危	2.11.0	>= 2.19.1	rubygem-loofah: Improper neutralization of data URIs leading to Cross Site Scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23515 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 14:15 修改: 2024-02-01 16:11
commonmarker	GHSA-4qw4-jpp4-8gvp	中危	0.21.0	>= 0.23.6	Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service 漏洞详情: https://github.com/advisories/GHSA-4qw4-jpp4-8gvp 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
rack	CVE-2023-27539	中危	2.2.3	~> 2.0, >= 2.2.6.4, >= 3.0.6.1	rubygem-rack: denial of service in header parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-09 01:15 修改: 2025-01-09 22:15
rack	CVE-2023-27539	中危	2.2.3	~> 2.0, >= 2.2.6.4, >= 3.0.6.1	rubygem-rack: denial of service in header parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-09 01:15 修改: 2025-01-09 22:15
rack	CVE-2024-25126	中危	2.2.3	~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1	rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25126 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-02-29 00:15 修改: 2024-06-10 18:15
rack	CVE-2024-25126	中危	2.2.3	~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1	rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25126 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-02-29 00:15 修改: 2024-06-10 18:15
rack	CVE-2024-26141	中危	2.2.3	~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1	rubygem-rack: Possible DoS Vulnerability with Range Header in Rack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26141 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-02-29 00:15 修改: 2024-06-10 17:16
rack	CVE-2024-26141	中危	2.2.3	~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1	rubygem-rack: Possible DoS Vulnerability with Range Header in Rack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26141 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-02-29 00:15 修改: 2024-06-10 17:16
rack	CVE-2024-26146	中危	2.2.3	~> 2.0.9, >= 2.0.9.4, ~> 2.1.4, >= 2.1.4.4, ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1	rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26146 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-02-29 00:15 修改: 2024-06-10 18:15
rack	CVE-2024-26146	中危	2.2.3	~> 2.0.9, >= 2.0.9.4, ~> 2.1.4, >= 2.1.4.4, ~> 2.2.8, >= 2.2.8.1, >= 3.0.9.1	rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26146 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-02-29 00:15 修改: 2024-06-10 18:15
commonmarker	GHSA-636f-xm5j-pj9m	中危	0.21.0	>= 0.23.7	Several quadratic complexity bugs may lead to denial of service in Commonmarker 漏洞详情: https://github.com/advisories/GHSA-636f-xm5j-pj9m 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
commonmarker	GHSA-7vh7-fw88-wj87	中危	0.21.0	>= 0.23.10	Several quadratic complexity bugs may lead to denial of service in Commonmarker 漏洞详情: https://github.com/advisories/GHSA-7vh7-fw88-wj87 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
rails-html-sanitizer	CVE-2022-23518	中危	1.3.0	>= 1.4.4	rubygem-rails-html-sanitizer: Improper neutralization of data URIs leading to Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23518 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 17:15 修改: 2024-02-01 16:06
rails-html-sanitizer	CVE-2022-23518	中危	1.3.0	>= 1.4.4	rubygem-rails-html-sanitizer: Improper neutralization of data URIs leading to Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23518 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 17:15 修改: 2024-02-01 16:06
rails-html-sanitizer	CVE-2022-23519	中危	1.3.0	>= 1.4.4	rubygem-rails-html-sanitizer: Cross site scripting vulnerability with certain configurations 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23519 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 17:15 修改: 2024-02-01 15:59
rails-html-sanitizer	CVE-2022-23519	中危	1.3.0	>= 1.4.4	rubygem-rails-html-sanitizer: Cross site scripting vulnerability with certain configurations 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23519 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 17:15 修改: 2024-02-01 15:59
rails-html-sanitizer	CVE-2022-23520	中危	1.3.0	>= 1.4.4	rubygem-rails-html-sanitizer: Cross site scripting vulnerability with certain configurations 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23520 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 18:15 修改: 2024-02-01 16:52
rails-html-sanitizer	CVE-2022-23520	中危	1.3.0	>= 1.4.4	rubygem-rails-html-sanitizer: Cross site scripting vulnerability with certain configurations 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23520 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-14 18:15 修改: 2024-02-01 16:52
rails-html-sanitizer	CVE-2022-32209	中危	1.3.0	>= 1.4.3	rubygem-rails-html-sanitizer: possible xss with certain configurations 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32209 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-24 15:15 修改: 2024-02-01 16:22
rails-html-sanitizer	CVE-2022-32209	中危	1.3.0	>= 1.4.3	rubygem-rails-html-sanitizer: possible xss with certain configurations 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32209 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-24 15:15 修改: 2024-02-01 16:22
rdoc	CVE-2024-27281	中危	6.3.2	~> 6.3.4, >= 6.3.4.1, ~> 6.4.1, >= 6.4.1.1, >= 6.5.1.1	ruby: RCE vulnerability with .rdoc_options in RDoc 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27281 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-05-14 15:11 修改: 2024-08-20 14:35
rdoc	CVE-2024-27281	中危	6.3.2	~> 6.3.4, >= 6.3.4.1, ~> 6.4.1, >= 6.4.1.1, >= 6.5.1.1	ruby: RCE vulnerability with .rdoc_options in RDoc 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27281 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-05-14 15:11 修改: 2024-08-20 14:35
devise-two-factor	CVE-2021-43177	中危	4.0.0	>= 4.0.2	As a result of an incomplete fix for CVE-2015-7225, in versions of dev ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43177 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-11 20:15 修改: 2022-04-18 13:29
devise-two-factor	CVE-2024-8796	中危	4.0.0	>= 6.0.0	Under the default configuration, Devise-Two-Factor versions >= 2.2.0 & ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8796 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-17 18:15 修改: 2024-09-30 14:10
rexml	CVE-2024-35176	中危	3.2.4	>= 3.2.7	REXML: DoS parsing an XML with many `<`s in an attribute value 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35176 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-05-16 16:15 修改: 2024-05-17 18:36
rexml	CVE-2024-39908	中危	3.2.4	>= 3.3.2	rexml: DoS vulnerability in REXML 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39908 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-16 18:15 修改: 2025-01-17 20:15
rexml	CVE-2024-41123	中危	3.2.4	>= 3.3.3	rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]> 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41123 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-08-01 15:15 修改: 2024-12-27 16:15
rexml	CVE-2024-41946	中危	3.2.4	>= 3.3.3	rexml: DoS vulnerability in REXML 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41946 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-08-01 15:15 修改: 2025-01-17 20:15
rexml	CVE-2024-43398	中危	3.2.4	>= 3.3.6	rexml: DoS vulnerability in REXML 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43398 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-08-22 15:15 修改: 2025-01-03 12:15
actionpack	CVE-2022-22577	中危	6.1.3.2	~> 5.2.7, >= 5.2.7.1, ~> 6.0.4, >= 6.0.4.8, ~> 6.1.5, >= 6.1.5.1, >= 7.0.2.4	rubygem-actionpack: Possible cross-site scripting vulnerability in Action Pack 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22577 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-26 17:15 修改: 2023-03-14 08:15
rexml	CVE-2024-35176	中危	3.2.5	>= 3.2.7	REXML: DoS parsing an XML with many `<`s in an attribute value 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35176 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-05-16 16:15 修改: 2024-05-17 18:36
rexml	CVE-2024-39908	中危	3.2.5	>= 3.3.2	rexml: DoS vulnerability in REXML 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39908 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-16 18:15 修改: 2025-01-17 20:15
rexml	CVE-2024-41123	中危	3.2.5	>= 3.3.3	rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]> 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41123 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-08-01 15:15 修改: 2024-12-27 16:15
rexml	CVE-2024-41946	中危	3.2.5	>= 3.3.3	rexml: DoS vulnerability in REXML 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41946 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-08-01 15:15 修改: 2025-01-17 20:15
rexml	CVE-2024-43398	中危	3.2.5	>= 3.3.6	rexml: DoS vulnerability in REXML 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43398 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-08-22 15:15 修改: 2025-01-03 12:15
doorkeeper	CVE-2023-34246	中危	5.5.0.rc2	>= 5.6.6	Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34246 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-12 17:15 修改: 2024-12-09 05:15
fugit	CVE-2024-43380	中危	1.2.1	>= 1.11.1	fugit: Improper input validation in "natural" parser may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43380 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-08-19 15:15 修改: 2024-08-21 12:38
actionpack	CVE-2022-22577	中危	6.1.3.2	~> 5.2.7, >= 5.2.7.1, ~> 6.0.4, >= 6.0.4.8, ~> 6.1.5, >= 6.1.5.1, >= 7.0.2.4	rubygem-actionpack: Possible cross-site scripting vulnerability in Action Pack 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22577 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-26 17:15 修改: 2023-03-14 08:15
actionpack	CVE-2023-28362	中危	6.1.3.2	~> 6.1.7.4, >= 7.0.5.1	actionpack: Possible XSS via User Supplied Values to redirect_to 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28362 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-09 01:15 修改: 2025-01-09 22:15
sanitize	CVE-2023-23627	中危	5.2.1	>= 6.0.1	Sanitize is an allowlist-based HTML and CSS sanitizer. Versions 5.0.0 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23627 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-01-28 00:15 修改: 2023-02-06 19:05
nokogiri	CVE-2022-23437	中危	1.11.5	>= 1.13.4	xerces-j2: infinite loop when handling specially crafted XML document payloads 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23437 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 15:15 修改: 2023-08-08 14:22
sidekiq	CVE-2023-26141	中危	5.2.9	~> 6.5.10, >= 7.1.3	sidekiq: DoS in dashboard-charts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26141 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-14 05:15 修改: 2024-09-25 19:35
nokogiri	GHSA-2qc6-mcvw-92cw	中危	1.11.5	>= 1.13.9	Update bundled libxml2 to v2.10.3 to resolve multiple CVEs 漏洞详情: https://github.com/advisories/GHSA-2qc6-mcvw-92cw 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
yajl-ruby	CVE-2022-24795	中危	1.4.1	>= 1.4.2	yajl: heap-based buffer overflow when handling large inputs due to an integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24795 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-05 16:15 修改: 2023-11-07 03:44
actionpack	CVE-2024-41128	低危	6.1.3.2	~> 6.1.7.9, ~> 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1	rubygem-actionpack: Possible ReDoS vulnerability in query parameter filtering in Action Dispatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41128 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-10-16 18:15 修改: 2024-10-18 12:53
actionpack	CVE-2024-47887	低危	6.1.3.2	~> 6.1.7.9, ~> 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1	rubygem-actionpack: Possible ReDoS vulnerability in HTTP Token authentication in Action Controller 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47887 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-10-16 20:15 修改: 2024-10-18 12:53
actionpack	CVE-2024-47887	低危	6.1.3.2	~> 6.1.7.9, ~> 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1	rubygem-actionpack: Possible ReDoS vulnerability in HTTP Token authentication in Action Controller 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47887 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-10-16 20:15 修改: 2024-10-18 12:53
nokogiri	GHSA-r95h-9x8f-r3f7	低危	1.11.5	>= 1.16.5	Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459 漏洞详情: https://github.com/advisories/GHSA-r95h-9x8f-r3f7 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
actiontext	CVE-2024-47888	低危	6.1.3.2	~> 6.1.7.9, ~> 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1	rubygem-actiontext: Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47888 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-10-16 21:15 修改: 2024-10-18 12:53
actionmailer	CVE-2024-47889	低危	6.1.3.2	~> 6.1.7.9, ~> 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1	rubygem-actionmailer: Possible ReDoS vulnerability in block_format in Action Mailer 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47889 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-10-16 21:15 修改: 2024-10-18 12:53
nokogiri	GHSA-r95h-9x8f-r3f7	低危	1.11.7	>= 1.16.5	Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459 漏洞详情: https://github.com/advisories/GHSA-r95h-9x8f-r3f7 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
actionpack	CVE-2024-41128	低危	6.1.3.2	~> 6.1.7.9, ~> 7.0.8.5, ~> 7.1.4, >= 7.1.4.1, >= 7.2.1.1	rubygem-actionpack: Possible ReDoS vulnerability in query parameter filtering in Action Dispatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41128 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-10-16 18:15 修改: 2024-10-18 12:53
puma	CVE-2021-41136	低危	5.3.2	~> 4.3.9, >= 5.5.1	rubygem-puma: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in puma 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41136 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-10-12 16:15 修改: 2022-10-12 13:30

home/git/gitlab-shell/bin/check (gobinary)

低危漏洞:1

中危漏洞:30

高危漏洞:48

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210316092652-d523dce5a7f4	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.5	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.5	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.37.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210316092652-d523dce5a7f4	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2021-31525	中危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210428140749-89ef3d95e781	golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31525 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-27 13:15 修改: 2023-11-07 03:34
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210316092652-d523dce5a7f4	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210316092652-d523dce5a7f4	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
google.golang.org/grpc	CVE-2023-44487	中危	v1.37.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210316092652-d523dce5a7f4	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210412220455-f1c623a9e750	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

home/git/gitlab-shell/bin/gitlab-shell (gobinary)

低危漏洞:1

中危漏洞:30

高危漏洞:48

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210316092652-d523dce5a7f4	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.5	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.5	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.37.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210316092652-d523dce5a7f4	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2021-31525	中危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210428140749-89ef3d95e781	golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31525 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-27 13:15 修改: 2023-11-07 03:34
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210316092652-d523dce5a7f4	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210316092652-d523dce5a7f4	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
google.golang.org/grpc	CVE-2023-44487	中危	v1.37.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210316092652-d523dce5a7f4	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210412220455-f1c623a9e750	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

home/git/gitlab-shell/bin/gitlab-shell-authorized-keys-check (gobinary)

低危漏洞:1

中危漏洞:30

高危漏洞:48

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210316092652-d523dce5a7f4	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.5	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.5	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.37.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210316092652-d523dce5a7f4	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2021-31525	中危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210428140749-89ef3d95e781	golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31525 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-27 13:15 修改: 2023-11-07 03:34
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210316092652-d523dce5a7f4	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210316092652-d523dce5a7f4	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
google.golang.org/grpc	CVE-2023-44487	中危	v1.37.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210316092652-d523dce5a7f4	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210412220455-f1c623a9e750	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

home/git/gitlab-shell/bin/gitlab-shell-authorized-principals-check (gobinary)

低危漏洞:1

中危漏洞:30

高危漏洞:48

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210316092652-d523dce5a7f4	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.5	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.5	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.37.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210316092652-d523dce5a7f4	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2021-31525	中危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210428140749-89ef3d95e781	golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31525 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-27 13:15 修改: 2023-11-07 03:34
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210316092652-d523dce5a7f4	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210316092652-d523dce5a7f4	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
google.golang.org/grpc	CVE-2023-44487	中危	v1.37.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210316092652-d523dce5a7f4	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210412220455-f1c623a9e750	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

home/git/gitlab-shell/bin/gitlab-sshd (gobinary)

低危漏洞:1

中危漏洞:31

高危漏洞:51

严重漏洞:5

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/crypto	CVE-2024-45337	严重	v0.0.0-20201221181555-eec23a3978ad	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210316092652-d523dce5a7f4	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210316092652-d523dce5a7f4	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.5	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.5	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.37.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
github.com/pires/go-proxyproto	CVE-2021-23409	高危	v0.5.0	0.6.1	The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-07-21 07:15 修改: 2021-07-29 18:20
golang.org/x/crypto	CVE-2021-43565	高危	v0.0.0-20201221181555-eec23a3978ad	0.0.0-20211202192323-5770296d904e	golang.org/x/crypto: empty plaintext packet causes panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43565 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:39
golang.org/x/crypto	CVE-2022-27191	高危	v0.0.0-20201221181555-eec23a3978ad	0.0.0-20220314234659-1baeb1ce4c0b	golang: crash in a golang.org/x/crypto/ssh server 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27191 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-18 07:15 修改: 2023-11-07 03:45
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
google.golang.org/grpc	CVE-2023-44487	中危	v1.37.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210316092652-d523dce5a7f4	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210316092652-d523dce5a7f4	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210412220455-f1c623a9e750	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
golang.org/x/crypto	CVE-2023-48795	中危	v0.0.0-20201221181555-eec23a3978ad	0.17.0	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
golang.org/x/net	CVE-2021-31525	中危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210428140749-89ef3d95e781	golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31525 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-27 13:15 修改: 2023-11-07 03:34
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210316092652-d523dce5a7f4	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitaly (gobinary)

低危漏洞:1

中危漏洞:29

高危漏洞:49

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210505214959-0714010a04ed	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210505214959-0714010a04ed	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.6	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.6	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.38.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gopkg.in/yaml.v3	CVE-2022-28948	高危	v3.0.0-20200313102051-9f266ea9e77c	3.0.0-20220521103104-8f96da9f5d5e	golang-gopkg-yaml: crash when attempting to deserialize invalid input 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28948 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-19 20:15 修改: 2022-10-28 19:06
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210505214959-0714010a04ed	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210505214959-0714010a04ed	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210505214959-0714010a04ed	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210505214959-0714010a04ed	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/grpc	CVE-2023-44487	中危	v1.38.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210505214959-0714010a04ed	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210503173754-0981d6026fa6	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitaly-backup (gobinary)

低危漏洞:1

中危漏洞:30

高危漏洞:50

严重漏洞:5

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/crypto	CVE-2024-45337	严重	v0.0.0-20210506145944-38f3c27a63bf	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210505214959-0714010a04ed	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210505214959-0714010a04ed	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210505214959-0714010a04ed	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.6	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.6	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.38.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/crypto	CVE-2021-43565	高危	v0.0.0-20210506145944-38f3c27a63bf	0.0.0-20211202192323-5770296d904e	golang.org/x/crypto: empty plaintext packet causes panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43565 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:39
golang.org/x/crypto	CVE-2022-27191	高危	v0.0.0-20210506145944-38f3c27a63bf	0.0.0-20220314234659-1baeb1ce4c0b	golang: crash in a golang.org/x/crypto/ssh server 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27191 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-18 07:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/crypto	CVE-2023-48795	中危	v0.0.0-20210506145944-38f3c27a63bf	0.17.0	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210505214959-0714010a04ed	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210505214959-0714010a04ed	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
google.golang.org/grpc	CVE-2023-44487	中危	v1.38.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210505214959-0714010a04ed	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210505214959-0714010a04ed	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210503173754-0981d6026fa6	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitaly-blackbox (gobinary)

低危漏洞:1

中危漏洞:29

高危漏洞:48

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210505214959-0714010a04ed	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210505214959-0714010a04ed	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.6	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.6	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.38.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210505214959-0714010a04ed	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210503173754-0981d6026fa6	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210505214959-0714010a04ed	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210505214959-0714010a04ed	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210505214959-0714010a04ed	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/grpc	CVE-2023-44487	中危	v1.38.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210505214959-0714010a04ed	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitaly-debug (gobinary)

低危漏洞:1

中危漏洞:29

高危漏洞:48

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210505214959-0714010a04ed	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210505214959-0714010a04ed	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.6	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.6	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.38.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210505214959-0714010a04ed	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210503173754-0981d6026fa6	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210505214959-0714010a04ed	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210505214959-0714010a04ed	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210505214959-0714010a04ed	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/grpc	CVE-2023-44487	中危	v1.38.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210505214959-0714010a04ed	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitaly-git2go-v14 (gobinary)

低危漏洞:1

中危漏洞:30

高危漏洞:50

严重漏洞:5

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/crypto	CVE-2024-45337	严重	v0.0.0-20210506145944-38f3c27a63bf	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210505214959-0714010a04ed	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210505214959-0714010a04ed	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210505214959-0714010a04ed	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.6	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.6	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.38.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/crypto	CVE-2021-43565	高危	v0.0.0-20210506145944-38f3c27a63bf	0.0.0-20211202192323-5770296d904e	golang.org/x/crypto: empty plaintext packet causes panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43565 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:39
golang.org/x/crypto	CVE-2022-27191	高危	v0.0.0-20210506145944-38f3c27a63bf	0.0.0-20220314234659-1baeb1ce4c0b	golang: crash in a golang.org/x/crypto/ssh server 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27191 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-18 07:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/crypto	CVE-2023-48795	中危	v0.0.0-20210506145944-38f3c27a63bf	0.17.0	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210505214959-0714010a04ed	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210505214959-0714010a04ed	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
google.golang.org/grpc	CVE-2023-44487	中危	v1.38.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210505214959-0714010a04ed	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210505214959-0714010a04ed	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210503173754-0981d6026fa6	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitaly-hooks (gobinary)

低危漏洞:1

中危漏洞:29

高危漏洞:49

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210505214959-0714010a04ed	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210505214959-0714010a04ed	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.6	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.6	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.38.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gopkg.in/yaml.v3	CVE-2022-28948	高危	v3.0.0-20200313102051-9f266ea9e77c	3.0.0-20220521103104-8f96da9f5d5e	golang-gopkg-yaml: crash when attempting to deserialize invalid input 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28948 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-19 20:15 修改: 2022-10-28 19:06
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210505214959-0714010a04ed	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210505214959-0714010a04ed	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210505214959-0714010a04ed	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210505214959-0714010a04ed	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/grpc	CVE-2023-44487	中危	v1.38.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210505214959-0714010a04ed	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210503173754-0981d6026fa6	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitaly-lfs-smudge (gobinary)

低危漏洞:1

中危漏洞:30

高危漏洞:54

严重漏洞:6

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
github.com/git-lfs/git-lfs	CVE-2020-27955	严重	v1.5.1-0.20210304194248-2e1d981afbe3	2.12.1	Git LFS can execute a Git binary from the current directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27955 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2020-11-05 15:15 修改: 2021-12-16 20:35
golang.org/x/crypto	CVE-2024-45337	严重	v0.0.0-20210506145944-38f3c27a63bf	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/crypto	CVE-2021-43565	高危	v0.0.0-20210506145944-38f3c27a63bf	0.0.0-20211202192323-5770296d904e	golang.org/x/crypto: empty plaintext packet causes panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43565 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:39
golang.org/x/crypto	CVE-2022-27191	高危	v0.0.0-20210506145944-38f3c27a63bf	0.0.0-20220314234659-1baeb1ce4c0b	golang: crash in a golang.org/x/crypto/ssh server 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27191 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-18 07:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210505214959-0714010a04ed	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210505214959-0714010a04ed	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210505214959-0714010a04ed	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.6	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.6	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.38.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gopkg.in/yaml.v3	CVE-2022-28948	高危	v3.0.0-20200313102051-9f266ea9e77c	3.0.0-20220521103104-8f96da9f5d5e	golang-gopkg-yaml: crash when attempting to deserialize invalid input 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28948 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-19 20:15 修改: 2022-10-28 19:06
github.com/git-lfs/git-lfs	CVE-2021-21237	高危	v1.5.1-0.20210304194248-2e1d981afbe3	2.13.2	Git LFS can execute a Git binary from the current directory on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21237 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-01-15 18:15 修改: 2021-01-29 22:18
github.com/git-lfs/git-lfs	CVE-2024-53263	高危	v1.5.1-0.20210304194248-2e1d981afbe3		git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-53263 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2025-01-14 20:15 修改: 2025-01-14 20:15
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
github.com/git-lfs/git-lfs	CVE-2017-17831	高危	v1.5.1-0.20210304194248-2e1d981afbe3	2.1.1-0.20170519163204-f913f5f9c7c6	GitHub Git LFS Arbitrary command execution vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17831 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2017-12-21 06:29 修改: 2019-08-01 12:14
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210505214959-0714010a04ed	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210505214959-0714010a04ed	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
google.golang.org/grpc	CVE-2023-44487	中危	v1.38.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210505214959-0714010a04ed	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210505214959-0714010a04ed	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210503173754-0981d6026fa6	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
golang.org/x/crypto	CVE-2023-48795	中危	v0.0.0-20210506145944-38f3c27a63bf	0.17.0	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitaly-ssh (gobinary)

低危漏洞:1

中危漏洞:29

高危漏洞:48

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210505214959-0714010a04ed	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210505214959-0714010a04ed	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.6	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.6	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.38.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210505214959-0714010a04ed	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210503173754-0981d6026fa6	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210505214959-0714010a04ed	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210505214959-0714010a04ed	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210505214959-0714010a04ed	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/grpc	CVE-2023-44487	中危	v1.38.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210505214959-0714010a04ed	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitaly-wrapper (gobinary)

低危漏洞:1

中危漏洞:23

高危漏洞:39

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210503173754-0981d6026fa6	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitlab-pages (gobinary)

低危漏洞:2

中危漏洞:32

高危漏洞:53

严重漏洞:5

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/crypto	CVE-2024-45337	严重	v0.0.0-20200622213623-75b288015ac9	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/crypto	CVE-2022-27191	高危	v0.0.0-20200622213623-75b288015ac9	0.0.0-20220314234659-1baeb1ce4c0b	golang: crash in a golang.org/x/crypto/ssh server 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27191 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-18 07:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20201202161906-c7110b5ffcbb	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20201202161906-c7110b5ffcbb	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20201202161906-c7110b5ffcbb	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20201202161906-c7110b5ffcbb	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20201202161906-c7110b5ffcbb	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.3	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.3	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.24.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gopkg.in/yaml.v3	CVE-2022-28948	高危	v3.0.0-20200605160147-a5ece683394c	3.0.0-20220521103104-8f96da9f5d5e	golang-gopkg-yaml: crash when attempting to deserialize invalid input 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28948 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-19 20:15 修改: 2022-10-28 19:06
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.6.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
github.com/pires/go-proxyproto	CVE-2021-23409	高危	v0.2.0	0.6.1	The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-07-21 07:15 修改: 2021-07-29 18:20
golang.org/x/crypto	CVE-2020-29652	高危	v0.0.0-20200622213623-75b288015ac9	0.0.0-20201216223049-8b5274cf687f	golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29652 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2020-12-17 05:15 修改: 2023-11-07 03:21
golang.org/x/crypto	CVE-2021-43565	高危	v0.0.0-20200622213623-75b288015ac9	0.0.0-20211202192323-5770296d904e	golang.org/x/crypto: empty plaintext packet causes panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43565 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210615035016-665e8c7367d1	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
golang.org/x/crypto	CVE-2023-48795	中危	v0.0.0-20200622213623-75b288015ac9	0.17.0	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
github.com/pires/go-proxyproto	CVE-2021-23351	中危	v0.2.0	0.5.0	The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23351 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-03-08 05:15 修改: 2023-11-07 03:30
golang.org/x/net	CVE-2021-31525	中危	v0.0.0-20201202161906-c7110b5ffcbb	0.0.0-20210428140749-89ef3d95e781	golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31525 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-27 13:15 修改: 2023-11-07 03:34
google.golang.org/grpc	CVE-2023-44487	中危	v1.24.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.21.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20201202161906-c7110b5ffcbb	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20201202161906-c7110b5ffcbb	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20201202161906-c7110b5ffcbb	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20201202161906-c7110b5ffcbb	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
github.com/golang-jwt/jwt/v4	CVE-2024-51744	低危	v4.0.0	4.5.1	golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51744 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-11-04 22:15 修改: 2024-11-05 16:04
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitlab-resize-image (gobinary)

低危漏洞:2

中危漏洞:25

高危漏洞:40

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/image	CVE-2024-24792	高危	v0.0.0-20191009234506-e7c1f5e7dbb8	0.18.0	Parsing a corrupt or malicious image with invalid color indices can ca ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24792 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-27 18:15 修改: 2024-08-01 13:47
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/image	CVE-2023-29407	中危	v0.0.0-20191009234506-e7c1f5e7dbb8	0.10.0	golang.org/x/image/tiff: excessive CPU consumption in decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29407 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:11
golang.org/x/image	CVE-2023-29408	中危	v0.0.0-20191009234506-e7c1f5e7dbb8	0.10.0	golang.org/x/image/tiff: TIFF decoder does not place a limit on the size of compressed tile data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29408 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:11
golang.org/x/image	CVE-2022-41727	中危	v0.0.0-20191009234506-e7c1f5e7dbb8	0.5.0	golang.org/x/image: Uncontrolled Resource Consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41727 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
github.com/disintegration/imaging	CVE-2023-36308	低危	v1.6.2		disintegration Imaging 1.6.2 allows attackers to cause a panic (becaus ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36308 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-05 04:15 修改: 2024-08-02 17:16
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitlab-workhorse (gobinary)

低危漏洞:1

中危漏洞:34

高危漏洞:53

严重漏洞:5

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
golang.org/x/crypto	CVE-2024-45337	严重	v0.0.0-20201203163018-be400aefbc4c	0.31.0	golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45337 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-12 02:02 修改: 2024-12-12 21:15
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/crypto	CVE-2022-27191	高危	v0.0.0-20201203163018-be400aefbc4c	0.0.0-20220314234659-1baeb1ce4c0b	golang: crash in a golang.org/x/crypto/ssh server 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27191 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-18 07:15 修改: 2023-11-07 03:45
golang.org/x/image	CVE-2024-24792	高危	v0.0.0-20191009234506-e7c1f5e7dbb8	0.18.0	Parsing a corrupt or malicious image with invalid color indices can ca ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24792 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-27 18:15 修改: 2024-08-01 13:47
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210316092652-d523dce5a7f4	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210316092652-d523dce5a7f4	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.5	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.5	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.37.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
github.com/dgrijalva/jwt-go	CVE-2020-26160	高危	v3.2.0+incompatible		jwt-go: access restriction bypass vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26160 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2020-09-30 18:15 修改: 2021-07-21 11:39
golang.org/x/crypto	CVE-2020-29652	高危	v0.0.0-20201203163018-be400aefbc4c	0.0.0-20201216223049-8b5274cf687f	golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29652 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2020-12-17 05:15 修改: 2023-11-07 03:21
golang.org/x/crypto	CVE-2021-43565	高危	v0.0.0-20201203163018-be400aefbc4c	0.0.0-20211202192323-5770296d904e	golang.org/x/crypto: empty plaintext packet causes panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43565 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/image	CVE-2022-41727	中危	v0.0.0-20191009234506-e7c1f5e7dbb8	0.5.0	golang.org/x/image: Uncontrolled Resource Consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41727 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
golang.org/x/image	CVE-2023-29407	中危	v0.0.0-20191009234506-e7c1f5e7dbb8	0.10.0	golang.org/x/image/tiff: excessive CPU consumption in decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29407 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:11
golang.org/x/image	CVE-2023-29408	中危	v0.0.0-20191009234506-e7c1f5e7dbb8	0.10.0	golang.org/x/image/tiff: TIFF decoder does not place a limit on the size of compressed tile data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29408 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:11
google.golang.org/grpc	CVE-2023-44487	中危	v1.37.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/crypto	CVE-2023-48795	中危	v0.0.0-20201203163018-be400aefbc4c	0.17.0	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-18 16:15 修改: 2024-12-02 14:54
golang.org/x/net	CVE-2021-31525	中危	v0.0.0-20210316092652-d523dce5a7f4	0.0.0-20210428140749-89ef3d95e781	golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31525 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-27 13:15 修改: 2023-11-07 03:34
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210316092652-d523dce5a7f4	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210316092652-d523dce5a7f4	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210316092652-d523dce5a7f4	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210316092652-d523dce5a7f4	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210412220455-f1c623a9e750	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitlab-zip-cat (gobinary)

低危漏洞:1

中危漏洞:23

高危漏洞:39

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210412220455-f1c623a9e750	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/gitlab-zip-metadata (gobinary)

低危漏洞:1

中危漏洞:23

高危漏洞:39

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210412220455-f1c623a9e750	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

usr/local/bin/praefect (gobinary)

低危漏洞:1

中危漏洞:29

高危漏洞:49

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2022-23806	严重	1.17	1.16.14, 1.17.7	golang: crypto/elliptic: IsOnCurve returns true for invalid field elements 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23806 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2023-24538	严重	1.17	1.19.8, 1.20.3	golang: html/template: backticks not treated as string delimiters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24538 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24540	严重	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of JavaScript whitespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24540 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2023-11-07 04:08
stdlib	CVE-2024-24790	严重	1.17	1.21.11, 1.22.4	golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
golang.org/x/net	CVE-2023-39325	高危	v0.0.0-20210505214959-0714010a04ed	0.17.0	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
golang.org/x/net	CVE-2024-45338	高危	v0.0.0-20210505214959-0714010a04ed	0.33.0	golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45338 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-12-18 21:15 修改: 2024-12-31 20:16
golang.org/x/text	CVE-2021-38561	高危	v0.3.6	0.3.7	golang: out-of-bounds read in golang.org/x/text/language leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38561 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-26 06:15 修改: 2023-01-05 04:52
golang.org/x/text	CVE-2022-32149	高危	v0.3.6	0.3.8	golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32149 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2022-10-18 17:41
google.golang.org/grpc	GHSA-m425-mq94-257g	高危	v1.38.0	1.56.3, 1.57.1, 1.58.3	gRPC-Go HTTP/2 Rapid Reset vulnerability 漏洞详情: https://github.com/advisories/GHSA-m425-mq94-257g 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gopkg.in/yaml.v3	CVE-2022-28948	高危	v3.0.0-20200313102051-9f266ea9e77c	3.0.0-20220521103104-8f96da9f5d5e	golang-gopkg-yaml: crash when attempting to deserialize invalid input 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28948 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-05-19 20:15 修改: 2022-10-28 19:06
github.com/prometheus/client_golang	CVE-2022-21698	高危	v1.10.0	1.11.1	prometheus/client_golang: Denial of service using InstrumentHandlerCounter 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21698 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-15 16:15 修改: 2023-11-07 03:43
golang.org/x/net	CVE-2021-33194	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20210520170846-37e1c6afe023	golang: x/net/html: infinite loop in ParseFragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33194 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-05-26 15:15 修改: 2023-11-07 03:35
golang.org/x/net	CVE-2022-27664	高危	v0.0.0-20210505214959-0714010a04ed	0.0.0-20220906165146-f3363e06e74c	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
golang.org/x/net	CVE-2022-41723	高危	v0.0.0-20210505214959-0714010a04ed	0.7.0	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2021-39293	高危	1.17	1.16.8, 1.17.1	golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39293 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-24 01:15 修改: 2023-04-20 00:15
stdlib	CVE-2021-41771	高危	1.17	1.16.10, 1.17.3	golang: debug/macho: invalid dynamic symbol table command can cause panic 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41771 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-41772	高危	1.17	1.16.10, 1.17.3	golang: archive/zip: Reader.Open panics on empty string 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2021-11-08 06:15 修改: 2023-11-07 03:39
stdlib	CVE-2021-44716	高危	1.17	1.16.12, 1.17.5	golang: net/http: limit growth of header canonicalization cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-04-20 00:15
stdlib	CVE-2022-23772	高危	1.17	1.16.14, 1.17.7	golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23772 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-02-11 01:15 修改: 2022-11-09 21:51
stdlib	CVE-2022-24675	高危	1.17	1.17.9, 1.18.1	golang: encoding/pem: fix stack overflow in Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24675 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:44
stdlib	CVE-2022-24921	高危	1.17	1.16.15, 1.17.8	golang: regexp: stack exhaustion via a deeply nested expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24921 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-03-05 20:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-27664	高危	1.17	1.18.6, 1.19.1	golang: net/http: handle server errors after sending GOAWAY 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27664 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-09-06 18:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28131	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Decoder.Skip 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28131 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-28327	高危	1.17	1.17.9, 1.18.1	golang: crypto/elliptic: panic caused by oversized scalar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28327 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-04-20 10:15 修改: 2023-11-07 03:45
stdlib	CVE-2022-2879	高危	1.17	1.18.7, 1.19.2	golang: archive/tar: unbounded memory consumption when reading headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2879 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-2880	高危	1.17	1.18.7, 1.19.2	golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2880 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-29804	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29804 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-30580	高危	1.17	1.17.11, 1.18.3	golang: os/exec: Code injection in Cmd.Start 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30580 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30630	高危	1.17	1.17.12, 1.18.4	golang: io/fs: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30630 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30631	高危	1.17	1.17.12, 1.18.4	golang: compress/gzip: stack exhaustion in Reader.Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30631 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30632	高危	1.17	1.17.12, 1.18.4	golang: path/filepath: stack exhaustion in Glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30632 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30633	高危	1.17	1.17.12, 1.18.4	golang: encoding/xml: stack exhaustion in Unmarshal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30633 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30634	高危	1.17	1.17.11, 1.18.3	ELSA-2022-17957: ol8addon security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30634 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-07-15 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-30635	高危	1.17	1.17.12, 1.18.4	golang: encoding/gob: stack exhaustion in Decoder.Decode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30635 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-32189	高危	1.17	1.17.13, 1.18.5	golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32189 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-03-03 15:39
stdlib	CVE-2022-41715	高危	1.17	1.18.7, 1.19.2	golang: regexp/syntax: limit memory used by parsing regexps 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41715 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-10-14 15:16 修改: 2023-11-25 11:15
stdlib	CVE-2022-41716	高危	1.17	1.18.8, 1.19.3	Due to unsanitized NUL values, attackers may be able to maliciously se ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41716 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-11-02 16:15 修改: 2024-10-30 14:35
stdlib	CVE-2022-41720	高危	1.17	1.18.9, 1.19.4	golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41720 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-07 17:15 修改: 2022-12-12 14:58
stdlib	CVE-2022-41722	高危	1.17	1.19.6, 1.20.1	golang: path/filepath: path-filepath filepath.Clean path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41722 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-07 03:52
stdlib	CVE-2022-41723	高危	1.17	1.19.6, 1.20.1	golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41723 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41724	高危	1.17	1.19.6, 1.20.1	golang: crypto/tls: large handshake records may cause panics 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41724 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2022-41725	高危	1.17	1.19.6, 1.20.1	golang: net/http, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41725 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-02-28 18:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24534	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto: denial of service from excessive memory allocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24534 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24536	高危	1.17	1.19.8, 1.20.3	golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24536 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-24537	高危	1.17	1.19.8, 1.20.3	golang: go/parser: Infinite loop in parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24537 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-04-06 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-24539	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper sanitization of CSS values 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24539 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-11-29 12:15
stdlib	CVE-2023-29400	高危	1.17	1.19.9, 1.20.4	golang: html/template: improper handling of empty HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29400 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-05-11 16:15 修改: 2024-12-13 14:15
stdlib	CVE-2023-29403	高危	1.17	1.19.10, 1.20.5	golang: runtime: unexpected behavior of setuid/setgid binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29403 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-06-08 21:15 修改: 2025-01-06 20:15
stdlib	CVE-2023-39325	高危	1.17	1.20.10, 1.21.3	golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39325 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-11 22:15 修改: 2024-04-28 04:15
stdlib	CVE-2023-45283	高危	1.17	1.20.11, 1.21.4, 1.20.12, 1.21.5	The filepath package does not recognize paths with a \??\ prefix as sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45283 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2023-12-14 10:15
stdlib	CVE-2023-45287	高危	1.17	1.20.0	golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45287 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-05 17:15 修改: 2024-01-12 14:15
stdlib	CVE-2023-45288	高危	1.17	1.21.9, 1.22.2	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib	CVE-2024-34156	高危	1.17	1.22.7, 1.23.1	encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
golang.org/x/net	CVE-2022-41717	中危	v0.0.0-20210505214959-0714010a04ed	0.4.0	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
golang.org/x/net	CVE-2023-3978	中危	v0.0.0-20210505214959-0714010a04ed	0.13.0	golang.org/x/net/html: Cross site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3978 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-07 04:20
golang.org/x/net	CVE-2023-44487	中危	v0.0.0-20210505214959-0714010a04ed	0.17.0	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/grpc	CVE-2023-44487	中危	v1.38.0	1.58.3, 1.57.1, 1.56.3	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
google.golang.org/protobuf	CVE-2024-24786	中危	v1.26.0	1.33.0	golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24786 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 17:35
golang.org/x/net	CVE-2023-45288	中危	v0.0.0-20210505214959-0714010a04ed	0.23.0	golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
golang.org/x/sys	CVE-2022-29526	中危	v0.0.0-20210503173754-0981d6026fa6	0.0.0-20220412211240-33da011f77ad	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2021-44717	中危	1.17	1.16.12, 1.17.5	golang: syscall: don't close fd 0 on ForkExec error 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-01-01 05:15 修改: 2023-08-08 14:22
stdlib	CVE-2022-1705	中危	1.17	1.17.12, 1.18.4	golang: net/http: improper sanitization of Transfer-Encoding header 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1705 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-1962	中危	1.17	1.17.12, 1.18.4	golang: go/parser: stack exhaustion in all Parse* functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1962 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:42
stdlib	CVE-2022-29526	中危	1.17	1.17.10, 1.18.2	golang: syscall: faccessat checks wrong group 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29526 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-06-23 17:15 修改: 2023-11-07 03:46
stdlib	CVE-2022-32148	中危	1.17	1.17.12, 1.18.4	golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32148 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47
stdlib	CVE-2022-41717	中危	1.17	1.18.9, 1.19.4	golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41717 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-12-08 20:15 修改: 2024-01-18 03:15
stdlib	CVE-2023-24532	中危	1.17	1.19.7, 1.20.2	golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24532 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-03-08 20:15 修改: 2023-11-07 04:08
stdlib	CVE-2023-29406	中危	1.17	1.19.11, 1.20.6	golang: net/http: insufficient sanitization of Host header 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29406 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-07-11 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-29409	中危	1.17	1.19.12, 1.20.7, 1.21.0-rc.4	golang: crypto/tls: slow verification of certificate chains containing large RSA keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29409 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-08-02 20:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39318	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of HTML-like comments within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39318 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39319	中危	1.17	1.20.8, 1.21.1	golang: html/template: improper handling of special tags within script contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39319 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-09-08 17:15 修改: 2023-11-25 11:15
stdlib	CVE-2023-39326	中危	1.17	1.20.12, 1.21.5	golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39326 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-12-06 17:15 修改: 2024-01-20 04:15
stdlib	CVE-2023-45284	中危	1.17	1.20.11, 1.21.4	On Windows, The IsLocal function does not correctly detect reserved de ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45284 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2023-11-09 17:15 修改: 2024-09-03 19:35
stdlib	CVE-2023-45289	中危	1.17	1.21.8, 1.22.1	golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib	CVE-2023-45290	中危	1.17	1.21.8, 1.22.1	golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib	CVE-2024-24783	中危	1.17	1.21.8, 1.22.1	golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib	CVE-2024-24784	中危	1.17	1.21.8, 1.22.1	golang: net/mail: comments in display names are incorrectly handled 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib	CVE-2024-24785	中危	1.17	1.21.8, 1.22.1	golang: html/template: errors returned from MarshalJSON methods may break template escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib	CVE-2024-24789	中危	1.17	1.21.11, 1.22.4	golang: archive/zip: Incorrect handling of certain ZIP files 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib	CVE-2024-24791	中危	1.17	1.21.12, 1.22.5	net/http: Denial of service due to improper 100-continue handling in net/http 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib	CVE-2024-34155	中危	1.17	1.22.7, 1.23.1	go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib	CVE-2024-34158	中危	1.17	1.22.7, 1.23.1	go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35
stdlib	CVE-2022-30629	低危	1.17	1.17.11, 1.18.3	golang: crypto/tls: session tickets lack random ticket_age_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30629 镜像层: sha256:e60e15209278e7abf3ad8cbdeb3ed17cd2cf367c68e07e8e27578dd1920dcb57 发布日期: 2022-08-10 20:15 修改: 2023-11-07 03:47

/home/git/gitlab/qa/tls_certificates/authority/ca.pem ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/controllers/projects/settings/operations_controller_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/features/projects/services/user_activates_slack_notifications_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/fixtures/ssl_key.pem ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/models/integrations/prometheus_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/lib/api/helpers/integrations_helpers.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/app/models/integrations/prometheus.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/fixtures/clusters/sample_key.key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/lib/gitlab/auth/ldap/config_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/lib/json_web_token/rsa_token_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/support/helpers/gpg_helpers.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitaly/ruby/spec/support/helpers/certs/gitalykey.pem ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/etc/ssl/private/ssl-cert-snakeoil.key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/qa/tls_certificates/authority/ca.key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/qa/tls_certificates/client/client.pem ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/etc/ssh/ssh_host_ed25519_key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/etc/ssh/ssh_host_rsa_key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/config/secrets.yml ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/qa/tls_certificates/client/client.key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/factories/pages_domains.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/fixtures/x509_certificate_pk.key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/home/git/gitlab/spec/lib/gitlab/middleware/handle_malformed_strings_spec.rb ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息

/etc/ssh/ssh_host_ecdsa_key ()

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息