| expat |
CVE-2025-59375 |
高危 |
2.5.0-1.el9 |
2.5.0-5.el9_7.1 |
firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-09-15 03:15 修改: 2026-06-17 09:46
|
| expat |
CVE-2026-45186 |
高危 |
2.5.0-1.el9 |
2.5.0-6.el9_8.1 |
libexpat: denial of service via crafted XML input
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-05-10 07:16 修改: 2026-06-30 03:20
|
| glib2 |
CVE-2026-58016 |
高危 |
2.68.4-11.el9 |
|
glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58016
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-30 13:19 修改: 2026-07-01 17:46
|
| glibc |
CVE-2024-2961 |
高危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: Out of bounds write in iconv may lead to remote code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25
|
| glibc |
CVE-2024-33599 |
高危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: stack-based buffer overflow in netgroup cache
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-common |
CVE-2024-2961 |
高危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: Out of bounds write in iconv may lead to remote code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25
|
| glibc-common |
CVE-2024-33599 |
高危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: stack-based buffer overflow in netgroup cache
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-minimal-langpack |
CVE-2024-2961 |
高危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: Out of bounds write in iconv may lead to remote code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25
|
| glibc-minimal-langpack |
CVE-2024-33599 |
高危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: stack-based buffer overflow in netgroup cache
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| gnupg2 |
CVE-2025-68973 |
高危 |
2.3.3-4.el9 |
2.3.3-5.el9_7 |
GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-12-28 17:16 修改: 2026-06-17 09:59
|
| gnutls |
CVE-2026-33845 |
高危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-30 18:16 修改: 2026-07-02 12:17
|
| gnutls |
CVE-2026-33846 |
高危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-04 10:15 修改: 2026-07-02 12:17
|
| gnutls |
CVE-2026-42009 |
高危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-18 13:16 修改: 2026-07-02 12:17
|
| gnutls |
CVE-2026-42010 |
高危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Authentication Bypass via NUL Character in Username
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-07 12:16 修改: 2026-06-30 03:19
|
| krb5-libs |
CVE-2024-3596 |
高危 |
1.21.1-1.el9 |
1.21.1-4.el9_5 |
freeradius: forgery attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
|
| less |
CVE-2024-32487 |
高危 |
590-2.el9_2 |
590-4.el9_4 |
less: OS command injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32487
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-04-13 15:15 修改: 2026-06-17 07:29
|
| libacl |
CVE-2026-54369 |
高危 |
2.3.1-3.el9 |
|
acl: Symlink traversal privilege escalation via libacl functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54369
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-29 14:16 修改: 2026-07-02 12:17
|
| libarchive |
CVE-2025-5914 |
高危 |
3.5.3-4.el9 |
3.5.3-6.el9_6 |
libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5914
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-09 20:15 修改: 2026-06-30 11:16
|
| libarchive |
CVE-2026-4111 |
高危 |
3.5.3-4.el9 |
3.5.3-7.el9_7 |
libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4111
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-13 19:55 修改: 2026-06-30 03:20
|
| libarchive |
CVE-2026-4424 |
高危 |
3.5.3-4.el9 |
3.5.3-9.el9_7 |
libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4424
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-19 15:16 修改: 2026-06-30 03:20
|
| libcap |
CVE-2026-4878 |
高危 |
2.48-9.el9_2 |
2.48-10.el9_8.1 |
libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-09 16:16 修改: 2026-07-02 12:17
|
| libnghttp2 |
CVE-2026-27135 |
高危 |
1.43.0-5.el9_3.1 |
1.43.0-6.el9_7.1 |
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-18 18:16 修改: 2026-06-30 03:17
|
| libxml2 |
CVE-2024-56171 |
高危 |
2.9.13-5.el9_3 |
2.9.13-6.el9_5.2 |
libxml2: Use-After-Free in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56171
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-02-18 22:15 修改: 2026-06-17 08:11
|
| libxml2 |
CVE-2025-24928 |
高危 |
2.9.13-5.el9_3 |
2.9.13-6.el9_5.2 |
libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24928
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-02-18 23:15 修改: 2026-06-17 08:59
|
| libxml2 |
CVE-2025-49794 |
高危 |
2.9.13-5.el9_3 |
2.9.13-10.el9_6 |
libxml: Heap use after free (UAF) leads to Denial of service (DoS)
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49794
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-16 16:15 修改: 2026-06-29 21:16
|
| libxml2 |
CVE-2025-49796 |
高危 |
2.9.13-5.el9_3 |
2.9.13-10.el9_6 |
libxml: Type confusion leads to Denial of service (DoS)
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49796
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-16 16:15 修改: 2026-06-29 21:16
|
| libxml2 |
CVE-2025-7425 |
高危 |
2.9.13-5.el9_3 |
2.9.13-11.el9_6 |
libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-07-10 14:15 修改: 2026-06-29 21:16
|
| openssl-libs |
CVE-2024-12797 |
高危 |
1:3.0.7-24.el9 |
1:3.2.2-6.el9_5.1 |
openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12797
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-02-11 16:15 修改: 2026-06-17 07:00
|
| openssl-libs |
CVE-2025-15467 |
高危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16
|
| openssl-libs |
CVE-2026-45447 |
高危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-07-01 13:17
|
| python-unversioned-command |
CVE-2023-6597 |
高危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.1 |
python: Path traversal on tempfile.TemporaryDirectory
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-03-19 16:15 修改: 2026-06-17 06:51
|
| python-unversioned-command |
CVE-2024-12718 |
高危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: python: Bypass extraction filter to modify file metadata outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 07:00
|
| python-unversioned-command |
CVE-2025-4138 |
高危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:32
|
| python-unversioned-command |
CVE-2025-4517 |
高危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
python: cpython: Arbitrary writes via tarfile realpath overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python-unversioned-command |
CVE-2026-4519 |
高危 |
3.9.18-1.el9_3 |
3.9.25-7.el9_8 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20
|
| python-unversioned-command |
CVE-2026-4786 |
高危 |
3.9.18-1.el9_3 |
3.9.25-7.el9_8 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-13 22:16 修改: 2026-06-30 03:20
|
| python-unversioned-command |
CVE-2026-6100 |
高危 |
3.9.18-1.el9_3 |
3.9.25-7.el9_8 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21
|
| python3 |
CVE-2023-6597 |
高危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.1 |
python: Path traversal on tempfile.TemporaryDirectory
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-03-19 16:15 修改: 2026-06-17 06:51
|
| python3 |
CVE-2024-12718 |
高危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: python: Bypass extraction filter to modify file metadata outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 07:00
|
| python3 |
CVE-2025-4138 |
高危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:32
|
| python3 |
CVE-2025-4517 |
高危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
python: cpython: Arbitrary writes via tarfile realpath overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3 |
CVE-2026-4519 |
高危 |
3.9.18-1.el9_3 |
3.9.25-7.el9_8 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20
|
| python3 |
CVE-2026-4786 |
高危 |
3.9.18-1.el9_3 |
3.9.25-7.el9_8 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-13 22:16 修改: 2026-06-30 03:20
|
| python3 |
CVE-2026-6100 |
高危 |
3.9.18-1.el9_3 |
3.9.25-7.el9_8 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21
|
| python3-libs |
CVE-2023-6597 |
高危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.1 |
python: Path traversal on tempfile.TemporaryDirectory
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-03-19 16:15 修改: 2026-06-17 06:51
|
| python3-libs |
CVE-2024-12718 |
高危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: python: Bypass extraction filter to modify file metadata outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 07:00
|
| python3-libs |
CVE-2025-4138 |
高危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:32
|
| python3-libs |
CVE-2025-4517 |
高危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
python: cpython: Arbitrary writes via tarfile realpath overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3-libs |
CVE-2026-4519 |
高危 |
3.9.18-1.el9_3 |
3.9.25-7.el9_8 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20
|
| python3-libs |
CVE-2026-4786 |
高危 |
3.9.18-1.el9_3 |
3.9.25-7.el9_8 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-13 22:16 修改: 2026-06-30 03:20
|
| python3-libs |
CVE-2026-6100 |
高危 |
3.9.18-1.el9_3 |
3.9.25-7.el9_8 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21
|
| python3-setuptools-wheel |
CVE-2024-6345 |
高危 |
53.0.0-12.el9 |
53.0.0-12.el9_4.1 |
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-07-15 01:15 修改: 2026-06-17 08:17
|
| sqlite-libs |
CVE-2025-6965 |
高危 |
3.34.1-6.el9_1 |
3.34.1-9.el9_7 |
sqlite: Integer Truncation in SQLite
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6965
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-07-15 14:15 修改: 2026-06-26 16:36
|
| glibc |
CVE-2023-4806 |
中危 |
2.34-83.el9_3.7 |
2.34-100.el9 |
glibc: potential use-after-free in getaddrinfo()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
|
| glibc |
CVE-2023-4813 |
中危 |
2.34-83.el9_3.7 |
2.34-100.el9 |
glibc: potential use-after-free in gaih_inet()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
|
| glibc |
CVE-2024-33600 |
中危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: null pointer dereferences after failed netgroup cache insertion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc |
CVE-2025-0395 |
中危 |
2.34-83.el9_3.7 |
2.34-125.el9_5.8 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
|
| glibc |
CVE-2025-4802 |
中危 |
2.34-83.el9_3.7 |
2.34-168.el9_6.19 |
glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
|
| glibc |
CVE-2025-5702 |
中危 |
2.34-83.el9_3.7 |
2.34-168.el9_6.20 |
glibc: Vector register overwrite bug in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5702
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-05 19:15 修改: 2026-06-17 09:48
|
| glibc |
CVE-2025-8058 |
中危 |
2.34-83.el9_3.7 |
2.34-168.el9_6.23 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06
|
| glibc |
CVE-2026-0915 |
中危 |
2.34-83.el9_3.7 |
2.34-231.el9_7.10 |
glibc: glibc: Information disclosure via zero-valued network query
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
|
| glibc |
CVE-2026-4046 |
中危 |
2.34-83.el9_3.7 |
2.34-270.el9_8 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| glibc |
CVE-2026-4437 |
中危 |
2.34-83.el9_3.7 |
2.34-270.el9_8 |
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc |
CVE-2026-5435 |
中危 |
2.34-83.el9_3.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
|
| glibc |
CVE-2026-5450 |
中危 |
2.34-83.el9_3.7 |
2.34-272.el9_8 |
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| glibc |
CVE-2026-5928 |
中危 |
2.34-83.el9_3.7 |
|
glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| glibc |
CVE-2026-6238 |
中危 |
2.34-83.el9_3.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
|
| curl-minimal |
CVE-2025-13034 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:33
|
| curl-minimal |
CVE-2025-14017 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
|
| glibc-common |
CVE-2023-4806 |
中危 |
2.34-83.el9_3.7 |
2.34-100.el9 |
glibc: potential use-after-free in getaddrinfo()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
|
| glibc-common |
CVE-2023-4813 |
中危 |
2.34-83.el9_3.7 |
2.34-100.el9 |
glibc: potential use-after-free in gaih_inet()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
|
| glibc-common |
CVE-2024-33600 |
中危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: null pointer dereferences after failed netgroup cache insertion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-common |
CVE-2025-0395 |
中危 |
2.34-83.el9_3.7 |
2.34-125.el9_5.8 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
|
| glibc-common |
CVE-2025-4802 |
中危 |
2.34-83.el9_3.7 |
2.34-168.el9_6.19 |
glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
|
| glibc-common |
CVE-2025-5702 |
中危 |
2.34-83.el9_3.7 |
2.34-168.el9_6.20 |
glibc: Vector register overwrite bug in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5702
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-05 19:15 修改: 2026-06-17 09:48
|
| glibc-common |
CVE-2025-8058 |
中危 |
2.34-83.el9_3.7 |
2.34-168.el9_6.23 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06
|
| glibc-common |
CVE-2026-4046 |
中危 |
2.34-83.el9_3.7 |
2.34-270.el9_8 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| glibc-common |
CVE-2026-4437 |
中危 |
2.34-83.el9_3.7 |
2.34-270.el9_8 |
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc-common |
CVE-2026-5435 |
中危 |
2.34-83.el9_3.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
|
| glibc-common |
CVE-2026-5450 |
中危 |
2.34-83.el9_3.7 |
2.34-272.el9_8 |
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| glibc-common |
CVE-2026-5928 |
中危 |
2.34-83.el9_3.7 |
|
glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| glibc-common |
CVE-2026-6238 |
中危 |
2.34-83.el9_3.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
|
| curl-minimal |
CVE-2025-9086 |
中危 |
7.76.1-26.el9_3.2 |
7.76.1-35.el9_7.3 |
curl: libcurl: Curl out of bounds read for cookie path
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
|
| curl-minimal |
CVE-2026-1965 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16
|
| glibc-minimal-langpack |
CVE-2023-4806 |
中危 |
2.34-83.el9_3.7 |
2.34-100.el9 |
glibc: potential use-after-free in getaddrinfo()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
|
| glibc-minimal-langpack |
CVE-2023-4813 |
中危 |
2.34-83.el9_3.7 |
2.34-100.el9 |
glibc: potential use-after-free in gaih_inet()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
|
| glibc-minimal-langpack |
CVE-2024-33600 |
中危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: null pointer dereferences after failed netgroup cache insertion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-minimal-langpack |
CVE-2025-0395 |
中危 |
2.34-83.el9_3.7 |
2.34-125.el9_5.8 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
|
| glibc-minimal-langpack |
CVE-2025-4802 |
中危 |
2.34-83.el9_3.7 |
2.34-168.el9_6.19 |
glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
|
| glibc-minimal-langpack |
CVE-2025-5702 |
中危 |
2.34-83.el9_3.7 |
2.34-168.el9_6.20 |
glibc: Vector register overwrite bug in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5702
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-05 19:15 修改: 2026-06-17 09:48
|
| glibc-minimal-langpack |
CVE-2025-8058 |
中危 |
2.34-83.el9_3.7 |
2.34-168.el9_6.23 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06
|
| glibc-minimal-langpack |
CVE-2026-4046 |
中危 |
2.34-83.el9_3.7 |
2.34-270.el9_8 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| glibc-minimal-langpack |
CVE-2026-4437 |
中危 |
2.34-83.el9_3.7 |
2.34-270.el9_8 |
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc-minimal-langpack |
CVE-2026-5435 |
中危 |
2.34-83.el9_3.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
|
| glibc-minimal-langpack |
CVE-2026-5450 |
中危 |
2.34-83.el9_3.7 |
2.34-272.el9_8 |
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| glibc-minimal-langpack |
CVE-2026-5928 |
中危 |
2.34-83.el9_3.7 |
|
glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| glibc-minimal-langpack |
CVE-2026-6238 |
中危 |
2.34-83.el9_3.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
|
| curl-minimal |
CVE-2026-3783 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
|
| gnupg2 |
CVE-2025-68972 |
中危 |
2.3.3-4.el9 |
|
gnupg: GnuPG: Signature bypass via form feed character in signed messages
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-12-27 23:15 修改: 2026-06-17 09:59
|
| curl-minimal |
CVE-2026-3784 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Unauthorized access due to improper HTTP proxy connection reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
|
| curl-minimal |
CVE-2026-3805 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
|
| curl-minimal |
CVE-2026-4873 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Information disclosure due to incorrect TLS connection reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57
|
| curl-minimal |
CVE-2026-5545 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
|
| gnutls |
CVE-2023-5981 |
中危 |
3.7.6-23.el9 |
3.7.6-23.el9_3.3 |
gnutls: timing side-channel in the RSA-PSK authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5981
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-11-28 12:15 修改: 2026-06-17 06:49
|
| gnutls |
CVE-2024-0553 |
中危 |
3.7.6-23.el9 |
3.7.6-23.el9_3.3 |
gnutls: incomplete fix for CVE-2023-5981
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-01-16 12:15 修改: 2026-06-17 06:53
|
| gnutls |
CVE-2024-0567 |
中危 |
3.7.6-23.el9 |
3.7.6-23.el9_3.3 |
gnutls: rejects certificate chain with distributed trust
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0567
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-01-16 14:15 修改: 2026-06-17 06:53
|
| gnutls |
CVE-2024-12243 |
中危 |
3.7.6-23.el9 |
3.8.3-6.el9 |
gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12243
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-02-10 16:15 修改: 2026-06-17 06:59
|
| gnutls |
CVE-2024-28834 |
中危 |
3.7.6-23.el9 |
3.8.3-4.el9_4 |
gnutls: vulnerable to Minerva side-channel information leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-03-21 14:15 修改: 2026-06-17 07:21
|
| gnutls |
CVE-2024-28835 |
中危 |
3.7.6-23.el9 |
3.8.3-4.el9_4 |
gnutls: potential crash during chain building/verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28835
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-03-21 06:15 修改: 2026-07-03 03:16
|
| gnutls |
CVE-2025-14831 |
中危 |
3.7.6-23.el9 |
3.8.3-10.el9_7 |
gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-02-09 15:16 修改: 2026-06-30 00:16
|
| gnutls |
CVE-2025-32988 |
中危 |
3.7.6-23.el9 |
3.8.3-6.el9_6.2 |
gnutls: Vulnerability in GnuTLS otherName SAN export
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32988
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-07-10 08:15 修改: 2026-06-30 01:16
|
| gnutls |
CVE-2025-32989 |
中危 |
3.7.6-23.el9 |
3.8.3-6.el9_6.2 |
gnutls: Vulnerability in GnuTLS SCT extension parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32989
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-07-10 08:15 修改: 2026-06-30 01:16
|
| gnutls |
CVE-2025-32990 |
中危 |
3.7.6-23.el9 |
3.8.3-6.el9_6.2 |
gnutls: Vulnerability in GnuTLS certtool template parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32990
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-07-10 10:15 修改: 2026-06-30 01:16
|
| gnutls |
CVE-2025-6395 |
中危 |
3.7.6-23.el9 |
3.8.3-6.el9_6.2 |
gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6395
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-07-10 16:15 修改: 2026-06-30 02:16
|
| gnutls |
CVE-2026-3833 |
中危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-30 18:16 修改: 2026-06-30 03:19
|
| gnutls |
CVE-2026-42011 |
中危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Security bypass due to incorrect name constraint handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-07 15:16 修改: 2026-06-30 03:19
|
| gnutls |
CVE-2026-42012 |
中危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:19
|
| gnutls |
CVE-2026-42013 |
中危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:19
|
| gnutls |
CVE-2026-42014 |
中危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-16 02:16 修改: 2026-06-30 03:19
|
| gnutls |
CVE-2026-42015 |
中危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:19
|
| gnutls |
CVE-2026-5260 |
中危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-26 22:16 修改: 2026-06-30 03:21
|
| curl-minimal |
CVE-2026-5773 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
|
| krb5-libs |
CVE-2024-26462 |
中危 |
1.21.1-1.el9 |
1.21.1-3.el9 |
krb5: Memory leak at /krb5/src/kdc/ndr.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| krb5-libs |
CVE-2024-37370 |
中危 |
1.21.1-1.el9 |
1.21.1-2.el9_4 |
krb5: GSS message token handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
|
| krb5-libs |
CVE-2024-37371 |
中危 |
1.21.1-1.el9 |
1.21.1-2.el9_4 |
krb5: GSS message token handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
|
| krb5-libs |
CVE-2025-24528 |
中危 |
1.21.1-1.el9 |
1.21.1-6.el9 |
krb5: overflow when calculating ulog block size
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
|
| krb5-libs |
CVE-2025-3576 |
中危 |
1.21.1-1.el9 |
1.21.1-8.el9_6 |
krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16
|
| krb5-libs |
CVE-2026-11850 |
中危 |
1.21.1-1.el9 |
|
krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
|
| krb5-libs |
CVE-2026-40355 |
中危 |
1.21.1-1.el9 |
1.21.1-10.el9_8 |
krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-28 06:16 修改: 2026-06-17 10:45
|
| krb5-libs |
CVE-2026-40356 |
中危 |
1.21.1-1.el9 |
1.21.1-10.el9_8 |
krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-28 07:16 修改: 2026-06-17 10:45
|
| curl-minimal |
CVE-2026-6253 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
|
| less |
CVE-2022-48624 |
中危 |
590-2.el9_2 |
590-3.el9_3 |
less: missing quoting of shell metacharacters in LESSCLOSE handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48624
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-02-19 01:15 修改: 2026-06-17 05:15
|
| curl-minimal |
CVE-2026-6429 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: Credential leak via reused proxy connection during HTTP redirects
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
|
| libacl |
CVE-2026-54370 |
中危 |
2.3.1-3.el9 |
|
acl: TOCTOU Symlink Traversal via getfacl/setfacl
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54370
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-29 14:16 修改: 2026-06-29 19:22
|
| curl-minimal |
CVE-2026-7168 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01
|
| bzip2-libs |
CVE-2019-12900 |
中危 |
1.0.8-8.el9 |
1.0.8-10.el9_5 |
bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2019-06-19 23:15 修改: 2026-06-17 02:15
|
| bzip2-libs |
CVE-2026-42250 |
中危 |
1.0.8-8.el9 |
|
bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42250
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-28 14:16 修改: 2026-06-17 10:47
|
| libarchive |
CVE-2023-30571 |
中危 |
3.5.3-4.el9 |
|
libarchive: Race condition in multi-threaded use of archive_write_disk_header() on posix based systems
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-30571
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-05-29 20:15 修改: 2026-06-17 05:55
|
| libarchive |
CVE-2025-25724 |
中危 |
3.5.3-4.el9 |
3.5.3-5.el9_6 |
libarchive: Buffer Overflow vulnerability in libarchive
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25724
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-03-02 02:15 修改: 2026-06-17 09:01
|
| libarchive |
CVE-2025-60753 |
中危 |
3.5.3-4.el9 |
|
libarchive: bsdtar hangs and OOMs with zero-length pattern matches
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-60753
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-11-05 16:15 修改: 2026-06-17 09:50
|
| libarchive |
CVE-2026-14164 |
中危 |
3.5.3-4.el9 |
|
libarchive: Double-Free Vulnerability in RAR5 Decompression Logic via dangling filtered_buf pointer in init_unpack()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-14164
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-30 07:16 修改: 2026-06-30 18:16
|
| libarchive |
CVE-2026-4426 |
中危 |
3.5.3-4.el9 |
|
libarchive: libarchive: Denial of Service via malformed ISO file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4426
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:56
|
| libarchive |
CVE-2026-5121 |
中危 |
3.5.3-4.el9 |
3.5.3-9.el9_7 |
libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5121
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-30 08:16 修改: 2026-06-17 10:58
|
| libarchive |
CVE-2026-5745 |
中危 |
3.5.3-4.el9 |
|
libarchive: A NULL pointer dereference vulnerability exists in the ACL parser of libarchive
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5745
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-07 16:16 修改: 2026-06-17 10:59
|
| libattr |
CVE-2026-54371 |
中危 |
2.5.1-3.el9 |
|
attr: Symlink Traversal Privilege Escalation via getfattr and setfattr
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54371
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-29 14:16 修改: 2026-07-03 13:17
|
| libblkid |
CVE-2025-14104 |
中危 |
2.37.4-15.el9 |
2.37.4-21.el9_7 |
util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-12-05 17:16 修改: 2026-06-30 00:16
|
| libblkid |
CVE-2026-13595 |
中危 |
2.37.4-15.el9 |
|
util-linux: util-linux: heap use-after-free in libblkid nested partition probing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13595
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-29 09:16 修改: 2026-06-30 03:17
|
| libblkid |
CVE-2026-27456 |
中危 |
2.37.4-15.el9 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| expat |
CVE-2023-52425 |
中危 |
2.5.0-1.el9 |
2.5.0-1.el9_3.1 |
expat: parsing large tokens can trigger a denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-02-04 20:15 修改: 2026-06-17 06:42
|
| libcurl-minimal |
CVE-2023-46218 |
中危 |
7.76.1-26.el9_3.2 |
7.76.1-26.el9_3.3 |
curl: information disclosure by exploiting a mixed case flaw
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-12-07 01:15 修改: 2026-06-17 06:30
|
| libcurl-minimal |
CVE-2024-2398 |
中危 |
7.76.1-26.el9_3.2 |
7.76.1-29.el9_4.1 |
curl: HTTP/2 push headers memory-leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24
|
| libcurl-minimal |
CVE-2025-13034 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:33
|
| libcurl-minimal |
CVE-2025-14017 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
|
| libcurl-minimal |
CVE-2025-9086 |
中危 |
7.76.1-26.el9_3.2 |
7.76.1-35.el9_7.3 |
curl: libcurl: Curl out of bounds read for cookie path
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
|
| libcurl-minimal |
CVE-2026-1965 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16
|
| libcurl-minimal |
CVE-2026-3783 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
|
| libcurl-minimal |
CVE-2026-3784 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Unauthorized access due to improper HTTP proxy connection reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
|
| libcurl-minimal |
CVE-2026-3805 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
|
| libcurl-minimal |
CVE-2026-4873 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Information disclosure due to incorrect TLS connection reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57
|
| libcurl-minimal |
CVE-2026-5545 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
|
| libcurl-minimal |
CVE-2026-5773 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
|
| libcurl-minimal |
CVE-2026-6253 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
|
| libcurl-minimal |
CVE-2026-6429 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: Credential leak via reused proxy connection during HTTP redirects
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
|
| libcurl-minimal |
CVE-2026-7168 |
中危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01
|
| libgcc |
CVE-2020-11023 |
中危 |
11.4.1-2.1.el9 |
11.5.0-5.el9_5 |
jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2020-04-29 21:15 修改: 2026-06-17 02:48
|
| libgcrypt |
CVE-2024-2236 |
中危 |
1.10.0-10.el9_2 |
1.10.0-11.el9 |
libgcrypt: vulnerable to Marvin Attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24
|
| libgcrypt |
CVE-2026-41989 |
中危 |
1.10.0-10.el9_2 |
|
Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47
|
| libmount |
CVE-2025-14104 |
中危 |
2.37.4-15.el9 |
2.37.4-21.el9_7 |
util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-12-05 17:16 修改: 2026-06-30 00:16
|
| libmount |
CVE-2026-13595 |
中危 |
2.37.4-15.el9 |
|
util-linux: util-linux: heap use-after-free in libblkid nested partition probing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13595
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-29 09:16 修改: 2026-06-30 03:17
|
| libmount |
CVE-2026-27456 |
中危 |
2.37.4-15.el9 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| expat |
CVE-2024-28757 |
中危 |
2.5.0-1.el9 |
2.5.0-2.el9_4 |
expat: XML Entity Expansion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-03-10 05:15 修改: 2026-06-17 07:21
|
| libnghttp2 |
CVE-2024-28182 |
中危 |
1.43.0-5.el9_3.1 |
1.43.0-5.el9_4.3 |
nghttp2: CONTINUATION frames DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-04-04 15:15 修改: 2026-06-17 07:21
|
| libsmartcols |
CVE-2025-14104 |
中危 |
2.37.4-15.el9 |
2.37.4-21.el9_7 |
util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-12-05 17:16 修改: 2026-06-30 00:16
|
| libsmartcols |
CVE-2026-13595 |
中危 |
2.37.4-15.el9 |
|
util-linux: util-linux: heap use-after-free in libblkid nested partition probing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13595
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-29 09:16 修改: 2026-06-30 03:17
|
| libsmartcols |
CVE-2026-27456 |
中危 |
2.37.4-15.el9 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| libsolv |
CVE-2026-48864 |
中危 |
0.7.24-2.el9 |
|
libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48864
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-26 17:16 修改: 2026-06-24 03:16
|
| libsolv |
CVE-2026-9149 |
中危 |
0.7.24-2.el9 |
|
libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9149
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-21 00:16 修改: 2026-06-27 00:16
|
| libsolv |
CVE-2026-9150 |
中危 |
0.7.24-2.el9 |
|
libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9150
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-20 23:16 修改: 2026-06-29 17:16
|
| libstdc++ |
CVE-2020-11023 |
中危 |
11.4.1-2.1.el9 |
11.5.0-5.el9_5 |
jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11023
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2020-04-29 21:15 修改: 2026-06-17 02:48
|
| libtasn1 |
CVE-2024-12133 |
中危 |
4.16.0-8.el9_1 |
4.16.0-9.el9 |
libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-02-10 16:15 修改: 2026-06-30 03:16
|
| libuuid |
CVE-2025-14104 |
中危 |
2.37.4-15.el9 |
2.37.4-21.el9_7 |
util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-12-05 17:16 修改: 2026-06-30 00:16
|
| libuuid |
CVE-2026-13595 |
中危 |
2.37.4-15.el9 |
|
util-linux: util-linux: heap use-after-free in libblkid nested partition probing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13595
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-29 09:16 修改: 2026-06-30 03:17
|
| libuuid |
CVE-2026-27456 |
中危 |
2.37.4-15.el9 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| expat |
CVE-2024-45490 |
中危 |
2.5.0-1.el9 |
2.5.0-2.el9_4.1 |
libexpat: Negative Length Parsing Vulnerability in libexpat
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
|
| expat |
CVE-2024-45491 |
中危 |
2.5.0-1.el9 |
2.5.0-2.el9_4.1 |
libexpat: Integer Overflow or Wraparound
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
|
| expat |
CVE-2024-45492 |
中危 |
2.5.0-1.el9 |
2.5.0-2.el9_4.1 |
libexpat: integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
|
| expat |
CVE-2024-50602 |
中危 |
2.5.0-1.el9 |
2.5.0-3.el9_5.1 |
libexpat: expat: DoS via XML_ResumeParser
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-10-27 05:15 修改: 2026-06-17 08:04
|
| expat |
CVE-2024-8176 |
中危 |
2.5.0-1.el9 |
2.5.0-5.el9_6 |
libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8176
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-03-14 09:15 修改: 2026-06-30 00:16
|
| libxml2 |
CVE-2022-49043 |
中危 |
2.9.13-5.el9_3 |
2.9.13-6.el9_5.1 |
libxml: use-after-free in xmlXIncludeAddNode
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-49043
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-01-26 06:15 修改: 2026-06-17 05:16
|
| libxml2 |
CVE-2024-25062 |
中危 |
2.9.13-5.el9_3 |
2.9.13-6.el9_4 |
libxml2: use-after-free in XMLReader
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-02-04 16:15 修改: 2026-06-17 07:15
|
| libxml2 |
CVE-2025-32414 |
中危 |
2.9.13-5.el9_3 |
2.9.13-12.el9_6 |
libxml2: Out-of-Bounds Read in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-04-08 03:15 修改: 2026-06-17 09:11
|
| libxml2 |
CVE-2025-32415 |
中危 |
2.9.13-5.el9_3 |
2.9.13-12.el9_6 |
libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-04-17 17:15 修改: 2026-06-17 09:11
|
| libxml2 |
CVE-2025-6021 |
中危 |
2.9.13-5.el9_3 |
2.9.13-10.el9_6 |
libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6021
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-12 13:15 修改: 2026-06-30 11:16
|
| libxml2 |
CVE-2025-9714 |
中危 |
2.9.13-5.el9_3 |
2.9.13-14.el9_7 |
libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9714
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-09-10 19:15 修改: 2026-06-17 10:09
|
| libxml2 |
CVE-2026-0990 |
中危 |
2.9.13-5.el9_3 |
|
libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0990
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-15 15:15 修改: 2026-06-30 20:18
|
| libxml2 |
CVE-2026-11979 |
中危 |
2.9.13-5.el9_3 |
|
libxml2: libxml2: Arbitrary code execution in xmlcatalog utility via buffer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11979
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-29 14:16 修改: 2026-06-30 20:22
|
| libxml2 |
CVE-2026-1757 |
中危 |
2.9.13-5.el9_3 |
|
libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1757
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-02-02 13:15 修改: 2026-06-17 10:16
|
| libxml2 |
CVE-2026-6653 |
中危 |
2.9.13-5.el9_3 |
|
libxml2: mingw-libxml2: libxml2: Denial of Service via crafted XML input due to use-after-free
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6653
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-22 14:17 修改: 2026-06-22 18:16
|
| libxml2 |
CVE-2026-6732 |
中危 |
2.9.13-5.el9_3 |
|
libxml2: libxml2: Denial of Service via crafted XSD-validated document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6732
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-23 23:16 修改: 2026-06-30 20:16
|
| openldap |
CVE-2026-22185 |
中危 |
2.6.3-1.el9 |
|
OpenLDAP: OpenLDAP LMDB: Denial of Service and Information Disclosure via Heap Buffer Underflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22185
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-07 21:16 修改: 2026-06-17 10:19
|
| expat |
CVE-2026-32776 |
中危 |
2.5.0-1.el9 |
|
libexpat: libexpat: Denial of Service due to NULL pointer dereference
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32776
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
|
| expat |
CVE-2026-32777 |
中危 |
2.5.0-1.el9 |
|
libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32777
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
|
| expat |
CVE-2026-32778 |
中危 |
2.5.0-1.el9 |
|
libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32778
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
|
| openssl-libs |
CVE-2023-5363 |
中危 |
1:3.0.7-24.el9 |
1:3.0.7-25.el9_3 |
openssl: Incorrect cipher key and IV length processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-10-25 18:17 修改: 2026-06-17 06:48
|
| openssl-libs |
CVE-2024-6119 |
中危 |
1:3.0.7-24.el9 |
1:3.0.7-28.el9_4 |
openssl: Possible denial of service in X.509 name checks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-09-03 16:15 修改: 2026-06-17 08:17
|
| openssl-libs |
CVE-2025-11187 |
中危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:29
|
| openssl-libs |
CVE-2025-69419 |
中危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-9230 |
中危 |
1:3.0.7-24.el9 |
1:3.5.1-4.el9_7 |
openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
|
| openssl-libs |
CVE-2026-2673 |
中危 |
1:3.0.7-24.el9 |
|
openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
|
| openssl-libs |
CVE-2026-28390 |
中危 |
1:3.0.7-24.el9 |
1:3.5.5-3.el9_8 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-31790 |
中危 |
1:3.0.7-24.el9 |
1:3.5.5-2.el9_8 |
openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
|
| openssl-libs |
CVE-2026-34182 |
中危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34183 |
中危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-42764 |
中危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: NULL pointer dereference in QUIC server initial packet handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-45445 |
中危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| p11-kit |
CVE-2026-13757 |
中危 |
0.24.1-2.el9 |
|
p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13757
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-29 19:16 修改: 2026-07-01 15:16
|
| p11-kit |
CVE-2026-2100 |
中危 |
0.24.1-2.el9 |
0.26.2-1.el9 |
p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2100
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-26 21:17 修改: 2026-06-22 20:16
|
| p11-kit-trust |
CVE-2026-13757 |
中危 |
0.24.1-2.el9 |
|
p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13757
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-29 19:16 修改: 2026-07-01 15:16
|
| p11-kit-trust |
CVE-2026-2100 |
中危 |
0.24.1-2.el9 |
0.26.2-1.el9 |
p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2100
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-26 21:17 修改: 2026-06-22 20:16
|
| expat |
CVE-2026-50219 |
中危 |
2.5.0-1.el9 |
|
expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50219
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-04 06:16 修改: 2026-06-17 10:57
|
| expat |
CVE-2026-56132 |
中危 |
2.5.0-1.el9 |
|
expat: libexpat: Arbitrary Code Execution via Heap-based Buffer Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56132
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15
|
| expat |
CVE-2026-56403 |
中危 |
2.5.0-1.el9 |
|
libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56403
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15
|
| expat |
CVE-2026-56405 |
中危 |
2.5.0-1.el9 |
|
libexpat: libexpat: Information disclosure and arbitrary code execution via integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56405
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:14
|
| expat |
CVE-2026-56406 |
中危 |
2.5.0-1.el9 |
|
libexpat: libexpat: Arbitrary code execution via integer overflow in XML_ParseBuffer
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56406
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:29
|
| expat |
CVE-2026-56412 |
中危 |
2.5.0-1.el9 |
|
libexpat: libexpat: Use-after-free vulnerability due to improper handling of XML CDATA sections
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56412
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-21 17:16 修改: 2026-06-23 15:31
|
| coreutils-single |
CVE-2025-5278 |
中危 |
8.32-34.el9 |
8.32-41.el9_8 |
coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-05-27 21:15 修改: 2026-07-01 11:16
|
| python-unversioned-command |
CVE-2023-27043 |
中危 |
3.9.18-1.el9_3 |
3.9.18-1.el9_3.1 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
|
| python-unversioned-command |
CVE-2024-0450 |
中危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.1 |
python: The zipfile module is vulnerable to zip-bombs leading to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-03-19 16:15 修改: 2026-06-17 06:53
|
| python-unversioned-command |
CVE-2024-11168 |
中危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
python: Improper validation of IPv6 and IPvFuture addresses
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-11-12 22:15 修改: 2026-06-17 06:57
|
| python-unversioned-command |
CVE-2024-6232 |
中危 |
3.9.18-1.el9_3 |
3.9.19-8.el9_5.1 |
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-09-03 13:15 修改: 2026-06-17 08:17
|
| python-unversioned-command |
CVE-2024-6923 |
中危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.5 |
cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-01 14:15 修改: 2026-06-17 08:18
|
| python-unversioned-command |
CVE-2024-8088 |
中危 |
3.9.18-1.el9_3 |
3.9.19-8.el9 |
python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-22 19:15 修改: 2026-06-17 08:21
|
| python-unversioned-command |
CVE-2024-9287 |
中危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
python: Virtual environment (venv) activation scripts don't quote paths
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-10-22 17:15 修改: 2026-06-17 08:24
|
| python-unversioned-command |
CVE-2025-0938 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9 |
python: cpython: URL parser allowed square brackets in domain names
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-01-31 18:15 修改: 2026-06-17 08:27
|
| python-unversioned-command |
CVE-2025-11468 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Missing character filtering in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30
|
| python-unversioned-command |
CVE-2025-12084 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
|
| python-unversioned-command |
CVE-2025-12781 |
中危 |
3.9.18-1.el9_3 |
|
cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
|
| python-unversioned-command |
CVE-2025-13837 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Out-of-memory when loading Plist
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34
|
| python-unversioned-command |
CVE-2025-15282 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Header injection via newlines in data URL mediatype in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python-unversioned-command |
CVE-2025-15366 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7.1 |
cpython: IMAP command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python-unversioned-command |
CVE-2025-15367 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7.1 |
cpython: POP3 command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python-unversioned-command |
CVE-2025-4330 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: python: Extraction filter bypass for linking outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python-unversioned-command |
CVE-2025-4435 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: Tarfile extracts filtered members when errorlevel=0
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python-unversioned-command |
CVE-2025-4516 |
中危 |
3.9.18-1.el9_3 |
|
cpython: python: CPython DecodeError Handling Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-05-15 14:15 修改: 2026-06-17 09:33
|
| python-unversioned-command |
CVE-2025-6069 |
中危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
cpython: Python HTMLParser quadratic complexity
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01
|
| python-unversioned-command |
CVE-2025-8194 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.2 |
cpython: Cpython infinite loop when parsing a tarfile
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06
|
| python-unversioned-command |
CVE-2025-8291 |
中危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06
|
| python-unversioned-command |
CVE-2026-0672 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Header injection in http.cookies.Morsel in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python-unversioned-command |
CVE-2026-0865 |
中危 |
3.9.18-1.el9_3 |
3.9.25-5.el9_8 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python-unversioned-command |
CVE-2026-11972 |
中危 |
3.9.18-1.el9_3 |
|
python: Python tarfile module: Denial of Service via improper EOF handling in streaming mode
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11972
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-23 23:16 修改: 2026-06-30 16:16
|
| python-unversioned-command |
CVE-2026-1299 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7.1 |
cpython: email header injection due to unquoted newlines
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
|
| python-unversioned-command |
CVE-2026-1502 |
中危 |
3.9.18-1.el9_3 |
|
python: Python: HTTP header injection via CR/LF in proxy tunnel headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16
|
| python-unversioned-command |
CVE-2026-3276 |
中危 |
3.9.18-1.el9_3 |
|
python: Python unicodedata: Denial of Service due to excessive CPU consumption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
|
| python-unversioned-command |
CVE-2026-3644 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Incomplete control character validation in http.cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16
|
| python-unversioned-command |
CVE-2026-4224 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Stack overflow parsing XML with deeply nested DTD content models
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
|
| python-unversioned-command |
CVE-2026-42308 |
中危 |
3.9.18-1.el9_3 |
|
Pillow: python: Pillow: Denial of Service via integer overflow in font processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42308
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-05-09 06:16 修改: 2026-06-17 10:47
|
| python-unversioned-command |
CVE-2026-5713 |
中危 |
3.9.18-1.el9_3 |
|
python: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5713
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-14 16:16 修改: 2026-06-17 10:59
|
| python-unversioned-command |
CVE-2026-6019 |
中危 |
3.9.18-1.el9_3 |
|
python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
|
| python-unversioned-command |
CVE-2026-7210 |
中危 |
3.9.18-1.el9_3 |
|
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| glib2 |
CVE-2024-34397 |
中危 |
2.68.4-11.el9 |
2.68.4-14.el9_4.1 |
glib2: Signal subscription vulnerabilities
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-07 18:15 修改: 2026-06-17 07:33
|
| glib2 |
CVE-2024-52533 |
中危 |
2.68.4-11.el9 |
2.68.4-16.el9_6.2 |
glib: buffer overflow in set_connect_msg()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52533
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-11-11 23:15 修改: 2026-06-17 08:07
|
| glib2 |
CVE-2025-13601 |
中危 |
2.68.4-11.el9 |
2.68.4-18.el9_7.1 |
glib: Integer overflow in in g_escape_uri_string()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13601
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-11-26 15:15 修改: 2026-06-30 00:16
|
| glib2 |
CVE-2025-14087 |
中危 |
2.68.4-11.el9 |
2.68.4-19.el9_8.1 |
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14087
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-12-10 09:15 修改: 2026-06-30 00:16
|
| glib2 |
CVE-2025-14512 |
中危 |
2.68.4-11.el9 |
2.68.4-19.el9_8.1 |
glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14512
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-12-11 07:16 修改: 2026-06-30 00:16
|
| glib2 |
CVE-2025-4373 |
中危 |
2.68.4-11.el9 |
2.68.4-16.el9_6.2 |
glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4373
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-05-06 15:16 修改: 2026-06-30 11:16
|
| glib2 |
CVE-2026-1484 |
中危 |
2.68.4-11.el9 |
|
Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1484
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 14:15 修改: 2026-06-17 10:15
|
| python3 |
CVE-2023-27043 |
中危 |
3.9.18-1.el9_3 |
3.9.18-1.el9_3.1 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
|
| python3 |
CVE-2024-0450 |
中危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.1 |
python: The zipfile module is vulnerable to zip-bombs leading to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-03-19 16:15 修改: 2026-06-17 06:53
|
| python3 |
CVE-2024-11168 |
中危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
python: Improper validation of IPv6 and IPvFuture addresses
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-11-12 22:15 修改: 2026-06-17 06:57
|
| python3 |
CVE-2024-6232 |
中危 |
3.9.18-1.el9_3 |
3.9.19-8.el9_5.1 |
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-09-03 13:15 修改: 2026-06-17 08:17
|
| python3 |
CVE-2024-6923 |
中危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.5 |
cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-01 14:15 修改: 2026-06-17 08:18
|
| python3 |
CVE-2024-8088 |
中危 |
3.9.18-1.el9_3 |
3.9.19-8.el9 |
python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-22 19:15 修改: 2026-06-17 08:21
|
| python3 |
CVE-2024-9287 |
中危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
python: Virtual environment (venv) activation scripts don't quote paths
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-10-22 17:15 修改: 2026-06-17 08:24
|
| python3 |
CVE-2025-0938 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9 |
python: cpython: URL parser allowed square brackets in domain names
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-01-31 18:15 修改: 2026-06-17 08:27
|
| python3 |
CVE-2025-11468 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Missing character filtering in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30
|
| python3 |
CVE-2025-12084 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
|
| python3 |
CVE-2025-12781 |
中危 |
3.9.18-1.el9_3 |
|
cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
|
| python3 |
CVE-2025-13837 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Out-of-memory when loading Plist
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34
|
| python3 |
CVE-2025-15282 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Header injection via newlines in data URL mediatype in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3 |
CVE-2025-15366 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7.1 |
cpython: IMAP command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3 |
CVE-2025-15367 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7.1 |
cpython: POP3 command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3 |
CVE-2025-4330 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: python: Extraction filter bypass for linking outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3 |
CVE-2025-4435 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: Tarfile extracts filtered members when errorlevel=0
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3 |
CVE-2025-4516 |
中危 |
3.9.18-1.el9_3 |
|
cpython: python: CPython DecodeError Handling Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-05-15 14:15 修改: 2026-06-17 09:33
|
| python3 |
CVE-2025-6069 |
中危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
cpython: Python HTMLParser quadratic complexity
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01
|
| python3 |
CVE-2025-8194 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.2 |
cpython: Cpython infinite loop when parsing a tarfile
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06
|
| python3 |
CVE-2025-8291 |
中危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06
|
| python3 |
CVE-2026-0672 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Header injection in http.cookies.Morsel in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3 |
CVE-2026-0865 |
中危 |
3.9.18-1.el9_3 |
3.9.25-5.el9_8 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3 |
CVE-2026-11972 |
中危 |
3.9.18-1.el9_3 |
|
python: Python tarfile module: Denial of Service via improper EOF handling in streaming mode
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11972
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-23 23:16 修改: 2026-06-30 16:16
|
| python3 |
CVE-2026-1299 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7.1 |
cpython: email header injection due to unquoted newlines
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
|
| python3 |
CVE-2026-1502 |
中危 |
3.9.18-1.el9_3 |
|
python: Python: HTTP header injection via CR/LF in proxy tunnel headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16
|
| python3 |
CVE-2026-3276 |
中危 |
3.9.18-1.el9_3 |
|
python: Python unicodedata: Denial of Service due to excessive CPU consumption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
|
| python3 |
CVE-2026-3644 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Incomplete control character validation in http.cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16
|
| python3 |
CVE-2026-4224 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Stack overflow parsing XML with deeply nested DTD content models
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
|
| python3 |
CVE-2026-42308 |
中危 |
3.9.18-1.el9_3 |
|
Pillow: python: Pillow: Denial of Service via integer overflow in font processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42308
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-05-09 06:16 修改: 2026-06-17 10:47
|
| python3 |
CVE-2026-5713 |
中危 |
3.9.18-1.el9_3 |
|
python: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5713
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-14 16:16 修改: 2026-06-17 10:59
|
| python3 |
CVE-2026-6019 |
中危 |
3.9.18-1.el9_3 |
|
python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
|
| python3 |
CVE-2026-7210 |
中危 |
3.9.18-1.el9_3 |
|
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| glib2 |
CVE-2026-1489 |
中危 |
2.68.4-11.el9 |
|
Glib: GLib: Memory corruption via integer overflow in Unicode case conversion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1489
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 15:15 修改: 2026-06-17 10:15
|
| glib2 |
CVE-2026-58010 |
中危 |
2.68.4-11.el9 |
|
glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58010
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-30 13:19 修改: 2026-07-02 19:09
|
| glib2 |
CVE-2026-58011 |
中危 |
2.68.4-11.el9 |
|
glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid GDateTime
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58011
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-30 13:19 修改: 2026-07-02 19:20
|
| glib2 |
CVE-2026-58012 |
中危 |
2.68.4-11.el9 |
|
glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58012
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-30 13:19 修改: 2026-07-02 19:28
|
| glib2 |
CVE-2026-58013 |
中危 |
2.68.4-11.el9 |
|
glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58013
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-30 13:19 修改: 2026-07-02 19:29
|
| glib2 |
CVE-2026-58014 |
中危 |
2.68.4-11.el9 |
|
glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58014
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-30 13:19 修改: 2026-07-01 17:58
|
| glib2 |
CVE-2026-58015 |
中危 |
2.68.4-11.el9 |
|
glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58015
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-30 13:19 修改: 2026-07-02 02:16
|
| python3-libs |
CVE-2023-27043 |
中危 |
3.9.18-1.el9_3 |
3.9.18-1.el9_3.1 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
|
| python3-libs |
CVE-2024-0450 |
中危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.1 |
python: The zipfile module is vulnerable to zip-bombs leading to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-03-19 16:15 修改: 2026-06-17 06:53
|
| python3-libs |
CVE-2024-11168 |
中危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
python: Improper validation of IPv6 and IPvFuture addresses
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-11-12 22:15 修改: 2026-06-17 06:57
|
| python3-libs |
CVE-2024-6232 |
中危 |
3.9.18-1.el9_3 |
3.9.19-8.el9_5.1 |
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-09-03 13:15 修改: 2026-06-17 08:17
|
| python3-libs |
CVE-2024-6923 |
中危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.5 |
cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-01 14:15 修改: 2026-06-17 08:18
|
| python3-libs |
CVE-2024-8088 |
中危 |
3.9.18-1.el9_3 |
3.9.19-8.el9 |
python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-22 19:15 修改: 2026-06-17 08:21
|
| python3-libs |
CVE-2024-9287 |
中危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
python: Virtual environment (venv) activation scripts don't quote paths
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-10-22 17:15 修改: 2026-06-17 08:24
|
| python3-libs |
CVE-2025-0938 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9 |
python: cpython: URL parser allowed square brackets in domain names
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-01-31 18:15 修改: 2026-06-17 08:27
|
| python3-libs |
CVE-2025-11468 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Missing character filtering in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30
|
| python3-libs |
CVE-2025-12084 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
|
| python3-libs |
CVE-2025-12781 |
中危 |
3.9.18-1.el9_3 |
|
cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
|
| python3-libs |
CVE-2025-13837 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Out-of-memory when loading Plist
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34
|
| python3-libs |
CVE-2025-15282 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Header injection via newlines in data URL mediatype in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3-libs |
CVE-2025-15366 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7.1 |
cpython: IMAP command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3-libs |
CVE-2025-15367 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7.1 |
cpython: POP3 command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3-libs |
CVE-2025-4330 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: python: Extraction filter bypass for linking outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3-libs |
CVE-2025-4435 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.1 |
cpython: Tarfile extracts filtered members when errorlevel=0
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3-libs |
CVE-2025-4516 |
中危 |
3.9.18-1.el9_3 |
|
cpython: python: CPython DecodeError Handling Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-05-15 14:15 修改: 2026-06-17 09:33
|
| python3-libs |
CVE-2025-6069 |
中危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
cpython: Python HTMLParser quadratic complexity
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01
|
| python3-libs |
CVE-2025-8194 |
中危 |
3.9.18-1.el9_3 |
3.9.21-2.el9_6.2 |
cpython: Cpython infinite loop when parsing a tarfile
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06
|
| python3-libs |
CVE-2025-8291 |
中危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06
|
| python3-libs |
CVE-2026-0672 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Header injection in http.cookies.Morsel in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3-libs |
CVE-2026-0865 |
中危 |
3.9.18-1.el9_3 |
3.9.25-5.el9_8 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3-libs |
CVE-2026-11972 |
中危 |
3.9.18-1.el9_3 |
|
python: Python tarfile module: Denial of Service via improper EOF handling in streaming mode
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11972
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-23 23:16 修改: 2026-06-30 16:16
|
| python3-libs |
CVE-2026-1299 |
中危 |
3.9.18-1.el9_3 |
3.9.25-3.el9_7.1 |
cpython: email header injection due to unquoted newlines
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
|
| python3-libs |
CVE-2026-1502 |
中危 |
3.9.18-1.el9_3 |
|
python: Python: HTTP header injection via CR/LF in proxy tunnel headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16
|
| python3-libs |
CVE-2026-3276 |
中危 |
3.9.18-1.el9_3 |
|
python: Python unicodedata: Denial of Service due to excessive CPU consumption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
|
| python3-libs |
CVE-2026-3644 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Incomplete control character validation in http.cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16
|
| python3-libs |
CVE-2026-4224 |
中危 |
3.9.18-1.el9_3 |
|
cpython: Stack overflow parsing XML with deeply nested DTD content models
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
|
| python3-libs |
CVE-2026-42308 |
中危 |
3.9.18-1.el9_3 |
|
Pillow: python: Pillow: Denial of Service via integer overflow in font processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42308
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-05-09 06:16 修改: 2026-06-17 10:47
|
| python3-libs |
CVE-2026-5713 |
中危 |
3.9.18-1.el9_3 |
|
python: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5713
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-14 16:16 修改: 2026-06-17 10:59
|
| python3-libs |
CVE-2026-6019 |
中危 |
3.9.18-1.el9_3 |
|
python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
|
| python3-libs |
CVE-2026-7210 |
中危 |
3.9.18-1.el9_3 |
|
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| python3-pip-wheel |
CVE-2023-45803 |
中危 |
21.2.3-7.el9 |
|
urllib3: Request body not stripped after redirect from 303 status changes request method to GET
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45803
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2023-10-17 20:15 修改: 2026-06-17 06:29
|
| python3-pip-wheel |
CVE-2025-50181 |
中危 |
21.2.3-7.el9 |
|
urllib3: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-50181
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-19 01:15 修改: 2026-06-17 09:34
|
| python3-pip-wheel |
CVE-2025-50182 |
中危 |
21.2.3-7.el9 |
|
urllib3: urllib3 does not control redirects in browsers and Node.js
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-50182
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-06-19 02:15 修改: 2026-06-17 09:34
|
| python3-pip-wheel |
CVE-2026-25645 |
中危 |
21.2.3-7.el9 |
|
requests: Requests: Security bypass due to predictable temporary file creation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25645
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-25 17:16 修改: 2026-06-17 10:25
|
| python3-pip-wheel |
CVE-2026-32284 |
中危 |
21.2.3-7.el9 |
|
github.com/shamaton/msgpack: msgpack: Denial of Service via truncated fixext data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32284
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-26 20:16 修改: 2026-06-17 10:35
|
| curl-minimal |
CVE-2023-46218 |
中危 |
7.76.1-26.el9_3.2 |
7.76.1-26.el9_3.3 |
curl: information disclosure by exploiting a mixed case flaw
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-12-07 01:15 修改: 2026-06-17 06:30
|
| python3-setuptools-wheel |
CVE-2025-47273 |
中危 |
53.0.0-12.el9 |
53.0.0-13.el9_6.1 |
setuptools: Path Traversal Vulnerability in setuptools PackageIndex
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47273
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-05-17 16:15 修改: 2026-06-17 09:27
|
| rpm |
CVE-2021-35937 |
中危 |
4.16.1.3-25.el9 |
4.16.1.3-27.el9_3 |
rpm: TOCTOU race in checks for unsafe symlinks
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-08-25 20:15 修改: 2026-06-17 03:57
|
| rpm |
CVE-2021-35938 |
中危 |
4.16.1.3-25.el9 |
4.16.1.3-27.el9_3 |
rpm: races with chown/chmod/capabilities calls during installation
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-08-25 20:15 修改: 2026-06-17 03:57
|
| rpm |
CVE-2021-35939 |
中危 |
4.16.1.3-25.el9 |
4.16.1.3-27.el9_3 |
rpm: checks for unsafe symlinks are not performed for intermediary directories
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-08-26 16:15 修改: 2026-06-17 03:57
|
| rpm |
CVE-2026-44604 |
中危 |
4.16.1.3-25.el9 |
|
rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44604
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-28 08:16 修改: 2026-06-23 20:16
|
| rpm-libs |
CVE-2021-35937 |
中危 |
4.16.1.3-25.el9 |
4.16.1.3-27.el9_3 |
rpm: TOCTOU race in checks for unsafe symlinks
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35937
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-08-25 20:15 修改: 2026-06-17 03:57
|
| rpm-libs |
CVE-2021-35938 |
中危 |
4.16.1.3-25.el9 |
4.16.1.3-27.el9_3 |
rpm: races with chown/chmod/capabilities calls during installation
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35938
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-08-25 20:15 修改: 2026-06-17 03:57
|
| rpm-libs |
CVE-2021-35939 |
中危 |
4.16.1.3-25.el9 |
4.16.1.3-27.el9_3 |
rpm: checks for unsafe symlinks are not performed for intermediary directories
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35939
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-08-26 16:15 修改: 2026-06-17 03:57
|
| rpm-libs |
CVE-2026-44604 |
中危 |
4.16.1.3-25.el9 |
|
rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44604
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-28 08:16 修改: 2026-06-23 20:16
|
| sed |
CVE-2026-5958 |
中危 |
4.8-9.el9 |
|
sed: GNU sed TOCTOU race condition
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-20 12:16 修改: 2026-06-17 10:59
|
| curl-minimal |
CVE-2024-2398 |
中危 |
7.76.1-26.el9_3.2 |
7.76.1-29.el9_4.1 |
curl: HTTP/2 push headers memory-leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24
|
| sqlite-libs |
CVE-2023-7104 |
中危 |
3.34.1-6.el9_1 |
3.34.1-7.el9_3 |
sqlite: heap-buffer-overflow at sessionfuzz
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-12-29 10:15 修改: 2026-06-17 06:52
|
| systemd-libs |
CVE-2023-7008 |
中危 |
252-18.el9 |
252-32.el9_4 |
systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51
|
| systemd-libs |
CVE-2025-4598 |
中危 |
252-18.el9 |
252-55.el9_7.7 |
systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-05-30 14:15 修改: 2026-06-30 11:16
|
| systemd-libs |
CVE-2026-29111 |
中危 |
252-18.el9 |
252-67.el9_8.2 |
systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29
|
| systemd-libs |
CVE-2026-4105 |
中危 |
252-18.el9 |
|
systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-13 19:55 修改: 2026-06-17 10:55
|
| tar |
CVE-2005-2541 |
中危 |
2:1.34-6.el9_1 |
|
tar: does not properly warn the user when extracting setuid or setgid files
漏洞详情: https://avd.aquasec.com/nvd/cve-2005-2541
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2005-08-10 04:00 修改: 2026-04-16 00:27
|
| tar |
CVE-2025-45582 |
中危 |
2:1.34-6.el9_1 |
2:1.34-9.el9_7 |
tar: Tar path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-07-11 17:15 修改: 2026-06-17 09:25
|
| tar |
CVE-2025-64118 |
中危 |
2:1.34-6.el9_1 |
|
node-tar: tar: node-tar: Information disclosure via reading a truncated tar file
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64118
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-10-30 18:15 修改: 2026-06-17 09:53
|
| tar |
CVE-2026-33056 |
中危 |
2:1.34-6.el9_1 |
|
tar-rs: tar-rs: Arbitrary directory permission modification via crafted tar archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33056
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-20 08:16 修改: 2026-06-17 10:36
|
| tar |
CVE-2026-5704 |
中危 |
2:1.34-6.el9_1 |
|
tar: tar: Hidden file injection via crafted archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:59
|
| xz-libs |
CVE-2026-34743 |
中危 |
5.2.5-8.el9_0 |
|
xz: XZ Utils: Denial of Service via buffer overflow in index decoding
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39
|
| python-unversioned-command |
CVE-2024-7592 |
低危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
cpython: python: Uncontrolled CPU resource consumption when in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-19 19:15 修改: 2026-06-17 08:20
|
| python-unversioned-command |
CVE-2025-13462 |
低危 |
3.9.18-1.el9_3 |
|
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
|
| python-unversioned-command |
CVE-2025-1795 |
低危 |
3.9.18-1.el9_3 |
|
python: Mishandling of comma during folding and unicode-encoding of email headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-02-28 19:15 修改: 2026-06-17 08:39
|
| python-unversioned-command |
CVE-2025-6075 |
低危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
python: Quadratic complexity in os.path.expandvars() with user-controlled template
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01
|
| python-unversioned-command |
CVE-2026-2297 |
低危 |
3.9.18-1.el9_3 |
|
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
|
| python-unversioned-command |
CVE-2026-3479 |
低危 |
3.9.18-1.el9_3 |
|
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| libxml2 |
CVE-2026-0989 |
低危 |
2.9.13-5.el9_3 |
|
libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0989
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-15 15:15 修改: 2026-06-30 20:20
|
| libxml2 |
CVE-2026-0992 |
低危 |
2.9.13-5.el9_3 |
|
libxml2: libxml2: Denial of Service via crafted XML catalogs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0992
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-15 15:15 修改: 2026-06-30 20:17
|
| ncurses-base |
CVE-2022-29458 |
低危 |
6.2-10.20210508.el9 |
6.2-10.20210508.el9_6.2 |
ncurses: segfaulting OOB read
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-04-18 21:15 修改: 2026-06-17 04:40
|
| ncurses-base |
CVE-2023-50495 |
低危 |
6.2-10.20210508.el9 |
|
ncurses: segmentation fault via _nc_wrap_entry()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
|
| ncurses-libs |
CVE-2022-29458 |
低危 |
6.2-10.20210508.el9 |
6.2-10.20210508.el9_6.2 |
ncurses: segfaulting OOB read
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-04-18 21:15 修改: 2026-06-17 04:40
|
| ncurses-libs |
CVE-2023-50495 |
低危 |
6.2-10.20210508.el9 |
|
ncurses: segmentation fault via _nc_wrap_entry()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
|
| gnutls |
CVE-2026-5419 |
低危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-01 21:16 修改: 2026-06-29 12:16
|
| curl-minimal |
CVE-2026-6276 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
|
| ca-certificates |
CVE-2023-37920 |
低危 |
2023.2.60_v7.0.306-90.1.el9_2 |
2024.2.69_v8.0.303-91.4.el9_4 |
python-certifi: Removal of e-Tugra root certificate
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37920
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-07-25 21:15 修改: 2026-06-17 06:08
|
| glibc-minimal-langpack |
CVE-2024-33601 |
低危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: netgroup cache may terminate daemon on memory allocation failure
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-minimal-langpack |
CVE-2024-33602 |
低危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: netgroup cache assumes NSS callback uses in-buffer strings
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-minimal-langpack |
CVE-2026-4438 |
低危 |
2.34-83.el9_3.7 |
2.34-270.el9_8 |
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| curl-minimal |
CVE-2024-11053 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: curl netrc password leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
|
| expat |
CVE-2025-66382 |
低危 |
2.5.0-1.el9 |
|
libexpat: libexpat: Denial of service via crafted file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-11-28 07:15 修改: 2026-06-17 09:56
|
| libcurl-minimal |
CVE-2024-11053 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: curl netrc password leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
|
| libcurl-minimal |
CVE-2024-7264 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: ASN.1 date parser overread
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19
|
| libcurl-minimal |
CVE-2024-9681 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: HSTS subdomain overwrites parent cache entry
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-11-06 08:15 修改: 2026-06-17 08:25
|
| libcurl-minimal |
CVE-2025-14524 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
|
| libcurl-minimal |
CVE-2025-15079 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: Host verification bypass during SSH transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| libcurl-minimal |
CVE-2025-15224 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: libssh key passphrase bypass without agent set
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| libcurl-minimal |
CVE-2026-6276 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
|
| gnupg2 |
CVE-2022-3219 |
低危 |
2.3.3-4.el9 |
|
gnupg: denial of service issue (resource consumption) using compressed packets
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-02-23 20:15 修改: 2026-06-17 04:59
|
| openssl-libs |
CVE-2023-2975 |
低危 |
1:3.0.7-24.el9 |
1:3.0.7-27.el9 |
openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2975
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-07-14 12:15 修改: 2026-06-17 05:53
|
| openssl-libs |
CVE-2023-3446 |
低危 |
1:3.0.7-24.el9 |
1:3.0.7-27.el9 |
openssl: Excessive time spent checking DH keys and parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-07-19 12:15 修改: 2026-06-17 06:14
|
| openssl-libs |
CVE-2023-3817 |
低危 |
1:3.0.7-24.el9 |
1:3.0.7-27.el9 |
OpenSSL: Excessive time spent checking DH q parameter value
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-07-31 16:15 修改: 2026-06-17 06:14
|
| openssl-libs |
CVE-2023-5678 |
低危 |
1:3.0.7-24.el9 |
1:3.0.7-27.el9 |
openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49
|
| openssl-libs |
CVE-2023-6129 |
低危 |
1:3.0.7-24.el9 |
1:3.0.7-27.el9 |
openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-01-09 17:15 修改: 2026-06-17 06:50
|
| openssl-libs |
CVE-2023-6237 |
低危 |
1:3.0.7-24.el9 |
1:3.0.7-27.el9 |
openssl: Excessive time spent checking invalid RSA public keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-04-25 07:15 修改: 2026-06-17 06:50
|
| openssl-libs |
CVE-2024-0727 |
低危 |
1:3.0.7-24.el9 |
1:3.0.7-27.el9 |
openssl: denial of service via null dereference
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54
|
| openssl-libs |
CVE-2024-13176 |
低危 |
1:3.0.7-24.el9 |
|
openssl: Timing side-channel in ECDSA signature computation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
|
| openssl-libs |
CVE-2024-2511 |
低危 |
1:3.0.7-24.el9 |
1:3.2.2-6.el9_5 |
openssl: Unbounded memory growth with session handling in TLSv1.3
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24
|
| openssl-libs |
CVE-2024-41996 |
低危 |
1:3.0.7-24.el9 |
|
openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-08-26 06:15 修改: 2026-06-17 07:48
|
| openssl-libs |
CVE-2024-4603 |
低危 |
1:3.0.7-24.el9 |
1:3.2.2-6.el9_5 |
openssl: Excessive time spent checking DSA keys and parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-16 16:15 修改: 2026-06-17 08:02
|
| openssl-libs |
CVE-2024-4741 |
低危 |
1:3.0.7-24.el9 |
1:3.2.2-6.el9_5 |
openssl: Use After Free with SSL_free_buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02
|
| openssl-libs |
CVE-2024-5535 |
低危 |
1:3.0.7-24.el9 |
1:3.2.2-6.el9_5 |
openssl: SSL_select_next_proto buffer overread
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16
|
| openssl-libs |
CVE-2025-15468 |
低危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl-libs |
CVE-2025-15469 |
低危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl-libs |
CVE-2025-66199 |
低危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
|
| openssl-libs |
CVE-2025-68160 |
低危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
|
| openssl-libs |
CVE-2025-69418 |
低危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| python3 |
CVE-2024-0397 |
低危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
cpython: python: Memory race condition in ssl.SSLContext certificate store methods
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-06-17 16:15 修改: 2026-06-17 06:53
|
| python3 |
CVE-2024-4032 |
低危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.3 |
python: incorrect IPv4 and IPv6 private ranges
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-06-17 15:15 修改: 2026-06-17 08:00
|
| python3 |
CVE-2024-5642 |
低危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-06-27 21:15 修改: 2026-06-17 08:16
|
| python3 |
CVE-2024-7592 |
低危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
cpython: python: Uncontrolled CPU resource consumption when in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-19 19:15 修改: 2026-06-17 08:20
|
| python3 |
CVE-2025-13462 |
低危 |
3.9.18-1.el9_3 |
|
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
|
| python3 |
CVE-2025-1795 |
低危 |
3.9.18-1.el9_3 |
|
python: Mishandling of comma during folding and unicode-encoding of email headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-02-28 19:15 修改: 2026-06-17 08:39
|
| python3 |
CVE-2025-6075 |
低危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
python: Quadratic complexity in os.path.expandvars() with user-controlled template
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01
|
| python3 |
CVE-2026-2297 |
低危 |
3.9.18-1.el9_3 |
|
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
|
| python3 |
CVE-2026-3479 |
低危 |
3.9.18-1.el9_3 |
|
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| openssl-libs |
CVE-2025-69420 |
低危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-69421 |
低危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-9232 |
低危 |
1:3.0.7-24.el9 |
|
openssl: Out-of-bounds read in HTTP client no_proxy handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9232
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
|
| openssl-libs |
CVE-2026-22795 |
低危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl-libs |
CVE-2026-22796 |
低危 |
1:3.0.7-24.el9 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl-libs |
CVE-2026-28387 |
低危 |
1:3.0.7-24.el9 |
|
openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-28388 |
低危 |
1:3.0.7-24.el9 |
|
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-28389 |
低危 |
1:3.0.7-24.el9 |
|
openssl: OpenSSL: Denial of Service vulnerability in CMS processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-31789 |
低危 |
1:3.0.7-24.el9 |
|
openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
|
| openssl-libs |
CVE-2026-34180 |
低危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34181 |
低危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-42766 |
低危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: Possible NULL Dereference in Password-Based CMS Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42767 |
低危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42768 |
低危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42769 |
低危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42770 |
低危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: FFC-DH Peer Validation Uses Attacker-Supplied q
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-45446 |
低危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl-libs |
CVE-2026-7383 |
低危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
|
| openssl-libs |
CVE-2026-9076 |
低危 |
1:3.0.7-24.el9 |
1:3.5.5-4.el9_8 |
openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
|
| libgcc |
CVE-2021-46195 |
低危 |
11.4.1-2.1.el9 |
|
gcc: uncontrolled recursion in libiberty/rust-demangle.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46195
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-01-14 20:15 修改: 2026-06-17 04:14
|
| libgcc |
CVE-2022-27943 |
低危 |
11.4.1-2.1.el9 |
|
binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37
|
| gnupg2 |
CVE-2025-30258 |
低危 |
2.3.3-4.el9 |
|
gnupg: verification DoS due to a malicious subkey in the keyring
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
|
| krb5-libs |
CVE-2024-26458 |
低危 |
1.21.1-1.el9 |
1.21.1-3.el9 |
krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| pcre2 |
CVE-2022-41409 |
低危 |
10.40-2.el9 |
|
pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-07-18 14:15 修改: 2026-06-17 05:03
|
| pcre2-syntax |
CVE-2022-41409 |
低危 |
10.40-2.el9 |
|
pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-07-18 14:15 修改: 2026-06-17 05:03
|
| libgcrypt |
CVE-2026-41990 |
低危 |
1.10.0-10.el9_2 |
|
Libgcrypt: Libgcrypt: Denial of Service or data integrity issues from missing bounds check during Dilithium signing.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41990
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47
|
| krb5-libs |
CVE-2024-26461 |
低危 |
1.21.1-1.el9 |
1.21.1-3.el9 |
krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| gnupg2 |
CVE-2026-24883 |
低危 |
2.3.3-4.el9 |
|
GnuPG: GnuPG: Denial of service due to specially crafted signature packet
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24883
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 19:16 修改: 2026-06-17 10:23
|
| gnupg2 |
CVE-2026-57062 |
低危 |
2.3.3-4.el9 |
|
GnuPG: Incorrect cryptographic message parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57062
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-06-23 18:18 修改: 2026-06-25 20:16
|
| expat |
CVE-2026-24515 |
低危 |
2.5.0-1.el9 |
|
libexpat: libexpat null pointer dereference
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-01-23 08:16 修改: 2026-06-17 10:23
|
| expat |
CVE-2026-41080 |
低危 |
2.5.0-1.el9 |
|
libexpat: expat: libexpat: Denial of Service via hash flooding with crafted XML
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41080
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-04-16 17:16 修改: 2026-06-17 10:46
|
| file-libs |
CVE-2022-48554 |
低危 |
5.39-14.el9 |
5.39-16.el9 |
file: stack-based buffer over-read in file_copystr in funcs.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48554
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-08-22 19:16 修改: 2026-06-17 05:15
|
| gawk |
CVE-2023-4156 |
低危 |
5.1.0-6.el9 |
|
gawk: heap out of bound read in builtin.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4156
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-09-25 18:15 修改: 2026-06-17 06:37
|
| curl-minimal |
CVE-2024-7264 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: libcurl: ASN.1 date parser overread
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19
|
| curl-minimal |
CVE-2024-9681 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: HSTS subdomain overwrites parent cache entry
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-11-06 08:15 修改: 2026-06-17 08:25
|
| glibc-common |
CVE-2024-33601 |
低危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: netgroup cache may terminate daemon on memory allocation failure
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-common |
CVE-2024-33602 |
低危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: netgroup cache assumes NSS callback uses in-buffer strings
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-common |
CVE-2026-4438 |
低危 |
2.34-83.el9_3.7 |
2.34-270.el9_8 |
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| libstdc++ |
CVE-2021-46195 |
低危 |
11.4.1-2.1.el9 |
|
gcc: uncontrolled recursion in libiberty/rust-demangle.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46195
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-01-14 20:15 修改: 2026-06-17 04:14
|
| libstdc++ |
CVE-2022-27943 |
低危 |
11.4.1-2.1.el9 |
|
binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2022-03-26 13:15 修改: 2026-06-17 04:37
|
| python3-libs |
CVE-2024-0397 |
低危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
cpython: python: Memory race condition in ssl.SSLContext certificate store methods
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-06-17 16:15 修改: 2026-06-17 06:53
|
| python3-libs |
CVE-2024-4032 |
低危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.3 |
python: incorrect IPv4 and IPv6 private ranges
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-06-17 15:15 修改: 2026-06-17 08:00
|
| python3-libs |
CVE-2024-5642 |
低危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-06-27 21:15 修改: 2026-06-17 08:16
|
| python3-libs |
CVE-2024-7592 |
低危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
cpython: python: Uncontrolled CPU resource consumption when in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-08-19 19:15 修改: 2026-06-17 08:20
|
| python3-libs |
CVE-2025-13462 |
低危 |
3.9.18-1.el9_3 |
|
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
|
| python3-libs |
CVE-2025-1795 |
低危 |
3.9.18-1.el9_3 |
|
python: Mishandling of comma during folding and unicode-encoding of email headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-02-28 19:15 修改: 2026-06-17 08:39
|
| python3-libs |
CVE-2025-6075 |
低危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
python: Quadratic complexity in os.path.expandvars() with user-controlled template
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01
|
| python3-libs |
CVE-2026-2297 |
低危 |
3.9.18-1.el9_3 |
|
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
|
| python3-libs |
CVE-2026-3479 |
低危 |
3.9.18-1.el9_3 |
|
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| glib2 |
CVE-2023-32636 |
低危 |
2.68.4-11.el9 |
|
glib: Timeout in fuzz_variant_text
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32636
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-09-14 20:15 修改: 2026-06-17 05:59
|
| libtasn1 |
CVE-2025-13151 |
低危 |
4.16.0-8.el9_1 |
4.16.0-10.el9_8 |
libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-07 22:15 修改: 2026-06-17 08:33
|
| glib2 |
CVE-2025-3360 |
低危 |
2.68.4-11.el9 |
|
glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601().
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3360
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-04-07 13:15 修改: 2026-06-30 15:16
|
| glib2 |
CVE-2025-7039 |
低危 |
2.68.4-11.el9 |
|
glib: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7039
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-09-03 02:15 修改: 2026-06-17 10:04
|
| libarchive |
CVE-2025-1632 |
低危 |
3.5.3-4.el9 |
|
libarchive: null pointer dereference in bsdunzip.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1632
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-02-24 14:15 修改: 2026-06-17 08:39
|
| python3-pip-wheel |
CVE-2021-3572 |
低危 |
21.2.3-7.el9 |
|
python-pip: Incorrect handling of unicode separators in git references
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3572
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2021-11-10 18:15 修改: 2026-06-17 04:05
|
| libarchive |
CVE-2025-5915 |
低危 |
3.5.3-4.el9 |
|
libarchive: Heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5915
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-09 20:15 修改: 2026-06-30 11:16
|
| libarchive |
CVE-2025-5916 |
低危 |
3.5.3-4.el9 |
|
libarchive: Integer overflow while reading warc files at archive_read_support_format_warc.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5916
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-09 20:15 修改: 2026-06-30 11:16
|
| libarchive |
CVE-2025-5917 |
低危 |
3.5.3-4.el9 |
|
libarchive: Off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5917
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-09 20:15 修改: 2026-06-30 11:16
|
| libarchive |
CVE-2025-5918 |
低危 |
3.5.3-4.el9 |
|
libarchive: Reading past EOF may be triggered for piped file streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5918
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-09 20:15 修改: 2026-06-30 11:16
|
| glibc |
CVE-2024-33601 |
低危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: netgroup cache may terminate daemon on memory allocation failure
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc |
CVE-2024-33602 |
低危 |
2.34-83.el9_3.7 |
2.34-100.el9_4.2 |
glibc: netgroup cache assumes NSS callback uses in-buffer strings
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| rpm |
CVE-2026-44605 |
低危 |
4.16.1.3-25.el9 |
|
rpm: heap buffer overflow in NDB slot table parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44605
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| glibc |
CVE-2025-15281 |
低危 |
2.34-83.el9_3.7 |
2.34-231.el9_7.10 |
glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
|
| glibc |
CVE-2026-0861 |
低危 |
2.34-83.el9_3.7 |
2.34-231.el9_7.10 |
glibc: Integer overflow in memalign leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11
|
| glibc |
CVE-2026-4438 |
低危 |
2.34-83.el9_3.7 |
2.34-270.el9_8 |
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glib2 |
CVE-2026-0988 |
低危 |
2.68.4-11.el9 |
|
glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0988
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-21 12:15 修改: 2026-06-17 10:11
|
| rpm-libs |
CVE-2026-44605 |
低危 |
4.16.1.3-25.el9 |
|
rpm: heap buffer overflow in NDB slot table parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44605
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| glib2 |
CVE-2026-1485 |
低危 |
2.68.4-11.el9 |
|
Glib: Glib: Local denial of service via buffer underflow in content type parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1485
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-27 14:15 修改: 2026-06-17 10:15
|
| shadow-utils |
CVE-2024-56433 |
低危 |
2:4.9-8.el9 |
2:4.9-15.el9 |
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
|
| curl-minimal |
CVE-2025-14524 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
|
| curl-minimal |
CVE-2025-15079 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: Host verification bypass during SSH transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| sqlite-libs |
CVE-2024-0232 |
低危 |
3.34.1-6.el9_1 |
|
sqlite: use-after-free bug in jsonParseAddNodeArray
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0232
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-01-16 14:15 修改: 2026-06-17 06:53
|
| sqlite-libs |
CVE-2025-70873 |
低危 |
3.34.1-6.el9_1 |
|
sqlite: SQLite: Information Disclosure via Crafted ZIP File
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-70873
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-03-12 19:16 修改: 2026-06-17 10:03
|
| curl-minimal |
CVE-2025-15224 |
低危 |
7.76.1-26.el9_3.2 |
|
curl: libssh key passphrase bypass without agent set
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| gnutls |
CVE-2025-9820 |
低危 |
3.7.6-23.el9 |
3.8.3-10.el9_7 |
gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-01-26 20:16 修改: 2026-06-30 09:16
|
| gnutls |
CVE-2026-3832 |
低危 |
3.7.6-23.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-04-30 18:16 修改: 2026-06-24 17:16
|
| libxml2 |
CVE-2023-45322 |
低危 |
2.9.13-5.el9_3 |
|
libxml2: use-after-free in xmlUnlinkNode() in tree.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45322
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2023-10-06 22:15 修改: 2026-06-17 06:28
|
| libxml2 |
CVE-2024-34459 |
低危 |
2.9.13-5.el9_3 |
2.9.13-14.el9_8.1 |
libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2024-05-14 15:39 修改: 2026-06-17 07:33
|
| libxml2 |
CVE-2025-27113 |
低危 |
2.9.13-5.el9_3 |
|
libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27113
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-02-18 23:15 修改: 2026-06-17 09:03
|
| libxml2 |
CVE-2025-6170 |
低危 |
2.9.13-5.el9_3 |
|
libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6170
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2025-06-16 16:15 修改: 2026-06-30 11:16
|
| python-unversioned-command |
CVE-2024-0397 |
低危 |
3.9.18-1.el9_3 |
3.9.21-1.el9_5 |
cpython: python: Memory race condition in ssl.SSLContext certificate store methods
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-06-17 16:15 修改: 2026-06-17 06:53
|
| python-unversioned-command |
CVE-2024-4032 |
低危 |
3.9.18-1.el9_3 |
3.9.18-3.el9_4.3 |
python: incorrect IPv4 and IPv6 private ranges
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-06-17 15:15 修改: 2026-06-17 08:00
|
| tar |
CVE-2023-39804 |
低危 |
2:1.34-6.el9_1 |
|
tar: Incorrectly handled extension attributes in PAX archives can lead to a crash
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39804
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-03-27 04:15 修改: 2026-06-17 06:12
|
| python-unversioned-command |
CVE-2024-5642 |
低危 |
3.9.18-1.el9_3 |
3.9.25-2.el9_7 |
python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642
镜像层: sha256:90d2a9702206fe596f9a7203116fc7198a1e0bb4eac2ab70140d6d2ec6c8331d
发布日期: 2024-06-27 21:15 修改: 2026-06-17 08:16
|
| zlib |
CVE-2026-27171 |
低危 |
1.2.11-40.el9 |
|
zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171
镜像层: sha256:064b40dd2dfb098da5b4d43876da5d481047121e1ed560129383b74d30b5fe99
发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26
|