docker.io/ubuntu:26.04 linux/arm64

docker.io/ubuntu:26.04 - Trivy安全扫描结果扫描时间: 2026-06-17 17:05 温馨提示: 这是一个 linux/arm64 系统架构镜像

全部漏洞信息

低危漏洞:25

中危漏洞:66

高危漏洞:10

严重漏洞:0

系统OS: ubuntu 26.04 扫描引擎: Trivy 扫描时间: 2026-06-17 17:05

docker.io/ubuntu:26.04 (ubuntu 26.04) (ubuntu)

低危漏洞:25

中危漏洞:63

高危漏洞:2

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libssl3t64	CVE-2026-45447	高危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
openssl-provider-legacy	CVE-2026-45447	高危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libblkid1	CVE-2026-27456	中危	2.41.3-3ubuntu2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libblkid1	CVE-2026-3184	中危	2.41.3-3ubuntu2		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
libc-bin	CVE-2026-4046	中危	2.43-2ubuntu2		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-bin	CVE-2026-4437	中危	2.43-2ubuntu2		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc-bin	CVE-2026-4438	中危	2.43-2ubuntu2		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libc-bin	CVE-2026-5435	中危	2.43-2ubuntu2		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc-bin	CVE-2026-6238	中危	2.43-2ubuntu2		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libc-gconv-modules-extra	CVE-2026-4046	中危	2.43-2ubuntu2		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-gconv-modules-extra	CVE-2026-4437	中危	2.43-2ubuntu2		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc-gconv-modules-extra	CVE-2026-4438	中危	2.43-2ubuntu2		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libc-gconv-modules-extra	CVE-2026-5435	中危	2.43-2ubuntu2		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc-gconv-modules-extra	CVE-2026-6238	中危	2.43-2ubuntu2		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libc6	CVE-2026-4046	中危	2.43-2ubuntu2		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc6	CVE-2026-4437	中危	2.43-2ubuntu2		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc6	CVE-2026-4438	中危	2.43-2ubuntu2		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libc6	CVE-2026-5435	中危	2.43-2ubuntu2		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc6	CVE-2026-6238	中危	2.43-2ubuntu2		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libgcrypt20	CVE-2026-41989	中危	1.12.0-2	1.12.0-2ubuntu0.1	Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
libgcrypt20	CVE-2026-41990	中危	1.12.0-2	1.12.0-2ubuntu0.1	Libgcrypt: Libgcrypt: Denial of Service or data integrity issues from missing bounds check during Dilithium signing. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41990 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
libmount1	CVE-2026-27456	中危	2.41.3-3ubuntu2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libmount1	CVE-2026-3184	中危	2.41.3-3ubuntu2		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
libsmartcols1	CVE-2026-27456	中危	2.41.3-3ubuntu2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libsmartcols1	CVE-2026-3184	中危	2.41.3-3ubuntu2		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
bsdutils	CVE-2026-27456	中危	1:2.41.3-3ubuntu2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libssl3t64	CVE-2026-34182	中危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3t64	CVE-2026-34183	中危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
libssl3t64	CVE-2026-42764	中危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl3t64	CVE-2026-45445	中危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libuuid1	CVE-2026-27456	中危	2.41.3-3ubuntu2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libuuid1	CVE-2026-3184	中危	2.41.3-3ubuntu2		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
login	CVE-2026-27456	中危	1:4.16.0-2+really2.41.3-3ubuntu2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
login	CVE-2026-3184	中危	1:4.16.0-2+really2.41.3-3ubuntu2		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
mount	CVE-2026-27456	中危	2.41.3-3ubuntu2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
mount	CVE-2026-3184	中危	2.41.3-3ubuntu2		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
bsdutils	CVE-2026-3184	中危	1:2.41.3-3ubuntu2		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
openssl-provider-legacy	CVE-2026-34182	中危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl-provider-legacy	CVE-2026-34183	中危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
openssl-provider-legacy	CVE-2026-42764	中危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: NULL pointer dereference in QUIC server initial packet handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl-provider-legacy	CVE-2026-45445	中危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
rust-coreutils	CVE-2026-35341	中危	0.8.0-0ubuntu3		A vulnerability in uutils coreutils mkfifo allows for the unauthorized ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35341 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:05
rust-coreutils	CVE-2026-35344	中危	0.8.0-0ubuntu3		The dd utility in uutils coreutils suppresses errors during file trunc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35344 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-05-04 20:09
rust-coreutils	CVE-2026-35345	中危	0.8.0-0ubuntu3		A vulnerability in the tail utility of uutils coreutils allows for the ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35345 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-05-04 20:04
rust-coreutils	CVE-2026-35348	中危	0.8.0-0ubuntu3		The sort utility in uutils coreutils is vulnerable to a process panic ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35348 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 18:57
rust-coreutils	CVE-2026-35350	中危	0.8.0-0ubuntu3		The cp utility in uutils coreutils fails to properly handle setuid and ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35350 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:04
rust-coreutils	CVE-2026-35351	中危	0.8.0-0ubuntu3		The mv utility in uutils coreutils fails to preserve file ownership du ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35351 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-27 12:28
rust-coreutils	CVE-2026-35352	中危	0.8.0-0ubuntu3		A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the m ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35352 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-05-04 18:16
rust-coreutils	CVE-2026-35354	中危	0.8.0-0ubuntu3		A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35354 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:04
rust-coreutils	CVE-2026-35357	中危	0.8.0-0ubuntu3		The cp utility in uutils coreutils is vulnerable to an information dis ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35357 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:02
rust-coreutils	CVE-2026-35359	中危	0.8.0-0ubuntu3		A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in the cp utilit ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35359 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:02
rust-coreutils	CVE-2026-35360	中危	0.8.0-0ubuntu3		The touch utility in uutils coreutils is vulnerable to a Time-of-Check ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35360 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:02
rust-coreutils	CVE-2026-35363	中危	0.8.0-0ubuntu3		A vulnerability in the rm utility of uutils coreutils allows the bypas ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35363 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:02
rust-coreutils	CVE-2026-35364	中危	0.8.0-0ubuntu3		A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the m ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35364 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:19
rust-coreutils	CVE-2026-35367	中危	0.8.0-0ubuntu3		The nohup utility in uutils coreutils creates its default output file, ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35367 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:19
rust-coreutils	CVE-2026-35368	中危	0.8.0-0ubuntu3		A vulnerability exists in the chroot utility of uutils coreutils when ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35368 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:18
rust-coreutils	CVE-2026-35370	中危	0.8.0-0ubuntu3		The id utility in uutils coreutils miscalculates the groups= section o ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35370 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-05-04 20:02
rust-coreutils	CVE-2026-35371	中危	0.8.0-0ubuntu3		The id utility in uutils coreutils exhibits incorrect behavior in its ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35371 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-05-04 20:02
rust-coreutils	CVE-2026-35373	中危	0.8.0-0ubuntu3		A logic error in the ln utility of uutils coreutils causes the program ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35373 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-05-04 20:01
rust-coreutils	CVE-2026-35374	中危	0.8.0-0ubuntu3		A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the sp ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35374 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-05-04 19:22
rust-coreutils	CVE-2026-35377	中危	0.8.0-0ubuntu3		A logic error in the env utility of uutils coreutils causes a failure ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35377 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-22 17:16 修改: 2026-04-24 19:06
sed	CVE-2026-5958	中危	4.9-2build3	4.9-2ubuntu1	sed: GNU sed TOCTOU race condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-20 12:16 修改: 2026-05-19 15:17
tar	CVE-2025-45582	中危	1.35+dfsg-4		tar: Tar path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
util-linux	CVE-2026-27456	中危	2.41.3-3ubuntu2		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
util-linux	CVE-2026-3184	中危	2.41.3-3ubuntu2		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
passwd	CVE-2024-56433	低危	1:4.17.4-2ubuntu3		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libsystemd0	CVE-2026-40228	低危	259.5-0ubuntu3		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libudev1	CVE-2026-40228	低危	259.5-0ubuntu3		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libgcrypt20	CVE-2024-2236	低危	1.12.0-2		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
libssl3t64	CVE-2026-34180	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3t64	CVE-2026-34181	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3t64	CVE-2026-42766	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
login.defs	CVE-2024-56433	低危	1:4.17.4-2ubuntu3		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libssl3t64	CVE-2026-42767	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3t64	CVE-2026-42768	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3t64	CVE-2026-42769	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
libssl3t64	CVE-2026-42770	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3t64	CVE-2026-45446	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libssl3t64	CVE-2026-7383	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
libssl3t64	CVE-2026-9076	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
openssl-provider-legacy	CVE-2026-34180	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl-provider-legacy	CVE-2026-34181	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl-provider-legacy	CVE-2026-42766	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl-provider-legacy	CVE-2026-42767	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl-provider-legacy	CVE-2026-42768	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl-provider-legacy	CVE-2026-42769	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
openssl-provider-legacy	CVE-2026-42770	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl-provider-legacy	CVE-2026-45446	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
openssl-provider-legacy	CVE-2026-7383	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
openssl-provider-legacy	CVE-2026-9076	低危	3.5.5-1ubuntu3	3.5.5-1ubuntu3.2	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45

usr/bin/pebble (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:5cde16a3f2e15fb91f1e3d4002774c76fa956655928f652e9156d5bb63a2ad2f 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15