docker.io/wangbowen/kkfileview:5.1.0 linux/amd64

docker.io/wangbowen/kkfileview:5.1.0 - Trivy安全扫描结果扫描时间: 2026-06-22 14:40

全部漏洞信息

低危漏洞:75

中危漏洞:222

高危漏洞:18

严重漏洞:4

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2026-06-22 14:40

docker.io/wangbowen/kkfileview:5.1.0 (ubuntu 24.04) (ubuntu)

低危漏洞:69

中危漏洞:204

高危漏洞:3

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
gpgv	CVE-2025-68973	高危	2.4.4-2ubuntu17.3	2.4.4-2ubuntu17.4	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
libssl3t64	CVE-2026-45447	高危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
openssl	CVE-2026-45447	高危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libasound2-data	CVE-2026-25068	中危	1.2.11-1ubuntu0.1	1.2.11-1ubuntu0.2	alsa-lib: alsa-lib Topology Decoder Heap-based Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25068 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-29 20:16 修改: 2026-04-15 00:35
libasound2t64	CVE-2026-25068	中危	1.2.11-1ubuntu0.1	1.2.11-1ubuntu0.2	alsa-lib: alsa-lib Topology Decoder Heap-based Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25068 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-29 20:16 修改: 2026-04-15 00:35
libavahi-client3	CVE-2025-59529	中危	0.8-13ubuntu6		avahi: simple clients denial-of-service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59529 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-12-18 21:15 修改: 2026-01-16 16:50
libavahi-client3	CVE-2025-68276	中危	0.8-13ubuntu6	0.8-13ubuntu6.1	avahi: Avahi: Denial of Service via D-Bus record browsers with AVAHI_LOOKUP_USE_WIDE_AREA flag 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68276 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 18:15 修改: 2026-01-16 16:51
libavahi-client3	CVE-2025-68468	中危	0.8-13ubuntu6	0.8-13ubuntu6.1	avahi: Avahi: Denial of Service via crafted mDNS/DNS-SD announcements 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68468 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 18:15 修改: 2026-01-16 16:52
libavahi-client3	CVE-2025-68471	中危	0.8-13ubuntu6	0.8-13ubuntu6.1	avahi: Avahi: Denial of Service via unsolicited CNAME announcements 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68471 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 18:15 修改: 2026-01-16 16:53
libavahi-client3	CVE-2026-24401	中危	0.8-13ubuntu6	0.8-13ubuntu6.2	avahi: Avahi: Denial of Service via recursive CNAME record in mDNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24401 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-24 02:15 修改: 2026-02-12 15:58
libavahi-client3	CVE-2026-34933	中危	0.8-13ubuntu6	0.8-13ubuntu6.2	avahi: avahi-daemon: Avahi: Denial of Service via D-Bus method call 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34933 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 23:17 修改: 2026-04-13 17:26
libavahi-common-data	CVE-2025-59529	中危	0.8-13ubuntu6		avahi: simple clients denial-of-service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59529 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-12-18 21:15 修改: 2026-01-16 16:50
libavahi-common-data	CVE-2025-68276	中危	0.8-13ubuntu6	0.8-13ubuntu6.1	avahi: Avahi: Denial of Service via D-Bus record browsers with AVAHI_LOOKUP_USE_WIDE_AREA flag 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68276 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 18:15 修改: 2026-01-16 16:51
libavahi-common-data	CVE-2025-68468	中危	0.8-13ubuntu6	0.8-13ubuntu6.1	avahi: Avahi: Denial of Service via crafted mDNS/DNS-SD announcements 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68468 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 18:15 修改: 2026-01-16 16:52
libavahi-common-data	CVE-2025-68471	中危	0.8-13ubuntu6	0.8-13ubuntu6.1	avahi: Avahi: Denial of Service via unsolicited CNAME announcements 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68471 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 18:15 修改: 2026-01-16 16:53
libavahi-common-data	CVE-2026-24401	中危	0.8-13ubuntu6	0.8-13ubuntu6.2	avahi: Avahi: Denial of Service via recursive CNAME record in mDNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24401 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-24 02:15 修改: 2026-02-12 15:58
libavahi-common-data	CVE-2026-34933	中危	0.8-13ubuntu6	0.8-13ubuntu6.2	avahi: avahi-daemon: Avahi: Denial of Service via D-Bus method call 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34933 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 23:17 修改: 2026-04-13 17:26
libavahi-common3	CVE-2025-59529	中危	0.8-13ubuntu6		avahi: simple clients denial-of-service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59529 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-12-18 21:15 修改: 2026-01-16 16:50
libavahi-common3	CVE-2025-68276	中危	0.8-13ubuntu6	0.8-13ubuntu6.1	avahi: Avahi: Denial of Service via D-Bus record browsers with AVAHI_LOOKUP_USE_WIDE_AREA flag 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68276 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 18:15 修改: 2026-01-16 16:51
libavahi-common3	CVE-2025-68468	中危	0.8-13ubuntu6	0.8-13ubuntu6.1	avahi: Avahi: Denial of Service via crafted mDNS/DNS-SD announcements 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68468 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 18:15 修改: 2026-01-16 16:52
libavahi-common3	CVE-2025-68471	中危	0.8-13ubuntu6	0.8-13ubuntu6.1	avahi: Avahi: Denial of Service via unsolicited CNAME announcements 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68471 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 18:15 修改: 2026-01-16 16:53
libavahi-common3	CVE-2026-24401	中危	0.8-13ubuntu6	0.8-13ubuntu6.2	avahi: Avahi: Denial of Service via recursive CNAME record in mDNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24401 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-24 02:15 修改: 2026-02-12 15:58
libavahi-common3	CVE-2026-34933	中危	0.8-13ubuntu6	0.8-13ubuntu6.2	avahi: avahi-daemon: Avahi: Denial of Service via D-Bus method call 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34933 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 23:17 修改: 2026-04-13 17:26
libblkid1	CVE-2026-27456	中危	2.39.3-9ubuntu6.4		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libc-bin	CVE-2025-15281	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
libc-bin	CVE-2026-0861	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
libc-bin	CVE-2026-0915	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
libc-bin	CVE-2026-4046	中危	2.39-0ubuntu8.6		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-bin	CVE-2026-4437	中危	2.39-0ubuntu8.6		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc-bin	CVE-2026-4438	中危	2.39-0ubuntu8.6		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libc-bin	CVE-2026-5435	中危	2.39-0ubuntu8.6		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc-bin	CVE-2026-6238	中危	2.39-0ubuntu8.6		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libc6	CVE-2025-15281	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
libc6	CVE-2026-0861	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
libc6	CVE-2026-0915	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
libc6	CVE-2026-4046	中危	2.39-0ubuntu8.6		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc6	CVE-2026-4437	中危	2.39-0ubuntu8.6		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
libc6	CVE-2026-4438	中危	2.39-0ubuntu8.6		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
libc6	CVE-2026-5435	中危	2.39-0ubuntu8.6		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc6	CVE-2026-6238	中危	2.39-0ubuntu8.6		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libcap2	CVE-2026-4878	中危	1:2.66-5ubuntu2.2	1:2.66-5ubuntu2.4	libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-09 16:16 修改: 2026-06-11 10:16
libcups2t64	CVE-2026-27447	中危	2.4.7-1.2ubuntu7.9	2.4.7-1.2ubuntu7.13	cups: OpenPrinting CUPS: Authorization bypass via case-insensitive username comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27447 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:20
libcups2t64	CVE-2026-34978	中危	2.4.7-1.2ubuntu7.9	2.4.7-1.2ubuntu7.13	cups: OpenPrinting CUPS: Denial of Service via path traversal in RSS notifier 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34978 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-16 18:29
libcups2t64	CVE-2026-34979	中危	2.4.7-1.2ubuntu7.9	2.4.7-1.2ubuntu7.13	cups: OpenPrinting CUPS: Denial of Service via heap-based buffer overflow in job attribute processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34979 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-16 18:28
libcups2t64	CVE-2026-34980	中危	2.4.7-1.2ubuntu7.9	2.4.7-1.2ubuntu7.13	cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34980 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-16 18:28
libcups2t64	CVE-2026-34990	中危	2.4.7-1.2ubuntu7.9	2.4.7-1.2ubuntu7.13	cups: OpenPrinting CUPS: Privilege escalation via arbitrary file overwrite due to coerced authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34990 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-16 18:15
libcups2t64	CVE-2026-39314	中危	2.4.7-1.2ubuntu7.9	2.4.7-1.2ubuntu7.13	cups: CUPS: Denial of Service via integer underflow in IPP attribute handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39314 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-07 17:16 修改: 2026-04-16 18:13
libcups2t64	CVE-2026-39316	中危	2.4.7-1.2ubuntu7.9	2.4.7-1.2ubuntu7.13	cups: CUPS: Denial of Service and potential arbitrary code execution via use-after-free vulnerability when deleting temporary printers. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39316 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-07 17:16 修改: 2026-04-16 18:08
libcups2t64	CVE-2026-41079	中危	2.4.7-1.2ubuntu7.9	2.4.7-1.2ubuntu7.13	cups: CUPS: Information disclosure via crafted SNMP response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41079 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-24 17:16 修改: 2026-04-27 13:40
libexpat1	CVE-2025-66382	中危	2.6.1-2ubuntu0.3		libexpat: libexpat: Denial of service via crafted file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-11-28 07:15 修改: 2026-06-02 14:16
libexpat1	CVE-2026-24515	中危	2.6.1-2ubuntu0.3	2.6.1-2ubuntu0.4	libexpat: libexpat null pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-23 08:16 修改: 2026-06-02 14:16
libexpat1	CVE-2026-25210	中危	2.6.1-2ubuntu0.3	2.6.1-2ubuntu0.4	libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-30 07:16 修改: 2026-06-02 14:16
libfdisk1	CVE-2026-27456	中危	2.39.3-9ubuntu6.4		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libfreetype6	CVE-2026-23865	中危	2.13.2+dfsg-1build3	2.13.2+dfsg-1ubuntu0.1	freetype: Information disclosure or denial of service via specially crafted font files 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23865 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-02 17:16 修改: 2026-05-01 17:41
libgbm1	CVE-2026-40393	中危	25.0.7-0ubuntu0.24.04.2	25.2.8-0ubuntu0.24.04.2	In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory acces ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40393 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-12 19:16 修改: 2026-04-16 16:17
libgcrypt20	CVE-2026-41989	中危	1.10.3-2build1	1.10.3-2ubuntu0.1	Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
libgdk-pixbuf-2.0-0	CVE-2026-5201	中危	2.42.10+dfsg-3ubuntu3.2	2.42.10+dfsg-3ubuntu3.3	gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5201 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-31 09:16 修改: 2026-06-10 18:17
libgdk-pixbuf2.0-common	CVE-2026-5201	中危	2.42.10+dfsg-3ubuntu3.2	2.42.10+dfsg-3ubuntu3.3	gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5201 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-31 09:16 修改: 2026-06-10 18:17
libgif7	CVE-2026-23868	中危	5.2.2-1ubuntu1		giflib: Giflib: Double-free vulnerability leading to memory corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23868 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-10 20:16 修改: 2026-05-07 18:18
libgif7	CVE-2026-26740	中危	5.2.2-1ubuntu1		giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26740 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-18 18:16 修改: 2026-03-21 00:09
libgl1-mesa-dri	CVE-2026-40393	中危	25.0.7-0ubuntu0.24.04.2	25.2.8-0ubuntu0.24.04.2	In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory acces ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40393 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-12 19:16 修改: 2026-04-16 16:17
libglib2.0-0t64	CVE-2026-0988	中危	2.80.0-6ubuntu3.6	2.80.0-6ubuntu3.7	glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0988 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-21 12:15 修改: 2026-04-24 21:16
libglib2.0-0t64	CVE-2026-1484	中危	2.80.0-6ubuntu3.6	2.80.0-6ubuntu3.8	Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1484 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 14:15 修改: 2026-06-02 14:16
libglib2.0-0t64	CVE-2026-1485	中危	2.80.0-6ubuntu3.6	2.80.0-6ubuntu3.8	Glib: Glib: Local denial of service via buffer underflow in content type parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1485 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 14:15 修改: 2026-04-15 00:35
libglib2.0-0t64	CVE-2026-1489	中危	2.80.0-6ubuntu3.6	2.80.0-6ubuntu3.8	Glib: GLib: Memory corruption via integer overflow in Unicode case conversion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1489 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 15:15 修改: 2026-06-02 14:16
libglx-mesa0	CVE-2026-40393	中危	25.0.7-0ubuntu0.24.04.2	25.2.8-0ubuntu0.24.04.2	In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory acces ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40393 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-12 19:16 修改: 2026-04-16 16:17
libgnutls30t64	CVE-2025-14831	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.5	gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-02-09 15:16 修改: 2026-06-10 18:16
libgnutls30t64	CVE-2026-33845	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30t64	CVE-2026-33846	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
libgnutls30t64	CVE-2026-3832	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-30 18:16 修改: 2026-06-02 17:16
libgnutls30t64	CVE-2026-3833	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30t64	CVE-2026-42009	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-05-18 13:16 修改: 2026-06-08 17:16
libgnutls30t64	CVE-2026-42010	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-05-07 12:16 修改: 2026-06-10 16:17
libgnutls30t64	CVE-2026-42011	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
libgnutls30t64	CVE-2026-42012	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30t64	CVE-2026-42013	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30t64	CVE-2026-42014	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-16 02:16 修改: 2026-06-16 15:26
libgnutls30t64	CVE-2026-42015	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30t64	CVE-2026-5260	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30t64	CVE-2026-5419	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	guntls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-01 21:16 修改: 2026-06-02 17:16
libgraphite2-3	CVE-2026-50593	中危	1.3.14-2build1	1.3.14-2ubuntu0.24.04.1	Graphite before 1.3.15 has an integer underflow and resultant out-of-b ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50593 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-05 04:17 修改: 2026-06-05 16:06
liblcms2-2	CVE-2026-41254	中危	2.14-2build1	2.14-2ubuntu0.1	Little CMS: lcms2: mm2/Little-CMS: Little CMS: Information disclosure or denial of service via integer overflow in CubeSize 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41254 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-18 07:16 修改: 2026-05-07 18:16
libmount1	CVE-2026-27456	中危	2.39.3-9ubuntu6.4		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libnss3	CVE-2026-2781	中危	2:3.98-1build1	2:3.98-1ubuntu0.1	firefox: thunderbird: Integer overflow in the Libraries component in NSS 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2781 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-02-24 14:16 修改: 2026-04-21 13:16
libpam-systemd	CVE-2026-29111	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libpam-systemd	CVE-2026-40225	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
libpam-systemd	CVE-2026-40226	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.16	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libpixman-1-0	CVE-2023-37769	中危	0.42.2-1build1		stress-test master commit e4c878 was discovered to contain a FPE vulne ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37769 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2023-07-17 20:15 修改: 2024-11-21 08:12
libpng16-16t64	CVE-2025-28162	中危	1.6.43-5ubuntu0.1	1.6.43-5ubuntu0.4	libpng: libpng: Denial of Service via buffer overflow in pngimage utility 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-28162 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 16:16 修改: 2026-02-06 20:06
libpng16-16t64	CVE-2025-28164	中危	1.6.43-5ubuntu0.1	1.6.43-5ubuntu0.4	libpng: libpng: Denial of Service via buffer overflow in png_create_read_struct() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-28164 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 16:16 修改: 2026-03-04 19:42
libpng16-16t64	CVE-2025-66293	中危	1.6.43-5ubuntu0.1	1.6.43-5ubuntu0.3	libpng: LIBPNG out-of-bounds read in png_image_read_composite 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66293 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-12-03 21:15 修改: 2025-12-16 19:12
libpng16-16t64	CVE-2026-22695	中危	1.6.43-5ubuntu0.1	1.6.43-5ubuntu0.3	libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22695 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 23:15 修改: 2026-01-21 18:58
libpng16-16t64	CVE-2026-22801	中危	1.6.43-5ubuntu0.1	1.6.43-5ubuntu0.3	libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22801 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-12 23:15 修改: 2026-01-21 18:58
libpng16-16t64	CVE-2026-25646	中危	1.6.43-5ubuntu0.1	1.6.43-5ubuntu0.5	libpng: LIBPNG has a heap buffer overflow in png_set_quantize 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25646 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-02-10 18:16 修改: 2026-02-13 20:43
libpng16-16t64	CVE-2026-33416	中危	1.6.43-5ubuntu0.1	1.6.43-5ubuntu0.6	libpng: libpng: Arbitrary code execution due to use-after-free vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33416 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-26 17:16 修改: 2026-04-02 20:28
libpng16-16t64	CVE-2026-33636	中危	1.6.43-5ubuntu0.1	1.6.43-5ubuntu0.6	libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33636 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-26 17:16 修改: 2026-04-02 18:42
libpng16-16t64	CVE-2026-34757	中危	1.6.43-5ubuntu0.1	1.6.43-5ubuntu0.6	libpng: libpng: Information disclosure and data corruption via use-after-free vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34757 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-09 15:16 修改: 2026-05-13 23:07
libpython3.12-minimal	CVE-2025-11468	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Missing character filtering in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.12-minimal	CVE-2025-12084	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
libpython3.12-minimal	CVE-2025-13462	中危	3.12.3-1ubuntu0.9		cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
libpython3.12-minimal	CVE-2025-13836	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.10	cpython: Excessive read buffering DoS in http.client 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-01 18:16 修改: 2026-05-18 16:58
libpython3.12-minimal	CVE-2025-13837	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Out-of-memory when loading Plist 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-01 18:16 修改: 2026-03-03 15:16
libpython3.12-minimal	CVE-2025-15282	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Header injection via newlines in data URL mediatype in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.12-minimal	CVE-2026-0672	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Header injection in http.cookies.Morsel in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.12-minimal	CVE-2026-0865	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.12-minimal	CVE-2026-2297	中危	3.12.3-1ubuntu0.9		cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
libpython3.12-stdlib	CVE-2025-11468	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Missing character filtering in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.12-stdlib	CVE-2025-12084	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
libpython3.12-stdlib	CVE-2025-13462	中危	3.12.3-1ubuntu0.9		cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
libpython3.12-stdlib	CVE-2025-13836	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.10	cpython: Excessive read buffering DoS in http.client 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-01 18:16 修改: 2026-05-18 16:58
libpython3.12-stdlib	CVE-2025-13837	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Out-of-memory when loading Plist 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-01 18:16 修改: 2026-03-03 15:16
libpython3.12-stdlib	CVE-2025-15282	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Header injection via newlines in data URL mediatype in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.12-stdlib	CVE-2026-0672	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Header injection in http.cookies.Morsel in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.12-stdlib	CVE-2026-0865	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.12-stdlib	CVE-2026-2297	中危	3.12.3-1ubuntu0.9		cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
libsmartcols1	CVE-2026-27456	中危	2.39.3-9ubuntu6.4		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
dpkg	CVE-2026-2219	中危	1.22.6ubuntu6.5	1.22.6ubuntu6.6	It was discovered that dpkg-deb (a component of dpkg, the Debian packa ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2219 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-03-07 09:16 修改: 2026-06-02 19:12
libssl3t64	CVE-2025-15467	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-27 16:16 修改: 2026-06-09 10:16
libssl3t64	CVE-2026-31790	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-34182	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3t64	CVE-2026-45445	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libsystemd-shared	CVE-2026-29111	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libsystemd-shared	CVE-2026-40225	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
libsystemd-shared	CVE-2026-40226	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.16	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libsystemd0	CVE-2026-29111	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libsystemd0	CVE-2026-40225	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
libsystemd0	CVE-2026-40226	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.16	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libtasn1-6	CVE-2025-13151	中危	4.19.0-3ubuntu0.24.04.1	4.19.0-3ubuntu0.24.04.2	libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-07 22:15 修改: 2026-02-02 19:27
libudev1	CVE-2026-29111	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libudev1	CVE-2026-40225	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
libudev1	CVE-2026-40226	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.16	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libuuid1	CVE-2026-27456	中危	2.39.3-9ubuntu6.4		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libxml2	CVE-2026-0989	中危	2.9.14+dfsg-1.3ubuntu3.6	2.9.14+dfsg-1.3ubuntu3.7	libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0989 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-15 15:15 修改: 2026-04-22 10:16
libxml2	CVE-2026-0990	中危	2.9.14+dfsg-1.3ubuntu3.6	2.9.14+dfsg-1.3ubuntu3.7	libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0990 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-15 15:15 修改: 2026-04-22 10:16
libxml2	CVE-2026-0992	中危	2.9.14+dfsg-1.3ubuntu3.6	2.9.14+dfsg-1.3ubuntu3.7	libxml2: libxml2: Denial of Service via crafted XML catalogs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0992 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-15 15:15 修改: 2026-04-22 10:16
libxslt1.1	CVE-2025-10911	中危	1.1.39-0exp1ubuntu0.24.04.3		libxslt: use-after-free with key data stored cross-RVT 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10911 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-09-25 16:15 修改: 2026-06-16 17:16
libxslt1.1	CVE-2025-7425	中危	1.1.39-0exp1ubuntu0.24.04.3		libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-07-10 14:15 修改: 2026-05-12 13:17
locales	CVE-2025-15281	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
locales	CVE-2026-0861	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
locales	CVE-2026-0915	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
locales	CVE-2026-4046	中危	2.39-0ubuntu8.6		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
locales	CVE-2026-4437	中危	2.39-0ubuntu8.6		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:41
locales	CVE-2026-4438	中危	2.39-0ubuntu8.6		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-20 20:16 修改: 2026-04-07 18:40
locales	CVE-2026-5435	中危	2.39-0ubuntu8.6		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
locales	CVE-2026-6238	中危	2.39-0ubuntu8.6		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
mesa-libgallium	CVE-2026-40393	中危	25.0.7-0ubuntu0.24.04.2	25.2.8-0ubuntu0.24.04.2	In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory acces ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40393 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-12 19:16 修改: 2026-04-16 16:17
mount	CVE-2026-27456	中危	2.39.3-9ubuntu6.4		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
openjdk-21-jre	CVE-2026-21925	中危	21.0.9+10-1~24.04	21.0.10+7-1~24.04	openjdk: Improve JMX connections (Oracle CPU 2026-01) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21925 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-20 22:15 修改: 2026-05-12 13:17
openjdk-21-jre	CVE-2026-21932	中危	21.0.9+10-1~24.04	21.0.10+7-1~24.04	openjdk: Enhance Handling of URIs (Oracle CPU 2026-01) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21932 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-20 22:15 修改: 2026-05-12 13:17
openjdk-21-jre	CVE-2026-21933	中危	21.0.9+10-1~24.04	21.0.10+7-1~24.04	openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21933 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-20 22:15 修改: 2026-05-12 13:17
openjdk-21-jre	CVE-2026-21945	中危	21.0.9+10-1~24.04	21.0.10+7-1~24.04	openjdk: Enhance Certificate Checking (Oracle CPU 2026-01) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21945 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-20 22:15 修改: 2026-05-12 13:17
openjdk-21-jre	CVE-2026-22007	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance crypto algorithm support (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22007 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:14
openjdk-21-jre	CVE-2026-22013	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Improve Kerberos credentialing (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22013 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:15
openjdk-21-jre	CVE-2026-22016	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22016 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:16
openjdk-21-jre	CVE-2026-22018	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance Zip file reading (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22018 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:17
openjdk-21-jre	CVE-2026-22021	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance certificate chain validation (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22021 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:18
openjdk-21-jre	CVE-2026-23865	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	freetype: Information disclosure or denial of service via specially crafted font files 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23865 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-02 17:16 修改: 2026-05-01 17:41
openjdk-21-jre	CVE-2026-34268	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance key generation (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34268 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:19
openjdk-21-jre	CVE-2026-34282	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance TLS connection handling (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34282 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:20
openjdk-21-jre-headless	CVE-2026-21925	中危	21.0.9+10-1~24.04	21.0.10+7-1~24.04	openjdk: Improve JMX connections (Oracle CPU 2026-01) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21925 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-20 22:15 修改: 2026-05-12 13:17
openjdk-21-jre-headless	CVE-2026-21932	中危	21.0.9+10-1~24.04	21.0.10+7-1~24.04	openjdk: Enhance Handling of URIs (Oracle CPU 2026-01) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21932 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-20 22:15 修改: 2026-05-12 13:17
openjdk-21-jre-headless	CVE-2026-21933	中危	21.0.9+10-1~24.04	21.0.10+7-1~24.04	openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21933 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-20 22:15 修改: 2026-05-12 13:17
openjdk-21-jre-headless	CVE-2026-21945	中危	21.0.9+10-1~24.04	21.0.10+7-1~24.04	openjdk: Enhance Certificate Checking (Oracle CPU 2026-01) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21945 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-20 22:15 修改: 2026-05-12 13:17
openjdk-21-jre-headless	CVE-2026-22007	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance crypto algorithm support (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22007 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:14
openjdk-21-jre-headless	CVE-2026-22013	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Improve Kerberos credentialing (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22013 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:15
openjdk-21-jre-headless	CVE-2026-22016	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22016 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:16
openjdk-21-jre-headless	CVE-2026-22018	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance Zip file reading (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22018 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:17
openjdk-21-jre-headless	CVE-2026-22021	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance certificate chain validation (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22021 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:18
openjdk-21-jre-headless	CVE-2026-23865	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	freetype: Information disclosure or denial of service via specially crafted font files 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23865 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-02 17:16 修改: 2026-05-01 17:41
openjdk-21-jre-headless	CVE-2026-34268	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance key generation (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34268 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:19
openjdk-21-jre-headless	CVE-2026-34282	中危	21.0.9+10-1~24.04	21.0.11+10-1~24.04.2	openjdk: Enhance TLS connection handling (Oracle CPU 2026-04) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34282 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-21 21:16 修改: 2026-04-27 12:20
bsdutils	CVE-2026-27456	中危	1:2.39.3-9ubuntu6.4		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
openssl	CVE-2025-15467	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 16:16 修改: 2026-06-09 10:16
openssl	CVE-2026-31790	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-34182	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl	CVE-2026-45445	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
python3.12	CVE-2025-11468	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Missing character filtering in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.12	CVE-2025-12084	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
python3.12	CVE-2025-13462	中危	3.12.3-1ubuntu0.9		cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
python3.12	CVE-2025-13836	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.10	cpython: Excessive read buffering DoS in http.client 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-01 18:16 修改: 2026-05-18 16:58
python3.12	CVE-2025-13837	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Out-of-memory when loading Plist 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-01 18:16 修改: 2026-03-03 15:16
python3.12	CVE-2025-15282	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Header injection via newlines in data URL mediatype in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.12	CVE-2026-0672	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Header injection in http.cookies.Morsel in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.12	CVE-2026-0865	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.12	CVE-2026-2297	中危	3.12.3-1ubuntu0.9		cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
python3.12-minimal	CVE-2025-11468	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Missing character filtering in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.12-minimal	CVE-2025-12084	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
python3.12-minimal	CVE-2025-13462	中危	3.12.3-1ubuntu0.9		cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
python3.12-minimal	CVE-2025-13836	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.10	cpython: Excessive read buffering DoS in http.client 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-01 18:16 修改: 2026-05-18 16:58
python3.12-minimal	CVE-2025-13837	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Out-of-memory when loading Plist 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2025-12-01 18:16 修改: 2026-03-03 15:16
python3.12-minimal	CVE-2025-15282	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Header injection via newlines in data URL mediatype in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.12-minimal	CVE-2026-0672	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: Header injection in http.cookies.Morsel in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.12-minimal	CVE-2026-0865	中危	3.12.3-1ubuntu0.9	3.12.3-1ubuntu0.11	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.12-minimal	CVE-2026-2297	中危	3.12.3-1ubuntu0.9		cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
sed	CVE-2026-5958	中危	4.9-2build1	4.9-2ubuntu0.24.04.1	sed: GNU sed TOCTOU race condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-20 12:16 修改: 2026-05-19 15:17
systemd	CVE-2026-29111	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
systemd	CVE-2026-40225	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
systemd	CVE-2026-40226	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.16	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
systemd-dev	CVE-2026-29111	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
systemd-dev	CVE-2026-40225	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
systemd-dev	CVE-2026-40226	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.16	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
systemd-sysv	CVE-2026-29111	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
systemd-sysv	CVE-2026-40225	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.14	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
systemd-sysv	CVE-2026-40226	中危	255.4-1ubuntu8.12	255.4-1ubuntu8.16	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
tar	CVE-2025-45582	中危	1.35+dfsg-3build1		tar: Tar path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
util-linux	CVE-2026-27456	中危	2.39.3-9ubuntu6.4		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
wget	CVE-2021-31879	中危	1.21.4-1ubuntu4.1		wget: authorization header disclosure on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2021-04-29 05:15 修改: 2024-11-21 06:06
libavahi-common-data	CVE-2024-52615	低危	0.8-13ubuntu6		avahi: Avahi Wide-Area DNS Uses Constant Source Port 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2024-11-21 21:15 修改: 2026-04-15 00:35
libavahi-common-data	CVE-2024-52616	低危	0.8-13ubuntu6		avahi: Avahi Wide-Area DNS Predictable Transaction IDs 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2024-11-21 21:15 修改: 2026-04-15 00:35
libsystemd0	CVE-2026-40228	低危	255.4-1ubuntu8.12		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libavahi-client3	CVE-2024-52615	低危	0.8-13ubuntu6		avahi: Avahi Wide-Area DNS Uses Constant Source Port 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2024-11-21 21:15 修改: 2026-04-15 00:35
libtiff6	CVE-2025-61143	低危	4.5.1+git230720-4ubuntu2.4	4.5.1+git230720-4ubuntu2.5	libtiff: libtiff: Denial of Service via NULL pointer dereference in tif_open.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61143 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-02-23 19:22 修改: 2026-02-25 15:20
libtiff6	CVE-2025-61144	低危	4.5.1+git230720-4ubuntu2.4	4.5.1+git230720-4ubuntu2.5	libtiff: libtiff: Denial of Service via buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61144 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-02-23 19:22 修改: 2026-02-25 15:20
libavahi-client3	CVE-2024-52616	低危	0.8-13ubuntu6		avahi: Avahi Wide-Area DNS Predictable Transaction IDs 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2024-11-21 21:15 修改: 2026-04-15 00:35
libgnutls30t64	CVE-2025-9820	低危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.5	gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-26 20:16 修改: 2026-05-12 13:17
libavahi-common3	CVE-2024-52615	低危	0.8-13ubuntu6		avahi: Avahi Wide-Area DNS Uses Constant Source Port 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2024-11-21 21:15 修改: 2026-04-15 00:35
libudev1	CVE-2026-40228	低危	255.4-1ubuntu8.12		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libharfbuzz0b	CVE-2026-22693	低危	8.3.0-2build2		harfbuzz: Null Pointer Dereference in harfbuzz 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22693 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-10 06:15 修改: 2026-02-18 17:49
libicu74	CVE-2025-5222	低危	74.2-1ubuntu3.1		icu: Stack buffer overflow in the SRBRoot::addTag function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5222 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-05-27 21:15 修改: 2026-04-23 00:16
libgcrypt20	CVE-2024-2236	低危	1.10.3-2build1		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
openssl	CVE-2025-68160	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69418	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69419	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69420	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69421	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-22795	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-22796	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28387	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28388	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28389	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28390	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-31789	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-34180	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl	CVE-2026-42766	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl	CVE-2026-42767	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl	CVE-2026-42770	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
openssl	CVE-2026-45446	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
openssl	CVE-2026-7383	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
openssl	CVE-2026-9076	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
passwd	CVE-2024-56433	低危	1:4.13+dfsg1-4ubuntu3.2		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
patch	CVE-2018-6952	低危	2.7.6-7build3		patch: Double free of memory in pch.c:another_hunk() causes a crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6952 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2018-02-13 19:29 修改: 2024-11-21 04:11
patch	CVE-2021-45261	低危	2.7.6-7build3		patch: Invalid Pointer via another_hunk function 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45261 镜像层: sha256:e7245251686e4d4c4cad30815853bf75490cbc7098d798b45ded334c8f5f17c0 发布日期: 2021-12-22 18:15 修改: 2024-11-21 06:32
liblzma5	CVE-2026-34743	低危	5.6.1+really5.4.5-1ubuntu0.2	5.6.1+really5.4.5-1ubuntu0.3	xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libxml2	CVE-2025-8732	低危	2.9.14+dfsg-1.3ubuntu3.6	2.9.14+dfsg-1.3ubuntu3.7	libxml2: libxml2: Uncontrolled Recursion Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8732 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-08-08 17:15 修改: 2026-06-02 14:16
libcairo-gobject2	CVE-2017-7475	低危	1.18.0-3build1		cairo: NULL pointer dereference with a crafted font file 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7475 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2017-05-19 20:29 修改: 2026-05-13 00:24
libcairo-gobject2	CVE-2018-18064	低危	1.18.0-3build1		cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18064 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2018-10-08 18:29 修改: 2024-11-21 03:55
libcairo2	CVE-2017-7475	低危	1.18.0-3build1		cairo: NULL pointer dereference with a crafted font file 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7475 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2017-05-19 20:29 修改: 2026-05-13 00:24
libelf1t64	CVE-2025-1352	低危	0.190-1.1ubuntu0.1		elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-02-16 15:15 修改: 2026-06-02 14:16
libssl3t64	CVE-2025-68160	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2025-69418	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2025-69419	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2025-69420	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2025-69421	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-22795	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
login	CVE-2024-56433	低危	1:4.13+dfsg1-4ubuntu3.2		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libssl3t64	CVE-2026-22796	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-28387	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-28388	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-28389	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-28390	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-31789	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3t64	CVE-2026-34180	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3t64	CVE-2026-42766	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl3t64	CVE-2026-42767	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
systemd	CVE-2026-40228	低危	255.4-1ubuntu8.12		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libssl3t64	CVE-2026-42770	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3t64	CVE-2026-45446	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libssl3t64	CVE-2026-7383	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
systemd-dev	CVE-2026-40228	低危	255.4-1ubuntu8.12		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libssl3t64	CVE-2026-9076	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:e8bce0aabd687e9ee90e0bada33884f40b277196f72aac9934357472863a80ae 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libelf1t64	CVE-2025-1376	低危	0.190-1.1ubuntu0.1		elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1376 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2025-02-17 05:15 修改: 2026-06-02 14:16
libpam-systemd	CVE-2026-40228	低危	255.4-1ubuntu8.12		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
systemd-sysv	CVE-2026-40228	低危	255.4-1ubuntu8.12		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libcairo2	CVE-2018-18064	低危	1.18.0-3build1		cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18064 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2018-10-08 18:29 修改: 2024-11-21 03:55
libsystemd-shared	CVE-2026-40228	低危	255.4-1ubuntu8.12		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libavahi-common3	CVE-2024-52616	低危	0.8-13ubuntu6		avahi: Avahi Wide-Area DNS Predictable Transaction IDs 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616 镜像层: sha256:0924fe5d4b6ae5e73164b4eaaf883d9f39fa634a754d27a2d6cacc5010cf816e 发布日期: 2024-11-21 21:15 修改: 2026-04-15 00:35

Java (jar)

低危漏洞:6

中危漏洞:18

高危漏洞:15

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
fr.opensagres.xdocreport:fr.opensagres.xdocreport.document	CVE-2025-65482	严重	1.0.6	2.0.4	XDocReport affected by an XML External Entity (XXE) vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-65482 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-01-20 16:16 修改: 2026-02-03 21:43
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-41293	严重	10.1.46	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: HTTP/2 request headers not validated 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41293 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:57
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43512	严重	10.1.46	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: Authentication bypass via digest authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43512 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:54
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43515	严重	10.1.46	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: tomcat: Improper Authorization allows security bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43515 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:52
io.netty:netty-handler	CVE-2026-45416	高危	4.1.127.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-06-12 15:16 修改: 2026-06-15 02:15
io.netty:netty-handler	CVE-2026-50010	高危	4.1.127.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-06-12 16:16 修改: 2026-06-15 02:31
io.netty:netty-resolver-dns	CVE-2026-45674	高危	4.1.127.Final	4.2.15.Final, 4.1.135.Final	netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-06-12 15:16 修改: 2026-06-15 02:13
io.netty:netty-resolver-dns	CVE-2026-47691	高危	4.1.127.Final	4.2.15.Final, 4.1.135.Final	io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-06-12 16:16 修改: 2026-06-15 01:57
io.netty:netty-codec	CVE-2026-42583	高危	4.1.127.Final	4.1.133.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:22
io.netty:netty-codec-dns	CVE-2026-42579	高危	4.1.127.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-05-13 19:17 修改: 2026-05-18 17:16
io.netty:netty-handler	CVE-2026-44249	高危	4.1.127.Final	4.2.15.Final, 4.1.135.Final	netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-06-11 22:16 修改: 2026-06-15 02:30
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24734	高危	10.1.46	11.0.18, 10.1.52, 9.0.115	tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24734 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-02-17 19:21 修改: 2026-03-11 16:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24880	高危	10.1.46	9.0.116, 10.1.52, 11.0.20	Apache Tomcat: Apache Tomcat: HTTP Request/Response Smuggling via invalid chunk extension 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24880 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-04-09 20:16 修改: 2026-04-14 20:02
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-34483	高危	10.1.46	9.0.116, 10.1.54, 11.0.21	Apache Tomcat: Apache Tomcat: Information disclosure due to improper encoding in JsonAccessLogValve 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34483 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-04-09 20:16 修改: 2026-04-14 12:46
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-41284	高危	10.1.46	9.0.118, 10.1.55, 11.0.22	Allocation of Resources Without Limits or Throttling vulnerability in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41284 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-05-12 16:16 修改: 2026-05-14 18:59
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-42498	高危	10.1.46	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: Information disclosure due to HTTP Authentication Header exposure during WebSocket authentication. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42498 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-05-12 16:16 修改: 2026-05-14 18:51
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43513	高危	10.1.46	9.0.118, 10.1.55, 11.0.22	Improper Handling of Case Sensitivity vulnerability in LockOutRealm in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43513 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:53
org.bouncycastle:bcprov-jdk18on	CVE-2026-5598	高危	1.82	1.84	bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5598 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-04-15 10:16 修改: 2026-06-14 10:16
org.springframework.boot:spring-boot	CVE-2026-40973	高危	3.5.6	4.0.6, 3.5.14	Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40973 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-04-28 00:16 修改: 2026-04-30 14:25
com.github.junrar:junrar	CVE-2026-41245	中危	7.5.5	7.5.10	junrar: Junrar: Arbitrary file write via path traversal when extracting crafted RAR archives. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41245 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-04-20 16:16 修改: 2026-04-23 13:35
io.netty:netty-resolver-dns	CVE-2026-45673	中危	4.1.127.Final	4.2.15.Final, 4.1.135.Final	netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-06-12 15:16 修改: 2026-06-15 02:14
org.apache.commons:commons-compress	CVE-2024-25710	中危	1.25.0	1.26.0	commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2024-02-19 09:15 修改: 2025-11-04 17:15
org.apache.commons:commons-compress	CVE-2024-26308	中危	1.25.0	1.26.0	commons-compress: OutOfMemoryError unpacking broken Pack200 file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2024-02-19 09:15 修改: 2025-03-27 20:15
org.apache.poi:poi-ooxml	CVE-2025-31672	中危	5.2.5	5.4.0	org.apache.poi/poi-ooxml: Apache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could read unexpected data if underlying zip has duplicate zip entry names 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-31672 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2025-04-09 12:15 修改: 2025-07-15 19:08
ch.qos.logback:logback-core	CVE-2025-11226	中危	1.5.18	1.5.19, 1.3.16	ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2025-10-01 08:15 修改: 2026-04-15 00:35
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-66614	中危	10.1.46	11.0.15, 10.1.50, 9.0.113	tomcat: Client certificate verification bypass due to virtual host mapping 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66614 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-02-17 19:21 修改: 2026-03-11 16:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-25854	中危	10.1.46	9.0.116, 10.1.53, 11.0.20	Apache Tomcat: Apache Tomcat: Open Redirect vulnerability via LoadBalancerDrainingValve 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25854 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-04-09 20:16 修改: 2026-04-14 14:01
org.bouncycastle:bcpkix-jdk18on	CVE-2026-5588	中危	1.82	1.84	bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcprov-jdk15on	CVE-2023-33201	中危	1.70		bouncycastle: potential blind LDAP injection attack using a self-signed certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2023-07-05 03:15 修改: 2024-11-21 08:05
org.bouncycastle:bcprov-jdk15on	CVE-2024-29857	中危	1.70	1.78	org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2024-05-14 15:17 修改: 2026-04-15 00:35
org.bouncycastle:bcprov-jdk15on	CVE-2024-30171	中危	1.70	1.78	bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2024-05-14 15:21 修改: 2026-04-15 00:35
org.bouncycastle:bcprov-jdk15on	CVE-2024-34447	中危	1.70	1.78	org.bouncycastle: Use of Incorrectly-Resolved Name or Reference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34447 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2024-05-03 16:15 修改: 2026-04-15 00:35
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.19.2	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
org.bouncycastle:bcprov-jdk18on	CVE-2026-0636	中危	1.82	1.84	bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
com.github.junrar:junrar	CVE-2026-28208	中危	7.5.5	7.5.8	com.github.junrar/junrar: Junrar: Remote code execution via path traversal when extracting crafted RAR archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28208 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-02-26 23:16 修改: 2026-03-02 21:16
org.springframework:spring-webmvc	CVE-2026-22737	中危	6.2.11	7.0.6, 6.2.17	Spring Framework: Spring Framework: Information disclosure via Java scripting engine enabled template views 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22737 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-03-20 00:16 修改: 2026-04-23 14:20
org.springframework:spring-webmvc	CVE-2026-22745	中危	6.2.11	7.0.7, 6.2.18	spring-webflux: Spring MVC and Spring WebFlux: Denial of Service via slow static resource resolution on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22745 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-04-29 12:16 修改: 2026-05-04 14:50
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24733	低危	10.1.46	11.0.15, 10.1.50, 9.0.113	tomcat: security constraint bypass with HTTP/0.9 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24733 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-02-17 19:21 修改: 2026-03-11 16:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43514	低危	10.1.46	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: Information disclosure via AJP secret timing discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43514 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-05-12 16:16 修改: 2026-05-14 18:46
ch.qos.logback:logback-core	CVE-2026-1225	低危	1.5.18	1.5.25	ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-01-22 10:16 修改: 2026-04-15 00:35
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-61795	低危	10.1.46	11.0.12, 10.1.47, 9.0.110	tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61795 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2025-10-27 18:15 修改: 2026-05-12 13:17
org.springframework:spring-webmvc	CVE-2026-22735	低危	6.2.11	7.0.6, 6.2.17	org.springframework/spring-webmvc: org.springframework/spring-webflux: Spring MVC and WebFlux: Stream corruption vulnerability when using Server-Sent Events 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22735 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-03-20 00:16 修改: 2026-04-23 14:21
org.springframework:spring-webmvc	CVE-2026-22741	低危	6.2.11	7.0.7, 6.2.18	Spring MVC: Spring WebFlux: Spring MVC and Spring WebFlux: Denial of Service via cache poisoning 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22741 镜像层: sha256:c8cf49fdc2f647b68316144d7bd7587d777662316efd0b1e9175105a177d6d48 发布日期: 2026-04-29 12:16 修改: 2026-05-04 14:51